Need MySql Help with Image upload script

[Kevinslair]

I have this script and it works awesome. What I need to do is have it also put the name in a table in my database.

image one: name
image two: name
image three: name

I am unsure where in the code to put the insert on it.

Thanks,
Kevin

[Kevinslair]

Sorry, here is the code for the processor page:

Code:

<?php  

// filename: upload.processor.php

// first let's set some variables

// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);

// make a note of the directory that will recieve the uploaded files
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';

// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'multiple.upload.form.php';

// make a note of the location of the success page
$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'multiple.upload.success.php';

// name of the fieldname used for the file in the HTML form
$fieldname = 'file';

//echo'<pre>';print_r($_FILES);exit;



// Now let's deal with the uploaded files

// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded', 
                2 => 'html form max file size exceeded', 
                3 => 'file upload was only partial', 
                4 => 'no file was attached');

// check the upload form was actually submitted else print form
isset($_POST['submit'])
    or error('the upload form is neaded', $uploadForm);
    
// check if any files were uploaded and if 
// so store the active $_FILES array keys
$active_keys = array();
foreach($_FILES[$fieldname]['name'] as $key => $filename)
{
    if(!empty($filename))
    {
        $active_keys[] = $key;
    }
}

// check at least one file was uploaded
count($active_keys)
    or error('No files were uploaded', $uploadForm);
        
// check for standard uploading errors
foreach($active_keys as $key)
{
    ($_FILES[$fieldname]['error'][$key] == 0)
        or error($_FILES[$fieldname]['tmp_name'][$key].': '.$errors[$_FILES[$fieldname]['error'][$key]], $uploadForm);
}
    
// check that the file we are working on really was an HTTP upload
foreach($active_keys as $key)
{
    @is_uploaded_file($_FILES[$fieldname]['tmp_name'][$key])
        or error($_FILES[$fieldname]['tmp_name'][$key].' not an HTTP upload', $uploadForm);
}
    
// validation... since this is an image upload script we 
// should run a check to make sure the upload is an image
foreach($active_keys as $key)
{
    @getimagesize($_FILES[$fieldname]['tmp_name'][$key])
        or error($_FILES[$fieldname]['tmp_name'][$key].' not an image', $uploadForm);
}
    
// make a unique filename for the uploaded file and check it is 
// not taken... if it is keep trying until we find a vacant one
foreach($active_keys as $key)
{
    $now = time();
    while(file_exists($uploadFilename[$key] = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name'][$key]))
    {
        $now++;
    }
}

// now let's move the file to its final and allocate it with the new filename
foreach($active_keys as $key)
{
    @move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key], $uploadFilename[$key])
        or error('receiving directory insuffiecient permission', $uploadForm);
}
    
// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to the success page.
header('Location: ' . $uploadSuccess);

// make an error handler which will be used if the upload fails
function error($error, $location, $seconds = 5)
{
    header("Refresh: $seconds; URL=\"$location\"");
    echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
    '"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
    '<html lang="en">'."\n".
    '    <head>'."\n".
    '        <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n".
    '        <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
    '    <title>Upload error</title>'."\n\n".
    '    </head>'."\n\n".
    '    <body>'."\n\n".
    '    <div id="Upload">'."\n\n".
    '        <h1>Upload failure</h1>'."\n\n".
    '        <p>An error has occured: '."\n\n".
    '        <span class="red">' . $error . '...</span>'."\n\n".
    '         The upload form is reloading</p>'."\n\n".
    '     </div>'."\n\n".
    '</html>';
    exit;
} // end error handler

?>

[spikeZ]

the database insert would go in the final loop when the filename is assigned and the file uploaded

PHP Code:

// now let's move the file to its final and allocate it with the new filename
foreach($active_keys as $key)
{
    @move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key], $uploadFilename[$key])
        or error('receiving directory insuffiecient permission', $uploadForm);
/////////////////////////////////////////////////////////////
// Run the mysql_query here and use the $uploadFilename[$key] as your filename to insert
/////////////////////////////////////////////////////////////

} 


[Kevinslair]

What I have is this now:

PHP Code:

