Solved

Default Image for file upload to mysql database PHP

Posted on 2008-10-28
13
345 Views
Last Modified: 2013-12-13
Hi, There is a really simple answer to this, but for the life of me I cannot work it out. What I have is a script to upload images to a mysql databse which works like a dream. The problem I am having is that if a user does not select an image, no image is entered into the database, which cause issues when displaying on the site and also with updating the image a later time.

What I have been trying to do is if the userfile is left empty, on upload the php script selects an image of the server /admin/noimage.php and uploads that to the database.

Attached is the code snippet

I have tried now for ages... I just cannot do it and I am desperate for a little help.

Thank you very much in advance
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
 {
 $fileName = $_FILES['userfile']['name'];
 $tmpName  = $_FILES['userfile']['tmp_name'];
 $fileSize = $_FILES['userfile']['size'];
 $fileType = $_FILES['userfile']['type'];
 
 $fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);
 
 if(!get_magic_quotes_gpc()) $fileName = addslashes($fileName);
 
 $query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("'.$fileName.'","'.$fileSize.'","'.$fileType.'","'.$width.'","'.$height.'","'.$content.'")';
 mysql_query($query,$dbh) or die(mysql_error());
 $val=mysql_fetch_row($res);
 $imageid=$val[0];

Open in new window

0
Comment
Question by:flashjordan
  • 7
  • 5
13 Comments
 
LVL 17

Expert Comment

by:psimation
ID: 22824555
Your code doesn't seem to be complete. - so I'm assuming that your if statement ends after the last line you posted?

Anyway - you are not physically uploading an image into the DB, you are only saving the filename in the db - the actual image is saved on the filesystem.

So, all you need to do is add an "else" to your if statement that inserts a set imagename into the db if the userfile is not larger than 0...

IE, you make a "static" sql query containing constant values matching the std image you already have on the system and you simply insert it's details for that instance
if( (isset($_POST['upload'])) && ($_FILES['userfile']['size'] > 0) )
 {
 $fileName = $_FILES['userfile']['name'];
 $tmpName  = $_FILES['userfile']['tmp_name'];
 $fileSize = $_FILES['userfile']['size'];
 $fileType = $_FILES['userfile']['type'];
 
 $fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);
 
 if(!get_magic_quotes_gpc()) $fileName = addslashes($fileName);
 
 $query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("'.$fileName.'","'.$fileSize.'","'.$fileType.'","'.$width.'","'.$height.'","'.$content.'")';
 mysql_query($query,$dbh) or die(mysql_error());
 $val=mysql_fetch_row($res);
 $imageid=$val[0];
} elseif (isset($_POST['upload']) && $_FILES['userfile']['size'] == 0){
 
$query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("YOUR_STD_FILEMNAME_HERE","PICTURE_SIZE_HERE","FILETYPE_HERE","WIDTH","HEIGHT","CONTENT")';
 mysql_query($query,$dbh) or die(mysql_error());
}

Open in new window

0
 
LVL 1

Author Comment

by:flashjordan
ID: 22824716
I am uploading the images to the database, however if the user diesn't upload an image it causes many problems... so what I need to do is if they do not upload an image an image is selected from /admin/noimage.php and added to the database. This image can be changed at a later date (done that)
What I can't do is use the else statement to replace an image if the user doesn't upload an image.

Full code I am using follows

Thank you for your help

<?php
ob_start('ob_gzhandler');
include 'connect.php';
 
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
 {
 $fileName = $_FILES['userfile']['name'];
 $tmpName  = $_FILES['userfile']['tmp_name'];
 $fileSize = $_FILES['userfile']['size'];
 $fileType = $_FILES['userfile']['type'];
 
 $fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);
 
 if(!get_magic_quotes_gpc()) $fileName = addslashes($fileName);
 
 $query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("'.$fileName.'","'.$fileSize.'","'.$fileType.'","'.$width.'","'.$height.'","'.$content.'")';
 mysql_query($query,$dbh) or die(mysql_error());
 $val=mysql_fetch_row($res);
 }
 
