0

Hi i have this image upload script, its giving me errors.
this script should get description of the image from user and upload image to database. please someone could take a look at my code. i really messed up the code. i am puzzled now.

<?php
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{


?>


 <form action="upload.php" method="post">
 Image Description: <input  type="text" name="imgdesc">
                               <input type="submit" value="submit">
</form>

<?php

$allowed_filetypes = array('.jpg','.jpeg','.png','.gif');
$max_filesize = 1445760;
$description = $_POST['imgdesc'];

$filename = $_FILES['userfile']['name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);

if(!in_array($ext,$allowed_filetypes))
  die('The file you attempted to upload is not allowed.');

if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
  die('The file you attempted to upload is too large.');



} else {
     echo 'There was an error during the file upload.  Please try again.';
}




$fileName = $_FILES['userfile']['name'];
$tmpName  = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$fp      = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
    $fileName = addslashes($fileName);
}
include 'config.php';
include 'opendb.php';
$query = "INSERT INTO upload (name, size, type, content , description ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$content', '$description')";
mysql_query($query) or die('Error, query failed');
include 'closedb.php';
echo "<br>File $fileName uploaded<br>";


?>
<form method="post" enctype="multipart/form-data">
    <table width="350" border="0" cellpadding="1" cellspacing="1" class="box">
        <tr>
            <td width="246">
                <input type="hidden" name="MAX_FILE_SIZE" value="2000000">
                <input name="userfile" type="file" id="userfile">
            </td>
            <td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td>
        </tr>
    </table>
</form>
2
Contributors
3
Replies
39
Views
3 Years
Discussion Span
Last Post by broj1
0

1.Notice: Undefined index: userfile in \upload_new\upload.php on line 22
2.Notice: Undefined index: userfile in upload_new\upload.php on line 23
3. Notice: Undefined index: userfile in \upload_new\upload.php on line 24
4. Notice: Undefined index: userfile in \upload_new\upload.php on line 25
5. Warning: fopen(): Filename cannot be empty in \upload_new\upload.php on line 26
6. Warning: fread() expects parameter 1 to be resource, boolean given in upload_new\upload.php on line 27
7. Warning: fclose() expects parameter 1 to be resource, boolean given in \upload_new\upload.php on line 29
8. Notice: Undefined variable: description in \upload_new\upload.php on line 37

0

Sory for late reply. Obviously $_FILES['userfile'] does not exist. You should place the code that reads the uploaded file information and writes to the database within the if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) block. Something like this:

if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{

    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if(!get_magic_quotes_gpc())
    {
        $fileName = addslashes($fileName);
    }
    include 'config.php';
    include 'opendb.php';
    $query = "INSERT INTO upload (name, size, type, content , description ) ".
    "VALUES ('$fileName', '$fileSize', '$fileType', '$content', '$description')";
    mysql_query($query) or die('Error, query failed');
    include 'closedb.php';
    echo "<br>File $fileName uploaded<br>";
?>


 <form action="upload.php" method="post">
 Image Description: <input  type="text" name="imgdesc">
                               <input type="submit" value="submit">
</form>

<?php

$allowed_filetypes = array('.jpg','.jpeg','.png','.gif');
$max_filesize = 1445760;
$description = $_POST['imgdesc'];

$filename = $_FILES['userfile']['name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);

if(!in_array($ext,$allowed_filetypes))
  die('The file you attempted to upload is not allowed.');

if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
  die('The file you attempted to upload is too large.');



} else {
     echo 'There was an error during the file upload.  Please try again.';
}

This way the file gets inserted into the db only when some data about it exists. You might want to reaarange the code depending on what you actually want to achieve.

Edited by broj1

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.