// now let's move the file to its final and allocate it with the new filename
foreach($active_keys as $key)
{
    @move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key], $uploadFilename[$key])
        or error('receiving directory insuffiecient permission', $uploadForm);


$username = $_GET['username'];

include("/var/www/vhosts/kevinslair.com/httpdocs/includes/db.inc.php");

$sql = "INSERT INTO meeting_place (image_one, image_two, image_three) values ($uploadFilename[$key])";

$query = mysql_query($sql) or die("Cannot query the database.<br>" . mysql_error());


} 


I am getting this error:
Cannot query the database.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/var/www/vhosts/kevinslair.com/httpdocs/multiple_uploader/uploaded_files/1190242' at line 1

Thanks,
Kevin

[Kevinslair]

I have tried every variable I can think of to get this to work. PLease, can anyone figure this out?

[Ernie1]

rubbish bin

[r937]

ernie, could you please elaborate on your comment? what are you trying to say?

[pkSML]

What I have is this now:

PHP Code:

// now let's move the file to its final and allocate it with the new filename
foreach($active_keys as $key)
{
    @move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key], $uploadFilename[$key])
        or error('receiving directory insuffiecient permission', $uploadForm);


$username = $_GET['username'];

include("/var/www/vhosts/kevinslair.com/httpdocs/includes/db.inc.php");

$sql = "INSERT INTO meeting_place (image_one, image_two, image_three) values ($uploadFilename[$key])";

$query = mysql_query($sql) or die("Cannot query the database.<br>" . mysql_error());


} 


I am getting this error:
Cannot query the database.
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '/var/www/vhosts/kevinslair.com/httpdocs/multiple_uploader/uploaded_files/1190242' at line 1

Thanks,
Kevin

In your MySQL query (stored in $sql), you have three variables you're inserting (image_one, image_two, and image_three), but only one input($uploadFilename[$key]). You need to have three inputs.

[Ernie1]

ernie, could you please elaborate on your comment? what are you trying to say?

What I mean is:
1) include("/var/www/vhosts/kevinslair.com/httpdocs/includes/db.inc.php");
in foreach loop would eat a lot of memory.
2) a lot of unnecessary variables.

[Ernie1]

PHP Code:

foreach($active_keys as $key)
{
     move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key], $uploadFilename[$key])
     or error('receiving directory insuffiecient permission', $uploadForm);    
     }
 $sql = "INSERT INTO meeting_place (image_one,image_two,image_three) 
     values ('$uploadFilename[0]','$uploadFilename[1]','$uploadFilename[2]')";
 $query = mysql_query($sql) or die(mysql_error()); 


[Kevinslair]

Instead of

PHP Code:

<?php include("/var/www/vhosts/kevinslair.com/httpdocs/includes/db.inc.php"); ?>

I now use this:

PHP Code:

<?php 

$docroot = $_SERVER['DOCUMENT_ROOT'];

include("$docroot/includes/db.inc.php");

?>

Here is the whole code for the image upload processing page:

PHP Code:

<?php  

$docroot = $_SERVER['DOCUMENT_ROOT'];

// filename: upload.processor2.php

// first let's set some variables

// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);

// make a note of the directory that will recieve the uploaded files
$uploadsDirectory = "$docroot/multiple_uploader/uploaded_files/";

// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'automotive.upload.form.php';

// make a note of the location of the success page
$uploadSuccess = 'http://www.kevinslair.com/multiple_uploader/multiple.upload.success.php';

// name of the fieldname used for the file in the HTML form
$fieldname = 'file';

//echo'<pre>';print_r($_FILES);exit;



// Now let's deal with the uploaded files

// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded', 
                2 => 'html form max file size exceeded', 
                3 => 'file upload was only partial', 
                4 => 'no file was attached');

// check the upload form was actually submitted else print form
isset($_POST['submit'])
    or error('the upload form is neaded', $uploadForm);
    
// check if any files were uploaded and if 
// so store the active $_FILES array keys
$active_keys = array();
foreach($_FILES[$fieldname]['name'] as $key => $filename)
{
    if(!empty($filename))
    {
        $active_keys[] = $key;
    }
}

