kproc
02-12-2007, 10:22 PM
below is the complete code to add an entry into my database along with the ability to add a photo with it. The code to add the photo was a post on this form. I hacked the original code to do the job, with what I removed all the checks and balances.
The most important function that I want to add is to limit the size of the file to 30kb.
any help is excellent
<?php
/* Check User Script */
session_start(); // Start Session
include ("../Connections/db.php");
//check if user is already logged in
if (!isset($_SESSION['user_id'])){
$msg = 'You tryed to access a members only page. Login or become a registered member to access that page!';
header("Location: ../index.php?msg=".$msg);
}
$member_id = $_SESSION['user_id'];
// filename: upload.processor.php
// first let's set some variables
// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);
// make a note of the directory that will recieve the uploaded file
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . '/etreasures/adImages/';
// make a note of the location of the upload form in case we need it
$uploadForm = 'addTreasure.php';
// make a note of the location of the success page
$uploadSuccess = 'addTreasure.php';
// fieldname used within the file <input> of the HTML form
$fieldname = 'file';
$now = time();
while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name']))
{
$now++;
}
$image = $now.'-'.$_FILES[$fieldname]['name'];
echo $name;
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename);
////////////////////////
if(isset($_POST['Submit'])){
$checkbox_name = $_POST['checkbox_name'];
$checkbox_email = $_POST['checkbox_email'];
$checkbox_phone = $_POST['checkbox_phone'];
$checkbox_address = $_POST['checkbox_address'];
$ad_type = $_POST['ad_type'];
$category = $_POST['category'];
$sub_category = $_POST['sub_category'];
$title = $_POST['title'];
$price = $_POST['price'];
$description = $_POST['description'];
if($checkbox_name == 'nameTrue'){
$name = $_POST['name'];
}
if($checkbox_email == "emailTrue"){
$email = $_POST['email'];
}
if($checkbox_phone == 'phoneTrue'){
$phone = $_POST['Phone_number'];
}
if($checkbox_address == 'addressTrue'){
$address = $_POST['address'];
}
// validate Information
if((!$ad_type) || (!$category) || (!$sub_category) || (!$title) || (!$description)){
if(!$ad_type) {
$msg = "Select Ad type<br/>";
}
if(!$category) {
$msg .= "Select Category<br/>";
}
if(!$sub_category) {
$msg .= "Select Sub Category<br/>";
}
if(!$title) {
$msg .= "Enter Title. Remember Maximum 50 Characters<br/>";
}
if(!$description) {
$msg .= "Enter Description<br/>";
}
header("location: addTreasure.php?msg=$msg");
exit();
}
$add_ad = ("INSERT INTO ads(member_id, ad_type, category, sub_category, price, title, description, name, email, phone, address, ad_date, ad_level, image)
VALUES('$member_id', '$ad_type', '$category', '$sub_category', '$price', '$title', '$description', '$name', '$email', '$phone', '$address', now(), '1', '$image')");
$sql = mysql_query($add_ad)or die("SQL Error: $add_ad<br>" . mysql_error());
}
?>
<title>etreasure - Add Treasure</title>
<link rel="stylesheet" type="text/css" href="../design/default.css">
</head>
<body>
<div id="outer">
<?php include('../design/banner.php'); ?>
<div id="sub">
<div id="center">
<?php
$msg = (isset($_GET['msg']) AND $_GET['msg']<> "") ? urldecode($_GET['msg']) : '';
if ($msg <> "") {
if (get_magic_quotes_gpc()) {
$msg = stripslashes($msg);
}
echo "<div id='formmessage'><p style='margin-left:40px;'>$msg</p></div>";
}
?>
<form action="<?php echo $PHP_SELF; ?>" method="post" enctype="multipart/form-data" name="addTreasure" id="addTreasure">
<table class="forms" style="width:85%;">
<tr>
<td colspan="3" class="header">Add Treasure </td>
</tr>
<tr>
<td class="left"><div align="right">Ad Type </div></td>
<td colspan="2" class="rightTwoColumn" ><select name="ad_type" id="ad_type" style="margin:.5em;">
<option value=""></option>
<option value="Selling">Selling</option>
<option value="Wanted">Wanted</option>
<option value="Event">Event</option>
</select> </td>
</tr>
<tr>
<td class="left"><div align="right">Category</div></td>
<td colspan="2" class="rightTwoColumn">
<select name="category" size="4" onChange="updatesub_category(this.selectedIndex)" style="width: 150px; margin:.5em;">
<option value="">Select</option>
<option value="Appartments">Apartments</option>
<option value="Appliances">Appliances</option>
<option value="Automotive">Automotive</option>
<option value="Computers">Computers</option>
<option value="Electronics ">Electronics </option>
<option value="Furniture">Furniture </option>
<option value="Homes/property">Homes/Property </option>
<option value="Recreation vehicle">Recreation Vehicles</option>
<option value="Miscellaneous">Miscellaneous</option>
</select> </td>
</tr>
<tr>
<td class="left"><div align="right">Sub Category </div></td>
<td colspan="2" class="rightTwoColumn">
<select name="sub_category" size="4" style="width: 150px; margin:.5em;">
</select> </td>
</tr>
<tr>
<td class="left"><div align="right">Price </div></td>
<td colspan="2" class="rightTwoColumn"><input name="price" type="text" id="price" style="margin:.5em;" value="$" maxlength="10" /></td>
</tr>
<tr>
<td class="left"><div align="right">Title</div></td>
<td colspan="2" class="rightTwoColumn"><input name="title" type="text" id="title" style="margin:.5em;" maxlength="50" /></td>
</tr>
<tr>
<td class="left"><div align="right">Description</div></td>
<td colspan="2" class="rightTwoColumn"><textarea style="margin:.5em;" name=description wrap=physical cols=20 rows=5 onKeyDown="textCounter(this.form.description,this.form.remLen,1000);" onKeyUp="textCounter(this.form.description,this.form.remLen,1000);"></textarea>
<p><input readonly type=text name=remLen size=4 maxlength=4 value="1000">Max Characters</p> </td>
</tr>
<tr>
<td class="left"><div align="right">Name</div></td>
<td class="rightTwoColumn"><input style="margin:.5em;" name="name" type="text" id="name" value="<?php echo $_SESSION['f_name'].' '.$_SESSION['l_name'];?>" readonly="" />
</td>
<td class="rightTwoColumn"><input name="checkbox_name" type="checkbox" id="checkbox_name" value="nameTrue" /></td>
</tr>
<tr>
<td class="left"><div align="right">Email</div></td>
<td class="rightTwoColumn"><input style="margin:.5em;" name="email" type="text" id="email" value="<?php echo $_SESSION['email_address']; ?>" />
</td>
<td class="rightTwoColumn"><input name="checkbox_email" type="checkbox" id="checkbox_email" value="emailTrue" /></td>
</tr>
<tr>
<td class="left" style="width:45%;">
<div align="right"> Phone Number </div></td>
<td class="rightTwoColumn" style="width:50%;"><input style="margin:.5em;" name="Phone_number" type="text" id="Phone_number" value="<?php echo $_SESSION['home_phone']; ?>" />
</td>
<td class="rightTwoColumn" style="width:5%;"><input name="checkbox_phone" type="checkbox" id="checkbox_phone" value="phoneTrue" /></td>
</tr>
<tr>
<td class="left"><div align="right">Address</div></td>
<td class="rightTwoColumn"><textarea style="margin:.5em;" name="address" id="address"><?php echo $_SESSION['street_address'].' '.$_SESSION['other_address'].' '.$_SESSION['city'].' '.$_SESSION['province'].' '.$_SESSION['postal_code']; ?></textarea>
</td>
<td class="rightTwoColumn"><input name="checkbox_address" type="checkbox" id="checkbox_address" value="addressTrue" /></td>
</tr>
<tr>
<td class="left"><div align="right">Photo</div></td>
<td colspan="2" class="rightTwoColumn"><input style="margin:.5em;" type="file" name="file" /></td>
</tr>
<tr>
<td colspan="3"><input type="submit" name="Submit" value="Submit" /></td>
</tr>
</table>
</form>
</div>
</html>
The most important function that I want to add is to limit the size of the file to 30kb.
