Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 8 of 8
  1. #1
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Simple Image Upload - NOT WORKING

    Greetings,


    I've spent way too much time on a clients site and have this one little snag whereas the image upload form isn't uploading the image . I've done a few others that work fine but this one won't upload no matter what.

    Can you guys take a look at it and see if you spot an error.

    Thanks

    PHP Code:
    <?php

    require('admin_nav_left.html');

    $mode=$_POST["mode"];

    //***********************************
    //        SUBMIT FORM
    //***********************************
    if ($mode == "submit")
    {


        
    //FORM DATA
        
    $wholesaler_id=$_POST['featured_wholesaler_id'];
        
    $text=$_POST['description'];
        
        
        
    //Image
        
    if ($_FILES['featured_retailer_image']['size'] != 0)
        {    
        
            
    $f=$_FILES['featured_retailer_image']['name'];    
            
    $filename="images/".$f;
            
            
    //move uploaded file to destination
            
    if (!move_uploaded_file($_FILES['featured_retailer_image']['tmp_name'],$filename))
            {
                
    $err="Uploading the image failed!";
            }
        }
        
        
    //do database update
        
    $sql="INSERT INTO featured_retailers VALUES(".$wholesaler_id.",'".$text."','".$f."','".date("Ymd")."')";
        
    get_mysql_result($sql);
        
    $done=true;
    }
    //***********************************
    //        SHOW FORM
    //***********************************

    if ($mode == "" or $done)
    {
        
    $wholesaler_id=trim($_GET['id']);

        if (
    $wholesaler_id != "")
        {
            
    //get info on this press item from database
            
    $sql="SELECT * FROM wholesalers WHERE wholesaler_id=".$wholesaler_id;
            
    $rs=get_mysql_result($sql);
            
    $row=mysql_fetch_array($rs,MYSQL_ASSOC);
        }
        
    ?>    
        <P>
        <form name="setFeaturedVendor" action="setFeaturedVendor.php" method="POST" enctype="multipart/form-data">    
        <input type="hidden" name="mode" value="submit">
        
        <table width=85% cellpadding=6 cellspacing=0 border=1 rules="none" bordercolor="#990000" align=center>
        <tr><td valign=top align=center bgcolor="#990000" colspan=3><font face="Trebuchet MS, Verdana" style="font-size:14px" color=white><B>Set Featured Retailer Accounts</b></font></td></tr>
        <?
        
    if ($done and $err == "") {
        
    ?>
            <tr><td valign=top align=center colspan=2 bgcolor="#FFFFCC"><font face="Trebuchet MS, Verdana" style="font-size:12px" color=green><b>Featured retailer was set successfully!</b></font></td></tr>
        <?}
        else if (
    $err != "") {
        
    ?>
            <tr><td valign=top align=center colspan=2 bgcolor="#FFFFCC"><font face="Trebuchet MS, Verdana" style="font-size:12px" color=red><b><?=$err?></b></font></td></tr>
        <?}
        
    ?>
        <tr>
          <td align="left">Select a Retailer</div></td>
          <td align="left">
            <select name="featured_wholesaler_id">
            <option value="">-Select-</option>
            <?
            
    //get last 4 digits of all credit cards
            
    $sql="SELECT wholesaler_id,wholesaler_company_name FROM wholesalers WHERE 1 ORDER BY wholesaler_company_name ASC";
            
    $rs=get_mysql_result($sql);
            
            if (
    mysql_num_rows($rs) > 0)
            {
                while (
    $row mysql_fetch_array($rs,MYSQL_ASSOC))
                {
    ?>
                    <option value="<?=$row["wholesaler_id"]?>"><?=$row["wholesaler_company_name"]?></option>
                <?
                
    }
            }
            
    ?>
            </select></td>
        </tr>
        <tr>
          <td align=left>Description:</div></td>
          <td align=left><textarea name="description" rows="5" cols="30"></textarea></td>
        </tr>
        <tr>
          <td align=left>Image:</div></td>
          <td align=left><input type="file" name="featured_retailer_image"></td>
        </tr>
        <tr><td align=center colspan=3><input type="button" onclick="if (document.setFeaturedVendor.featured_wholesaler_id.value != '') { document.setFeaturedVendor.submit(); }" value="Set Featured Vendor"></td></tr>
        </table>
        </form>
      
    <?
    }

    require(
    'admin_bottom.html');
    ?>
    Thanks!

  • #2
    Regular Coder Element's Avatar
    Join Date
    Jul 2004
    Location
    Lynnwood, Washington, US
    Posts
    855
    Thanks
    2
    Thanked 2 Times in 2 Posts
    I personally don't usue move_uploaded_file() Try something more like:



    PHP Code:
            //move uploaded file to destination 
            
    if (!(copy($_FILES['featured_retailer_image']['tmp_name'], $filename))) 
            { 
                
    $err="Uploading the image failed!"
            } 

  • #3
    Regular Coder
    Join Date
    Aug 2004
    Location
    Nashville
    Posts
    202
    Thanks
    0
    Thanked 0 Times in 0 Posts

    cool

    Thanks for the tip - I use copy() as well but I'm just fixing some issues for a client wheras someone else built the site.

    Turned out that there was a permissions problem with the images folder.

    Thanks.

  • #4
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    Quote Originally Posted by Element
    I personally don't usue move_uploaded_file()
    Why ?
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #5
    Regular Coder ralph l mayo's Avatar
    Join Date
    Nov 2005
    Posts
    951
    Thanks
    1
    Thanked 31 Times in 29 Posts
    Quote Originally Posted by Element
    I personally don't usue move_uploaded_file()
    You should, it's more secure. move_uploaded_file() verifies that the source is actually an uploaded file, thereby foiling directory attacks like uploading something called /etc/passwd. If you really want to use copy you can add in a check with is_uploaded_file().

  • #6
    Senior Coder
    Join Date
    Aug 2003
    Location
    One step ahead of you.
    Posts
    2,815
    Thanks
    0
    Thanked 3 Times in 3 Posts
    But still... why write a replacement to something that is there?
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

  • #7
    Regular Coder Element's Avatar
    Join Date
    Jul 2004
    Location
    Lynnwood, Washington, US
    Posts
    855
    Thanks
    2
    Thanked 2 Times in 2 Posts
    Quote Originally Posted by ralph l mayo
    You should, it's more secure. move_uploaded_file() verifies that the source is actually an uploaded file, thereby foiling directory attacks like uploading something called /etc/passwd. If you really want to use copy you can add in a check with is_uploaded_file().

    None of my scripts work like that because I check the extension and if it exists.

  • #8
    Super Moderator
    Join Date
    May 2002
    Location
    Perth Australia
    Posts
    4,073
    Thanks
    11
    Thanked 98 Times in 96 Posts
    does /images directory have the right permissions set ? (chmod to 0777 on most hosts)
    also are you getting an error or the upload does just not work ? if an error message please post.
    resistance is...

    MVC is the current buzz in web application architectures. It comes from event-driven desktop application design and doesn't fit into web application design very well. But luckily nobody really knows what MVC means, so we can call our presentation layer separation mechanism MVC and move on. (Rasmus Lerdorf)


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •