Errors appeared when I uploaded the site

[AGazzaz]

hello,
until this morning my website was working locally on my computer and there was no errors but when i uploaded it it went crazy
i managed to solve the html\css problems but i couldn't solve the php problems

well the site has a large form so i will put the part a part here and will give you a link to the page

Code:

<td colspan="2" class="labelcell"><label>الصور (إن وجدت) </label></td>
	<td colspan="2" class="fieldcell"><input name="ufile" type="file" id="ufile" size="50" /></td>

i removed useless commented lines in the script and un used portions

PHP Code:

<?php


// ADDING RANDOM 4 DIGIT NUMBER TO FILE NAME

// Your file name you are uploading
$file_name = $HTTP_POST_FILES['ufile']['name'];

// random 4 digit to add to our file name
// some people use date and time in stead of random digit
$random_digit=rand(0000,9999);

//combine random digit to you file name to create new file name
//use dot (.) to combile these two variables

$new_file_name=$random_digit.$file_name;

$newfilename = str_replace( ' ', '', $new_file_name);

//rename($new_file_name, str_replace( ' ', '', $new_file_name));

//set where you want to store files
//in this example we keep file in folder upload
//$new_file_name = new upload file name
//for example upload file name cartoon.gif . $path will be upload/cartoon.gif
$path= "upload/".$new_file_name;
//if($ufile !=none)
if(!$ufile)
{
if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))
{

// ADDING RANDOM 4 DIGIT NUMBER TO FILE NAME END


//echo "Successful<BR/>"; //FILE UPLOAD SUCCESSFULLY

//********************************************************

//RENAMING UPLOADED FILE

rename("upload/".$new_file_name, "upload/".$newfilename );
$path= "upload/".$newfilename;

//RENAMING UPLOADED FILE END



}
else
{
//echo "<p>";
//echo "file upload error";
//echo "<br/ >";
//echo "</p>";
}
}

//***********************************//


//INSERTING DATA IN DATABASE

$con=mysql_connect("IP ADDRESS","USERNAME","PASSWORD");
    if (!$con)
        {
            die ('Could not connect' . mysql_error());
        }
        


mysql_select_db("amaar",$con);


mysql_real_escape_string($sql);
$sql="insert into ads (name, telephone, mobile, email, type, city, district, address, area, floors, advs, finishing, image)
         values
                ('$_POST[name]','$_POST[telephone]','$_POST[mobile]','$_POST[email]','$_POST[type]','$_POST[city]','$_POST[district]','$_POST[address]',
                        '$_POST[area]','$_POST[floors]','$_POST[advs]','$_POST[finishing]','$path')";
if(!mysql_query($sql,$con))
    {
        die('error'. mysql_error());
    }
//echo "<p>";
echo "شكرا "."<br>"."لقد تم إرسال البيانات لإدارة الموقع"."<br>";
//echo "</p>";
//INSERTING DATA TO DATABASE END


//closing database connection
if (!$con)
{
    
}
else
{
    mysql_close($con);
}

//closing database connection END

?>

and the errors appeared after using the form

Notice: Undefined variable: ufile in d:\domains\elamaar.com\wwwroot\test\forum_add_done.php on line 61

Warning: mysql_connect() [function.mysql-connect]: Host '67.15.68.40' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts' in d:\domains\elamaar.com\wwwroot\test\forum_add_done.php on line 97
Could not connectHost '67.15.68.40' is blocked because of many connection errors; unblock with 'mysqladmin flush-hosts

i do not know what happened but i wish i can find a solution
any help is really appreciated

[wheeler]

Undefined variable is when you try and use a variable that has not been defined, and php gets confused. Usually "Notice" level warnings are disabled on servers. Simple fix - look at what variable is being used on line 61 and declare it above line 61.

Second problem seems to be a hosting specific problem. I would recommend contacting your web host to get them to fix it. Personally i've never seen that error before. If you can, I would recommend moving to linux hosting as its a more native environment for running php (although should work mostly the same either way)

[AGazzaz]

Undefined variable is when you try and use a variable that has not been defined, and php gets confused. Usually "Notice" level warnings are disabled on servers. Simple fix - look at what variable is being used on line 61 and declare it above line 61.

Second problem seems to be a hosting specific problem. I would recommend contacting your web host to get them to fix it. Personally i've never seen that error before. If you can, I would recommend moving to linux hosting as its a more native environment for running php (although should work mostly the same either way)

Thank you wheeler for your reply.
First, The second problem was not due to hosting, I missed a letter in the database name now I do not have this error anymore.