// check at least one file was uploaded
count($active_keys)
    or error('No files were uploaded', $uploadForm);
        
// check for standard uploading errors
foreach($active_keys as $key)
{
    ($_FILES[$fieldname]['error'][$key] == 0)
        or error($_FILES[$fieldname]['tmp_name'][$key].': '.$errors[$_FILES[$fieldname]['error'][$key]], $uploadForm);
}
    
// check that the file we are working on really was an HTTP upload
foreach($active_keys as $key)
{
    @is_uploaded_file($_FILES[$fieldname]['tmp_name'][$key])
        or error($_FILES[$fieldname]['tmp_name'][$key].' not an HTTP upload', $uploadForm);
}
    
// validation... since this is an image upload script we 
// should run a check to make sure the upload is an image
foreach($active_keys as $key)
{
    @getimagesize($_FILES[$fieldname]['tmp_name'][$key])
        or error($_FILES[$fieldname]['tmp_name'][$key].' not an image', $uploadForm);
}
    
// make a unique filename for the uploaded file and check it is 
// not taken... if it is keep trying until we find a vacant one
foreach($active_keys as $key)
{
    $now = time();
    while(file_exists($uploadFilename[$key] = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name'][$key]))
    {
        $now++;
    }
}

// now let's move the file to its final and allocate it with the new filename
foreach($active_keys as $key)
{
    @move_uploaded_file($_FILES[$fieldname]['tmp_name'][$key] , $uploadFilename[$key])
        or error('receiving directory insuffiecient permission', $uploadForm);


$timestamp = time(); 

$hourdiff = "0.94"; // hours difference between server time and local time

$timeadjust = ($hourdiff * 60 * 60);

$date = date("F d, Y",time() + $timeadjust);
$username = addslashes($_POST['username2']);
$email = addslashes($_POST['email']);
$password = addslashes($_POST['password']);
$For_Sale = addslashes($_POST['For_Sale']);
$Year = addslashes($_POST['Year']);
$Manufacturer = addslashes($_POST['Manufacturer']);
$Model = addslashes($_POST['Model']);
$Price = addslashes($_POST['Price']);
$Condition = addslashes($_POST['Condition']);
$City = addslashes($_POST['City']);
$State = addslashes($_POST['State']);
$Country = addslashes($_POST['Country']);
$Information = addslashes($_POST['Information']);
//$image_one = addslashes($_POST['']);
//$image_two = addslashes($_POST['']);
//$image_three = addslashes($_POST['']);



$sql = "INSERT INTO automotive SET 
timestamp = '$timestamp',
date = '$date',
username = '$username',
email = '$email',
password = '$password',
For_Sale = '$For_Sale',
Year = '$Year',
Manufacturer = '$Manufacturer',
Model = '$Model',
Price = '$Price',
Condition = '$Condition',
City = '$City',
State = '$State',
Country = '$Country',
Information = '$Information',
image_one = '$uploadFilename[0]',
image_two = '$uploadFilename[1]',
image_three = '$uploadFilename[2]'";

}




include("$docroot/includes/db.inc.php");
$query = mysql_query($sql) or die(mysql_error());

    
// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to the success page.
header('Location: ' . $uploadSuccess);


// make an error handler which will be used if the upload fails
function error($error, $location, $seconds = 5)
{
    header("Refresh: $seconds; URL=\"$location\"");
    echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
    '"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
    '<html lang="en">'."\n".
    '    <head>'."\n".
    '        <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n".
    '        <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
    '    <title>Upload error</title>'."\n\n".
    '    </head>'."\n\n".
    '    <body>'."\n\n".
    '    <div id="Upload">'."\n\n".
    '        <h1>Upload failure</h1>'."\n\n".
    '        <p>An error has occured: '."\n\n".
    '        <span class="red">' . $error . '...</span>'."\n\n".
    '         The upload form is reloading</p>'."\n\n".
    '     </div>'."\n\n".
    '</html>';
    exit;
} // end error handler


?>

Thank you, That works 100%
Thanks!!!!!!!!!!!!!!!