raji1103 0 Newbie Poster

Hi,
I am new to PHP and i am working on the study project. It is about digital studio where registered users can upload images and apply for various services like photo printing, collages etc.

I am building an image upload form.

following is my html form code

<form action="upload.php" method="POST" enctype="multipart/form-data">

<div class="up_cont">
<div style="float:left; width:300px">
<label> Name *</label>
<div class="clear h10"> </div>
<input type="text" name="oname" value="<?php echo $_SESSION["qname"]; ?>" readonly required/>

<div class="clear h20"> </div>

<div style="float:left; width:150px">

<label class="">Image Size:</label>

<div class="clear h30"> </div>

<label class="sertype">Service Type: *</label>
</div>

<div style="float:right; width:150px">
<select name="imgsz" id="imgsz"> 
<option> </option>
<?php echo $option2; ?>
<!--
<option selected> --Choose--</option> 
<option value="0">4x6</option> 
<option>5x7</option> 
<option>6x8</option> 
<option>8x10</option> 
<option>8x12</option> 
<option>10x12</option> 
<option>10x14</option> 
<option>12x15</option> 
<option>12x18</option> 
<option>20x30</option> 
<option>24x34</option> -->
</select>

<div class="clear h20"> </div>

<select  name ="service_tp" id="sername" required> 
<option> </option>
<?php echo $option; ?>
<!--<option>Birthday card</option>
<option>Greeting Cards</option>
<option>Business Cards</option>
<option>Anniversary Cards</option>
<option>White Mug</option>
<option>Black Mug</option>
<option>Black Magic Mug</option>
<option>Brochures</option>
<option>Calendar</option>
<option>Logo</option>
<option>Sign boards</option>
<option>Cd covers</option>
<option>Menus</option>
<option>Background Change</option>
<option>Restoration</option>
<option>Photo Collage</option>-->

</select>

</div>


</div>


<div style="float:right; width:300px"> 

<label> Mobile No. *</label>
<div class="clear h10"> </div>
<input type="text"  name="onumber" pattern="[0-9]{10}" value="<?php echo $_SESSION["phone"]; ?>" required readonly />



<div class="clear h30"> </div>

<div style="float:left; width:150px">
<label class="printsz">Print Type:</label>

<div class="clear h30"> </div>

<label class="quantity">Quantity: *</label>

</div>
<div style="float:right; width:150px">
<select name="printtp" id="printtp"> <option selected></option> 
<option>Matt</option> 
<option>Glossy</option> 
</select>
<div class="clear h20"> </div>
<input type="number" name="qty" min="1" max="10"/> 
</div>

</div>

</div>


<div class="clear h30"> </div>
<label class="dtls"> Details *: </label>
<textarea cols="20" rows="20" name="textarea" required> </textarea>

<div class="clear h30"> </div>

<label class="" name="file">Image Upload *</label>

<input type="file" name="files[]" multiple/>
<div class="clear h10"> </div>
<div class="up_msg"> Max  image size 2mb, Valid formats jpeg, jpg, png </div>
<div class="alignbutn">

<input type="submit" value="Upload"  class="btn_up" />
<input type="reset" value="Reset"  class=" btn_up" />


</div>
</form>

following is my php code



 <?php

$oname=$_POST['oname'];
$onumber=$_POST['onumber'];
//$file=$_POST['file'];
$imgsize=$_POST['imgsz'];
$printtp=$_POST['printtp'];
$quantity=$_POST['qty'];
$service=$_POST['service_tp'];
$details=$_POST['textarea'];

$hostname="localhost";
$username="root";
$password="";

$con=mysql_connect($hostname, $username, $password) or die ("unable to connect");

$selected=mysql_select_db("bandekar", $con) or die ("could not select database");


if(isset($_FILES['files'])){
    $errors= array();
    foreach($_FILES['files']['tmp_name'] as $key => $tmp_name ){
        $file_name = $key.$_FILES['files']['name'][$key];
        $file_size =$_FILES['files']['size'][$key];
        $file_tmp =$_FILES['files']['tmp_name'][$key];
        $file_type=$_FILES['files']['type'][$key];  
       $extensions = array("jpeg","jpg","png");         



$file_ext=explode('.',$_FILES['files']['name'][$key]);
$file_ext=end($file_ext);  
$file_ext=strtolower(end(explode('.',$_FILES['files']['name'][$key])));  
if(in_array($file_ext,$extensions ) === false){
    $errors[]="extension not allowed";
}        





$desired_dir="user_data";
        if(empty($errors)==true){



       $email= $_SESSION['email'];

        $OrderDate=date('Y-m-d');
        $query=mysql_query("INSERT INTO orderss (`oname`, `onumber`,`imgsize`,`printtp`,`quantity`,`service`,`details`,`FILE_NAME`,`FILE_SIZE`,`FILE_TYPE` ,`OrderDate` ,`email`) VALUES('$oname', '$onumber', '$imgsize', '$printtp', '$quantity', '$service', '$details','$file_name','$file_size','$file_type','$OrderDate','$email')");




            if(is_dir("upload/".$file_name)==false){
                move_uploaded_file($file_tmp,"upload/".$file_name);
            }else{                                  // rename the file if another one exist
                $new_dir="$upload/".$file_name.time();
                 rename($file_tmp,$new_dir) ;               
            }
         mysql_query($query);           
        }else{
                print_r($errors);
        }
    }

    if(empty($error)){
        echo "Success";


}

$result= mysql_query("select * from orderss where oname='$oname'");

$selected =mysql_select_db("bandekar", $con)or die("could not select database");

$row=mysql_fetch_array($result) or die ("Failed to fetch data");

echo "<table class='fl_left'>";
echo "<tr>";
echo "<td class='tt_txt'>";
echo "<tr><td><font face='Gabriola' size='24px'>Thank You!! :) ".$_SESSION["qname"]."!</font></tr></td>";
echo "<tr><td><mark> Your Order is Placed Successfully. We will get back to you soon.</mark></tr></td>";


echo "<tr><td><h1><font face='Cambria'>The Following is your Order Summary</h1></tr></td>";
echo "<tr><td><h2><br>Order Id: ".$row{'oid'}."</tr></td>";
echo "<tr><td><h2><br>Name: ".$row{'oname'}."</tr></td>";
echo "<tr><td><h2><br>Mobile: ".$row{'onumber'}."</tr></td>";
echo "<tr><td><h2><br>Email: ".$row{'email'}."</tr></td>";
echo "<tr><td><br>Size: ".$row{'imgsize'}."</tr></td>";
echo "<tr><td><br>Image-Name: ".$row{'FILE_NAME'}."</tr></td>";
echo "<tr><td><br>Print Type: ".$row{'printtp'}."</tr></td>";
echo "<tr><td><br>Quantity: ".$row{'quantity'}."</tr></td>";
echo "<tr><td><br>Service: ".$row{'service'}."</tr></td>";
echo "<tr><td><br>Details: ".$row{'details'}."</font></h2></tr></td>";
echo "<tr><td><br>Date: ".$row{'OrderDate'}."</font></h2></tr></td>";


}
mysql_close($con);

echo "</td>";
echo "</tr>";
echo "</table>";
?>

code is not working properly when user updates the order. it doesn't check images size limit and stored images get replaced.

please help...

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts learning and sharing knowledge.