I am trying this from last 5 days please help me on this

the student
the student used Ask the Experts™
on
I want to update logo in header using php, i have three different pages see below

----------------------------------------------- logo upload form --------------------------------------------
<?php ob_start();
// auth check
require_once('authorization.php');
$pageTitle = 'Change the Logo';
require_once ('header.php');


    ?>
    <main class="container">
    <form method="post" action="save-logo.php" enctype="multipart/form-data">
    <fieldset class="form-group">
        <label for="logo_image" class="col-sm-1">LOGO:</label>
        <input name="logo_image" id="logo_image" type="file" required/>
    </fieldset>

    <input name="logo_id" id="logo_id" type="hidden" />
    <button class="btn btn-success col-sm-offset-1">Save</button>
    </form>
    </main>

<?php
require_once('footer.php');
ob_flush(); ?>

Open in new window

------------------------------------------------------- save logo -------------------------------------------
<?php ob_start();

require_once ('authorization.php');
require_once ('header.php');
?>



<?php

try {
    $logo_image = null;
    $ok = true;

    if (!empty($_FILES['logo_image']['name'])) {
        $image_title = $_FILES['logo_image']['name'];
    if(empty($image_title)) {
        echo '<h2 class="alert-warning" style="text-align: center">Please select a file</h2>';

    }
        $array = end(explode('.', $image_title));

        $lower = strtolower($array);


        $file_type = ['png', 'gif', 'svg'];

        if (!in_array($lower, $file_type)) {
            echo '<h2 class="alert-warning" style="text-align: center">Logo must be only three types:<br /> .png or .gif or .svg<br/></h2>';
            $ok = false;
        }

        // size check
        $file_size = $_FILES['logo_image']['size'];
        if ($file_size > 5242880) {
            echo '<h2 class="alert-warning" style="text-align: center">Please select Logo less than 5 MB<br /></h2>>';
            $ok = false;
        }

        // rename to unique file name
        $logo_image = uniqid("") . "%$image_title";

        // copy to /covers folder
        $temporary_name = $_FILES['logo_image']['tmp_name'];
        move_uploaded_file($temporary_name, "logos/$logo_image");

    }
    if ($ok) {

        require_once('database-connect.php');


        if (empty($logo_id)) {
            $sql = "INSERT INTO update_logo (logo_image) VALUES (:logo_image);";
        } else {
            $sql = "UPDATE albums SET logo_image = :logo_image WHERE logo_id = :logo_id";
        }


        $cmd = $conn->prepare($sql);
        $cmd->bindParam(':logo_image', $logo_image, PDO::PARAM_STR, 255);


        if (!empty($logo_id)) {
            $cmd->bindParam(':logo_id', $logo_id, PDO::PARAM_INT);
        }

        $cmd->execute();

        $conn = null;


        header('location:console.php');
    }


    }
    catch (exception $e) {
    header('location:error.php');
}
require_once ('footer.php');
    ?>


<?php ob_flush(); ?>
}

Open in new window

---------------------------------------------------------Header(need to display logo here) -----------------------------------------
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title><?php echo $pageTitle; ?></title>
    <link rel="stylesheet" href="css/bootstrap.min.css">
    <link rel="stylesheet" href="css/bootstrap-theme.min.css">
    <link rel="stylesheet" href="css/custom.css">
</head>
<body>
<?php
try {
$logo_id = null;
$logo_image=null;



if (!empty($_GET['logo_id'])) {
    if (is_numeric($_GET['logo_id'])) {

        $logo_id = $_GET['logo_id'];
        // connect
        require_once('database-connect.php');
        $sql = "SELECT logo_image FROM update_logo";
        $cmd = $conn->prepare($sql);
        $cmd->bindParam(':logo_id', $logo_id, PDO::PARAM_INT);
        $cmd->execute();
        $logo = $cmd->fetch();


        $logo_image = $logo['logo_image'];

        $conn = null;

    }

}
?>
<nav class="navbar navbar-default">
    <ul class="nav nav-pills">
        <li><a href="index.php"
               class="navbar-brand">
                <?php
                if (!empty($logo['logo_image'])) {
                    echo '<img src="logos/' . $logo['logo_image'] . '" class="thumb" />';
                }
                ?>
            </a>
        </li>


        <?php
        session_start();

        if (empty($_SESSION['user_id'])) {

            echo '<li><a href="sign-up.php">Sign Up</a></li>
                <li><a href="sign-in.php">Sign in</a></li>';
        } else {

            echo '<li><a href="information.php">Manage Accounts</a></li>
                  <li><a href="console.php">Console</a></li>
                  <li><a href="sign-out.php">Sign Out</a></li>';
        }
        ?>
    </ul>

    <?php
    if (!empty($_SESSION['user_id'])) {
        echo '<div class="navbar-text pull-right">' . $_SESSION['login_name'] . '</div>';
    }

    ?>
</nav>
<?php
}
catch (exception $e) {
    header('location:error.php');
}
require_once('footer.php');
ob_flush(); ?>

Open in new window

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Most Valuable Expert 2011
Top Expert 2016
Commented:
What is the question?  I see you're still not testing for PDO errors or exceptions.  Is there any error message or some other exceptional behavior that you can tell us about?

This part is line 22-27 from the script captioned "Header."  It looks like the query is missing some information.
        $logo_id = $_GET['logo_id'];
        // connect
        require_once('database-connect.php');
        $sql = "SELECT logo_image FROM update_logo";
        $cmd = $conn->prepare($sql);
        $cmd->bindParam(':logo_id', $logo_id, PDO::PARAM_INT);

Open in new window

I think you might want to try it like this
        $logo_id = $_GET['logo_id'];
        // connect
        require_once('database-connect.php');
        $sql = "SELECT logo_image FROM update_logo WHERE logo_id = :logo_id LIMIT 1";
        $cmd = $conn->prepare($sql);
        $cmd->bindParam(':logo_id', $logo_id, PDO::PARAM_INT);

Open in new window

You probably want to move the session_start() statement to the top of the script.
<?php
error_reporting(E_ALL);
session_start(); ?><!DOCTYPE html>
<html lang="en">
<head> ... etc etc

Open in new window

More examples of the right way to handle PDO and SQL queries are available in this article.
https://www.experts-exchange.com/articles/11177/PHP-MySQL-Deprecated-as-of-PHP-5-5-0.html

How the PHP session works is explained in this article.
https://www.experts-exchange.com/articles/11909/PHP-Sessions-Simpler-Than-You-May-Think.html

If you're new to PHP and want to learn the language, this article can help you find dependable learning resources.  Just skip over the parts you already know from academics or work experience in other programming languages.
https://www.experts-exchange.com/articles/11769/And-by-the-way-I-am-New-to-PHP.html
Most Valuable Expert 2011
Top Expert 2016

Commented:
stale question

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial