Solved

Picture Load problem Binary help

Posted on 2004-09-15
6
235 Views
Last Modified: 2013-12-12
I have a code below I have been working on for a few weeks for a control panel for my model site. I have a problem with the picture being stored.
1) I can store the pics that work fine.

2) If you load your pictures from 1 thru 10 ay one time it will work fine even if you only load 1 thru 4 it will work fine.

3) If you load 1 to 4 the first time then would like to go back in the same session or a different seesion and load 5 thru 10 IT WILL NOT WORK IT WILL STILL ONLY BE 1 thru 4 there.

4) If you have all 10 loaded and try to just change number 5 it willnot do it number 5 will still be the original number 5. In order to change 5 you must reload all the others.

CAN ANYONE HELP WITH THIS PROBLEM I KNOW THE CODES PRETTY INVOVLED.
***** IF YOU WANNA HELP AND NEED A PLACE TO TEST IT I CAN PROVIDE A TESTING ENVIROMENT....

ANY HELP WILL be appreciate but don't start telling me to rewrite the whole thing.
Thanks Phil








<?php
      session_start();
      require("loginfo.php");
      

###User login process
###User login process

      require("login.php");
      if(!$validLog) { header("Location: cplogin.php"); } else { $mustLog = true; }
      if($PHPSESSID != $_GET['from'] && $PHPSESSID != $_POST['from']) { header("Location: cplogin.php"); }
      
###End of user login process
###End of user login process


###Data validation process
###Data validation process

      $uped = "";
      if($_SESSION['infoUped'] == "yes") { $_SESSION['infoUped'] = ""; $uped = "<i>Your changes have been saved</i>"; }

      if($_POST['saveData'] == "yes")
       {
        $blank = "";
        $allDone = true;

        if($_POST['country'] == "US") { if($_POST['name'] == "" || $_POST['lastname'] == "" || $_POST['home_phone'] == "" || $_POST['adr1'] == "" || $_POST['city'] == "" || $_POST['state'] == "" || $_POST['zip'] == "" || $_POST['country'] == "X") { $allDone = false; $blank = "You can't leave any field blank, all fields need to be filled in.\\n\\nPlase provide the requested information in order to proceed."; } }
      else if($_POST['country'] != "US") { if($_POST['name'] == "" || $_POST['lastname'] == "" || $_POST['home_phone'] == "" || $_POST['adr1'] == "" || $_POST['city'] == "" || $_POST['country'] == "X") { $allDone = false; $blank = "You can't leave any field blank, all fields need to be filled in.\\n\\nPlase provide the requested information in order to proceed."; } }
        if($_POST['npassw'] != $_POST['npasswr']) { $allDone = false; $blank = "The provided passwords do not match.\\n\\nPlase provide two valid passwords in order to proceed."; }
        if($blank != "") { echo "<script>alert(\"".$blank."\");</script>"; }
      if($allDone)
         {
               if($_POST['npassw'] == "" || $_POST['npasswr'] == "")
                {
               $updateMe = mysql_query("UPDATE models SET first_name = \"".$_POST['name']."\",last_name = \"".$_POST['lastname']."\",
                                                                              model_name = \"".$_POST['stage_name']."\",address_1 = \"".$_POST['adr1']."\",
                                                                              address_2 = \"".$_POST['adr2']."\",city = \"".$_POST['city']."\",
                                                                              state = \"".$_POST['state']."\",zipcode = \"".$_POST['zip']."\",
                                                                              country = \"".$_POST['country']."\",home_phone = \"".$_POST['home_phone']."\",
                                                                              extra_phone = \"".$_POST['extra_phone']."\",email = \"".$_POST['email']."\",
                                                                              age = \"".$_POST['age']."\",sex = \"".$_POST['sex']."\",
                                                                              eyecolor = \"".$_POST['eyecolor']."\",haircolor = \"".$_POST['haircolor']."\",
                                                                              height = \"".$_POST['height']."\",height_inches = \"".$_POST['height_inches']."\",
                                                                              weight = \"".$_POST['weight']."\",chest = \"".$_POST['chest']."\",
                                                                              waiste = \"".$_POST['waiste']."\",shoe_size = \"".$_POST['shoe']."\" WHERE ID = \"".$_SESSION['user']['ID']."\"");                
                }
               else
                {
               $newPass = md5($_POST['npassw']);
               $updateMe = mysql_query("UPDATE models SET first_name = \"".$_POST['name']."\",last_name = \"".$_POST['lastname']."\",
                                                                              model_name = \"".$_POST['stage_name']."\",address_1 = \"".$_POST['adr1']."\",
                                                                              address_2 = \"".$_POST['adr2']."\",city = \"".$_POST['city']."\",
                                                                              state = \"".$_POST['state']."\",zipcode = \"".$_POST['zip']."\",
                                                                              country = \"".$_POST['country']."\",home_phone = \"".$_POST['home_phone']."\",
                                                                              extra_phone = \"".$_POST['extra_phone']."\",email = \"".$_POST['email']."\",
                                                                              age = \"".$_POST['age']."\",sex = \"".$_POST['sex']."\",
                                                                              eyecolor = \"".$_POST['eyecolor']."\",haircolor = \"".$_POST['haircolor']."\",
                                                                              height = \"".$_POST['height']."\",height_inches = \"".$_POST['height_inches']."\",
                                                                              weight = \"".$_POST['weight']."\",chest = \"".$_POST['chest']."\",
                                                                              waiste = \"".$_POST['waiste']."\",shoe_size = \"".$_POST['shoe']."\",
                                                                              passw = '$newPass' WHERE ID = \"".$_SESSION['user']['ID']."\"");
                }
            
        if(!$updateMe)
         {
          $blank = "An error has occurred while saving your data. Please try again later...<br>Error code: ".mysql_error();
          echo "<script>alert(\"".$blank."\");</script>";
         } else { $_SESSION['infoUped'] = "yes"; header("Location: cplogin.php"); }
       }
       }
      
      
      if($_POST['savePics'] == "yes")
       {
        if($_FILES)
         {
               $good = false;
               $good2 = false;
               $mainLoaded = false;
            $otherLoaded = false;
          $image_types = array("image/jpeg","image/pjpeg","image/gif","image/x-png");
            #Main picture
          if(is_uploaded_file($_FILES["mainpic"]["tmp_name"]))
           { $mainLoaded = true;
             $pic1 = addslashes(fread(fopen ($_FILES["mainpic"]["tmp_name"], "r"),filesize ($_FILES["mainpic"]["tmp_name"])));
             $file_type = $_FILES["mainpic"]["type"];
             if(in_array(strtolower($file_type), $image_types))
             {
                  $result = mysql_query("UPDATE models SET main_pic = '{$pic1}' WHERE ID = \"".$_SESSION['user']['ID']."\"");
                  if(!$result) { $error1 = true; }
                else { $good = true; } } else { $invalid1 = true; } }

            #Other pics
            $i = 1;
            while(is_uploaded_file($_FILES['pic'.$i]["tmp_name"]))
             {
            $pic1 = addslashes(fread(fopen ($_FILES['pic'.$i]["tmp_name"], "r"),filesize ($_FILES['pic'.$i]["tmp_name"])));
            $file_type = $_FILES['pic'.$i]["type"];
            if(in_array(strtolower($file_type), $image_types)) { $picLoad[$i] = $pic1; }
            else { $invalid2 = true; }
            $i++;
           }
          if($i > 1) { $otherLoaded = true; }
            $newID = $_SESSION['user']['ID'];
          $queryUsers = mysql_query("SELECT * FROM pictures WHERE userID = \"".$_SESSION['user']['ID']."\"");
            if(mysql_num_rows($queryUsers) > 0 && $i > 1)
             {
              $resultIns = mysql_query("UPDATE pictures SET pic_1 = '{$picLoad[1]}',pic_2 = '{$picLoad[2]}',pic_3 = '{$picLoad[3]}',pic_4 = '{$picLoad[4]}',pic_5 = '{$picLoad[5]}',pic_6 = '{$picLoad[6]}',pic_7 = '{$picLoad[7]}',pic_8 = '{$picLoad[8]}',pic_9 = '{$picLoad[9]}',pic_10 = '{$picLoad[10]}' WHERE userID = '$newID'");
              if(!$resultIns) { echo "1 - ".mysql_error(); } else { $good2 = true; }
             }
            else if(mysql_num_rows($queryUsers) == 0)
             {
              $resultIns = mysql_query("INSERT INTO pictures VALUES('$newID','$picLoad[1]','$picLoad[2]','$picLoad[3]','$picLoad[4]','$picLoad[5]','$picLoad[6]','$picLoad[7]','$picLoad[8]','$picLoad[9]','$picLoad[10]')");
              if(!$resultIns) { echo "2 - ".mysql_error(); } else { $good2 = true; }
             }
              if($error1 || $error2) { echo "<script>alert('An error occured while saving your pictures.\n\nPlease try again...')</script>"; }
              if ($invalid1 || $invalid2) { echo "<script>alert('You are trying to load an invalid file format.\n\nPlease try again...')</script>"; }
              if($mainLoaded && !$otherLoaded) { if($good) { $loaded = "<i>Pictures have been loaded</i>"; } }
              elseif(!$mainLoaded && $otherLoaded) { if($good2) { $loaded = "<i>Pictures have been loaded</i>"; } }
              elseif($mainLoaded && $otherLoaded) { if($good && $good2) { $loaded = "<i>Pictures have been loaded</i>"; } }
         }
         $bio = $_POST['myBio'];
         $resultBio = mysql_query("UPDATE models SET bio_info = '$bio' WHERE ID = '$newID'");
       }

###End of data validation process
###End of data validation process

?>
0
Comment
Question by:smphil
  • 3
  • 2
6 Comments
 
LVL 13

Expert Comment

by:cLFlaVA
ID: 12066261
Got tired of waiting huh phil?
0
 
LVL 1

Author Comment

by:smphil
ID: 12066438
No just trying to get as much help as possible
0
 
LVL 1

Author Comment

by:smphil
ID: 12066481
I ve been working on it all morning and I can find the answer I am going totaly nuts. And Maybe someone can steer you even in the right direction aand If you want if you can help me dinish up ill give some add space on the site if you would like. Thanks Cory Hit me up after work.
I hope you can do it for me.
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 27

Expert Comment

by:Diablo84
ID: 12068839
Hi Phil, I have had a look at your code but i'm at that point tonight where i can't stay focused long enough to get anything done so i think i will come back to it in the morning with fresh eyes.
0
 
LVL 13

Assisted Solution

by:cLFlaVA
cLFlaVA earned 500 total points
ID: 12069077
Phil-

here's my first attempt.  There will certainly still need to be some error testing added.  What I did was this:

1 > "Properly" indented code - makes it much easier to read.
2 > Created a function - updateNewPic() that takes two parameters: picture and field name
3 > Changed your While loop to a For loop.  This is where the main problem was.

Check it out:

your while loop said this:

while (is_uploaded_file ... ) {

}

Think about that.  If the first field (pic_1) isn't a file (left blank), then this section never fires.  I changed this to a for loop that will loop through each file input field, and if there exists a file, it will try to upload it.

Let me know how this works for you.





<?php

# function updateNewPic
# inputs: $pic - the picture to upload
#         $field - the field to insert to
#
function updateNewPic($pic, $field) {
      $result = mysql_query("UPDATE models SET " . $field . " = '{" . $pic . "}' WHERE ID = \"".$_SESSION['user']['ID']."\"");
      if (!$result)
            echo "Couldn't insert into field: " . $field;
}
# end of updateNewPic function

session_start();
require("loginfo.php");

###User login process

require("login.php");
if(!$validLog)
      header("Location: cplogin.php");
else {
      $mustLog = true;

if($PHPSESSID != $_GET['from'] && $PHPSESSID != $_POST['from'])
      header("Location: cplogin.php");
     
