• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 384
  • Last Modified:

multipart form and hidden fields

I have a multipart form that works fine as long as I'm not using it to upload a picture or an mp3. The moment that I do attempt to upload an mp3, the hidden fields on that form seem to be ignored by the code that follows.

Bottom line: I've got a select statement that looks like this:

$vivian = "select * from registration where id = '$_POST[contestant_id]'";
$vivian_query = mysqli_query($cxn, $vivian)
or die ("Couldn't execute query.");
$vivian_row=mysqli_fetch_assoc($vivian_query);
//you're getting an error here. Check to see if you're getting the contestant's id
extract($vivian_row);

The $_POST[contestant_id] variable is a hidden field that shows up fine when you're not trying to upload an mp3. When you do have that kind of data in the form, the page fails because it doesn't see the $_POST[contestant_id] value.

Why? And, how can I fix it?
0
brucegust
Asked:
brucegust
  • 3
1 Solution
 
Jagadishwor DulalBraces MediaCommented:
It's better if you can post your form code here.
0
 
brucegustAuthor Commented:
Here's the form...
<?php
session_start();
if (!isset ($_SESSION['sv_email'])) {               
header("Location:contestants_login.php");exit();
}
$sv_email=$_SESSION['sv_email'];
include("carter.inc"); 
$cxn = mysqli_connect($host,$user,$password,$database)or die ("couldn't connect to server");
 $query = "select * from registration where email = '$sv_email'";
$result = mysqli_query($cxn, $query);

if(!$result) {$error = mysqli_errno($cxn).': '.mysqli_error($cxn);
die($error);
}
$row = mysqli_fetch_assoc($result);
extract($row);
$contestant_id = $id;
$contestant_radio_id = $radio_id;
$bio_text=$bio;
$contestant_first_name = $first_name;
$contestant_last_name = $last_name;
$contestant_primary = $primary_instrument;
$contestant_secondary = $secondary_instrument;
$contestant_stage_name = $stage_name;
$contestant_radio_name = $radio_name;
$contestant_artist_act = $artist_act;
$contestant_artist_music = $artist_music;
$contestant_security_question = $security_question;
$contestant_security_answer = $security_answer;
$the_password = $contestant_password;
$this_year = date("Y");
$contestant_lyrics = $lyrics;
$contestant_writer = $songwriting_contest;
$contestant_rules = $rules;



if(!empty($_GET['writer'])){
header("Location:contestants_editpage_write.php");
}

//this is where I'm putting my stripes stuff
include("contestant_icon_code.php");

//this next block of code grabs the stage name or the first name of the contestant, depending if they have a stage name and determines whether or not there's an "s" at the end of the name so it can document that correctly
if(empty($contestant_stage_name)){
$display_name = $first_name;
}
else
{
$display_name = $contestant_stage_name;
}

$rest = substr("$display_name", -1);
if($rest=="s"){
$sweet_name = $display_name."'";
}
else
{
$sweet_name = $display_name."'s";
}


require_once('header.php');

?>

<table width=100% cellspacing="0" cellpadding="0">
 <tr>
 <td align="center">&nbsp;<BR>	
	<table width="1000" align="center" cellspacing="0" cellpadding="0">	
	<tr>	
	<td align="center">	
	<div id="flashcontent">You need the Flash plugin to view this webpage.</div>	
	<script type="text/javascript">	
var so = new SWFObject('Header.swf', 'titleText', '1000', '434', '8', '#000000', true);
so.addVariable("titleText", "<?php echo "$sweet_name Showdown Profile"; ?>");
so.addParam("quality", "high");	
so.write("flashcontent");	
</script>

	</td>	
	</tr>	
	<tr>	
	<td background="images/Filler.jpg" valign="top">	
	
		<!- here's your main body ->				
		<table width="1000" align="center" cellspacing="0" cellpadding="0" border="0">		
		<tr>		
		<td valign="top">		
		<!- here's where I'm putting my submenu ->			
			<table cellspacing="0" cellpadding="0">			
			<tr>			
			<td>			
			<IMG SRC="images/spacer.gif" width="10" height="10">			
			</td>			
			<td align="center">			
			<script language="javascript">
	if (AC_FL_RunContent == 0) {
		alert("This page requires AC_RunActiveContent.js. In Flash, run \"Apply Active Content Update\" in the Commands menu to copy AC_RunActiveContent.js to the HTML output folder.");
	} else {
		AC_FL_RunContent(
			'codebase', 'http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0',
			'width', '186',
			'height', '350',
			'src', 'HowToEnter',
			'quality', 'high',
			'pluginspage', 'http://www.macromedia.com/go/getflashplayer',
			'align', 'middle',
			'play', 'true',
			'loop', 'true',
			'scale', 'showall',
			'wmode', 'window',
			'devicefont', 'false',
			'id', 'HowToEnter',
			'bgcolor', '#000000',
			'name', 'HowToEnter',
			'menu', 'true',
			'allowScriptAccess','sameDomain',
			'movie', 'HowToEnter',
			'salign', ''
			); //end AC code
	}
</script>
<noscript>
	<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=8,0,0,0" width="186" height="350" id="HowToEnter" align="middle">
	<param name="allowScriptAccess" value="sameDomain" />
	<param name="movie" value="HowToEnter.swf" /><param name="quality" value="high" /><param name="bgcolor" value="#000000" />	<embed src="HowToEnter.swf" quality="high" bgcolor="#000000" width="186" height="350" name="HowToEnter" align="middle" allowScriptAccess="sameDomain" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" />
	</object>
</noscript>			
			</td>			
			</tr>			
			<?php require_once('quote.php'); ?>			
			</table>				
			<!- submenu end ->				
		</td>				
		<td valign="top">			
		<!- here's my main content / center section ->	
		
		<?php require_once('contestants_header.php'); ?>
				<td background="images/spacer.gif" width="560" height="10">
					<table width=100% align="center" border="0">
					<tr>
					<td colspan="3" valign="top">
					<MAP NAME="header_map">
					<AREA HREF="contestants_editpage.php" ALT="Edit My Profile" TITLE="Edit My Profile" SHAPE=RECT COORDS="9,4,191,35">
					<AREA HREF="contestants_mailbox.php?id=<?php echo $contestant_id; ?>" target="_blank" ALT="Inbox" TITLE="Inbox" SHAPE=RECT COORDS="203,11,358,35">
					<AREA HREF="<?php echo $songwriting_link; ?>" ALT="Songwriting Contest" TITLE="Songwriting Contest" SHAPE=RECT COORDS="373,13,528,34">
					<IMG SRC="images/contestant_tabs.jpg" border="0" USEMAP="#header_map">
					</td>
					</tr>
					<tr>
					<td><IMG SRC="images/<?php echo "$icon_path"; ?>"></td>
					<td><IMG SRC="images/<?php echo "$snd_icon_path"; ?>"></td>
					<td background="images/spacer.gif" width="335" height="5" align="right" valign="top">&nbsp;<BR>
						<table width="335" border="1">
						<tr>
						<td>
						<b>Name</b>
						<td>
						<?php echo "$contestant_first_name $contestant_last_name"; ?>
						</td>
						</tr>
						<tr>
						<td>
						<b>Instrument(s)</b>
						<td>
						<?php echo "$contestant_primary, $contestant_secondary"; ?>
						</td>
						</tr>
						<?php 
						if(!empty($contestant_radio_name)){
						?>
						<tr>
						<td>
						<b>Radio Station</b>
						</td>
						<td>
						<?php
						$radio_info = "select * from dbo_radio_stations where station_name = '$contestant_radio_name'";
						$radio_query = mysqli_query($cxn, $radio_info)
						or die ("Couldn't execute query.");
						$radio_rows = mysqli_num_rows($radio_query);
						if($radio_rows>0){
							$radio_row = mysqli_fetch_assoc($radio_query);
							extract($radio_row);
							$radiostation_id = $id;
							$radiostation_url = $url;
								if(!empty($station_logo)){
								$station_url = "radio.php?id=$radiostation_id";
								}
								else
								{
									if(empty($radiostation_url)){
									$station_url = "radio_page.php";
									}
									else
									{
									$station_url = $radiostation_url;
									}
								}
							?>
							<A HREF="<?php echo "$station_url"; ?>" target="_blank"><?php echo "$contestant_radio_name"; ?></a>
							<?php
							}
							else
							{
							echo $contestant_radio_name;
							}
							?>	
						</td>
						</tr>
						<?php
						}
						?>
<!- good to go up until here ->


						<tr>
						<td>
						<b>Registration #</b>
						<td>
						<?php echo $contestant_id; ?>
						</td>
						</tr>
						</table>
					</td>
					</tr>
					<tr>
					<td colspan="3">
					Hello, <?php echo "$contestant_first_name"; ?>!
					<P>
					To make any changes to your Profile, simply alter the fields as you see them below, then click on "Update Page" at the very bottom of the page.
					<P>
					If you have any questions, contact <A HREF="Contact.php">SPI</a>.
					<P>
					Thanks!
					
					</td>
					</tr>
					<tr>
			<!-good ->
			
					<td colspan="3">&nbsp;<BR>
						<table border="0">								
						<?php
						// this verbiage only shows up if the user is looking at their edit page without having first looked at the songwriting_intro.php page
						if($contestant_writer=="0000-00-00"){
						?>
						<tr>
						<td colspan="2">
						<div align="center"><b>If you're interested in competing in the Country Showdown Songwriting Competition, click <A HREF="songwriting_intro.php"><b>here</b></a></b>.</div>&nbsp;<BR>
						</td>
						</tr>
						<?php
						}
						?>
						<?php
						// this verbiage only shows up if the user is looking at their edit page without having first looked at the songwriting_intro.php page
						if($contestant_rules=="0000-00-00"){
						?>
						<tr>
						<td colspan="2">
						<font size="1"><b>If you're interested in competing in the Country Showdown , click <A HREF="contestants_editpage_show.php"><font size="1"><b>here</b></font></a></b>.
						</td>
						</tr>
						<?php
						}
						?>
						<form enctype="multipart/form-data" action="contestants_edit_execute.php" method="POST">				
						<tr>
						<td background="images/spacer.gif" width="195" height="10">
						Stage Name
						</td>
						<td>
						<input type="text" size="50" name="stage_name" value="<?php echo "$contestant_stage_name"; ?>">
						</td>
						</tr>
						<tr>
						<td>
						Primary Instrument
						</td>
						<td>
						<select name="primary_instrument">
						<option selected><?php echo "$primary_instrument"; ?></option>
						<option>Singer</option>
						<option>Guitar</option>
						<option>Banjo</option>
						<option>Mandolin</option>
						<option>Steel Guitar</option>
						<option>Bass</option>
						<option>Fiddle</option>
						<option>Keys</option>
						<option>Harp</option>
						<option>Drums</option>
						<option>___________________________________________</option>
						</td>
						</tr>
						<tr>
						<td>
						Secondary Instrument
						</td>
						<td>
						<select name="secondary_instrument">
						<option selected><?php echo "$secondary_instrument"; ?></option>
						<option>Singer</option>
						<option>Guitar</option>
						<option>Banjo</option>
						<option>Mandolin</option>
						<option>Steel Guitar</option>
						<option>Bass</option>
						<option>Fiddle</option>
						<option>Keys</option>
						<option>Harp</option>
						<option>Drums</option>
						<option>___________________________________________</option>
						</td>
						</tr>
						<tr>
						<td>
						Describe your act
						</td>
						<td>
						<select name="artist_act">
						<option selected><?php echo $contestant_artist_act; ?></option>
						<option>Soloist</option>
						<option>Duo</option>
						<option>Band</option>
						<option>___________________________________________</option>
						</td>
						</tr>
						<tr>
						<td>
						Describe your music
						</td>
						<td>
						<select name="artist_music">
						<option selected><?php echo $contestant_artist_music; ?></option>
						<option>Classic Country</option>
						<option>Country Pop</option>
						<option>Southern Rock</option>
						<option>Crossover</option>
						<option>Blues</option>
						<option>___________________________________________</option>
						</td>
						</tr>
						<tr>
						<td background="images/spacer.gif" width="180" height="10">
						Password
						</td>
						<td>
						<input type="text" size="50" name="password" value="<?php echo $the_password; ?>">
						</td>
						</tr>
						<tr>
						<td>
						Security Question
						</td>
						<td>
						<select name="security_question">
						<option selected><?php echo stripslashes($contestant_security_question); ?></option>
						<option>What's your mother's maiden name?</option>
						<option>What's the name of the street you grew up on?</option>
						<option>What was the name of your first pet?</option>
						<option>___________________________________________</option>	
						</td>
						</tr>
						<tr>
						<td>
						Security Question Answer
						</td>
						<td>
						<input type="text" size="50" name="security_answer" value="<?php echo stripslashes($contestant_security_answer); ?>">
						</td>
						</tr>
						<tr>
						<td>
						Upload Photo
						</td>
						<td>
						<input name="photo" type="file" size="37">
						</td>
						</tr>												
						<tr>												
						<td colspan="2">						
						<font size="1"><b>When you upload your photo, be sure that it's no more than 150 px across and no more than 160 px high.</b></font>						
						</td>						
						</tr>
						