About the first problem I would like to ask can a difference in php versions between my computer and the hosting server cause such problem?
I have php version 5.1.2 on linux while the server is running 4.4.3 apparently on IIS.

look at what variable is being used on line 61 and declare it above line 61

PHP Code:

// ADDING RANDOM 4 DIGIT NUMBER TO FILE NAME

$file_name = $HTTP_POST_FILES['ufile']['name'];

$random_digit=rand(0000,9999);

$new_file_name=$random_digit.$file_name;

$newfilename = str_replace( ' ', '', $new_file_name);

$path= "upload/".$new_file_name;
// THE NEXT LINE IS LINE 61
if($ufile !=none)
{
if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))
{ 


Well, I guess the variables are already declared at the begining of the script, beside, it is working perfectly on my computer.

EDIT:
i am having more of these errors but the script worked, the file was uploaded and user input was inserted in the database so is there a way to stop these errors from appearing

[Ernie1]

PHP Code:

    $file_name = $_FILES['ufile']['name'];
    
    $random_digit = rand(0000, 9999);
    
    $new_file_name = $random_digit . $file_name;
    
    $newfilename = str_replace(' ','', $new_file_name);
    
    $path = "upload/" . $new_file_name;
    
    if(filesize($_FILES['ufile']['tmp_name']) > 0){
         if(copy($_FILES['ufile']['tmp_name'], $path))
            {
             rename("upload/" . $new_file_name, "upload/" . $newfilename);
             $path = "upload/" . $newfilename;
             }else{
             }
         }
    $con = mysql_connect("IP ADDRESS", "USERNAME", "PASSWORD");
    if(!$con){
         die('Could not connect' . mysql_error());
         }
    mysql_select_db("amaar", $con);
    mysql_real_escape_string($sql);
    $sql = "insert into ads (name, telephone, mobile, email, type, city, district, address, area, floors, advs, finishing, image) values 
    ('$_POST[name]','$_POST[telephone]','$_POST[mobile]','$_POST[email]','$_POST[type]','$_POST[city]','$_POST[district]','$_POST[address]', 
    '$_POST[area]','$_POST[floors]','$_POST[advs]','$_POST[finishing]','$path')";
    if(!mysql_query($sql, $con)){
         die('error' . mysql_error());
         }
    if(!$con){
         }else{
         mysql_close($con);
         } 


[AGazzaz]

Thank you Ernie1 but i am still having problems

Warning: filesize() [function.filesize]: Stat failed for C:\WINDOWS\TEMP\php6BF.tmp (errno=2 - No such file or directory) in d:\domains\elamaar.com\wwwroot\add_done.php on line 59

Notice: Undefined variable: sql in d:\domains\elamaar.com\wwwroot\add_done.php on line 88

line 59

PHP Code:

$file_name = $_FILES['ufile']['name']; 
     
    $random_digit = rand(0000, 9999); 
     
    $new_file_name = $random_digit . $file_name; 
     
    $newfilename = str_replace(' ', '', $new_file_name); 
     
    $path = "upload/" . $new_file_name; 
//the next line is 59
    if(filesize($_FILES['ufile']['tmp_name']) > 0){ 
         if(copy($_FILES['ufile']['tmp_name'], $path)) 
            { 
             rename("upload/" . $new_file_name, "upload/" . $newfilename); 
             $path = "upload/" . $newfilename; 
             }else{ 
             } 
         } 


line 88

PHP Code:

$con=mysql_connect("IP ADDRESS","USER NAME","PASSWORD");
    if (!$con)
        {
            die ('Could not connect' . mysql_error());
        }
        


mysql_select_db("elamaar",$con);

// THE NEXT LINE IS 88
mysql_real_escape_string($sql);
$sql="insert into ads (name, telephone, mobile, email, type, city, district, address, area, floors, advs, finishing, image)
         values
                ('$_POST[name]','$_POST[telephone]','$_POST[mobile]','$_POST[email]','$_POST[type]','$_POST[city]','$_POST[district]','$_POST[address]',
                        '$_POST[area]','$_POST[floors]','$_POST[advs]','$_POST[finishing]','$path')";
if(!mysql_query($sql,$con))
    {
        die('error'. mysql_error());
    } 


I managed to solve two other problems but there is still others to handle and who knows what else will show up
EDIT:
The script niether did upload the file nor remove the spaces from the file name

[Ernie1]

that means the file isn't uploaded and there is no temporary file.
check your form

[wheeler]

line 88

PHP Code:

// THE NEXT LINE IS 88
mysql_real_escape_string($sql);
$sql="insert into ads (name, telephone, mobile, email, type, city, district, address, area, floors, advs, finishing, image)
         values
                ('$_POST[name]','$_POST[telephone]','$_POST[mobile]','$_POST[email]','$_POST[type]','$_POST[city]','$_POST[district]','$_POST[address]',
                        '$_POST[area]','$_POST[floors]','$_POST[advs]','$_POST[finishing]','$path')";
if(!mysql_query($sql,$con))
    {
        die('error'. mysql_error());
    } 


There are big problems with the structure of this code segment. Firstly, by the looks of things line 88 is an undefined variable - where does $sql exist before line 88? You are using procedural code so you have to follow a procedure... you can't start the engine before you put the keys in the ignition... so to speak.

PHP Code:

$name = mysql_real_escape_string($_POST['name']);
$telephone = mysql_real_escape_string($_POST['telephone']);
// do the same for the rest of your $_POST variables

if (mysql_query("INSERT INTO ads (name, telephone) VALUES ('$name', '$telephone')")
{
echo 'query worked';
} else {
echo 'query did not work '.mysql_error();
} 


[Ernie1]

Take this as a test, I have tested and it works:

PHP Code:

<?php
if(isset($_POST['submit'])){

     $file_name = $_FILES['ufile']['name'];
    
     $random_digit = rand(0000, 9999);
    
     $new_file_name = $random_digit . $file_name;
    
     $newfilename = str_replace(' ', '', $new_file_name);
    
     $path = "upload/" . $new_file_name;
    
     if(filesize($_FILES['ufile']['tmp_name']) > 0){
         if(copy($_FILES['ufile']['tmp_name'], $path))
            {
             rename("upload/" . $new_file_name, "upload/" . $newfilename);
             $path = "upload/" . $newfilename;
             }else{
             }
         }
     $con = mysql_connect("localhost", "root", "xyz") or die(mysql_error());
    
     mysql_select_db("elamaar", $con) or die(mysql_error());
    
     $name = mysql_real_escape_string($_POST['name']);
     $telephone = mysql_real_escape_string($_POST['telephone']);
     $mobile = mysql_real_escape_string($_POST['mobile']);
     $email = mysql_real_escape_string($_POST['email']);
     $type = mysql_real_escape_string($_POST['type']);
     $city = mysql_real_escape_string($_POST['city']);
     $district = mysql_real_escape_string($_POST['district']);
     $address = mysql_real_escape_string($_POST['address']);
     $area = mysql_real_escape_string($_POST['area']);
     $floors = mysql_real_escape_string($_POST['floors']);
     $advs = mysql_real_escape_string($_POST['advs']);
     $finishing = mysql_real_escape_string($_POST['finishing']);
    
     $sql = mysql_query("INSERT INTO ads SET 
     name = '$name',
     telephone = '$telephone',
     mobile = '$mobile',
     email = '$email',
     type = '$type',
     city = '$city',
     district = '$district',
     address = '$address',
     area = '$area',
     floors = '$floors',
     advs = '$advs',
     finishing = '$finishing',
     image = '$path'") or die(mysql_error());
     }
 ?>
<form action="st.php" method="post" enctype="multipart/form-data">
    name: 
    <input name="name" type="text" /><br />
    telephone: 
    <input name="telephone" type="text" /><br />
    mobile: 
    <input name="mobile" type="text" /><br />
    email: 
    <input name="email" type="text" /><br />
    type: 
    <input name="type" type="text" /><br />
    city: 
    <input name="city" type="text" /><br />
    district: 
    <input name="district" type="text" /><br />
    address: 
    <input name="address" type="text" /><br />
    area: 
    <input name="area" type="text" /><br />
    floor: 
    <input name="floors" type="text" /><br />
    advs: 
    <input name="advs" type="text" /><br />
    finishing: 
    <input name="finishing" type="text" /><br />
    image: 
    <input name="ufile" type="file" />  
    <input type="submit" name="submit" /><br />
</form>

[AGazzaz]

Thank you very much wheeler and ernie1

I cannot find a way to express my thanks and gratitude to you.
I finally have everything running in order as expected. although i would like to know why the code ran without any errors on both my linux and windows computers and Tons of errors appeared after uploading to the server

just one thing for the record, just if someone else wants to use the code in this post

I removed a line because of an error that appeared for this line

PHP Code:

if(filesize($_FILES['ufile']['tmp_name']) > 0){ } 


but in the end I could not have gone this far without your help

So, Thank you again, your help is really appreciated