Page 1 of 1

Uploading a file

Posted: Wed May 30, 2007 3:10 pm
by franknu
I posted this already if anyone gets mad at me for, i posted by mistake the other code were a mess
but here it is..

I want update a single file in my database.

The problem. simple it is not updating in the database
here is the code

Code: Select all

<?php

define ("UPLOADDIR", "/home/townsfin/public_html/business_images/");
IF (is_uploaded_file($_FILES['Picture3']['tmp_name'])) {
   $fullpath3 = UPLOADDIR . $_FILES['Picture3']['name'];

    IF (move_uploaded_file($_FILES['Picture3']['tmp_name'],$fullpath3)) {
      $moved3 = true;
      echo "picture $fullpath3 uploaded";
}
  }



if (isset($_POST['submit']))   {

$query="UPDATE  business_info  SET
              `Picture3` =  '".$_POST[$fullpath3]."' WHERE  Password='".$_SESSION['Password']."'";



$result = mysql_query($query) or die ("Problem with the query: <pre>$query</pre><br>" . mysql_error());
echo"$query";
}
?>

Posted: Wed May 30, 2007 3:12 pm
by RobertGonzalez
Are you getting any errors? If so, what are they?

Posted: Wed May 30, 2007 3:16 pm
by TheMoose

Code: Select all

if (isset($_POST['submit']))   {

$query="UPDATE  business_info  SET
              `Picture3` =  '".$_POST[$fullpath3]."' WHERE  Password='".$_SESSION['Password']."'";
Does your form have an input named 'submit'? If so, then I'm guessing $_POST[$fullpath3] is blank because you're using $fullpath3 to store the path to the file (you use it a few lines up).

Should probably just be:

Code: Select all

$query="UPDATE  business_info  SET
              `Picture3` =  '". $fullpath3 ."' WHERE  Password='".$_SESSION['Password']."'";

Posted: Wed May 30, 2007 3:19 pm
by superdezign
The error is probably in $_SESSION['Password'] if nothing is happening in the database. Check it's value.

Edit: Never mind. TheMoose seems to have pinpointed the problem.

Posted: Wed May 30, 2007 3:19 pm
by franknu
I am not getting any eror

and submit is the bottom that the user hit to update the file

basicly and saying if the user hit submit update

Posted: Wed May 30, 2007 3:22 pm
by superdezign
$_POST[$fullpath3] is actually looking for $_POST["/home/townsfin/public_html/business_images/" . $_FILES['Picture3']['name']], which I'm sure doesn't exit.

Posted: Wed May 30, 2007 3:30 pm
by TheMoose
Also check what superdezign said, if the Session value is blank or non existent, then it won't update anything in the database.

Posted: Wed May 30, 2007 5:34 pm
by franknu
ok, actually this is my display

Code: Select all

mass-ad.com01

_SESSION:Array
(
    [User_Name] => franklin
    [Password] => franklin01
    [test1] => This is test1 session variable
    [test2] => This is test2 session variable
)

UPDATE business_info SET `Picture3` = '' WHERE Password='franklin01'
here is my code with the new changes\

Code: Select all

<?php

  IF ($_FILES['Picture3']) {

  $moved3 = false;
      }
define ("UPLOADDIR", "/home/townsfin/public_html/business_images/");
IF (is_uploaded_file($_FILES['Picture3']['tmp_name'])) {
   $fullpath3 = UPLOADDIR . $_FILES['Picture3']['name'];
  }
    IF (move_uploaded_file($_FILES['Picture3']['tmp_name'],$fullpath3)) {
      $moved3 = true;
      echo "picture $fullpath3 uploaded";
}


if (isset($_POST['submit']))   {
                                     $query="UPDATE  business_info  SET
              `Picture3` =  '". $fullpath3 ."' WHERE  Password='".$_SESSION['Password']."'";

$result = mysql_query($query) or die ("Problem with the query: <pre>$query</pre><br>" . mysql_error());
echo"$query";
}
?>

Posted: Wed May 30, 2007 5:46 pm
by RobertGonzalez
Maybe try some debugging, like this...

Code: Select all

<?php
// Lets get some error information shall we?
ini_set('error_reporting', E_ALL);
ini_set('display_errors', 1);

// This really needs to be reevaluated.
// This should be throwing undefined index 
// errors if called without a file upload
if ($_FILES['Picture3']) {
    $moved3 = false;
}

// Define the path
define ("UPLOADDIR", "/home/townsfin/public_html/business_images/");

if (is_uploaded_file($_FILES['Picture3']['tmp_name'])) {
    $fullpath3 = UPLOADDIR . $_FILES['Picture3']['name'];
    echo 'Is uploaded file seemed to return true. $fullpath3 is set to ' . $fullpath3 . '<br /><br />';
}

if (move_uploaded_file($_FILES['Picture3']['tmp_name'],$fullpath3)) {
    $moved3 = true;
    echo "picture $fullpath3 uploaded";
    echo 'Move uploaded file seemed to return true. $fullpath3 is set to ' . $fullpath3 . '<br /><br />';
}

if (isset($_POST['submit'])) {
    echo 'The form submit field is set.<br /><br />';
    $query = "UPDATE  business_info  
	    SET `Picture3` =  '$fullpath3' 
		WHERE  Password = '{$_SESSION['Password']}'";

    $result = mysql_query($query) or die ("Problem with the query: <pre>$query</pre><br>" . mysql_error());
    if (mysql_affected_rows()) {
        echo 'The update took!';
    } else {
        echo 'The update did not take using SQL: ' . $query;
    }
}
?>

Posted: Thu May 31, 2007 12:12 am
by feyd
Storing unencrypted/unhashed password in session = bad.

Guess why. :)