Member Avatar for AON07

Hey all i'm fairly new to php and need some help with this code.
I'm not recieving any errors but it wont work.

what i'm trying to do is up load a picture from a form. i want to copy the picture into
a folder named "images" then keep all the other form information and the image path in a MySQL db. so later on i can display the images from a certain category on a web page.

DB table looks like this:

Table name: photos

id, image_name, caption, image_path, category,


Form Code:

<form enctype="multipart/form-data" name="addimage" action="imageupload.php" method="post"> <tr> <td> Select Category: <br /> <?php include 'Images_db_connect.php'; // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $sql = mysql_query("SELECT id,category_name FROM categories ORDER BY category_name"); $row = mysql_fetch_array($sql); ?> <select name="Category_name"> <?php do{ ?> <option value="<?php echo $row['id']; ?>"><?php echo $row['category_name']; ?> </option> <?php } while($row = mysql_fetch_array($sql));?> </select> <br /> <br /> Image Name: <br /> <input type="text" name="image name" size="30"> <br /> <br /> Image Caption: <br /> <textarea name="Caption" rows="3" cols="30"></textarea> <br /> <br /> Select File: <br /> <input type="file" name="Image" size="30"> <br /> <br /> <input type="submit" name="upload" value="Upload Image"> </td> </tr> </form>

upload code:

<?php include 'Images_db_connect.php'; $imagename = $_POST['image name']; $caption = $_POST['Caption']; $category = $_POST['Category_name']; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); //This function reads the extension of the file. It is used to determine if the file is an image by checking the extension. function getExtension($str) { $i = strrpos($str,"."); if (!$i) { return ""; } $l = strlen($str) - $i; $ext = substr($str,$i+1,$l); return $ext; } //This variable is used as a flag. The value is initialized with 0 (meaning no error found) //and it will be changed to 1 if an errro occures. //If the error occures the file will not be uploaded. $errors=0; //checks if the form has been submitted if(isset($_POST['Submit'])) { //reads the name of the file the user submitted for uploading $image=$_FILES['image']['name']; //if it is not empty if ($image) { //get the original name of the file from the clients machine $filename = stripslashes($_FILES['image']['name']); //get the extension of the file in a lower case format $extension = getExtension($filename); $extension = strtolower($extension); //if it is not a known extension, we will suppose it is an error and will not upload the file, //otherwise we will do more tests if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) { //print error message echo '<h1>Unknown extension!</h1>'; $errors=1; } else { //get the size of the image in bytes //$_FILES['image']['tmp_name'] is the temporary filename of the file //in which the uploaded file was stored on the server $size=filesize($_FILES['image']['tmp_name']); //compare the size with the maxim size we defined and print error if bigger if ($size > MAX_SIZE*1024) { echo '<h1>You have exceeded the size limit!</h1>'; $errors=1; } //we will give an unique name, for example the time in unix time format $image_name=time().'.'.$extension; //the new name will be containing the full path where will be stored (images folder) $newname="images/".$image_name; //we verify if the image has been uploaded, and print error instead $copied = copy($_FILES['image']['tmp_name'], $newname); if (!$copied) { $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$newname', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?>
  • 2 Contributors
  • 32 Replies
  • 265 Views
  • 1 Week Discussion Span
  • Latest Post Latest Post by AON07
Member Avatar for architact

Instead of exploding and getting the extension use the mime type of the images (images/gif for firefox and safari, images/pgif for IExplorer). Because if you use the method of getting extension then the users will upload any thing after changing the files extension. e.g if a file is doc.docx they will rename it as doc.gif then your code will accept it.

<?php $typ = $_FILES['file']['type']; if(isset($FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ //insert data or other collected info into db. } } } ?>

Using this code you don't have to worry about getting extension or lowering extension. Just use a check of file size. This code will allow user to upload .jpg, .gif, .png files.

Member Avatar for AON07

K i need some major help on this. I am really new to php and have a feeling i'm along way from getting this correct. Is there someone willing to explain in great detail of what everything does and the process of uplaoding an image to a folder and then keeping the path in a database?

Here is the code i have so far, and i get the following error.

"Parse error: syntax error, unexpected T_IS_EQUAL in C:\xampp\htdocs\imageupload.php on line 12"

here is the code i have so far:

<?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])) $typ = $_FILES['file']['type']; if(isset($FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?>
Member Avatar for architact
if(isset($_POST['Submit']))

Where is starting bracket of if body?? :)

Member Avatar for AON07

To be completely honest i'm not 100% sure of the placment of these tags.
if ya cant tell i'm a total newbie. I really want to learn this so if you can please give me details of why things are done and where they are placed. I really appreciate your help.

I hope this is what you meant.

if(isset($_POST['Submit'])){ {
Member Avatar for AON07

Also i am still getting an error on line 10. any ideas anyone?

#10 $typ = $_FILES['file']['type']; #11 if(isset($FILES['file']['name'])){ #12 if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ #13 $uploddir = "images/"; #14 $uploadimages = $uploaddir.$_FILES['file']['name']; #15 if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){
Member Avatar for architact

on line 11 $FILES is wrong $_FILES is correct, I will give you details but right now i am in a hurry. See ya later.

Member Avatar for AON07

Well that fixed that line 10 error now its a line 12 error.. :)
thanks for your help, just let me know when ya get a chance to look at it.

Thanks again

Member Avatar for architact

please send me the complete code.

Member Avatar for AON07

Here is the code. The form code is in the first post.

<?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])) $typ = $_FILES['file']['type']; if(isset($FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?><?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])){ } $typ = $_FILES['file']['type']; if(isset($FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?>
Member Avatar for architact

Line 11 is still wrong $FILES is wrong.

if(isset($_POST['Submit']))

bracket is missing.
correct these two errors if it is still not working tell me or if a error is given please mention it.

Member Avatar for AON07

Sorry i copy and pasted the old code cause i didn't have the new code with me i forgot to make those changes after i pasted it. this is what it currently looks like when i got the error on line 12

<?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])){ } $typ = $_FILES['file']['type']; if(isset($_FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?><?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])){ } $typ = $_FILES['file']['type']; if(isset($FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?><?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])) $typ = $_FILES['file']['type']; if(isset($FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?><?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])){ } $typ = $_FILES['file']['type']; if(isset($FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?>
Member Avatar for architact

can you mention error on line 12, i mean statement

Member Avatar for AON07

can you mention error on line 12, i mean statement

"Parse error: syntax error, unexpected T_IS_EQUAL in C:\xampp\htdocs\imageupload.php on line 12"

Member Avatar for architact

Try this code

<?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])){ $typ = $_FILES['file']['type']; if(isset($_FILES['file']['name'])){ if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } mysql_close(); ?>
Member Avatar for AON07

I keep getting an error on the following line.

if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
Member Avatar for architact

try using this :-/

if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif || $typ" == "images/ppng" || $typ == "images/pjpeg"){
Member Avatar for AON07

I noticed there arent any "quotes" on the following part, could that be the problem?
I haven't tried the snippet you gave me yet i just happen to notice the quotes. :confused:

$typ == "images/pgif ||

shouldn't it be like this

$typ == "images/pgif" ||
Member Avatar for architact

yes it is due to quots. :)

Member Avatar for AON07

Alright here is the new code i'm getting an error in the very last line.
I have no clue why?? :confused:

<?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_POST['Submit'])){ $typ = $_FILES['file']['type']; if(isset($_FILES['file']['name'])) if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif" || $typ == "images/ppng" || $typ == "images/pjpeg"){ } else{ echo "Incorrect file type"; } $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; } //If no errors registred, print the success message if(isset($_POST['Submit']) && !$errors) { echo "<h1>File Uploaded Successfully!</h1>"; } ?>
Member Avatar for AON07

also i forgot to include the error.

Parse error: syntax error, unexpected $end in C:\xampp\htdocs\imageupload.php on line 37

Member Avatar for architact

Sorry for late reply, try this code I hope it will fix your problem.

<?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_FILES['file']['name']) && $_FILES['file']['name']<>""){ $typ = $_FILES['file']['type']; if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif" || $typ == "images/ppng" || $typ == "images/pjpeg"){ $uploddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo "File successfully copied"; } else{ echo "Copy unsuccessful"; } } else{ echo "Incorrect file type"; } } else{ echo "No file selected"; }
Member Avatar for AON07

okay it is so close, the script is running with out errors. the only problem now is when i select an image to upload. and hit "submit" it says "no file selected" i'm sure this is a minor problem.

Here is the code for the form i'm using. can you see anything i might of missed.

<form enctype="multipart/form-data" name="addimage" action="imageupload.php" method="post"> <tr> <td> Select Category: <br /> <?php include 'Images_db_connect.php'; // Connect to server and select database. mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); $sql = mysql_query("SELECT id,category_name FROM categories ORDER BY category_name"); $row = mysql_fetch_array($sql); ?> <select name="category_name"> <?php do{ ?> <option value="<?php echo $row['id']; ?>"><?php echo $row['category_name']; ?> </option> <?php } while($row = mysql_fetch_array($sql));?> </select> <br /> <br /> Image Name: <br /> <input type="text" name="image name" size="30"> <br /> <br /> Image Caption: <br /> <textarea name="caption" rows="3" cols="30"></textarea> <br /> <br /> Select File: <br /> <input type="file" name="file" size="30"> <br /> <br /> <input type="submit" name="upload" value="Upload Image"> </td> </tr> </form>
Member Avatar for architact

In your php file
convert this
if(isset($_FILES) && $_FILES<>""){
to
if(isset($_FILES)){

Member Avatar for AON07

Man we just cant catch a break can we.
the only thing wrong now is it's saying incorrect file type. even though i'm using a .jpg file. i'm sure it's something simple.

Member Avatar for architact

Check the folder where image is to be copied, the script is copying the file or not??

Member Avatar for AON07

no it's not being copied. do i need the full path or can it be relative?

Member Avatar for architact

it can be relative, please try a gif or png file and then tell me the result.

Member Avatar for AON07

unfortunatly its still the same result.

Member Avatar for architact

Check this one

<?php include 'Images_db_connect.php'; mysql_connect("$host", "$username", "$password")or die("cannot connect"); mysql_select_db("$db_name")or die("cannot select DB"); //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","75"); if(isset($_FILES['file']['name']) && $_FILES['file']['name']<>""){ $typ = $_FILES['file']['type']; if($typ == "image/gif" || $typ == "image/png" || $typ == "image/jpeg" || $typ == "image/pgif" || $typ == "image/ppng" || $typ == "image/pjpeg"){ $uploaddir = "images/"; $uploadimages = $uploaddir.$_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){ $imagename = 'image name'; $caption = 'caption'; $category = 'category_name'; $sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')"; mysql_query($sql) or die(mysql_error()); echo "File successfully copied"; } else{ echo "Copy unsuccessful"; } } else{ echo "Incorrect file type"; } } else{ echo "No file selected"; } ?>
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.