doctorbill
asked on
php variables and sessions
<?php
session_start();
echo $_SESSION['comp'];
$company = $_SESSION['comp'];
//set random name for the image, used time() for uniqueness
require_once('db.php');
$filename = time() . '.jpg';
$filepath = 'uploads/';
if(!is_dir($filepath))
mkdir($filepath);
if(isset($_FILES['webcam'])){
move_uploaded_file($_FILES['webcam']['tmp_name'], $filepath.$filename);
$sql="Insert into webcam_images(companyName, imgpath) values('$company','$filename')";
$result=mysqli_query($con,$sql);
echo $filepath.$filename;
}
?>
The above code works if I substitute the '$company' variable with, for example 'testname'
Both values are entered into the database
It looks as if the '$company' variable is not being recognised even though it is set (I have tested this with an echo command)
Any ideas ?
Firstly, I would advise you to always test what is in $_SESSION before trying to use it but in the above case, you should dump the contents of $_SESSION like this right after your session_start();
var_dump($_SESSION);
Before doing queries with $_SESSION results test they exist.
$company = isset($_SESSION['comp']) ? $_SESSION['comp'] : null;
// now test for the expected value
if(is_null($session)) {
// do something here - the comp value is not set!
}
As for the query I would (after opening the db connection) escape them like so:
$sql="INSERT INTO webcam_images (companyName, imgpath) values ('". mysqli_real_escape_string( $company) ."', '" . mysqli_real_escape_string( $filename) . "')";
var_dump($_SESSION);
Before doing queries with $_SESSION results test they exist.
$company = isset($_SESSION['comp']) ? $_SESSION['comp'] : null;
// now test for the expected value
if(is_null($session)) {
// do something here - the comp value is not set!
}
As for the query I would (after opening the db connection) escape them like so:
$sql="INSERT INTO webcam_images (companyName, imgpath) values ('". mysqli_real_escape_string(
ASKER
Tried the var_dump and got the following:
No idea where this is coming from:
array(8) { ["entry_uri"]=> string(23) "/ticktock_int/index.php" ["jcart"]=> object(__PHP_Incomplete_Cl ass)#1 (9) { ["__PHP_Incomplete_Class_N ame"]=> string(5) "Jcart" ["config"]=> array(2) { ["currencyCode"]=> string(3) "GBP" ["text"]=> array(14) { ["cartTitle"]=> string(13) "Shopping Cart" ["singleItem"]=> string(4) "Item" ["multipleItems"]=> string(5) "Items" ["subtotal"]=> string(8) "Subtotal" ["update"]=> string(6) "update" ["checkout"]=> string(8) "checkout" ["checkoutPaypal"]=> string(20) "Checkout with PayPal" ["removeLink"]=> string(6) "remove" ["emptyButton"]=> string(5) "empty" ["emptyMessage"]=> string(19) "Your cart is empty!" ["itemAdded"]=> string(11) "Item added!" ["priceError"]=> string(21) "Invalid price format!" ["quantityError"]=> string(38) "Item quantities must be whole numbers!" ["checkoutError"]=> string(34) "Your order could not be processed!" } } ["items":"Jcart":private]= > array(0) { } ["names":"Jcart":private]= > array(0) { } ["prices":"Jcart":private] => array(0) { } ["qtys":"Jcart":private]=> array(0) { } ["urls":"Jcart":private]=> array(0) { } ["subtotal":"Jcart":privat e]=> int(0) ["itemCount":"Jcart":priva te]=> int(0) } ["jcartToken"]=> string(32) "ab41aff7dd53be5c6e73d484a 891bdb7" ["uid"]=> string(5) "admin" ["loggedin"]=> string(33) "(Administrator Logged In)" ["comp"]=> NULL ["Type"]=> string(4) "BACS" ["Type_paid"]=> string(6) "Cheque" }
No idea where this is coming from:
array(8) { ["entry_uri"]=> string(23) "/ticktock_int/index.php" ["jcart"]=> object(__PHP_Incomplete_Cl
ASKER
Looks like the session has no value:
["comp"]=> NULL
No idea why
["comp"]=> NULL
No idea why
Well there you go - $_SESSION['comp'] is NULL. You said in your opening question that you'd tested it with an echo. Where and how did you test that?
