problem with uploading image file to the server
Posted: Thu May 28, 2009 3:18 am
i have written code to upload image on to the server. Im struck with one problem... please some body tell me where im wrong....
addQns_exec.php
Code: Select all
<?php
require_once('../../auth.php');
//Include database connection details
require_once('../../config.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
if(!empty($_POST['subject'])) {
$subject = $_POST['subject'];
$_SESSION['subject'] = $subject;
}
else {
$subject = $_SESSION['subject'];
}
// make a note of the current working directory relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);
// make a note of the location of the upload handler script
$uploadHandler = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.processor.php';
// set a max file size for the html upload form
$max_file_size = 30000; // size in bytes
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<link href="../../loginmodule.css" rel="stylesheet" type="text/css" />
<title>
Question Creation
</title>
</head>
<body>
<div align = "right"><a href="../member_indexS.php">Home</a> | <a href="../../logout.php">Logout</a></div>
<div align="center">
<b><u><h1> Question Adder </h1></u></b>
</div>
<br><br>
<b><u>Note:</u> If the question contains diagram or image then create the question seperately in a seperate file and save it in image folder in QuestionAdmin folder and enter the file name in the text field "Image Question"</b>
<br><br><br>
<div align = "center"><form action = "AddQns_exec.php" method="post" name = form1 enctype="multipart/form-data">
<table width="300" border="0" align="center" cellpadding="2" cellspacing="0">
<tr>
<th>Chapter</th>
<td> <?php
$qry = "select * from chapters where subject_id = '$subject'" ;
$result = @mysql_query($qry);
if($result) {
}else {
die("Query failed");
}
echo"<select name='chapter' id='chapter' class='' tabindex='14'>";
echo "<option size = 30 value = '' selected>Select</option>";
if(mysql_num_rows($result))
{
while($row = mysql_fetch_row($result))
{
echo "<option value = '".$row[1]."'>".$row[1]."</option>";
}
}
else {
echo "<option value = ''>No Chapters Present</option>";
}
echo"</select>";
?></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<th>Question</th><td><textarea cols="40" rows="5" id="quest" name="question"></textarea></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<th></th><td><b>OR</b></td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<th>Image Question</th><td><input type = "file" id = "image" value="" name="image"></input></td>
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $max_file_size ?>">
----------------------------------some code-------------------------------------
</div>
</form></div>
</body>
</html>
Code: Select all
<?php
require_once('../../auth.php');
//Include database connection details
require_once('../../config.php');
//Array to store validation errors
$errmsg_arr = array();
//Validation error flag
$errflag = false;
//Connect to mysql server
$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
if(!$link) {
die('Failed to connect to server: ' . mysql_error());
}
//Select database
$db = mysql_select_db(DB_DATABASE);
if(!$db) {
die("Unable to select database");
}
//Function to sanitize values received from the form. Prevents SQL injection
function clean($str) {
$str = @trim($str);
if(get_magic_quotes_gpc()) {
$str = stripslashes($str);
}
return mysql_real_escape_string($str);
}
// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);
// make a note of the directory that will recieve the uploaded file
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'imageQns/';
// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded',
2 => 'html form max file size exceeded',
3 => 'file upload was only partial',
4 => 'no file was attached');
// check for PHP's built-in uploading errors
$image = 'image';
//Sanitize the POST values
$author_id = $_SESSION['SESS_MEMBER_ID'];
$chapter = clean($_POST['chapter']);
$question = clean($_POST['question']);
-----------------------------some code---------------------------
$imgQn = clean($_FILES[$image]['name']);
$subject = clean($_POST['subject_id']);
$path = "http://localhost/html/TestPaperGen/SubjectAdmin/imageQns/";
echo $subject;
// check for PHP's built-in uploading errors
($_FILES['image']['error'] == 0)
or die($errors[$_FILES['image']['error']]);
// check that the file we are working on really was the subject of an HTTP upload
@is_uploaded_file($_FILES['image']['tmp_name'])
or die('not an HTTP upload');
// check that the file we are working on really was the subject of an HTTP upload
@is_uploaded_file($_FILES['image']['tmp_name'])
or die('not an HTTP upload');
// validation... since this is an image upload script we should run a check
// to make sure the uploaded file is in fact an image. Here is a simple check:
// getimagesize() returns false if the file tested is not an image.
@getimagesize($_FILES['image']['tmp_name'])
or die('only image uploads are allowed');
// make a unique filename for the uploaded file and check it is not already
// taken... if it is already taken keep trying until we find a vacant one
// sample filename: 1140732936-filename.jpg
$now = time();
while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES['image']['name']))
{
$now++;
}
echo $uploadFilename;
echo $_FILES['image']['tmp_name'];
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES['image']['tmp_name'], $uploadFilename)
or die('receiving directory insuffiecient permission');
$path = $path.$uploadFilename;
$qry = "select question_no from question_num";
$result = mysql_query($qry);
if($result) {
}else {
die("Query failed2");
}
$arr = mysql_fetch_array($result);
$question_no = $arr["question_no"];
@mysql_free_result($result);
$questionNO = $question_no;
$question_no = $question_no + 1;
$qry = "update question_num
SET question_no = $question_no
WHERE question_no = $questionNO";
echo "question number = ".$question_no;
$result = @mysql_query($qry);
if($result) {
}else {
die("Query failed3");
}
@mysql_free_result($result);
$qry = "INSERT INTO question_info(question_no, subject_id, chapter_name, question, question_type, option1, option2, option3, option4, answer, diff_level, marks, diagram_marks, image) VALUES ($question_no, '$subject', '$chapter', '$question', '$question_type', '$option1', '$option2', '$option3', '$option4', '$answer', '$difficulty', $marks, $diagram_marks, '$path')";
$result = mysql_query($qry);
if($result) {
header("location: AddQns_Success.php");
exit();
}else {
die("Query failed8");
}
?>