<?php
include("files/dblines.php");
/*===================================text insert====================*/
if(($_POST['platenumber']=="")
&& ($_POST['carmake']=="")
&& ($_POST['carmodel']=="")
&& ($_POST['classcar']=="")
&& ($_POST['caryear']=="")
&& ($_POST['enginetype']=="")
&& ($_POST['maxpower']=="")
&& ($_POST['fueltype']=="")
&& ($_FILES['picture']=="")
&& ($_POST['price']==""))
{
printf("<h2 class=\"messages\">ERROR: Please enter all the required information for new vehicle.</h2>");
}
else
{
$singleinput = 1;
$columnnames = "";
$columnvalues = "";
if(isset($_REQUEST['platenumber']))
{
$platenumber = stripslashes(trim($_REQUEST['platenumber']));
if($singleinput)
{
$columnnames .= "`platenumber`";
$columnvalues .= "'{$platenumber}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`platenumber`";
$columnvalues .= ",'{$platenumber}'";
$singleinput = 0;
}
}
if(isset($_REQUEST['carmake']))
{
$carmake = stripslashes(trim($_REQUEST['carmake']));
if($singleinput)
{
$columnnames .= "`make`";
$columnvalues .= "'{$carmake}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`make`";
$columnvalues .= ",'{$carmake}'";
$singleinput = 0;
}
}
if(isset($_REQUEST['carmodel']))
{
$carmodel = stripslashes(trim($_REQUEST['carmodel']));
if($singleinput)
{
$columnnames .= "`model`";
$columnvalues .= "'{$carmodel}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`model`";
$columnvalues .= ",'{$carmodel}'";
$singleinput = 0;
}
}
if(isset($_REQUEST['classcar']))
{
$classcar = stripslashes(trim($_REQUEST['classcar']));
if($singleinput)
{
$columnnames .= "`carclass`";
$columnvalues .= "'{$classcar}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`carclass`";
$columnvalues .= ",'{$classcar}'";
$singleinput = 0;
}
}
if(isset($_REQUEST['caryear']))
{
$caryear = stripslashes(trim($_REQUEST['caryear']));
if($singleinput)
{
$columnnames .= "`caryear`";
$columnvalues .= "'{$caryear}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`caryear`";
$columnvalues .= ",'{$caryear}'";
$singleinput = 0;
}
}
if(isset($_REQUEST['enginetype']))
{
$enginetype = stripslashes(trim($_REQUEST['enginetype']));
if($singleinput)
{
$columnnames .= "`enginetype`";
$columnvalues .= "'{$enginetype}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`enginetype`";
$columnvalues .= ",'{$enginetype}'";
$singleinput = 0;
}
}
if(isset($_REQUEST['maxpower']))
{
$maxpower = stripslashes(trim($_REQUEST['maxpower']));
if($singleinput)
{
$columnnames .= "`maxpower`";
$columnvalues .= "'{$maxpower}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`maxpower`";
$columnvalues .= ",'{$maxpower}'";
$singleinput = 0;
}
}
if(isset($_REQUEST['fueltype']))
{
$fueltype = stripslashes(trim($_REQUEST['fueltype']));
if($singleinput)
{
$columnnames .= "`fueltype`";
$columnvalues .= "'{$fueltype}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`fueltype`";
$columnvalues .= ",'{$fueltype}'";
$singleinput = 0;
}
}
if(isset($_REQUEST['price']))
{
$price = stripslashes(trim($_REQUEST['price']));
if($singleinput)
{
$columnnames .= "`price`";
$columnvalues .= "'{$price}'";
$singleinput = 0;
}
else
{
$columnnames .= ",`price`";
$columnvalues .= ",'{$price}'";
$singleinput = 0;
}
}
//$sql_insertion_data = "INSERT INTO `cars` ($columnnames) VALUES($columnvalues)";
//mysql_query($sql_insertion_data) or die(mysql_error());
}
/*===================================image upload===================*/
// filename: upload.processor.php
// first let's set some variables
// make a note of the current working directory, relative to root.
