<?php include("include.php"); ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title><?php echo $titleheader;?> - Add a pic to databse</title>
<script language="JavaScript" type="text/javascript">
function check() {
//here we check if the password is in both fields the same
if(document.add.pw.value != document.add.checkpw.value) {
alert("Please enter the same password in both fields");
return false;
}else{
return true;
}
}
function picpreview() {
// open a new window for preview the full pic
var pic = document.add.filename.value;
window.open("add.php?action=picpreview&pic=" + pic,"","fullscreen");
}
</script>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1>.:Add:.</h1>
<?php
$query = getenv("QUERY_STRING");
parse_url($query);
if($action == "picpreview") { //this is the preview routine
$pic = stripcslashes($pic);
$info = getimagesize($pic);
echo "<table cellpadding='10'>
<tr>
<td align='left'><b>Preview</b><br><br><a href='#' onclick='window.close()'>Close window</a></td>
<td align='right'><img src='$pic' $info[3]></td>
</tr>
</table>";
}
if($action == "") { //main routine, its all just html code so i dont explain
echo'<form action="add.php?action=add" method="post" enctype="multipart/form-data" name="add" onsubmit="return check()">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="27%">Choose file</td>
<td width="48%">
<input type="file" name="filename" accept="image/jpeg" onChange="document.images.preview.src = document.add.filename.value;">
</td>
<td width="25%"><a href="#" onclick="picpreview()">Preview</a></td>
</tr>
<tr>
<td width="27%">Who?</td>
<td width="48%">
<input type="text" name="who">
</td>
<td rowspan="6"><img name="preview" id="preview" width="250"></td>
</tr>
<tr>
<td width="27%">
<p>Description:</p>
</td>
<td width="48%">
<textarea cols="50" rows="12" name="descr"></textarea>
</td>
</tr>
<tr>
<td width="27%">Author/Copyright </td>
<td width="48%">
<input type="text" name="autor">
</td>
</tr>
<tr>
<td width="27%">Password<br> (you can leave empty, so its not protected)</td>
<td width="48%">
<input type="Password" name="pw">
</td>
</tr>
<tr>
<td width="27%">Confirm</td>
<td width="48%">
<input type="Password" name="checkpw">
</td>
</tr>
<tr>
<td width="27%">
</td>
<td width="48%">
<input type="submit" name="submit" value="Go...">
</td>
</tr>
</table>
</form>
';
}
if($action == "add") { //here we add the file to the database
$db = connect_database(); //connect database
$datahex = gethex($filename); //make the hex of the pic
$newpicfile = createthumb($filename,$quality);// Now we create a thumbnail. So we have later, when we look at the pics, less traffic
$newpicdatahex = gethex($newpicfile); //make the hex of the thumb
@unlink($newpicfile);
$who = prepare($who,"no"); //we prepare the text for the database (removing tags etc., so that there is no possibility for hackers ;-)
$descr = prepare($descr,"yes");
$author = prepare($author,"no");
//this is the mysql query
$cmd = "INSERT INTO '$db_table' ('id', 'who', 'descr', 'autor', 'stamp', 'pic', 'thumb', 'pw') VALUES ('', '$who ', '$descr', '$autor', NOW(NULL), '$datahex', '$newpicdatahex', '$pw')";
$result = mysql_db_query($db_name,$cmd); //query to the database
// if the query was successfull...
if($result) {
echo "<p>Picture added sucessfully<br><a href='index.php'>Go on</a></p>";
}else{ //if not
echo "<p>Error:<br>";
echo mysql_error($db);
}
mysql_close($db); //close database connection
}
?>
</body>
</html>
ASKER
<?php
//config entries
$thumbsperline = "4"; //how many thumbnails per line? (if you enter 0 there is 1 thumb per line, if you enter 1 there are 2 etc)
$thumbsperpage = "5";
$quality = "100"; //the jpeg compression factor of a thumbnail (100 = best)
$titleheader = "Picbase - Store pics in a database";
$footer = '<p class="copyright">.:Picbase - Version 2.3 - Store pics in a database - </p>';
//Login informations forr the database
$db_server = "localhost";
$db_login = "root";
$db_password = "root";
$db_name = "dbpic";
$db_table = "picbase";
function createthumb($filename,$thumbqual) {
$size=getimagesize($filename);
$width=$size[0];
$height=$size[1];
$newwidth=100;
$newheight=intval($height*$newwidth/$width);
$oldpic=ImageCreateFromJPEG($filename);
$newpic=ImageCreate($newwidth,$newheight);
ImageCopyResized($newpic,$oldpic,0,0,0,0,$newwidth,$newheight,$width,$height);
$newpicdata = ImageJPEG($newpic,"temp.jpg",$thumbqual); //save it as a tempfile
$newpicfile = "temp.jpg";
return $newpicfile;
}
function connect_database() {
global $db_server, $db_login, $db_password;
$db_connection=@mysql_connect($db_server, $db_login, $db_password);
if(! $db_connection){
die("Error when connecting the database. Please check your login information!");
}
return $db_connection;
}
//convert hex data to bin data
function hex2bin($data) {
$len = strlen($data);
return pack("H" . $len, $data);
}
//make of a timestamp a normal date
function datumwandler($t) {
return sprintf("%02d.%02d.%04d/%02d:%02d:%02d", substr($t, 6, 2), substr($t, 4, 2),substr($t, 0, 4), substr($t,8,2), substr($t,10,2), substr($t,12,2));
}
//we prepare the values for the database
function prepare($value,$tagsallow) {
$value = stripcslashes($value);
$value = str_replace(chr(34),""",$value); //replace " with quot
$value = str_replace(chr(39),"’",$value); //replae '
if($tagsallow == "yes") {
$value = strip_tags($value);
}else{
$value = strip_tags($value,"<a><b><i><u><br><p><img>");
}
return $value;
}
function gethex($file) {
$fp = fopen ($file, "rb"); //we open the pic
$data = fread ($fp, filesize ($file)); //red all
fclose($fp); //close it
$datahex = bin2hex($data); //convert the binary data of the pic in hex data
return $datahex;
}
?>
ASKER
CREATE TABLE `picbase` (
`id` int(11) NOT NULL auto_increment,
`who` text NOT NULL,
`descr` text NOT NULL,
`autor` text NOT NULL,
`stamp` timestamp(14) NOT NULL,
`pic` mediumblob NOT NULL,
`thumb` blob NOT NULL,
`pw` text NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `id` (`id`)
) ENGINE = MYISAM;
ASKER
PHP is a widely-used server-side scripting language especially suited for web development, powering tens of millions of sites from Facebook to personal WordPress blogs. PHP is often paired with the MySQL relational database, but includes support for most other mainstream databases. By utilizing different Server APIs, PHP can work on many different web servers as a server-side scripting language.
TRUSTED BY
Open in new window
If you can post the code then we may see the error because your upload functions are written in function that means may be in your include.php page