Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Amending code to upload a file to a folder on my server. It's not working.

Posted on 2011-09-05
13
Medium Priority
?
409 Views
Last Modified: 2012-05-12
Hello,

I'm trying to amend some code which was created by a developer for a website I own (the developer is currently not contactable).

Looking at the code she created, I'm trying to modify it for use in a new webpage, stored on a different server (which points to a different database etc). The code will do exactly the same in the new website as it did in the old, so I had hoped it would just be a case of changing the settings to connect to the new database. Unfortunately not.


My amended code is shown below (with my comments) - I've taken out what I think is the unimportant stuff for the purpose of this question:

<?php
session_start();
if($_POST['submit'] == ''){
?>


.....

<form enctype="multipart/form-data" action="<?php echo $_SERVER['file:///C|/Users/Adam/Documents/websites/orangutanenglish/PHP_SELF']; ?>" - I'm not sure what this paths refers to (My Comment)

 method="post"> <!-- JHCO: changed from $_SERVER['../PHP_SELF'] to $_SERVER['PHP_SELF'] -->
  <div align="center">
          <input type="hidden" name="MAX_FILE_SIZE" value="8000000" />
          <span class="style18">Select your profile picture</span><strong>:</strong>
          <input type="file" name="user_picture" />
          <input type="hidden" name="user_id" value="<?php echo $_SESSION['user_id']; ?>" />
          <input type="submit" name="submit" value="submit" />
        </div>
    </form>

      ....<?php
} else {
require_once('../Connections/sensei.php'); - this file exists (My Comment)

$upload_path = "/home/orangu8/public_html/upload"; - changed to new path (My Comment)

$extension = $_FILES['user_picture']['name'];
$extension = explode('.',$extension);
$extension = array_reverse($extension);
$extension = $extension[0];
$upload_file_name = "user_pic-".$_SESSION['user_id'].'.'.$extension;
$upload_full_path = $upload_path.'/'.$upload_file_name;

if(move_uploaded_file($_FILES['user_picture']['tmp_name'], $upload_full_path)){

$sqlUpdateUser = "UPDATE TestTable SET photoid='".$upload_file_name."', photo='1' WHERE autonumber=".$_POST['user_id'];

mysql_select_db($database_sensei, $sensei);
if(! ( mysql_query($sqlUpdateUser, $sensei))){
die('There was a problem!<br>Query being exectued:'.$sqlUpdateUser.'<br><br> MySQL error number:'.mysql_errno($sensei).'<br><br> MySQL message:'.mysql_error($sensei));
} else {
           echo '<script language="JavaScript">
           window.location="SenseiConnect_Add_Your_Profile2.php";
           </script>';
}
} else {
echo "there was a problem.";
}
 
}
?>

Open in new window



Anyway, the error I get when I try to upload a file to the location is -

There was a problem!
Query being exectued:UPDATE TestTable SET photoid='user_pic-.png', photo='1' WHERE autonumber=

MySQL error number:1064

MySQL message:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

If there's a simple tutorial somewhere about uploading files to locations on the server I'd be happy if somebody could point me towards it. Or if the code above just needs a tweak or two to get it working I'd be grateful if anybody could let me know what needs tweaked.

I'm not a developer by the way, just trying to re-use code I don't really understand.

thanks.


0
Comment
Question by:ayounis
13 Comments
 
LVL 15

Assisted Solution

by:gplana
gplana earned 500 total points
ID: 36484073
The error message is clear. POST variable user_id is empty or not set, and thiw is why query is failing. Maybe the error is not on this page but on the form html page.

Hope it helps. Regards.
0
 
LVL 27

Assisted Solution

by:Lukasz Chmielewski
Lukasz Chmielewski earned 500 total points
ID: 36484099
this is one:
<input type="hidden" name="user_id" value="<?php echo $_SESSION['user_id']; ?>" />
Is there any log-on form ? The should be one, and with that you would set the user_id as session variable,
also, the action= part of the form should not use file:///c:\ etc. etc.
this should point to the location on the server that is relative to the file with the upload form.
0
 
LVL 5

Assisted Solution

by:wmadrid1
wmadrid1 earned 400 total points
ID: 36484101
Hi, please try with these changes,
First quit FORM action, when it is blank, script call itself, ttpught webserver
And also enabling errors reporting to see if is there some permissions problem

<?php
error_reporting(E_ALL);
ini_set("display_errors", 1);

session_start();
if($_POST['submit'] == ''){
?>


.....

<form enctype="multipart/form-data" method="post">
  <div align="center">
          <input type="hidden" name="MAX_FILE_SIZE" value="8000000" />
          <span class="style18">Select your profile picture</span><strong>:</strong>
          <input type="file" name="user_picture" />
          <input type="hidden" name="user_id" value="<?php echo $_SESSION['user_id']; ?>" />
          <input type="submit" name="submit" value="submit" />
        </div>
    </form>

      ....<?php
} else {
require_once('../Connections/sensei.php'); - this file exists (My Comment)

$upload_path = "/home/orangu8/public_html/upload"; - changed to new path (My Comment)