						<tr>
						<td>
						mp3
						</td>
						<td>
						<input name="mp3_file" type="file" size="37">
						</td>
						</tr>
						<tr>												
						<td colspan="2">						
						<font size="1"><b>Only original music please! No covers.</b></font>						
						</td>						
						</tr>
						
						<tr>
						<td>
						Song Title
						</td>
						<td>
						<input type="text" size="50" name="song_title">
						</td>
						</tr>
						<tr>
						<td colspan="2">&nbsp;<BR>
							<table width="525" border="1" bgcolor="red">
							<tr>
							<td>
							<font color="white">Check here if you have read and understood the guidelines surrounding the posting of <A HREF="originals.php" target="_blank"><font color="white">orginal songs</font></a> on the Colgate Country Showdown webpage.</font>
							</td>
							<td align="center" background="images/spacer.gif" width="50" height="10">
							<input type="checkbox" value="Y" name="originals">
							</td>
							</tr>
							</table>
						</td>
						</tr>
						<?php 
						if($contestant_writer<>"0000-00-00"){
						?>
						<tr>
						<td colspan="2"><input type="hidden" name="songwriter" value="1">&nbsp;<BR>
							<?php
							if(!empty($contestant_lyrics)){
							?>
							<textarea name="lyrics" class="Contestant"><?php echo stripslashes($contestant_lyrics); ?></textarea>
							<?php
							}
							else
							{
							?>
							<textarea name="lyrics" class="Contestant">Put your song lyrics here...</textarea>
							<?php
							}
							?>
						</td>
						</tr>
						<?php
						}
						?>
						<tr>
						<td colspan="2">&nbsp;<BR>
						
						<?php
						
						if($bio_text==""){
						$bio="Complete your Bio here (background, musical experience, hobbies etc.)";
						}
						else
						{
						$bio=stripslashes($bio_text);
						}
						?>
						
						<textarea name="bio" class="Contestant"><?php echo "$bio"; ?></textarea>
						</td>
						</tr>
						
						<?php include("contestant_calendar_code_edit.php"); ?>
						
						<tr>
						<td colspan="3">&nbsp;<BR>&nbsp;<BR>
						</td>
						</tr>
						<tr>
						<td colspan="3" align="center" bgcolor="#cccccc"><input type="hidden" name="contestant_id" value="<?php echo "$contestant_id"; ?>">
						<input type="Submit" value="Update Page">
						</td>
						</tr>
						
						<tr>
						<td colspan="2">
						&nbsp;<BR>
						</td>
						</tr>
						
						<tr>
					<td style="width: 100%; background-color: white; height: 100%; vertical-align: top; border: solid 1px Black;" colspan="2"> 
						If you're uploading an mp3 file, understand that it can take a while. So be sure you hit "Submit" only once and then wait. Your file is being uploaded, but it can take up to 
						5 minutes depending on the size of the file and your connection speed.
						</td>
						</tr>
						
						<tr>
						<td colspan="2">
						&nbsp;<BR>
						</td>
						</tr>
						
						</table>
					</td>
					</tr>
					</table>
			</td>
			</tr>
			</table>
			</td>
			</tr>
	
<!- end of main content ->

			
			<tr>			
			<td colspan="2">			
			<IMG SRC="images/spacer.gif" height="200" width="25">			
			</td>			
			</tr>			
			<tr>			
			<td align="center" colspan="2" valign="bottom">				
				<table cellspacing="0" cellpadding="0">				
				<tr>
				<td>	
				<IMG SRC="images/spacer.gif" width="22" height="5">
				<?php require_once('day_night.php'); ?>				
				<td>				
				<IMG SRC="images/spacer.gif" width="5" height="5">				
				</td>				
				</tr>				
				</table>			
			</td>			
			</tr>			
			</table>		
		</td>		
		<td>		
		<IMG SRC="images/spacer.gif" width="10" height="5">		
		</td>		
		<td background="images/spacer.gif" width="196" height="10" valign="top">		
		<?php require_once('contestant_column.php'); ?>		
		</td>		
		<td>		
		<IMG SRC="images/spacer.gif" width="10" height="5">		
		</td>		
		<!- end of main body->
		<tr>		
		<tr>		
		</table>	 
<?php require_once('footer.php'); ?>

Open in new window

0
 
brucegustAuthor Commented:
...and here's the mp3 script.

One thing that I will say: It may very well be that the reason I wasn't "seeing" the contestant_id is because the script was timing out. Since my last post, I was able to figure out that things were working fine as long as the uploaded file was less than 10MB. However, since I'm still chewing on this, if you could look at what I've got and see if there's something flawed, I would appreciate it.