any help is excellent
<?php
/* Check User Script */
session_start(); // Start Session
include ("../Connections/db.php");
//check if user is already logged in
if (!isset($_SESSION['user_id'])){
$msg = 'You tryed to access a members only page. Login or become a registered member to access that page!';
header("Location: ../index.php?msg=".$msg);
}
$member_id = $_SESSION['user_id'];
// filename: upload.processor.php
// first let's set some variables
// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);
// make a note of the directory that will recieve the uploaded file
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . '/etreasures/adImages/';
// make a note of the location of the upload form in case we need it
$uploadForm = 'addTreasure.php';
// make a note of the location of the success page
$uploadSuccess = 'addTreasure.php';
// fieldname used within the file <input> of the HTML form
$fieldname = 'file';
$now = time();
while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name']))
{
$now++;
}
$image = $now.'-'.$_FILES[$fieldname]['name'];
echo $name;
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename);
////////////////////////
if(isset($_POST['Submit'])){
$checkbox_name = $_POST['checkbox_name'];
$checkbox_email = $_POST['checkbox_email'];
$checkbox_phone = $_POST['checkbox_phone'];
$checkbox_address = $_POST['checkbox_address'];
$ad_type = $_POST['ad_type'];
$category = $_POST['category'];
$sub_category = $_POST['sub_category'];
$title = $_POST['title'];
$price = $_POST['price'];
$description = $_POST['description'];
if($checkbox_name == 'nameTrue'){
$name = $_POST['name'];
}
if($checkbox_email == "emailTrue"){
$email = $_POST['email'];
}
if($checkbox_phone == 'phoneTrue'){
$phone = $_POST['Phone_number'];
}
if($checkbox_address == 'addressTrue'){
$address = $_POST['address'];
}
// validate Information
if((!$ad_type) || (!$category) || (!$sub_category) || (!$title) || (!$description)){
if(!$ad_type) {
$msg = "Select Ad type<br/>";
}
if(!$category) {
$msg .= "Select Category<br/>";
}
if(!$sub_category) {
$msg .= "Select Sub Category<br/>";
}
if(!$title) {
$msg .= "Enter Title. Remember Maximum 50 Characters<br/>";
}
if(!$description) {
$msg .= "Enter Description<br/>";
}
header("location: addTreasure.php?msg=$msg");
exit();
}
$add_ad = ("INSERT INTO ads(member_id, ad_type, category, sub_category, price, title, description, name, email, phone, address, ad_date, ad_level, image)
VALUES('$member_id', '$ad_type', '$category', '$sub_category', '$price', '$title', '$description', '$name', '$email', '$phone', '$address', now(), '1', '$image')");
$sql = mysql_query($add_ad)or die("SQL Error: $add_ad<br>" . mysql_error());
}
?>
<title>etreasure - Add Treasure</title>
<link rel="stylesheet" type="text/css" href="../design/default.css">
</head>
<body>
<div id="outer">
<?php include('../design/banner.php'); ?>
<div id="sub">
<div id="center">
<?php
$msg = (isset($_GET['msg']) AND $_GET['msg']<> "") ? urldecode($_GET['msg']) : '';
if ($msg <> "") {
if (get_magic_quotes_gpc()) {
$msg = stripslashes($msg);
}
echo "<div id='formmessage'><p style='margin-left:40px;'>$msg</p></div>";
}
?>
<form action="<?php echo $PHP_SELF; ?>" method="post" enctype="multipart/form-data" name="addTreasure" id="addTreasure">
<table class="forms" style="width:85%;">
<tr>
<td colspan="3" class="header">Add Treasure </td>
</tr>
<tr>
<td class="left"><div align="right">Ad Type </div></td>
<td colspan="2" class="rightTwoColumn" ><select name="ad_type" id="ad_type" style="margin:.5em;">
<option value=""></option>
<option value="Selling">Selling</option>
<option value="Wanted">Wanted</option>
