SitePoint Sponsor

User Tag List

Results 1 to 7 of 7
  1. #1
    SitePoint Member
    Join Date
    Apr 2009
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Build An Automated PHP Gallery System In Minutes Tutorial

    Hi, wondered if anyone can help I have followed this: sitepoint.com/article/php-gallery-system-minutes/ and built the basic gallery thing, works fine. But I am basically trying to get the add new category to work and I can't work out a way to implement it and get it working with the snippet given:

    function add_category( $category_name )
    {
    mysql_query( "INSERT INTO gallery_category(`category_name`) VALUES('".addslashes( $category_name )."' )" );
    }

    Call: add_category( “Category Name” );

    Can anyone explain how I would implement this?

  2. #2
    SitePoint Addict AdRock952's Avatar
    Join Date
    Aug 2006
    Posts
    243
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    You could have a form with a text field for the name of your new category and after you post the form, you call that function

    PHP Code:
    <?php
    function add_category$category_name )
    {
    mysql_query"INSERT INTO gallery_category(`category_name`) VALUES('".addslashes$category_name )."' )" );
    }

    if(
    $_POST['submit']) {
         
    add_categoy($_POST['category']);
    }
    ?>
    <form name="form" action="<?php echo $_SERVER['REQUEST_URI'?>" method="post">
    <input type="text" name="category" />
    <input type="submit" name="submit" value="add category" />
    </form>
    very basic version and you need to check for sql injection

  3. #3
    SitePoint Member
    Join Date
    Apr 2009
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    ah thanks, that's the start I needed.

  4. #4
    From Italy with love silver trophybronze trophy
    guido2004's Avatar
    Join Date
    Sep 2004
    Posts
    9,407
    Mentioned
    149 Post(s)
    Tagged
    4 Thread(s)
    don't use addslashes to check user input before using it in a query, use mysql_real_escape_string instead.

  5. #5
    SitePoint Enthusiast
    Join Date
    Apr 2009
    Posts
    63
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Yes, mysql_real_escape_string is a much better method of injection prevention than addslashes. Remember too people can add in more than just quotes that can allow them to gain control over scripting on your site.

  6. #6
    SitePoint Member
    Join Date
    Apr 2009
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Hi again I have come back to this and am trying to have it so I can upload multiple images to each entry in the database. If that makes sense, so not just multiple image uploaded at a time but say each entry has a few images attached to it but am running into difficulty at the moment. I get no errors but it doesn't upload anything into the database, not sure where I'm going wrong as I have added other fields without problem but can't get it to work with extra photos, here is my code on the preupload, upload and view gallery, I have attached the files, any help would be much appreciated.
    Attached Files Attached Files

  7. #7
    SitePoint Member
    Join Date
    Apr 2009
    Posts
    4
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Not sure if that's clear, basically I want to be able to upload several pictures of the same thing from different angels and keep them together, so instead of clicking on the small thumbnail and only seeing one picture I want to see mutple images, this was the original tutorial sitepoint.com/article/php-gallery-system-minutes/

    Been trying to work this out all day and just can't, any idea where I'm going wrong?


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •