By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
457,931 Members | 1,429 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 457,931 IT Pros & Developers. It's quick & easy.

file upload not working right

P: n/a
after a file upload, $_FILES is not populated but $_POST is. what's going
on here?

$_POST[image][tmp_name]=C
$_POST[image][error]=C
$_POST[image][size]=C
$_POST[image]=C:\\www\\jimm\\images\\bg1.jpg
$_FILES[image][tmp_name]=
$_FILES[image][error]=
$_FILES[image][size]=
$_FILES[image]=

Apr 19 '06 #1
Share this Question
Share on Google+
4 Replies


P: n/a
Jim Michaels wrote:
after a file upload, $_FILES is not populated but $_POST is. what's going
on here?

$_POST[image][tmp_name]=C
$_POST[image][error]=C
$_POST[image][size]=C
$_POST[image]=C:\\www\\jimm\\images\\bg1.jpg
$_FILES[image][tmp_name]=
$_FILES[image][error]=
$_FILES[image][size]=
$_FILES[image]=


show us the form sourcecode. :-)

Regards,
Erwin
Apr 19 '06 #2

P: n/a
"Jim Michaels" <NO***************@yahoo.com> wrote in
news:QM********************@comcast.com:
after a file upload, $_FILES is not populated but $_POST is. what's
going on here?


did you put the correct "enctype" in your form? (multipart/form-data)
Apr 19 '06 #3

P: n/a

"Good Man" <he***@letsgo.com> wrote in message
news:Xn************************@216.196.97.131...
"Jim Michaels" <NO***************@yahoo.com> wrote in
news:QM********************@comcast.com:
after a file upload, $_FILES is not populated but $_POST is. what's
going on here?


did you put the correct "enctype" in your form? (multipart/form-data)


that's what I was missing! (duh) boy, I haven't done this in a long time.
thanks!
Apr 19 '06 #4

P: n/a

"Erwin Moller"
<si******************************************@spam yourself.com> wrote in
message news:44***********************@news.xs4all.nl...
Jim Michaels wrote:
after a file upload, $_FILES is not populated but $_POST is. what's
going
on here?

$_POST[image][tmp_name]=C
$_POST[image][error]=C
$_POST[image][size]=C
$_POST[image]=C:\\www\\jimm\\images\\bg1.jpg
$_FILES[image][tmp_name]=
$_FILES[image][error]=
$_FILES[image][size]=
$_FILES[image]=


show us the form sourcecode. :-)

Regards,
Erwin


It finally works.
this little function, bin2mysqlhex that I wrote, has saved my bacon on file
uploads to a BLOB type in a database. I can't seem to get anything else to
work. note that when you do an INSERT or UPDATE..SET, you don't use quotes
on the data.

function bin2mysqlhex($s) {
$a='0x';
$q=array('0','1','2','3','4','5','6','7','8','9',' A','B','C','D','E','F');
for($x=0; $x<strlen($s); $x++) {
$a .= $q[ord($s{$x})>>4]; //msb
$a .= $q[ord($s{$x})&0x0f]; //lsb
}
return $a;
}

