Page 1 of 1

sephiroth dreamweaver php upload extension with filepath ins

Posted: Sat Oct 14, 2006 2:39 am
by beermaker74
Hello all, I am having a problem finding out a way to use the sephiroth php upload extension for dreamweaver and insert the image path into the database. I have a add record page that inserts info into a database. It all works just the way I want. The only problem I have is that the user has to upload the images using ftp. I have a field in the add page that they add the image file name and then on another page it displays it. So what I would like is to have them upload the image file thru a file field, then have the database record the filepath. I am using sephiroth php upload and I can get the fileto the spot i want. But i dont know how to modify the code to add the path to the database. If it is not easy to add the path to the database, can i just echo the path into the form that i have for the image name. Whatever method I use I need to duplicate it a few times. ie 3 different images that are stored in different locations. Also i need to do the same with an xml file. I will use multiple instances of the php upload extension with a different file paths. Please let me know what the easiest method is to get the paths into the database. Here is the code on my add record page. I would love to use the dreamweaver interface as the whole page was designed with it. I am still not comfortable with php enough to start monkeying with the code. Thanks

Code: Select all

<?php
//	---------------------------------------------
//	Pure PHP Upload version 1.1
//	-------------------------------------------
if (phpversion() > "4.0.6") {
	$HTTP_POST_FILES = &$_FILES;
}
define("MAX_SIZE",300000);
define("DESTINATION_FOLDER", "/home/immersiv/public_html/upload8/");
define("no_error", "");
define("yes_error", "");
$_accepted_extensions_ = "";
if(strlen($_accepted_extensions_) > 0){
	$_accepted_extensions_ = @explode(",",$_accepted_extensions_);
} else {
	$_accepted_extensions_ = array();
}
$_file_ = $HTTP_POST_FILES['up'];
if(is_uploaded_file($_file_['tmp_name']) && $HTTP_POST_FILES['up']['error'] == 0){
	$errStr = "";
	$_name_ = $_file_['name'];
	$_type_ = $_file_['type'];
	$_tmp_name_ = $_file_['tmp_name'];
	$_size_ = $_file_['size'];
	if($_size_ > MAX_SIZE && MAX_SIZE > 0){
		$errStr = "File troppo pesante";
	}
	$_ext_ = explode(".", $_name_);
	$_ext_ = strtolower($_ext_[count($_ext_)-1]);
	if(!in_array($_ext_, $_accepted_extensions_) && count($_accepted_extensions_) > 0){
		$errStr = "Estensione non valida";
	}
	if(!is_dir(DESTINATION_FOLDER) && is_writeable(DESTINATION_FOLDER)){
		$errStr = "Cartella di destinazione non valida";
	}
	if(empty($errStr)){
		if(@copy($_tmp_name_,DESTINATION_FOLDER . "/" . $_name_)){
			header("Location: " . no_error);
		} else {
			header("Location: " . yes_error);
		}
	} else {
		header("Location: " . yes_error);
	}
}
?><?php require_once('../Connections/connectDb.php'); ?>
<?php
if (!isset($_SESSION)) {
  session_start();
}
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) { 
  // For security, start by assuming the visitor is NOT authorized. 
  $isValid = False; 

  // When a visitor has logged into this site, the Session variable MM_Username set equal to their username. 
  // Therefore, we know that a user is NOT logged in if that Session variable is blank. 
  if (!empty($UserName)) { 
    // Besides being logged in, you may restrict access to only certain users based on an ID established when they login. 
    // Parse the strings into arrays. 
    $arrUsers = Explode(",", $strUsers); 
    $arrGroups = Explode(",", $strGroups); 
    if (in_array($UserName, $arrUsers)) { 
      $isValid = true; 
    } 
    // Or, you may restrict access to only certain users based on their username. 
    if (in_array($UserGroup, $arrGroups)) { 
      $isValid = true; 
    } 
    if (($strUsers == "") && true) { 
      $isValid = true; 
    } 
  } 
  return $isValid; 
}

$MM_restrictGoTo = "login.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {   
  $MM_qsChar = "?";
  $MM_referrer = $_SERVER['PHP_SELF'];
  if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
  if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0) 
  $MM_referrer .= "?" . $QUERY_STRING;
  $MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
  header("Location: ". $MM_restrictGoTo); 
  exit;
}
?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form2")) {
  $insertSQL = sprintf("INSERT INTO realty (`property address`, `property price`, `property description`, bedrooms, baths, `sq ft`, online, sold, `google map link`, `thumbnail photo name`, `print page photo 1`, `print page photo2`, `xml file name`, `special features`, agent) VALUES (%s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s, %s)",
                       GetSQLValueString($_POST['property_address'], "text"),
                       GetSQLValueString($_POST['property_price'], "text"),
                       GetSQLValueString($_POST['property_description'], "text"),
                       GetSQLValueString($_POST['bedrooms'], "text"),
                       GetSQLValueString($_POST['baths'], "text"),
                       GetSQLValueString($_POST['sq_ft'], "text"),
                       GetSQLValueString(isset($_POST['online']) ? "true" : "", "defined","'Y'","'N'"),
                       GetSQLValueString(isset($_POST['sold']) ? "true" : "", "defined","'Y'","'N'"),
                       GetSQLValueString($_POST['google_map_link'], "text"),
                       GetSQLValueString($_POST['thumbnail_photo_name'], "text"),
                       GetSQLValueString($_POST['print_page_photo_1'], "text"),
                       GetSQLValueString($_POST['print_page_photo2'], "text"),
                       GetSQLValueString($_POST['xml_file_name'], "text"),
                       GetSQLValueString($_POST['special_features'], "text"),
                       GetSQLValueString($_POST['agent'], "text"));

  mysql_select_db($database_connectDb, $connectDb);
  $Result1 = mysql_query($insertSQL, $connectDb) or die(mysql_error());

  $insertGoTo = "realty.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}

mysql_select_db($database_connectDb, $connectDb);
$query_rs_realty = "SELECT * FROM realty";
$rs_realty = mysql_query($query_rs_realty, $connectDb) or die(mysql_error());
$row_rs_realty = mysql_fetch_assoc($rs_realty);
$totalRows_rs_realty = mysql_num_rows($rs_realty);
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Add new listing</title>
</head>

<body>
<p align="center"><a href="../index.html">Home</a> <a href="logout.php">Logout </a></p>
<p align="center">Here is the page where you add new realty listings to the database</p>
<form action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form2">
      <table align="center">
        <tr valign="baseline">
          <td nowrap align="right" valign="top">Property address:</td>
          <td><textarea name="property_address" cols="50" rows="5"></textarea>
          </td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Property price:</td>
          <td><input type="text" name="property_price" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right" valign="top">Property description:</td>
          <td><textarea name="property_description" cols="50" rows="5"></textarea>
          </td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Bedrooms:</td>
          <td><input type="text" name="bedrooms" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Baths:</td>
          <td><input type="text" name="baths" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Sq ft:</td>
          <td><input type="text" name="sq_ft" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Online:</td>
          <td><input type="checkbox" name="online" value="" ></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Sold:</td>
          <td><input type="checkbox" name="sold" value="" ></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Google map link:</td>
          <td><input type="text" name="google_map_link" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Thumbnail photo name:</td>
          <td><input type="text" name="thumbnail_photo_name" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Print page photo 1:</td>
          <td><input type="text" name="print_page_photo_1" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Print page photo2:</td>
          <td><input type="text" name="print_page_photo2" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Xml file name:</td>
          <td><input type="text" name="xml_file_name" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right" valign="top">Special features:</td>
          <td><textarea name="special_features" cols="50" rows="5"></textarea>
          </td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">Agent:</td>
          <td><input type="text" name="agent" value="" size="32"></td>
        </tr>
        <tr valign="baseline">
          <td nowrap align="right">&nbsp;</td>
          <td><input type="submit" value="Insert record"></td>
        </tr>
      </table>
      <p>&nbsp;      </p>
      <p>
        <label for="file">up</label>
        <input type="file" name="up" id="up" />
        <input type="hidden" name="MM_insert" value="form2">
        </p>
</form>
    <p>&nbsp;</p>
</body>
</html>
<?php
mysql_free_result($rs_realty);
?>

Posted: Sat Oct 14, 2006 7:42 am
by feyd
Adding the path to the database? It's a string, like anyother, that you stick in the INSERT query. Nothing special.