$make=mysql_escape_string($_POST['make']);
$model=mysql_escape_string($_POST['model']);
$yeardate=mysql_escape_string($_POST['yeardate']);
$mileage=mysql_escape_string($_POST['mileage']);
$description=mysql_escape_string($_POST['description']);
$price=mysql_escape_string($_POST['price']);
$service=mysql_escape_string($_POST['service']);
$mot=mysql_escape_string($_POST['mot']);
$tax=mysql_escape_string($_POST['tax']);
$options=mysql_escape_string($_POST['options']);
$hot=mysql_escape_string($_POST['hot']);
$dat=mysql_escape_string($_POST['dat']);
$reg=mysql_escape_string($_POST['reg']);
 
mysql_query('INSERT INTO cars (make,model,yeardate,mileage,description,price,service,mot,tax,options,hot,dat,imageid,reg) VALUES ("'.$make.'","'.$model.'","'.$yeardate.'","'.$mileage.'","'.$description.'","'.$price.'","'.$service.'","'.$mot.'","'.$tax.'","'.$options.'","'.$hot.'","'.$dat.'","'.$imageid.'","'.$reg.'")',$dbh) or die(mysql_error());
 
?>
<html><body><p>&nbsp;</p><p align="center"><font size="2" color="#999999" face="Arial"><b>Success!</b></p><p align="center"><a href="index.php"><img src="../images/success.gif" border="0"/></a></p></body></html>

Open in new window

0
 
LVL 17

Expert Comment

by:psimation
ID: 22824776
my bad - didn't read through your code properly.
OK, so all you need to do is replace the $content part if the  $_FILES['userfile']['size'] == 0

So, you still use the elseif as I proposed earlier, but now you just open the file directly from it's known location and then write that into the db instead of looking for the uploaded file.

so, in this part in the "elseif" section, you simply substitute $tmpName with the known image name and location:

 $fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);

 

0
DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

 
LVL 3

Expert Comment

by:raminhos
ID: 22824863
Try:

f(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
 {
 $fileName = $_FILES['userfile']['name'];
 $tmpName  = $_FILES['userfile']['tmp_name'];
 $fileSize = $_FILES['userfile']['size'];
 $fileType = $_FILES['userfile']['type'];
 
}else{
  
  $tmpName = "pictures/pic.jpg";
 
 $fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);
 
 if(!get_magic_quotes_gpc()) $fileName = addslashes($fileName);
 
 $query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("'.$fileName.'","'.$fileSize.'","'.$fileType.'","'.$width.'","'.$height.'","'.$content.'")';
 mysql_query($query,$dbh) or die(mysql_error());
 $val=mysql_fetch_row($res);
 $imageid=$val[0];

Open in new window

0
 
LVL 1

Author Comment

by:flashjordan
ID: 22824873
I am really sorry, but I really don't understand where to do this and to be honest how... I have been messing with this for ages now and I am just confused... its been a very long day! Can you please explain in idiot terms, because I think I am one at the moment?
0
 
LVL 17

Expert Comment

by:psimation
ID: 22824901
try this
if( (isset($_POST['upload'])) && ($_FILES['userfile']['size'] > 0) )
 {
 $fileName = $_FILES['userfile']['name'];
 $tmpName  = $_FILES['userfile']['tmp_name'];
 $fileSize = $_FILES['userfile']['size'];
 $fileType = $_FILES['userfile']['type'];
 
 $fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);
 
 if(!get_magic_quotes_gpc()) $fileName = addslashes($fileName);
 
 $query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("'.$fileName.'","'.$fileSize.'","'.$fileType.'","'.$width.'","'.$height.'","'.$content.'")';
 mysql_query($query,$dbh) or die(mysql_error());
 $val=mysql_fetch_row($res);
 $imageid=$val[0];
} elseif (isset($_POST['upload']) && $_FILES['userfile']['size'] == 0){
 
$tmpName = "/admin/noimage.jpg";
 
$fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);
 
 if(!get_magic_quotes_gpc()) $fileName = addslashes($fileName);
 