Sorry - cross-posted !
The session looks like it's being manipulated elsewhere in your app, so you'll need to look for that, or check the code that is supposed to be setting it in the first place
The session looks like it's being manipulated elsewhere in your app, so you'll need to look for that, or check the code that is supposed to be setting it in the first place
ASKER
When I set the SESSION on another page I get the following using var_dump:
["comp"]=> string(21) "The Apartment Service"
So the session is being set but not being seen by the page to enter into the database
["comp"]=> string(21) "The Apartment Service"
So the session is being set but not being seen by the page to enter into the database
Are you doing anything here with AJAX calls to different pages?
ASKER
I think I have got to the bottom of it. I now set the session in the page I am using by using a form to submit a name back to the page with a GET command and set the SESSION to this. The correct data is now being entered into the database
Nice job! Yes you have to be careful using sessions across multiple pages where one page could wipe out what the other page has set. You have it now.
ASKER
<?php
session_start();
echo $_SESSION['comp'];
//set random name for the image, used time() for uniqueness
require_once('db.php');
$company = $_SESSION['comp'];
$filename = time() . '.jpg';
$filepath = 'uploads/';
if(!is_dir($filepath))
mkdir($filepath);
if(isset($_FILES['webcam'])){
move_uploaded_file($_FILES['webcam']['tmp_name'], $filepath.$filename);
$sql="Insert into webcam_images(companyName, imgpath) values('$company','$filename')";
$result=mysqli_query($con,$sql);
echo $filepath.$filename;
}
?>
The SESSION is now being set correctly but the problem is as follows:
This string "echo $filepath.$filename;" is producing the following:
companyname (This is the set SESSION value name) uploads/imagename.jpg
ie
http://localhost:888/inventassites/Downloaded/Webcam/WebcamImage-1.0.0/The%20Apartment%20Serviceuploads/1536258098.jpg
It should be:
http://localhost:888/inventassites/Downloaded/Webcam/WebcamImage-1.0.0/uploads/1536258098.jpg
ie /uploads/imagename.jpg
The companyname is being added to the $filepath name which is not what I want
The path would then be able to show the uploaded image on the webpage whereas the first does not because it is referencing the wrong path
Any ideas ?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Perfect - that worked. Thing is, I still don't why was the echo statement was adding the session name to the $filepath variable
It wasn't - you had 2 echo statements :
echo $_SESSION['comp'];
...
echo $filepath.$filename;
The first one echoed the company name and the second one echoed the filepath and filename so your output ends up looking like:
CompanyFilepathFilename
echo $_SESSION['comp'];
...
echo $filepath.$filename;
The first one echoed the company name and the second one echoed the filepath and filename so your output ends up looking like:
CompanyFilepathFilename
ASKER
Ah
I thought that that would only happen if this was true:
echo $_SESSION['comp'].$filepat h.$filenam e;
OR
echo $company.$filepath.$filena me;
I thought that that would only happen if this was true:
echo $_SESSION['comp'].$filepat
OR
echo $company.$filepath.$filena
Nope. In PHP, output is buffered until the script ends (normally). Pretty sure you already use this a lot (probably in most scripts you write):
<h1>Users</h1>
<?php while ( $user = $db->getUsers() ): ?>
Username : <?php echo $user->username ?>
Email : <?php echo $user->email ?>
<?php endwhile; ?>
When you see it like that, it's plainly obvious that each output (whether direct HTML or with an echo statement) just get's buffered together until the script ends, and then the whole lot is dumped out.echo "This ";
echo "is ";
echo "a ";
echo "sentence!";
ASKER
Ah I see
Makes sense now
Makes sense now
ASKER
Thanks all - sorry for, in effect, asking 2 questions
What do you get if you echo out $company. Is there any chance that the value stored in $company has some quotes or other odd characters in there.
You should at the very least escape your data or better yet, use a prepared statement:
Open in new window