Page 1 of 1

Using $_FILES['formfield']['name']

Posted: Thu Oct 23, 2003 6:05 pm
by evilmonkey
Hello. I have a script that has te tst for an empty form file field submission. For some reason, this test always comes out negative (that there is something put in). The situation: I have a profile editing page and I want to test if a user puts in an avatar inside that form so I can adjust the way this information is inserted into the database (so if the user doesn't want to update the avatar, it doesn't go in as 'no avatar' in the database). Here's the script:

Code: Select all

<?php
$avinfo=getimagesize($_FILES['avatar']['tmp_name']);
if ($avinfo['0'] < 41 && $avinfo['0'] < 41) {
move_uploaded_file($_FILES['avatar']['tmp_name'], 'avatars/'.$_FILES['avatar']['name']); 
//check for correct input
if ($name == "" || $email == "") 
{
echo "Something is wrong. Please go back and make sure you have filled in all required boxes.";
//HTML redirection
?><meta http-equiv="refresh" content="3;url=profile.php"><?php
}
else 
{
$avname=$_FILES['avatar']['name'];
if ($pass2=="") {
$query="UPDATE users SET name='$name', email='$email', icq='$icq', msn='$msn', aim='$aim', location='$location', greeting='$greeting', avatar='$avname' WHERE id='$id'"; }
elseif (pass2=="" || avname=="") { // <= notice that
$query="UPDATE users SET name='$name',  email='$email', icq='$icq', msn='$msn', aim='$aim', location='$location', greeting='$greeting', WHERE id='$id'"; }
elseif (avname=="") { //<=notice that
$pass2=md5($pass2);
$query="UPDATE users SET name='$name', password='$pass2', email='$email', icq='$icq', msn='$msn', aim='$aim', location='$location', greeting='$greeting', WHERE id='$id'"; }
else {
$pass2=md5($pass2);
$query="UPDATE users SET name='$name', password='$pass2', email='$email', icq='$icq', msn='$msn', aim='$aim', location='$location', greeting='$greeting', avatar='$avname' WHERE id='$id'"; }
$result=mysql_query ($query, $db) or die (mysql_error());
echo "You just altered your profile. Please wait...";
//HTML redirection 
?>
<meta http-equiv="refresh" content="3;url=index.php">
The password check fails (if the password field is empty), but the avatar check always passes. How can I fix this? Thanks for your time.

Cheers!

Posted: Thu Oct 23, 2003 6:45 pm
by DuFF

Code: Select all

<?php
elseif (pass2=="" || avname=="") { // <= notice that
?>
and

Code: Select all

<?php
elseif (avname=="") { //<=notice that 
?>
are not correct. You forgot the $ sign in front of them so they are not being interpreted as variables.

Change it to:

Code: Select all

<?php
elseif ($pass2=="" || $avname=="") { // <= notice that
?>

Code: Select all

<?php
elseif ($avname=="") { //<=notice that 
?>

Posted: Thu Oct 23, 2003 6:55 pm
by evilmonkey
Okay...thanks for finding that stupid error and I found another one that caused this script to malfunction. I put "||" instead of "&&". Thanks.

It's helpful to have your stupid mistakes examined every once in a while :lol:

Cheers!