$directory_self = str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);
// make a note of the directory that will recieve the uploaded file
$uploadsDirectory = $_SERVER['DOCUMENT_ROOT'] . $directory_self . 'images/';
// make a note of the location of the upload form in case we need it
$uploadForm = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'admin.php';
// make a note of the location of the success page
$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.success.php';
// fieldname used within the file <input> of the HTML form
$fieldname = 'picture';
// Now let's deal with the upload
// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded',
2 => 'html form max file size exceeded',
3 => 'file upload was only partial',
4 => 'no file was attached');
// check the upload form was actually submitted else print the form
isset($_POST['submit'])
or error('the upload form is needed', $uploadForm);
// check for PHP's built-in uploading errors
($_FILES[$fieldname]['error'] == 0)
or error($errors[$_FILES[$fieldname]['error']], $uploadForm);
// check that the file we are working on really was the subject of an HTTP upload
@is_uploaded_file($_FILES[$fieldname]['tmp_name'])
or error('not an HTTP upload', $uploadForm);
// validation... since this is an image upload script we should run a check
// to make sure the uploaded file is in fact an image. Here is a simple check:
// getimagesize() returns false if the file tested is not an image.
@getimagesize($_FILES[$fieldname]['tmp_name'])
or error('only image uploads are allowed', $uploadForm);
// make a unique filename for the uploaded file and check it is not already
// taken... if it is already taken keep trying until we find a vacant one
// sample filename: 1140732936-filename.jpg
$now = time();
while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name']))
{
$now++;
}
//name var for image
$imagename = $now.'-'.$_FILES[$fieldname]['name'];
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)
or error('receiving directory insuffiecient permission', $uploadForm);
//in addition to Bokeh's script you can insert each record into a database.
if(($columnnames == "")&&($columnvalues == ""))
{//insert image only
$q = "INSERT INTO `cars` (`picture`) VALUES ('$uploadFilename')";
$s = mysql_query($q);
}
// insert other info and image
else
{
$columnnames .= ",`picture`";
$columnvalues .= "'{$uploadfilename}'";
$q = "INSERT INTO `cars` ($columnnames) VALUES ($columnvalues)";
$s = mysql_query($q);
}
//if an error
echo(mysql_error());
// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to a success page.
header('Location: ' . $uploadSuccess);
// The following function is an error handler which is used
// to output an HTML error page if the file upload fails
function error($error, $location, $seconds = 5)
{
header("Refresh: $seconds; URL=\"$location\"");
echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
'"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
'<html lang="en">'."\n".
' <head>'."\n".
' <meta http-equiv="content-type" content="text/html; charset=iso-8859-1">'."\n\n".
' <link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
' <title>Upload error</title>'."\n\n".
' </head>'."\n\n".
' <body>'."\n\n".
' <div id="Upload">'."\n\n".
' <h1>Upload failure</h1>'."\n\n".
' <p>An error has occured: '."\n\n".
' <span class="red">' . $error . '...</span>'."\n\n".
' The upload form is reloading</p>'."\n\n".
' </div>'."\n\n".
'</html>';
exit;
} // end error handler
?>
and this is the error i'm getting
Column count doesn't match value count at row 1
Warning: Cannot modify header information - headers already sent by (output started at C:\xampp\htdocs\dandd\upload.processor.php:256) in C:\xampp\htdocs\dandd\upload.processor.php on line 260
sorry. i resolved it myself. there was a missing comma for the r-value in the second line of the else-block. also there was a typo for that r-value. instead of $uploadFilename, i typed $uploadfilename. it works just fine now. can u believe i've been brooding over this for TWO DAYS???? LOL
Code:
//name var for image
$imagename = $now.'-'.$_FILES[$fieldname]['name'];
// now let's move the file to its final location and allocate the new filename to it
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)
or error('receiving directory insuffiecient permission', $uploadForm);
//in addition to Bokeh's script you can insert each record into a database.
if(($columnnames == "")&&($columnvalues == ""))
{//insert image only
$q = "INSERT INTO `cars` (`picture`) VALUES ('$uploadFilename')";
$s = mysql_query($q);
}
// insert other info and image
else
{
$columnnames .= ",`picture`";
$columnvalues .= ",'$uploadFilename'";
$q = "INSERT INTO `cars` ($columnnames) VALUES ($columnvalues)";
$s = mysql_query($q);
}
Is it really reasonable to save full path to the image in db? I thought that it will take much more space and maybe you can just save a pic's filename. M?
1. So if I try to do the above, just keep the name of the file in the db, and all the pathways to upload directories I keep in variables, how can i do this? When I modify the block of code shown below by removing $uploadsDirectory, the file no longer is uploaded. So I've understood that this line carries the info on the upload dir. But I don't understand how and what exactly this line does. M?
2. If I want to put this script into a folder ("scripts/", for example) and not keep it in root (because all those files make it messy and I have a special folder for such script files), everything gets messed up. I tried working with noting directories, but it gets messy and I couldn't make it work. Can you help?
Reply With Quote
Originally Posted by rozilla
Bookmarks