 $query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("'.$fileName.'","'.$fileSize.'","'.$fileType.'","'.$width.'","'.$height.'","'.$content.'")';
 mysql_query($query,$dbh) or die(mysql_error());
 $val=mysql_fetch_row($res);
 $imageid=$val[0];
}

Open in new window

0
 
LVL 17

Expert Comment

by:psimation
ID: 22824910
need to overwrite $filename as well, so just add $filename = "noimage.jpg"; on line 21 or 23 in my previous post.
0
 
LVL 1

Author Comment

by:flashjordan
ID: 22825099
Hi thanks... It is sort of working except that it isn't enteringthe size filename or type into the database.. any ideas
0
 
LVL 17

Expert Comment

by:psimation
ID: 22825158
I made a typo with $filename, it should be $fileName...

Just check if that fixes it?
0
 
LVL 17

Accepted Solution

by:
psimation earned 500 total points
ID: 22825202
also, this: list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
is getting $typeq and you are trying to enter $fileType into the DB, maybe change that to enter $typeq instead.

And for filesize, do and extra : $fileSize =  filesize($tmpName); and see if that helps.
0
 
LVL 1

Author Comment

by:flashjordan
ID: 22825358
putting it all together you get this... This works perfectly...
if( (isset($_POST['upload'])) && ($_FILES['userfile']['size'] > 0) )
 {
 $fileName = $_FILES['userfile']['name'];
 $tmpName  = $_FILES['userfile']['tmp_name'];
 $fileSize = $_FILES['userfile']['size'];
 $fileType = $_FILES['userfile']['type'];
 
 $fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);
 
 if(!get_magic_quotes_gpc()) $fileName = addslashes($fileName);
 
 $query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("'.$fileName.'","'.$fileSize.'","'.$fileType.'","'.$width.'","'.$height.'","'.$content.'")';
 mysql_query($query,$dbh) or die(mysql_error());
  $res=mysql_query('SELECT LAST_INSERT_ID()',$dbh);
 $val=mysql_fetch_row($res);
 $imageid=$val[0];
} elseif (isset($_POST['upload']) && $_FILES['userfile']['size'] == 0){

 $fileName = "nophoto.gif";
 $tmpName = "nophoto.gif";
 $fileSize =  filesize($tmpName);
 $fileType = "gif";
 
$fp      = fopen($tmpName, 'r');
 $content = fread($fp, filesize($tmpName));
 list($width,$height,$typeq,$attrq)=getimagesize($tmpName);
 $content = addslashes($content);
 fclose($fp);
 
 if(!get_magic_quotes_gpc()) $fileName = addslashes($fileName);
 
 $query='INSERT INTO timages (filename,size,type,width,height,content) VALUES ("'.$fileName.'","'.$fileSize.'","'.$fileType.'","'.$width.'","'.$height.'","'.$content.'")';
 mysql_query($query,$dbh) or die(mysql_error());
  $res=mysql_query('SELECT LAST_INSERT_ID()',$dbh);
 $val=mysql_fetch_row($res);
 $imageid=$val[0];
}
0
 
LVL 1

Author Closing Comment

by:flashjordan
ID: 31510862
Thanks very much for your help... you solved it, even with me being stupid!!!! Your a Star, thank you very much.
0
 
LVL 17

Expert Comment

by:psimation
ID: 22825413
Cool!

You're not stupid - we all need a fresh pair of eyes to look at problems in a different light every now and then...
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Configuring a checkbox in CSS and php 18 88
Scope of $_SESSION 17 39
hosting images 4 29
ebay devID, appID, certID, userToken 2 27
Part of the Global Positioning System A geocode (https://developers.google.com/maps/documentation/geocoding/) is the major subset of a GPS coordinate (http://en.wikipedia.org/wiki/Global_Positioning_System), the other parts being the altitude and t…
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
Learn how to match and substitute tagged data using PHP regular expressions. Demonstrated on Windows 7, but also applies to other operating systems. Demonstrated technique applies to PHP (all versions) and Firefox, but very similar techniques will w…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question