Browser does matter?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
tetsuO2
Forum Newbie
Posts: 16
Joined: Thu Aug 10, 2006 6:33 am

Browser does matter?

Post by tetsuO2 »

I am just making a web site for a store that sells shoes and clothes.
I need to make the account pages by PHP+MYSQL.
The account page is very simple. I just need to make Insert, Update, Delete pages for the staff members.
And actually I already made them .

But I got some problems.
i test it by using some browsers such as Internet Explore,FireFox and Safari.

The Problems are;
When i use InternetExplore, I can insert every item except Images(update,delete are ok).
When i use FireFox,I can insert every item. FireFox works very well.(update,delete are ok).
When i use Safari, I cannot even insert.

Actually code for insert,update and delete is super simple. It is kinda difficult to make mistakes.
I am just wondering if i should ask the staff member to use only FireFox when they want to use
the account pages.

Is that still my code prooblems or does it depend on browser?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Sounds like a code problem to me.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Browsers are on the client. PHP Code is on the server. The two don't mix, so what you are exeriencing is a server-side code problem (as all DB interaction ocurrs on the server).
tetsuO2
Forum Newbie
Posts: 16
Joined: Thu Aug 10, 2006 6:33 am

Post by tetsuO2 »

Thanks for the quick replies.
so You guys think that my code has problems right?
I will check my code again carefully anyway.

by the way i have a question;
I echo $SQL of Insert.
the result is "insert into products values(null,'nike0101','pink','this good shoes for dancing crazely.','89.23','C:\\php\\livestock\\images\\products\\nike\\nike2.jpg','8.5','9','10','11','12','1')"

first field is 'productid'.
second one is 'productname'
third one is 'color'
forth one is 'description'
fifth one is 'price'
sixth one is 'image(path)'
from seventh one to the last one are for 'size'

See the sixth field-->'C:\\php\\livestock\\images\\products\\nike\\nike2.jpg'
usually this path is ''C:\php\livestock\images\products\nike\nike2.jpg'' but somehow the path has extra ' \ '.
the reason why i cannot insert images is maybe the path has extra ' \ '


sooner or later i will make a destination files for images but anyway i think the sixth field is strange.
i coded such as 'img: '<input type="file" name="img">' .
of course the image is in the same folder of the PHP file.

my computer is broken or my code is, as you said, broken?
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

The "extra" slashes are fairly normal, depending on what you're doing. A general problem is IE will set the full, client side, path, while Firefox will correctly only send the filename. Use basename() to pull out the filename.
tetsuO2
Forum Newbie
Posts: 16
Joined: Thu Aug 10, 2006 6:33 am

Post by tetsuO2 »

I used 'basename' such as;

Code: Select all

$path=$_POST["img"];
$pimg=basename($path);
$pimg=basename($path,"/");
now the problem, which is extra '\'. was solved.

Thank you very much.
I love PHP.
Tom420
Forum Newbie
Posts: 15
Joined: Sun Aug 13, 2006 1:50 am
Location: Sherbrooke, Québec, Canada

Post by Tom420 »

I think you don't understand file upload at all. Thus I recommand that you check that up in the manual:
http://www.php.net/manual/en/features.file-upload.php

Also you should not store the filename received from the client, nor it's pathname. For one, the pathname is no more valid on the server. Secondly, the filename was unique in the client machine, but is no more on the server. What if two different staff members uploaded a file calle Nike2.jpg for two different products?

A solution would be to use the product name (nike0101) if this value is unique (no two products can have the same name). For example, automatically save the picture as <product_name>.jpg. This way, you don't even have to store the filename at all as it is already known from the name of the product. However, if the picture is optional (if not all products have to have a picture available), you could have an additionnal field to remember if a picture was available or not (or just browse the picture directory). On the other hand, if a product could have more than one picture, you'll have to figure out some other mechanism, but from the code provided that doesn't seem to be the case.

Tom :)
tetsuO2
Forum Newbie
Posts: 16
Joined: Thu Aug 10, 2006 6:33 am

Post by tetsuO2 »

yup, i just coded for file upload. thanks.

by the way , my friends told me there some hosting servers that are not available to use code for file upload
such as below code.

Code: Select all

<form enctype="multipart/form-data" action="<?php echo $_SERVER["PHP_SELF"]; ?>" method="post"> 
<input type="hidden" name="MAX_FILE_SIZE" value="2048000"> 
brand:<input type="text" name="brand"><br />
File: <input name="userfile" type="file" /><br /> 
<input type="submit" value="Upload" /> 
</form> 
<?php
$tempFile=$HTTP_POST_FILES['userfile']['tmp_name'];
$finalFile=$HTTP_POST_FILES['userfile']['name'];
$destFile="images/".$_POST["brand"]."/".$finalFile;
copy($tempFile,$destFile);
?>

so even though i want to insert some images from the account page,
i canot upload them ?
Do i have to insert images to FTP server directly everytime?(<-- that is too much work)
have you ever heard of that?
Tom420
Forum Newbie
Posts: 15
Joined: Sun Aug 13, 2006 1:50 am
Location: Sherbrooke, Québec, Canada

Post by Tom420 »

No, I have never heard of a host preventing one from uploading a file. In fact, I don't see how one could do that.

Please see the function move_uploaded_file(). There is a reason why they mentionned only this function and no other on the page I sent you to. In fact, most hosts will not let you use anything else. move_uploaded_file() knows what an uploaded file is (therefore is safer to use) and knows how to deal with server securities in place.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Yes, hosts can, and have, disabled certain functions of PHP. GoDaddy, for example, on their Windows accounts that have PHP on them, will disable a lot of functions that you would think should just be there, like mail().
tetsuO2
Forum Newbie
Posts: 16
Joined: Thu Aug 10, 2006 6:33 am

Post by tetsuO2 »

i see. im happy to hear that.
so i can keep woking on this.

Thank you, Tom420.
Tom420
Forum Newbie
Posts: 15
Joined: Sun Aug 13, 2006 1:50 am
Location: Sherbrooke, Québec, Canada

Post by Tom420 »

Everah wrote:Yes, hosts can, and have, disabled certain functions of PHP. GoDaddy, for example, on their Windows accounts that have PHP on them, will disable a lot of functions that you would think should just be there, like mail().
I totaly agree with you on that one. The mail() function is a good example, often disabled, in particular on free hosts. However, the question was about disabling file uploads. Could they? How would you do that? Disable move_uploaded_file() perharps? Now, I wonder why some host would want to disable this...
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

There are potential security problems with inexperienced programmers and file uploads.
User avatar
RobertGonzalez
Site Administrator
Posts: 14293
Joined: Tue Sep 09, 2003 6:04 pm
Location: Fremont, CA, USA

Post by RobertGonzalez »

Tom420 wrote:However, the question was about disabling file uploads. Could they? How would you do that? Disable move_uploaded_file() perharps? Now, I wonder why some host would want to disable this...
Some developers are not as Security conscious as others, whether is be from inexperience, ignorance or sheer lack of desire to be bothered with security. Many a host has been stung by this lapse in security. Right or wrong, they are not willing to take that risk in many cases, and, as a result, remove the ability for users to destroy their systems through neglect.
Post Reply