Member Avatar for junaid_5

Hi i have this image upload script, its giving me errors.
this script should get description of the image from user and upload image to database. please someone could take a look at my code. i really messed up the code. i am puzzled now.

<?php
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{


?>


 <form action="upload.php" method="post">
 Image Description: <input  type="text" name="imgdesc">
                               <input type="submit" value="submit">
</form>

<?php

$allowed_filetypes = array('.jpg','.jpeg','.png','.gif');
$max_filesize = 1445760;
$description = $_POST['imgdesc'];

$filename = $_FILES['userfile']['name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);

if(!in_array($ext,$allowed_filetypes))
  die('The file you attempted to upload is not allowed.');

if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
  die('The file you attempted to upload is too large.');



} else {
     echo 'There was an error during the file upload.  Please try again.';
}




$fileName = $_FILES['userfile']['name'];
$tmpName  = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$fp      = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
    $fileName = addslashes($fileName);
}
include 'config.php';
include 'opendb.php';
$query = "INSERT INTO upload (name, size, type, content , description ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$content', '$description')";
mysql_query($query) or die('Error, query failed');
include 'closedb.php';
echo "<br>File $fileName uploaded<br>";


?>
<form method="post" enctype="multipart/form-data">
    <table width="350" border="0" cellpadding="1" cellspacing="1" class="box">
        <tr>
            <td width="246">
                <input type="hidden" name="MAX_FILE_SIZE" value="2000000">
                <input name="userfile" type="file" id="userfile">
            </td>
            <td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td>
        </tr>
    </table>
</form>
  • 2 Contributors
  • 3 Replies
  • 139 Views
  • 2 Days Discussion Span
  • Latest Post Latest Post by broj1

Recommended Answers

All 3 Replies

Member Avatar for broj1

What is the error? Can you post it?

Member Avatar for junaid_5

1.Notice: Undefined index: userfile in \upload_new\upload.php on line 22
2.Notice: Undefined index: userfile in upload_new\upload.php on line 23
3. Notice: Undefined index: userfile in \upload_new\upload.php on line 24
4. Notice: Undefined index: userfile in \upload_new\upload.php on line 25
5. Warning: fopen(): Filename cannot be empty in \upload_new\upload.php on line 26
6. Warning: fread() expects parameter 1 to be resource, boolean given in upload_new\upload.php on line 27
7. Warning: fclose() expects parameter 1 to be resource, boolean given in \upload_new\upload.php on line 29
8. Notice: Undefined variable: description in \upload_new\upload.php on line 37

Member Avatar for broj1

Sory for late reply. Obviously $_FILES['userfile'] does not exist. You should place the code that reads the uploaded file information and writes to the database within the if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) block. Something like this:

if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{

    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if(!get_magic_quotes_gpc())
    {
        $fileName = addslashes($fileName);
    }
    include 'config.php';
    include 'opendb.php';
    $query = "INSERT INTO upload (name, size, type, content , description ) ".
    "VALUES ('$fileName', '$fileSize', '$fileType', '$content', '$description')";
    mysql_query($query) or die('Error, query failed');
    include 'closedb.php';
    echo "<br>File $fileName uploaded<br>";
?>


 <form action="upload.php" method="post">
 Image Description: <input  type="text" name="imgdesc">
                               <input type="submit" value="submit">
</form>

<?php

$allowed_filetypes = array('.jpg','.jpeg','.png','.gif');
$max_filesize = 1445760;
$description = $_POST['imgdesc'];

$filename = $_FILES['userfile']['name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);

if(!in_array($ext,$allowed_filetypes))
  die('The file you attempted to upload is not allowed.');

if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
  die('The file you attempted to upload is too large.');



} else {
     echo 'There was an error during the file upload.  Please try again.';
}

This way the file gets inserted into the db only when some data about it exists. You might want to reaarange the code depending on what you actually want to achieve.

Edited by broj1
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.