Upload picture

skyloon · #1 13-Aug-2004, 00:33

I try to upload a picture & store the info about the picture
I faced some problem here, hope that u all can help me.....
the error message is "Can't open file!"
any codes need the be improved?
thanx...

If i use this code, i just can upload the file to the folder, not the info to the database....

PHP Code:


<?php
$uploaddir = './image/';
$uploadfile = $uploaddir . $_FILES['userfile']['name'];

print "<pre>";
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
   print "File is valid, and was successfully uploaded. ";
   print "Here's some more debugging info:\n";
   print_r($_FILES);
} else {
   print "Possible file upload attack!  Here's some debugging info:\n";
   print_r($_FILES);
}
print "</pre>";
?>

upload.php

PHP Code:


<body bgcolor="#FFFFFF" text="#000000">
<form enctype="multipart/form-data" action="test.php" method="post">
 <input type="hidden" name="MAX_FILE_SIZE" value="50000" />
 Send this file: <input name="userfile" type="file" />
 <input type="submit" value="Send File" />
</form>

test.php

PHP Code:


<?php
include "./common.inc";
// Max packet size
   define("MAX_SQL",50000);
   $filehandle = fopen($tmp, "rb") or die( "Can't open file!" ); 
   $query=    "INSERT INTO files (name, type, size) VALUES(".
             $DB->quote($name).", ".
             $DB->quote($type).", ".
             $DB->quote($size).
             ")";

   // Execute Query
   $result = $DB->query($query);
   $file_id = mysql_insert_id();

// Copy the binary file data to the filedata table in sequential rows each containing MAX_SQL bytes
// Your table should have an index set to auto_increment
// Store the file_id to identify the data fragments
   while (!feof ($filehandle)) { 
       $data = base64_encode(fread($filehandle,MAX_SQL)); 
       $query = "INSERT INTO filedata (file_id, data) VALUES($file_id,\"".$data."\")";
       $result = $DB->query($query); 
   }
   fclose ($filehandle); 
?>

Decode the data fragments and recombine them:
<?php
   $file_id =$_GET ['file_id']; 
   $query ="select file_id, name, type, size from files where file_id='$file_id'";
   $result = $DB->query($query);
   $row= mysql_fetch_array ($result); 
   $type = $row ["type"]; 
   $name = $row ["name"]; 
   $size = $row ["size"]; 
   $file_id = $row ["file_id"]; 

   // get the file data
   $query = "select id, data from filedata where file_id='$file_id' ORDER by id";
   $result = $DB->query($query);

// decode the fragments and recombine the file
   $data = "";
   while ($row = mysql_fetch_array($result)) {
       $data .= base64_decode($row ["data"]);  
   }
   
// output the file
   header ("Content-type: $type"); 
   header ("Content-length: $size"); 
   header ("Content-Disposition: attachment; filename=$name"); 
   header ("Content-Description: PHP Generated Data"); 
   echo $data;
?>

common.inc

PHP Code:


<?php
$dbhost = "localhost";
$dbusername = "root";
$dbuserpassword = "";
$default_dbname ="upload";

$MYSQL_ERRNO = '';
$MYSQL_ERROR = '';
function db_connect() {
global $dbhost, $dbusername, $dbuserpassword, $default_dbname;
global $MYSQL_ERRNO, $MYSQL_ERROR;
$link_id = mysql_connect($dbhost, $dbusername, $dbuserpassword);
if(!$link_id) {
$MYSQL_ERRNO = 0;
$MYSQL_ERROR = "Connection failed to the host $dbhost.";
return 0;
}
else if(empty($dbname) && !mysql_select_db($default_dbname)) {
$MYSQL_ERRNO = mysql_errno();
$MYSQL_ERROR = mysql_error();
return 0;
}
else return $link_id;
}
function sql_error() {
global $MYSQL_ERRNO, $MYSQL_ERROR;
if(empty($MYSQL_ERROR)) {
$MYSQL_ERRNO = mysql_errno();
$MYSQL_ERROR = mysql_error();
}
return "$MYSQL_ERRNO: $MYSQL_ERROR";
}
?>

database table

create table files(
name varchar(50),
type varchar(30),
size varchar(30));

create table filedata(
file_id int auto_increment primary key,
data varchar(30));

JdS · #2 13-Aug-2004, 06:43

Where do you set the value for $tmp?

skyloon · #3 13-Aug-2004, 07:00

oops!!

i just start to learn php, this code is from php.net, not good in modify code..
can u correct it for me
thanx...

skyloon · #4 17-Aug-2004, 23:23

i want to check the file whether is a picture format..
but i faced some problem...
thanx...

Warning: Wrong parameter count for move_uploaded_file() in c:\phpweb\uploading.php on line 14

PHP Code:


<?php
include "./common.inc";
$conn = db_connect('$db');

$uploaddir = './image/';
$uploadfile = $uploaddir . $_FILES['userfile']['name'];

print "<pre>";
$image_types = Array ("image/bmp",
                        "image/jpeg",
                        "image/pjpeg",
                        "image/gif",
                        "image/x-png");
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile, $image_types)) {

  $name = $_FILES["userfile"]["name"];
  $size = $_FILES["userfile"]["size"];
  $type = $_FILES["userfile"]["type"];
    
    $result=mysql_query("insert into pic (image_id, image_name, image_type, image_size) values ('','$name','$type','$size')");

       print "File is valid, and was successfully uploaded. ";
       print "Here's some more debugging info:\n";
       print_r($_FILES);

} else {
echo"Invalid picture format or file larger than 100kb.<br/>";
   print "Possible file upload attack!  Here's some debugging info:\n";
   print_r($_FILES);
}
print "</pre>";

?>

JasonMichael · #5 19-Aug-2004, 15:52

If you check the PHP command for 'move_uploaded_file' on the www.php.net website, you'll notice that the command only allows for two parameters.

In your program you have:

PHP Code:


move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile, $image_types)

take out the $image_types variable and see how your code works out:

PHP Code:


move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)

In fact, the code looks like it will insert into the database the image type.

skyloon · #6 22-Aug-2004, 08:55

it's work if i change the code like this

PHP Code:


<?php
include_once("config.php");
checkLoggedIn("yes");
doCSS();
?>
<?
$link = mysql_select_db('$dbname');
$uploaddir = './image/';
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
print("Hello <b>".$_SESSION["nickname"]."</b><br>\n");
$nickname="$_SESSION[nickname]";

print "<pre>";

$image_info = @getimagesize($_FILES['userfile']['tmp_name']); 

if (!is_int($image_info[2]) || $image_info[2] < 0 || $image_info[2] > 16) { 
//the file is not a picture, display some error message 
echo"Invalid file or file size larger than 100kb";
} 
else { 
//the file is a picture, so move it 
$image_types_extensions = Array ("image/bmp" => '.bmp', 
                        "image/jpeg" => '.jpg', 
                        "image/pjpeg" => '.jpg', 
                        "image/gif" => '.gif', 
                        "image/x-png" => '.png'); 
                        
$uploadfile = $uploaddir . $nickname.$image_types_extensions[$_FILES['userfile']['type']]; 
 
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile); 
//do your mysql 
$name = $_FILES["userfile"]["name"];
  $size = $_FILES["userfile"]["size"];
  $type = $_FILES["userfile"]["type"];
    
    $result=mysql_query("insert into pic (image_id, image_name, image_type, image_size, nickname) values ('','$name','$type','$size','$nickname')");
       $result=mysql_query("update user_pic set image='1' where nickname='$nickname'");
    
    print "File is valid, and was successfully uploaded. ";
       print "Here's some more debugging info:\n";
       print_r($_FILES);

print("<center><table width='580'> 
           <tr><td align='center' bgcolor='white' class='content'><font size=2><b>Your image was uploaded successfully</b></font></td></tr>            
           <tr><td align='center' class='content'><img src=\"$uploadfile\"></td></tr> 
           <tr><td align='center' class='content'>A decision on whether to approve this image will be made within 24 hours</td></tr></table></center> 
         ");

$pext = getFileExtension($uploadfile);
$pext = strtolower($pext); 

} 
print "</pre>";
    function getFileExtension($str) { 

        $i = strrpos($str,"."); 
        if (!$i) { return ""; } 

        $l = strlen($str) - $i; 
        $ext = substr($str,$i+1,$l); 

        return $ext; 

    } 
?>

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Rate This Thread
Rate This Thread:

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
phpmyadmin--what format for text files to upload?	bufhal	MySQL / PHP Forum	0	04-Jul-2004 10:07
Hey, i need a good upload feature for my site	alex	Web Design Forum	2	11-Feb-2004 10:59
upload thumbnail	zuzupus	MySQL / PHP Forum	5	27-Aug-2003 07:12
picture site	bob31984	Web Design Forum	2	15-Aug-2003 08:32
VALIDATING file types on an PHP upload script?	JdS	MySQL / PHP Forum	0	02-Jan-2003 07:58