###End of user login process

###Data validation process

$uped = "";

if($_SESSION['infoUped'] == "yes") {
      $_SESSION['infoUped'] = "";
      $uped = "<i>Your changes have been saved</i>";
}

if($_POST['saveData'] == "yes") {
      $blank = "";
    $allDone = true;

    if($_POST['country'] == "US") {
            if($_POST['name'] == "" || $_POST['lastname'] == "" || $_POST['home_phone'] == "" ||
                  $_POST['adr1'] == "" || $_POST['city'] == "" || $_POST['state'] == "" ||
                  $_POST['zip'] == "" || $_POST['country'] == "X") {
                  $allDone = false;
                  $blank = "You can't leave any field blank, all fields need to be filled in.\\n\\nPlase provide the requested information in order to proceed.";
            }
      } else {
            if($_POST['name'] == "" || $_POST['lastname'] == "" || $_POST['home_phone'] == "" ||
                  $_POST['adr1'] == "" || $_POST['city'] == "" || $_POST['country'] == "X") {
                  $allDone = false;
                  $blank = "You can't leave any field blank, all fields need to be filled in.\\n\\nPlase provide the requested information in order to proceed.";
            }
      }
      
      if($_POST['npassw'] != $_POST['npasswr']) {
            $allDone = false;
            $blank = "The provided passwords do not match.\\n\\nPlase provide two valid passwords in order to proceed.";
      }

      if($blank != "")
            echo "<script>alert(\"".$blank."\");</script>";

    if($allDone) {
            if($_POST['npassw'] == "" || $_POST['npasswr'] == "") {
                  $updateMe = mysql_query("UPDATE models SET first_name = \"".$_POST['name']."\",last_name = \"".$_POST['lastname']."\",model_name = \"".$_POST['stage_name']."\",address_1 = \"".$_POST['adr1']."\", address_2 = \"".$_POST['adr2']."\",city = \"".$_POST['city']."\",state = \"".$_POST['state']."\",zipcode = \"".$_POST['zip']."\",country = \"".$_POST['country']."\",home_phone = \"".$_POST['home_phone']."\",extra_phone = \"".$_POST['extra_phone']."\",email = \"".$_POST['email']."\",age = \"".$_POST['age']."\",sex = \"".$_POST['sex']."\",eyecolor = \"".$_POST['eyecolor']."\",haircolor = \"".$_POST['haircolor']."\",height = \"".$_POST['height']."\",height_inches = \"".$_POST['height_inches']."\",weight = \"".$_POST['weight']."\",chest = \"".$_POST['chest']."\",waiste = \"".$_POST['waiste']."\",shoe_size = \"".$_POST['shoe']."\" WHERE ID = \"".$_SESSION['user']['ID']."\"");              
            } else {
            $newPass = md5($_POST['npassw']);
            $updateMe = mysql_query("UPDATE models SET first_name = \"".$_POST['name']."\",last_name = \"".$_POST['lastname']."\",model_name = \"".$_POST['stage_name']."\",address_1 = \"".$_POST['adr1']."\",address_2 = \"".$_POST['adr2']."\",city = \"".$_POST['city']."\",state = \"".$_POST['state']."\",zipcode = \"".$_POST['zip']."\",country = \"".$_POST['country']."\",home_phone = \"".$_POST['home_phone']."\",extra_phone = \"".$_POST['extra_phone']."\",email = \"".$_POST['email']."\",age = \"".$_POST['age']."\",sex = \"".$_POST['sex']."\",eyecolor = \"".$_POST['eyecolor']."\",haircolor = \"".$_POST['haircolor']."\",height = \"".$_POST['height']."\",height_inches = \"".$_POST['height_inches']."\",weight = \"".$_POST['weight']."\",chest = \"".$_POST['chest']."\",waiste = \"".$_POST['waiste']."\",shoe_size = \"".$_POST['shoe']."\",passw = '$newPass' WHERE ID = \"".$_SESSION['user']['ID']."\"");
        }
         
        if(!$updateMe) {
                  $blank = "An error has occurred while saving your data. Please try again later...<br>Error code: ".mysql_error();
                  echo "<script>alert(\"".$blank."\");</script>";
        } else {
                  $_SESSION['infoUped'] = "yes";
                  header("Location: cplogin.php");
            }
      }
}
     
     
if($_POST['savePics'] == "yes") {
      if($_FILES) {
            $good = false;
        $good2 = false;
        $mainLoaded = false;
        $otherLoaded = false;
        $image_types = array("image/jpeg","image/pjpeg","image/gif","image/x-png");
       