<option value="Event">Event</option>
</select> </td>
</tr>
<tr>
<td class="left"><div align="right">Category</div></td>
<td colspan="2" class="rightTwoColumn">
<select name="category" size="4" onChange="updatesub_category(this.selectedIndex)" style="width: 150px; margin:.5em;">
<option value="">Select</option>
<option value="Appartments">Apartments</option>
<option value="Appliances">Appliances</option>
<option value="Automotive">Automotive</option>
<option value="Computers">Computers</option>
<option value="Electronics ">Electronics </option>
<option value="Furniture">Furniture </option>
<option value="Homes/property">Homes/Property </option>
<option value="Recreation vehicle">Recreation Vehicles</option>
<option value="Miscellaneous">Miscellaneous</option>
</select> </td>
</tr>
<tr>
<td class="left"><div align="right">Sub Category </div></td>
<td colspan="2" class="rightTwoColumn">
<select name="sub_category" size="4" style="width: 150px; margin:.5em;">
</select> </td>
</tr>
<tr>
<td class="left"><div align="right">Price </div></td>
<td colspan="2" class="rightTwoColumn"><input name="price" type="text" id="price" style="margin:.5em;" value="$" maxlength="10" /></td>
</tr>
<tr>
<td class="left"><div align="right">Title</div></td>
<td colspan="2" class="rightTwoColumn"><input name="title" type="text" id="title" style="margin:.5em;" maxlength="50" /></td>
</tr>
<tr>
<td class="left"><div align="right">Description</div></td>
<td colspan="2" class="rightTwoColumn"><textarea style="margin:.5em;" name=description wrap=physical cols=20 rows=5 onKeyDown="textCounter(this.form.description,this.form.remLen,1000);" onKeyUp="textCounter(this.form.description,this.form.remLen,1000);"></textarea>
<p><input readonly type=text name=remLen size=4 maxlength=4 value="1000">Max Characters</p> </td>
</tr>
<tr>
<td class="left"><div align="right">Name</div></td>
<td class="rightTwoColumn"><input style="margin:.5em;" name="name" type="text" id="name" value="<?php echo $_SESSION['f_name'].' '.$_SESSION['l_name'];?>" readonly="" />
</td>
<td class="rightTwoColumn"><input name="checkbox_name" type="checkbox" id="checkbox_name" value="nameTrue" /></td>
</tr>
<tr>
<td class="left"><div align="right">Email</div></td>
<td class="rightTwoColumn"><input style="margin:.5em;" name="email" type="text" id="email" value="<?php echo $_SESSION['email_address']; ?>" />
</td>
<td class="rightTwoColumn"><input name="checkbox_email" type="checkbox" id="checkbox_email" value="emailTrue" /></td>
</tr>
<tr>
<td class="left" style="width:45%;">
<div align="right"> Phone Number </div></td>
<td class="rightTwoColumn" style="width:50%;"><input style="margin:.5em;" name="Phone_number" type="text" id="Phone_number" value="<?php echo $_SESSION['home_phone']; ?>" />
</td>
<td class="rightTwoColumn" style="width:5%;"><input name="checkbox_phone" type="checkbox" id="checkbox_phone" value="phoneTrue" /></td>
</tr>
<tr>
<td class="left"><div align="right">Address</div></td>
<td class="rightTwoColumn"><textarea style="margin:.5em;" name="address" id="address"><?php echo $_SESSION['street_address'].' '.$_SESSION['other_address'].' '.$_SESSION['city'].' '.$_SESSION['province'].' '.$_SESSION['postal_code']; ?></textarea>
</td>
<td class="rightTwoColumn"><input name="checkbox_address" type="checkbox" id="checkbox_address" value="addressTrue" /></td>
</tr>
<tr>
<td class="left"><div align="right">Photo</div></td>
<td colspan="2" class="rightTwoColumn"><input style="margin:.5em;" type="file" name="file" /></td>
</tr>
<tr>
<td colspan="3"><input type="submit" name="Submit" value="Submit" /></td>
</tr>
</table>
</form>
</div>
</html>