//images
if (isset($_POST['type']) && 'image'==$_POST['type'] &&
isset($_POST['action'])) switch($_POST['action']) {
case 'add':
if (!sqlinjectionsafe($_POST['mime_type'])
|| !sqlinjectionsafe($_POST['comment'])
) {
exit;
}
if ('on'==strtolower(ini_get("magic_quotes_gpc")) ||
'1'==ini_get("magic_quotes_gpc")) {
if (isset($_SESSION['pc_id'])) {
//handle image upload
$escaped_contents='';
if (is_uploaded_file($_FILES['image']['tmp_name'])) {
// copy(str_replace("\\","/",$_POST['img']),
// str_replace("\\","/",$_POST['img']['name']));
// $filename=str_replace("\\","/",$_POST['image']['tmp_name']);
$filename=str_replace("\\","/",$_FILES['image']['name']);
$filename=str_replace("//","/",$filename);
$fileext = strtolower(substr(strrchr($filename, "."), 1));
switch($fileext) {
case "jpg": case "jpeg": case "jpe": default: $mimetype="image/jpeg";
break;
//case "tif": case "tiff": $mt="image/tiff"; break;
case "gif": $mimetype="image/gif"; break;
case "png": $mimetype="image/png"; break;
default: $mimetype=$_POST['mime_type'];break; //unknown file ext. on
temp file.
}
if ($_FILES['image']['size']<150000) {
$contents = file_get_contents($_FILES['image']['tmp_name']);
unlink($_FILES['image']['tmp_name']);
$escaped_contents=bin2mysqlhex($contents);
}
//$escaped_contents=$contents;
}
if ($_POST['image']['size']<150000) {
mysql_query("INSERT INTO photos(image,mime_type,comment)
VALUES($escaped_contents,'$mimetype','".nl2br(html entities($_POST['answer']))."')",
$link);
$image_id=mysql_insert_id($link);
mysql_query("INSERT INTO photos_photoscategories(image_id,pc_id)
VALUES($image_id,$_SESSION[pc_id])", $link);
} else {
$contents='too large';
$escaped_contents='too large';
$image_id=0;
}
}
} else {
if (isset($_SESSION['pc_id'])) {
//handle image upload
$escaped_contents='';
if (is_uploaded_file($_FILES['image']['tmp_name'])) {
// copy(str_replace("\\","/",$_POST['img']),
// str_replace("\\","/",$_POST['img']['name']));
// $filename=str_replace("\\","/",$_POST['image']['tmp_name']);
$filename=str_replace("\\","/",$_FILES['image']['name']);
$filename=str_replace("//","/",$filename);
$fileext = strtolower(substr(strrchr($filename, "."), 1));
switch($fileext) {
case "jpg": case "jpeg": case "jpe": default: $mimetype="image/jpeg";
break;
//case "tif": case "tiff": $mt="image/tiff"; break;
case "gif": $mimetype="image/gif"; break;
case "png": $mimetype="image/png"; break;
default: $mimetype=$_POST['mime_type'];break; //unknown file ext. on
temp file.
}
if ($_FILES['image']['size']<150000) {
$contents = file_get_contents($_FILES['image']['tmp_name']);
unlink($_FILES['image']['tmp_name']);
$escaped_contents=bin2mysqlhex($contents);
}
}
if ($_POST['image']['size']<150000) {
mysql_query("INSERT INTO photos(image,mime_type,comment)
VALUES($escaped_contents,'$mimetype','".mysql_esca pe_string(nl2br(htmlentities($_POST['answer'])))."')",
$link);
$image_id=mysql_insert_id($link);
mysql_query("INSERT INTO photos_photoscategories(image_id,pc_id)
VALUES($image_id,$_SESSION[pc_id])", $link);
} else {
$contents='too large';
$escaped_contents='too large';
$image_id=0;
}
}
}
break;
case 'change':
if (!sqlinjectionsafe($_POST['mime_type'])
|| !sqlinjectionsafe($_POST['comment'])
|| !sqlinjectionsafe($_POST['pc_id'])
) {
exit;
}
if ('on'==strtolower(ini_get("magic_quotes_gpc")) ||
'1'==ini_get("magic_quotes_gpc")) {
//handle image upload
$escaped_contents='';
if (is_uploaded_file($_FILES['image']['tmp_name'])) {
// copy(str_replace("\\","/",$_POST['img']),
// str_replace("\\","/",$_POST['img']['name']));
// $filename=str_replace("\\","/",$_POST['image']['tmp_name']);
$filename=str_replace("\\","/",$_FILES['image']['name']);
$filename=str_replace("//","/",$filename);
$fileext = strtolower(substr(strrchr($filename, "."), 1));
switch($fileext) {
case "jpg": case "jpeg": case "jpe": default: $mimetype="image/jpeg";
break;
//case "tif": case "tiff": $mt="image/tiff"; break;
case "gif": $mimetype="image/gif"; break;
case "png": $mimetype="image/png"; break;
default: $mimetype=$_POST['mime_type'];break; //unknown file ext. on temp
file.
}
if ($_FILES['image']['size']<150000) {
$contents = file_get_contents($_FILES['image']['tmp_name']);
unlink($_FILES['image']['tmp_name']);
$escaped_contents=bin2mysqlhex($contents);
$image_id=intval($_POST['image_id']);
echo "UPDATE";
mysql_query("UPDATE photos SET
comment='".nl2br(htmlentities($_POST['comment']))."',
image=$escaped_contents,
mime_type='$mimetype'
WHERE image_id=".intval($_POST['image_id'])
, $link) or die("UERR:".mysql_error());
} else {
$contents='too large';
$escaped_contents='too large';
$image_id=0;
}
} else {
//no uploaded file. don't change what's already there.
mysql_query("UPDATE photos SET
comment='".nl2br(htmlentities($_POST['comment']))."',
mime_type='$mimetype',
WHERE image_id=".intval($_POST['image_id']), $link) or