            #Main picture
            
        if(is_uploaded_file($_FILES["mainpic"]["tmp_name"])) {
                  $mainLoaded = true;
            $pic1 = addslashes(fread(fopen ($_FILES["mainpic"]["tmp_name"], "r"),filesize ($_FILES["mainpic"]["tmp_name"])));
            $file_type = $_FILES["mainpic"]["type"];
            if(in_array(strtolower($file_type), $image_types)) {
                        updateNewPic($pic1, "main_pic");
                  } else {
                        $invalid1 = true;
                  }
            }

            #Other pics
        $i = 1;
            for ($i = 1; $i < 10; $i++) {
                  $pic1 = '';
                  if(is_uploaded_file($_FILES["pic" . $i]["tmp_name"])) {
                        $pic1 = addslashes(fread(fopen ($_FILES['pic'.$i]["tmp_name"], "r"),filesize ($_FILES['pic'.$i]["tmp_name"])));
                        $file_type = $_FILES['pic'.$i]["type"];
                        if(in_array(strtolower($file_type), $image_types))
                              updateNewPic($pic1, "pic_" . $i);
                  }
            }

            if($i > 1)
                  $otherLoaded = true;

        $newID = $_SESSION['user']['ID'];
        $queryUsers = mysql_query("SELECT * FROM pictures WHERE userID = \"".$_SESSION['user']['ID']."\"");
        if(mysql_num_rows($queryUsers) > 0 && $i > 1) {
                  $resultIns = mysql_query("UPDATE pictures SET pic_1 = '{$picLoad[1]}',pic_2 = '{$picLoad[2]}',pic_3 = '{$picLoad[3]}',pic_4 = '{$picLoad[4]}',pic_5 = '{$picLoad[5]}',pic_6 = '{$picLoad[6]}',pic_7 = '{$picLoad[7]}',pic_8 = '{$picLoad[8]}',pic_9 = '{$picLoad[9]}',pic_10 = '{$picLoad[10]}' WHERE userID = '$newID'");
                  if(!$resultIns)
                        echo "1 - ".mysql_error();
                  else
                        $good2 = true;
            } else if(mysql_num_rows($queryUsers) == 0) {
                  $resultIns = mysql_query("INSERT INTO pictures VALUES('$newID','$picLoad[1]','$picLoad[2]','$picLoad[3]','$picLoad[4]','$picLoad[5]','$picLoad[6]','$picLoad[7]','$picLoad[8]','$picLoad[9]','$picLoad[10]')");
           
                  if(!$resultIns)
                        echo "2 - ".mysql_error();
                  else
                        $good2 = true;
            }

            if($error1 || $error2)
                  echo "<script>alert('An error occured while saving your pictures.\n\nPlease try again...')</script>";

        if ($invalid1 || $invalid2)
                  echo "<script>alert('You are trying to load an invalid file format.\n\nPlease try again...')</script>";

        if($mainLoaded && !$otherLoaded) {
                  if($good)
                        $loaded = "<i>Pictures have been loaded</i>";
            } elseif(!$mainLoaded && $otherLoaded) {
                  if($good2)
                        $loaded = "<i>Pictures have been loaded</i>";
            } elseif($mainLoaded && $otherLoaded) {
                  if($good && $good2)
                        $loaded = "<i>Pictures have been loaded</i>";
            }
      }
    $bio = $_POST['myBio'];
    $resultBio = mysql_query("UPDATE models SET bio_info = '$bio' WHERE ID = '$newID'");
}

###End of data validation process
###End of data validation process

?>
0
 
LVL 13

Accepted Solution

by:
cLFlaVA earned 500 total points
ID: 12069114
Also, Phil-

Consider (eventually) breaking things down into functions.  What I would do in your situation is create another php file with only functions relevant to this code.  Functions can include:

updateNewPic()
displayError()
updateUserInfo()

among others.

You would require_once() this file at the top of this php file.  This would make your code much easier to read, much easier to debug, and much easier to reuse.

However, let's make a snack before we try cooking for the entire world.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Foreword (July, 2015) Since I first wrote this article, years ago, a great many more people have begun using the internet.  They are coming online from every part of the globe, learning, reading, shopping and spending money at an ever-increasing ra…
This article discusses how to create an extensible mechanism for linked drop downs.
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
The viewer will learn how to look for a specific file type in a local or remote server directory using PHP.

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now