$extension = $_FILES['user_picture']['name'];
$extension = explode('.',$extension);
$extension = array_reverse($extension);
$extension = $extension[0];
$upload_file_name = "user_pic-".$_SESSION['user_id'].'.'.$extension;
$upload_full_path = $upload_path.'/'.$upload_file_name;

if(move_uploaded_file($_FILES['user_picture']['tmp_name'], $upload_full_path)){

$sqlUpdateUser = "UPDATE TestTable SET photoid='".$upload_file_name."', photo='1' WHERE autonumber=".$_POST['user_id'];

mysql_select_db($database_sensei, $sensei);
if(! ( mysql_query($sqlUpdateUser, $sensei))){
die('There was a problem!<br>Query being exectued:'.$sqlUpdateUser.'<br><br> MySQL error number:'.mysql_errno($sensei).'<br><br> MySQL message:'.mysql_error($sensei));
} else {
           echo '<script language="JavaScript">
           window.location="SenseiConnect_Add_Your_Profile2.php";
           </script>';
}
} else {
echo "there was a problem.";
}
 
}
?>

Open in new window

0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 11

Accepted Solution

by:
maeltar earned 600 total points
ID: 36484119
<form enctype="multipart/form-data" action="<?php echo $_SERVER['file:///C|/Users/Adam/Documents/websites/orangutanenglish/PHP_SELF']; ?>" - I'm not sure what this paths refers to (My Comment)

 method="post"> <!-- JHCO: changed from $_SERVER['../PHP_SELF'] to $_SERVER['PHP_SELF'] -->

Open in new window


Should be
<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>"  method="post" />

Open in new window


It would also appear the the variable
$_SESSION['user_id']

Open in new window

Is not being set, I am guessing that this is set at a "login" stage ?

Are you bypassing that stage for testing purposes ?
0
 

Author Comment

by:ayounis
ID: 36484396
Many thanks all very the very quick repsonse.

qplana, Roads Roads,

You were correct. There is a record insert form before the upload page. The idea is that certain text information is entered through that form, and then when the user clicks submit, there are taken to this (the upload form) where the user uploads a photograph (but to the same record in the database).

Comparing the previous files, it seemed that this line was missing from the 'new' version of the set up in the page prior to the the upload page:

$_SESSION['user_id'] = mysql_insert_id($sensei);

I have now added it, but disappointingly I still get the same error message.

I will try again and make the change to the action part also.  


wmadrid1 - I will add your suggested reporting text and post with the results.

Thanks all.
0
 

Author Comment

by:ayounis
ID: 36484458
Thanks Maeltar,

I've made the changes you suggested. Nope I wasn't bypassing any stage. I'm not a programmer and am just trying to change some code a developer craeted for another website I own which is the same as this new one I'm trying to build. I have very limited understanding of what the code's doing so, yeah, it could be the simplest thing.

Anyway, I'm still getting the following message despite the changes:

There was a problem!
Query being exectued:UPDATE TestTable SET photoid='user_pic-.png', photo='1' WHERE autonumber=

MySQL error number:1064

MySQL message:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1

Have I set the session variably incorrectly. Other than the line of code

$_SESSION['user_id'] = mysql_insert_id($sensei);

Is there anything else required to set the session variable? 'sensei' is refering to the file sensei.php in the connectons folder (I assume?)...

thanks,
0
 

Author Comment

by:ayounis
ID: 36484508
After adding error reporting suggested by wmadrid1, I get the following error before I try to upload any file:

Notice: Undefined index: submit in /home/orangu8/public_html/senseiconnect.net/SenseiConnect_Add_Your_Profile2.php on line 7

Line 7 is

if($_POST['submit'] == ''){
0
 

Author Comment

by:ayounis
ID: 36484600
Maeltar,

I've now tried changing


<form enctype="multipart/form-data" method="post">

from the suggested:

<form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>"  method="post" />

The error message changed a bit to

Notice: Undefined index: user_id in /home/orangu8/public_html/senseiconnect.net/SenseiConnect_Add_Your_Profile2.php on line 59
There was a problem!
Query being exectued:UPDATE TestTable SET photoid='user_pic-.png', photo='1' WHERE autonumber=
Notice: Undefined index: user_id in /home/orangu8/public_html/senseiconnect.net/SenseiConnect_Add_Your_Profile2.php on line 33


MySQL error number:1064

MySQL message:You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '=
Notice: Undefined index: user_id in /home/orangu8/public_ht' at line 1

thanks.
0
 

Author Comment

by:ayounis
ID: 36484605
line 33 is <input type="hidden" name="user_id" value="<?php echo $_SESSION['user_id']; ?>" />
0
 

Author Comment

by:ayounis
ID: 36484679
Okay, I see I was missing the following line of code which was on the previous code: I have now added this. Sorry - I guess this is necessary to get the session started.

session_start();
if (isset($_POST['submit'])) {

Feel like I'm getting closer...
0
 

Author Comment

by:ayounis
ID: 36484806
Okay, well that seems to be it working now. As I think everybody here could tell, it was a problem with the session variable - i.e. it not being defined. Many thanks to everybody who pointed this out to me. Much appreciated.
0
 

Author Closing Comment

by:ayounis
ID: 36484822
thanks all!
0
 
LVL 15

Expert Comment

by:gplana
ID: 36484958
Exactly, session_start() function should be called at the beggining if you want to use sessions on your php code.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Q&A with Course Creator, Mark Lassoff, on the importance of HTML5 in the career of a modern-day developer.
In this tutorial viewers will learn how to embed videos in a webpage using HTML5. Ensure your DOCTYPE declaration is set to HTML5: "<!DOCTYPE html>": Use the <video> tag to insert a video. Define the src as the URL of your video; this is similar to …
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.
Suggested Courses

877 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question