die("UERR:".mysql_error());
}
} else {
//handle image upload
$escaped_contents='';
if (is_uploaded_file($_FILES['image']['tmp_name'])) {
// copy(str_replace("\\","/",$_POST['img']),
// str_replace("\\","/",$_POST['img']['name']));
// $filename=str_replace("\\","/",$_POST['image']['tmp_name']);
$filename=str_replace("\\","/",$_FILES['image']['name']);
$filename=str_replace("//","/",$filename);
$fileext = strtolower(substr(strrchr($filename, "."), 1));
switch($fileext) {
case "jpg": case "jpeg": case "jpe": default: $mimetype="image/jpeg";
break;
//case "tif": case "tiff": $mt="image/tiff"; break;
case "gif": $mimetype="image/gif"; break;
case "png": $mimetype="image/png"; break;
default: $mimetype=$_POST['mime_type'];break; //unknown file ext. on temp
file.
}
if ($_FILES['image']['size']<150000) {
$contents = file_get_contents($_FILES['image']['tmp_name']);
unlink($_FILES['image']['tmp_name']);
$escaped_contents=bin2mysqlhex($contents);
$image_id=intval($_POST['image_id']);
mysql_query("UPDATE photos SET
comment='".mysql_escape_string(nl2br(htmlentities( $_POST['comment'])))."',
image=$escaped_contents,
mime_type='$mimetype',
WHERE image_id=".intval($_POST['image_id'])
, $link);
} else {
$contents='too large';
$escaped_contents='too large';
$image_id=0;
}
} else {
//no uploaded file. don't change what's already there.
mysql_query("UPDATE photos SET
comment='".mysql_escape_string(nl2br(htmlentities( $_POST['comment'])))."',
mime_type='$mimetype',
WHERE image_id=".intval($_POST['image_id']), $link);
}
}
mysql_query("UPDATE quiz_batteries SET
title='".mysql_escape_string(htmlentities($_POST['title']))."' WHERE
battery_id=".intval($_POST['battery_id']), $link);
break;
case 'delete':
if (!sqlinjectionsafe($_POST['image_id'])) {
exit;
}
//delete from the relationship table first! foreign keys involved.
mysql_query("DELETE FROM photos_photoscategories WHERE
image_id=".intval($_POST['image_id']), $link);
mysql_query("DELETE FROM photos WHERE
image_id=".intval($_POST['image_id']), $link);
break;
case 'select':
if (!sqlinjectionsafe($_POST['pc_id'])) {
exit;
}
$_SESSION['pc_id']=intval($_POST['pc_id']);
break;
}
<form action="editphotoalbum.php" method="post"
enctype="multipart/form-data">
<div class=addbox>
<div style="font-family:Verdana, Arial, Helvetica,
sans-serif;background-color:#CC9966;color:#000099;font-size:large;font-weight:bold;text-align:center;">Add
Image</div>
<br>
<label>Image File:
<input name="image" type="file"></label>(jpeg/gif/png)<br />
<label>Image Type: <select name="mime_type" size="1">
<option selected value="image/jpeg">JPEG</option>
<option value="image/png">PNG</option>
<option value="image/gif">GIF</option>
</select></label>(must match what you uploaded!<br>If the picture here
doesn't show, change the image type or re-upload.)<br />
<input name="action" type="hidden" value="add">
<input name="type" type="hidden" value="image">
<input name="" type="submit" value="Add">
</div>
</form>
<br style="clear:both;">
<br>
<?php
if (isset($_SESSION['pc_id'])) {
$q=mysql_query("SELECT * FROM
photos INNER JOIN photos_photoscategories
ON photos.image_id=photos_photoscategories.image_id
WHERE photos_photoscategories.pc_id=$_SESSION[pc_id]
ORDER BY photos.image_id", $link) or die(mysql_error());
while ($row=mysql_fetch_assoc($q)) {
?>
<form action="editphotoalbum.php" method="post"
enctype="multipart/form-data">
<div class=editbox>
<div style="font-family:Verdana, Arial, Helvetica,
sans-serif;background-color:#CC9966;color:#000099;font-size:large;font-weight:bold;text-align:center;">Edit
Image</div>
<br>
<img src="viewtnimg.php?id=<?php echo $row['image_id']; ?>&width=150"
alt="image for answer" title="image for answer" width="150">Thumbnail<br />
<label>Image File:
<input name="image" type="file"></label>(jpeg/gif/png)<br />
<label>Image Type: <select name="mime_type" size="1">
<option <?php if ($row['mime_type']=='image/jpeg'){echo
"selected=\"selected\"";} ?> value="image/jpeg">JPEG</option>
<option <?php if ($row['mime_type']=='image/png'){echo
"selected\"selected\"";} ?> value="image/png">PNG</option>
<option <?php if ($row['mime_type']=='image/gif'){echo
"selected=\"selected\"";} ?> value="image/gif">GIF</option>
</select></label>(must match what you uploaded!<br>
If the picture here doesn't show, change the image type or
re-upload.)<br />

<input name="image_id" type="hidden" value="<?php echo $row['image_id'];
?>">
<input name="type" type="hidden" value="image">
<select name="action" size="1">
<option selected value="change">Change</option>
<option value="delete">Delete</option>
</select>
<input name="" type="submit" value="Do It">
</div>
</form>
<br style="clear:both;">
<br>
<?php
}
mysql_free_result($q);
}
?>
Apr 20 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.