Thanks!
<?php

if(isset($_FILES['mp3_file']['name'])&& !empty($_FILES['mp3_file']['name']))
{

//checking here to see if contestant is currently participating in Songwriting Competition

$poppy = "select * from registration where id = '$_POST[contestant_id]'";
$poppy_query = mysqli_query($cxn, $poppy)
or die ("Couldn't execute query.");
$poppy_row = mysqli_fetch_assoc($poppy_query);
extract($poppy_row);
$mp3_today = date("Y-m-d"); 
$artist_songwriting_date = $songwriting_contest;

if($artist_songwriting_date <> "0000-00-00"){

//this contestant has declared that they want to be in the Songwriting Competition, now we have to find out if they're participating in contest currently underway
	$contest = "select * from songwriting_contest where start_date <= '$mp3_today' ORDER by start_date ASC LIMIT 1";
	$contest_query = mysqli_query($cxn, $contest)
	or die ("Couldnt' execute query.");
	$contest_count = mysqli_num_rows($contest_query);
	if($contest_count >0){
		//we've just determined that there is a contest currently underway with the above script, now we look to see if the start date for this particular contest is greater than the date the contestant entered. If it is, they're trying to adjust their song in the middle of the competition and they can't do that
		$contest_row = mysqli_fetch_assoc($contest_query)
		or die("Couldn't execute query.");
		extract($contest_row);
		$this_start_date = $start_date;
		//now we post the question
		if($artist_songwriting_date<=$this_start_date){
		header("Location:songwriting_mp3_prohibited.php");
		exit();
		}
		
	}
}

//end of Songwriting Competition code

 
$filecheck = basename($_FILES['mp3_file']['name']);
// this will return whatever is past the final . in the file name 
$ext = strtolower(substr($filecheck, strrpos($filecheck, '.') + 1));
  
// check that the file extention is "mp3" 
if (strtolower($ext) == 'mp3') { 
 //here is where you're uploading the mp3 file based on the fact that the file type is, indeed, an mp3
 $userfile_name = (isset ($_FILES['mp3_file']['name']) ? $_FILES['mp3_file']['name'] : '');
   
	if(!$_POST['originals']=="Y"){  
	header("Location: mp3_agreement.php");
	exit();
	}
	
	if($_POST['song_title']==""){
	header("Location: mp3_songtitle.php");
	exit();
	}

$filename = explode ('\\.', $userfile_name);
$good_ext = false;
$file_ext = '';
    if (strcmp (substr ($userfile_name, 0 - 4, 1), '.') === 0)
    {
      $good_ext = true;
      $file_ext = substr ($userfile_name, 0 - 3);
    }

    if (!$good_ext)
    {
      if (strcasecmp (substr ($userfile_name, 0 - 5, 1), '.') === 0)
      {
        $good_ext = true;
        $file_ext = substr ($userfile_name, 0 - 4);
      }
    }

    if (!$good_ext)
    {
      if (strcasecmp (substr ($userfile_name, 0 - 3, 1), '.') === 0)
      {
        $good_ext = true;
        $file_ext = substr ($userfile_name, 0 - 2);
      }
    }

$target = "mp3/";

$target = $target . $_POST['contestant_id'].'.'.$file_ext;
	if(!move_uploaded_file($_FILES['mp3_file']['tmp_name'], $target)) {
	header("Location: mp3_noupload.php");
	exit();
	}
	else
	{
	$song_title_clean = mysqli_real_escape_string($cxn, $_POST['song_title']);
		$TodaysDate = date("Y-m-d");
		$audio_file = "mp3";
		$url =$_POST['contestant_id'].'.'.$audio_file;
		 
		$query_mp3 = "UPDATE registration SET mp3_file='$url',
		song_title='$song_title_clean',
		song_permission = '$TodaysDate'
		WHERE id = '$_POST[contestant_id]'";
		$mp3_exe = mysqli_query($cxn, $query_mp3);
	 
			if(!$mp3_exe) {
			$error = mysqli_errno($cxn).': '.mysqli_error($cxn);
			die($error);
			} 
	}
 
 
 
}
else
{
header("Location:mp3_badfile.php");
exit();
}
}

?>

Open in new window

0
 
brucegustAuthor Commented:
jagadishdulal, in light of the lack of activity, I'm going to go ahead and award you the points for taking the time to weigh in.

The problem turned out to be the limits on what my server was allowing in terms of the size of the file being uploaded. Once I adjusted that, everything worked just fine.

Thanks for your input!
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now