upload image doesn't work

<?php
ob_start(); // I use this function because session_start() doesn't work with me
#session_start();
include("config.php");
include("functions.php");

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
    die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';
mysql_close($link);
// from here to
$validid = pf_validate_number($_GET['id'], "redirect", "index.php");
if(isset($_SESSION['USERNAME']) == FALSE) {
header("Location: " . $HOST_NAME . "login.php?ref=images&id=" . $validid);
}
// here .... it cause a problem.
$theitemsql = "SELECT user_id FROM items WHERE id = " . $validid . ";";
$theitemresult = mysql_query($theitemsql);
$theitemrow = mysql_fetch_assoc($theitemresult);
if($theitemrow['user_id'] != $_SESSION['USERID']) {
header("Location: " . $config_basedir);
}

if($_POST['submit']) {
if($_FILES['userfile']['name'] == '') {
header("Location: " . $HOST_NAME . $SCRIPT_NAME
. "?error=nophoto");
}
elseif($_FILES['userfile']['size'] == 0) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME
. "?error=photoprob");
}
elseif($_FILES['userfile']['size'] > $MAX_FILE_SIZE) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME
. "?error=large");
}
elseif(!getimagesize($_FILES['userfile']['tmp_name'])) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME
. "?error=invalid");
}

else {
$uploaddir = "/images/";
$uploadfile = $uploaddir . $_FILES['userfile']['name'];

if(move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile)) {
$inssql = "INSERT INTO images(item_id, name)
VALUES(" . $validid . ", '" . $_FILES['userfile']['name'] . "')";
mysql_query($inssql);
header("Location: " . $HOST_NAME . $SCRIPT_NAME . "?id=" . $validid);
}
else {
echo "There was a problem uploading your file.<br />";
}
}
}

else {
#require("header.php");
$imagessql = "SELECT * FROM images WHERE item_id = " . $validid
. ";";
$imagesresult = mysql_query($imagessql);
$imagesnumrows = mysql_num_rows($imagesresult);
echo "<h1>Current images</h1>";
if($imagesnumrows == 0) {
echo "No images.";
}
else {
echo "<table>";
while($imagesrow = mysql_fetch_assoc($imagesresult)) {
echo "<tr>";
echo "<td><img src='" . $config_basedir . "/images/" . $imagesrow['name'] . "' width='100'></td>";
echo "<td>[<a href='deleteimage.php?image_id="
. $imagesrow['id'] . "&item_id=" . $validid . "'>delete</a>]</td>";
echo "</tr>";
}
echo "</table>";
}
switch($_GET['error']) {
case "empty":
echo "You did not select anything.";
break;
case "nophoto":
echo "You did not select a photo to upload.";
break;
case "photoprob":
echo "There appears to be a problem with the
photo you are uploading";
break;
case "large":
echo "The photo you selected is too large";
break;
case "invalid":
echo "The photo you selected is not a valid image file";
break;
}
?>
// I remove the pf_script_with_get from $SCRIPT_NAME because that makes problem too
<form enctype="multipart/form-data" action="?php $SCRIPT_NAME; ?>" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="3000000">
<table>
<tr>
<td>Image to upload</td>
<td><input name="userfile" type="file"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="submit" value="Upload File"></td>
</tr>
</table>
</form>
<a href="<?php echo "itemdetails.php?id=" . $validid; ?>">see your item</a>!

<?php
}
require("footer.php");
?>
aiman_alnasirAsked:
Who is Participating?
 
steelseth12Connect With a Mentor Commented:
aiman_alnasir i have the book and believe me it has no mistakes in it. You just have to read it.
For example the problem with you upload directory .... The book says

"You create a variable called $uploaddir, which should point to a legitimate
location inside the main project directory. Create a new directory called images
with read and write access permissions and change $uploaddir to your directory."

If you have read that then you should have had a problem the upload directory.
Also for the application to function it has to be put together. Little pieces will not work on their own.
0
 
steelseth12Commented:
As soon as you make a connection you close it so any queries you make to the database will fail.

You need to remove mysql_close($link); from the begining of your script and place it after all your queries are done.

Also you have a typo here

<form enctype="multipart/form-data" action="?php $SCRIPT_NAME; ?>" method="POST">

it should be

<form enctype="multipart/form-data" action="<?php echo  $SCRIPT_NAME; ?>" method="POST">
0
 
aiman_alnasirAuthor Commented:
// I copy all the php files from one diractory to another and I change the index.php to in.php so I can see all the files front of me and try to see where is the mistake :

Check the link     http://et791.ni.utoledo.edu/~aalnasi/cset3300/13/addimages.php

<?php
ob_start();
#session_start();
include("config.php");
include("functions.php");

$link = mysql_connect('localhost', 'mysql_user', 'mysql_password');
if (!$link) {
    die('Could not connect: ' . mysql_error());
}
// the problem is start from here or either from the functions.php
#$validid = pf_validate_number($_GET['id'], "redirect", "index.php");
#if(isset($_SESSION['USERNAME']) == FALSE) {
#header("Location: " . $HOST_NAME . "login.php?ref=images&id=" . $validid);
#}

$theitemsql = "SELECT user_id FROM items WHERE id = " . $validid . ";";
$theitemresult = mysql_query($theitemsql);
$theitemrow = mysql_fetch_assoc($theitemresult);
if($theitemrow['user_id'] != $_SESSION['USERID']) {
header("Location: " . $config_basedir);
}

if($_POST['submit']) {
if($_FILES['userfile']['name'] == '') {
header("Location: " . $HOST_NAME . $SCRIPT_NAME
. "?error=nophoto");
}
elseif($_FILES['userfile']['size'] == 0) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME
. "?error=photoprob");
}
elseif($_FILES['userfile']['size'] > $MAX_FILE_SIZE) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME
. "?error=large");
}
elseif(!getimagesize($_FILES['userfile']['tmp_name'])) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME
. "?error=invalid");
}

else {
$uploaddir = "/opt/lampp/htdocs/sites/auction/images/";
$uploadfile = $uploaddir . $_FILES['userfile']['name'];

if(move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile)) {
$inssql = "INSERT INTO images(item_id, name)
VALUES(" . $validid . ", '" . $_FILES['userfile']['name'] . "')";
mysql_query($inssql);
header("Location: " . $HOST_NAME . $SCRIPT_NAME . "?id=" . $validid);
}
else {
echo "There was a problem uploading your file.<br />";
}
}
}

else {
#require("header.php");
$imagessql = "SELECT * FROM images WHERE item_id = " . $validid
. ";";
$imagesresult = mysql_query($imagessql);
$imagesnumrows = mysql_num_rows($imagesresult);
echo "<h1>Current images</h1>";
if($imagesnumrows == 0) {
echo "No images.";
}
else {
echo "<table>";
while($imagesrow = mysql_fetch_assoc($imagesresult)) {
echo "<tr>";
echo "<td><img src='" . $config_basedir . "/images/" . $imagesrow['name'] . "' width='100'></td>";
echo "<td>[<a href='deleteimage.php?image_id="
. $imagesrow['id'] . "&item_id=" . $validid . "'>delete</a>]</td>";
echo "</tr>";
}
echo "</table>";
}
switch($_GET['error']) {
case "empty":
echo "You did not select anything.";
break;
case "nophoto":
echo "You did not select a photo to upload.";
break;
case "photoprob":
echo "There appears to be a problem with the
photo you are uploading";
break;
case "large":
echo "The photo you selected is too large";
break;
case "invalid":
echo "The photo you selected is not a valid image file";
break;
}
mysql_close($link);
?>

<form enctype="multipart/form-data" action="<?php $SCRIPT_NAME; ?>" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="3000000">
<table>
<tr>
<td>Image to upload</td>
<td><input name="userfile" type="file"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="submit" value="Upload File"></td>
</tr>
</table>
</form>
<a href="<?php echo "itemdetails.php?id=" . $validid; ?>">see your item</a>!

<?php
}
require("footer.php");
?>
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
steelseth12Commented:
change elseif($_FILES['userfile']['size'] > $MAX_FILE_SIZE) {

to

elseif($_FILES['userfile']['size'] > $_POST["MAX_FILE_SIZE"]) {
0
 
aiman_alnasirAuthor Commented:
It give me this message

There was a problem uploading your file.

I think the problem comes from
#$validid = pf_validate_number($_GET['id'], "redirect", "index.php");
#if(isset($_SESSION['USERNAME']) == FALSE) {
#header("Location: " . $HOST_NAME . "login.php?ref=images&id=" . $validid);
#}
// if I remove # from all the code above it will not allow me to open the file at all ???
0
 
steelseth12Commented:
The problem is here ...

move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile) ... its not uploading the file

check that /opt/lampp/htdocs/sites/auction/images/  is a valid and you have permission to write in it .

Also put error_reporting(E_ALL); on the begining of you script so we can see what is causing this.

0
 
aiman_alnasirAuthor Commented:
else{
error_reporting(E_ALL);
//////////////////  I change the below code to //////////////////////////
// $uploaddir = "/opt/lampp/htdocs/sites/auction/images/";
// $uploadfile = $uploaddir . $_FILES['userfile']['name'];

$uploaddir = "http://et791.ni.utoledo.edu/~aalnasi/cset3300/13/images/";
$uploadfile = $uploaddir . $_FILES['userfile']['name'];
// I gave the images file chmod 777
//But still the problem is the same
0
 
steelseth12Commented:
Put error_reporting(E_ALL);  on top of the page under ob_start();
0
 
aiman_alnasirAuthor Commented:
Nothing change ? I put it like what you said
<?php
ob_start();
error_reporting(E_ALL);
#session_start();
include("config.php");
but still nothing change
0
 
steelseth12Commented:
ok ... also add ini_set("display_errors","on"); above error_reporting(E_ALL);
0
 
aiman_alnasirAuthor Commented:
// As I thought , the problem start from here
#$validid = pf_validate_number($_GET['id'], "redirect", "index.php");
#if(isset($_SESSION['USERNAME']) == FALSE) {
#header("Location: " . $HOST_NAME . "login.php?ref=images&id=" . $validid);
#}
.....
$theitemrow = mysql_fetch_assoc($theitemresult);
if($theitemrow['user_id'] != $_SESSION['USERID']) {
header("Location: " . $config_basedir);
}
0
 
steelseth12Commented:
Post the code of the page as you have because from i have i cant match the errors with the line numbers ....  also the path to the site seems to be /usr/home/aalnasi/public_html/cset3300/13/ .... where did you get /opt/lampp/htdocs/sites/auction/images/ from ?
0
 
aiman_alnasirAuthor Commented:
I got the     /opt/lampp/htdocs/sites/auction/images/  from a book ( Practical PHP and MySql ) I used the same example on the book.
Here is the latest code :

<?php
ob_start();
ini_set("display_errors","on");
error_reporting(E_ALL);

#session_start();
include("config.php");
include("functions.php");

$con = mysql_connect("localhost","aalnasi","my_password");
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }

mysql_select_db("aalnasi", $con);

if(!isset($_GET['id']))
{
$_GET['id'] = 0;
}


#$validid = pf_validate_number($_GET['id'], "redirect", "in.php");
if(isset($_SESSION['USERNAME']) == FALSE) {
#header("Location: " . $HOST_NAME . "login.php?ref=images&id=" .
#$validid);
}

$theitemsql = "SELECT user_id FROM items WHERE id = " . $validid . ";";
$theitemresult = mysql_query($theitemsql);
$theitemrow = mysql_fetch_assoc($theitemresult);
if($theitemrow['user_id'] != $_SESSION['USERID']){
header("Location: " . $config_basedir);
}

if($_POST['submit']) {
if($_FILES['userfile']['name'] == '') {
header("Location: " . $HOST_NAME . $SCRIPT_NAME . "?error=nophoto");
}
elseif($_FILES['userfile']['size'] == 0) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME . "?error=photoprob");
}
elseif($_FILES['userfile']['size'] > $_POST['MAX_FILE_SIZE']) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME . "?error=large");
}
elseif(!getimagesize($_FILES['userfile']['tmp_name'])) {
header("Location: " . $HOST_NAME . $SCRIPT_NAME . "?error=invalid");
}

else {

#$uploaddir = "/opt/lampp/htdocs/sites/auction/images/";
#$uploadfile = $uploaddir . $_FILES['userfile']['name'];

#$destination = "upload/";
#$destination = $destination . basename( $_FILES['filelocation']['name']) ;

$uploaddir = "http://et791.ni.utoledo.edu/~aalnasi/cset3300/13/images/";
$uploadfile = $uploaddir . $_FILES['userfile']['name'];


if(move_uploaded_file($_FILES['userfile']['tmp_name'],$uploadfile)) {
$inssql = "INSERT INTO images(item_id, name) VALUES(" . $validid . ", '" . $_FILES['userfile']['name'] . "')";
mysql_query($inssql);
header("Location: " . $HOST_NAME . $SCRIPT_NAME . "?id=" . $validid);
}
else {
echo "There was a problem uploading your file.<br />";
}
}
}

else {
#require("header.php");
$imagessql = "SELECT * FROM images WHERE item_id = " . $validid . ";";
$imagesresult = mysql_query($imagessql);
$imagesnumrows = mysql_num_rows($imagesresult);
echo "<h1>Current images</h1>";
if($imagesnumrows == 0) {
echo "No images.";
}
else {
echo "<table>";
while($imagesrow = mysql_fetch_assoc($imagesresult)) {
echo "<tr>";
echo "<td><img src='" . $config_basedir . "/images/" . $imagesrow['name'] . "' width='100'></td>";
echo "<td>[<a href='deleteimage.php?image_id="
. $imagesrow['id'] . "&item_id=" . $validid . "'>delete</a>]</td>";
echo "</tr>";
}
echo "</table>";
}
switch($_GET['error']) {
case "empty":
echo "You did not select anything.";
break;
case "nophoto":
echo "You did not select a photo to upload.";
break;
case "photoprob":
echo "There appears to be a problem with the photo you are uploading";
break;
case "large":
echo "The photo you selected is too large";
break;
case "invalid":
echo "The photo you selected is not a valid image file";
break;
}
mysql_close($con);
?>

<form enctype="multipart/form-data" action="<?php $SCRIPT_NAME; ?>" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="3000000">
<table>
<tr>
<td>Image to upload</td>
<td><input name="userfile" type="file"></td>
</tr>
<tr>
<td colspan="2"><input type="submit" name="submit" value="Upload File"></td>
</tr>
</table>
</form>
<a href="<?php echo "itemdetails.php?id=" . $validid; ?>">see your item</a>!

<?php
}
#require("footer.php");
?>
0
 
steelseth12Commented:
aiman_alnasir im not sure how to procede as this is a homework question and EE have has strict rules about homework questions.

see

http://www.experts-exchange.com/help.jsp#hi56

http://www.experts-exchange.com/help.jsp#hi105

http://www.experts-exchange.com/help.jsp#hi130

I have opened a question in the community support forum and i am watitng for an answer from the moderator.

http://www.experts-exchange.com/Community_Support/General/Q_22712005.html
0
 
aiman_alnasirAuthor Commented:
Yes it is a small question in a whole assignment ? I don't think there is a problem because we are tring to solve a problem from a book ??? There is some mistake in the book and we try to find the mistakes and correct them ??
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.