rRedirect Problem !!!

Question

sarithak 0 Junior Poster

15 Years Ago

Hi frnds...

here i am phasing a small problem...after successful completion of all my queries ,it is not redirecting to back page..plz check this one....

Need Logic

At the bottom of this code i execute 9 sql queries..all are in same manner..If there is any logic in this plz tell me....

<?php
ob_start();
session_start();
include_once("../../includes/dbconnect.php");
$title=$_POST['title'];
foreach ($_FILES["attachments4"]["tmp_name"] as $key => $error) 
{
    if ($error == UPLOAD_ERR_OK) 
{

		@$tmp_name0 = $_FILES["attachments4"]["tmp_name"][0];
        @$name0 = $_FILES["attachments4"]["name"][0];
		
		@$tmp_name1 = $_FILES["attachments4"]["tmp_name"][1];
        @$name1 = $_FILES["attachments4"]["name"][1];
		@$tmp_name2 = $_FILES["attachments4"]["tmp_name"][2];
        @$name2 = $_FILES["attachments4"]["name"][2];
		@$tmp_name3 = $_FILES["attachments4"]["tmp_name"][3];
        @$name3 = $_FILES["attachments4"]["name"][3];
		@$tmp_name4 = $_FILES["attachments4"]["tmp_name"][4];
        @$name4 = $_FILES["attachments4"]["name"][4];
		
		@$tmp_name5 = $_FILES["attachments4"]["tmp_name"][5];
        @$name5 = $_FILES["attachments4"]["name"][5];
		@$tmp_name6 = $_FILES["attachments4"]["tmp_name"][6];
        @$name6 = $_FILES["attachments4"]["name"][6];
		@$tmp_name7 = $_FILES["attachments4"]["tmp_name"][7];
        @$name7 = $_FILES["attachments4"]["name"][7];
		
		@$tmp_name8 = $_FILES["attachments4"]["tmp_name"][8];
        @$name8 = $_FILES["attachments4"]["name"][8];
		@$tmp_name9 = $_FILES["attachments4"]["tmp_name"][9];
        @$name9 = $_FILES["attachments4"]["name"][9];
		
		@move_uploaded_file($tmp_name0, "$title"."/"."$name0");
	    @move_uploaded_file($tmp_name1, "$title"."/"."$name1");
		@move_uploaded_file($tmp_name2, "$title"."/"."$name2");
		@move_uploaded_file($tmp_name3, "$title"."/"."$name3");
		@move_uploaded_file($tmp_name4, "$title"."/"."$name4");
	    @move_uploaded_file($tmp_name5, "$title"."/"."$name5");
		@move_uploaded_file($tmp_name6, "$title"."/"."$name6");
		@move_uploaded_file($tmp_name7, "$title"."/"."$name7");
		@move_uploaded_file($tmp_name8, "$title"."/"."$name8");
		@move_uploaded_file($tmp_name9, "$title"."/"."$name9");
		}
		}
		
if($name0!='')
{	
$path="$title"."/"."$name0";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}

if($name1!='')
{	
$path="$title"."/"."$name1";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}

if($name2!='')
{	
$path="$title"."/"."$name2";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}

if($name3!='')
{	
$path="$title"."/"."$name3";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}

if($name4!='')
{	
$path="$title"."/"."$name4";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}

if($name5!='')
{	
$path="$title"."/"."$name5";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}

if($name6!='')
{	
$path="$title"."/"."$name6";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}

if($name7!='')
{	
$path="$title"."/"."$name7";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}

if($name8!='')
{	
$path="$title"."/"."$name8";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}
if($name9!='')
{	
$path="$title"."/"."$name9";
$sql="insert into eventgallery values('','$title','$path')";
mysql_query($sql)or die(mysql_error());
}
header("Location : uploadimages.php" );
?>

Thanks in advance..

php

3 Contributors
7 Replies
401 Views
1 Day Discussion Span
Latest Post 15 Years Ago Latest Post by somedude3488

kvprajapati 1,826 Posting Genius

15 Years Ago

Due to page cache you got this problem. Remove cache using header() with options.

However, I think javascript way is very handy. You may add javascript at the end of page for the same.

...
 if($name9!='')
 {	
  $path="$title"."/"."$name9";
  $sql="insert into eventgallery values('','$title','$path')"; 
  mysql_query($sql)or die(mysql_error());
  }
 ?>
 <script type="text/javascript">
    open("uploadimages.php" ,"_self");
 </script>

somedude3488 228 Nearly a Posting Virtuoso

15 Years Ago

I have never had a problem with cache and the header function.

I have updated your code by simplifying your code and making it more secure. I hate seeing so many security holes in peoples code.

<?php

ob_start();
session_start();

include '../../includes/dbconnect.php';

$allowed = array( 'jpg','jpeg','png','pdf' );
$maxsize = 50000;

if ( isset( $_POST['title'] ) ) {
	$title = mysql_real_escape_string( $_POST['title'] );
	$files = array();
	foreach( $_FILES['test'] as $name => $parts ) {
		foreach( $parts as $key => $part ) {
			$files[$key][$name] = $part;
		}
	}
	foreach( $files as $file ) {
		if ( is_uploaded_file( $file['tmp_name'] ) ) {
			if ( $file['name'] !== '' && $file['error'] == 0 ) {
				$extn = strrev( substr( strrev( $file['name'] ),0,( strpos( strrev( $file['name'] ),'.' ) ) ) );
				if ( in_array( $extn,$allowed ) ) {
					if ( filesize( $file['tmp_name'] ) <= $maxsize ) {
						$path = "{$title}/" . md5(uniqid(rand(),true)) . ".{$extn}";
						if ( copy( $file['tmp_name'],$path ) ) {
							mysql_query("INSERT INTO `eventgallery` VALUES ('','{$title}','{$path}')") or die('Error: ' . mysql_error());
						}
					}
				}
			}
		}
	}
	header("Location: uploadimages.php");
	exit;
}

?>

Make sure you change the allowed extensions.

Don't use javascript for redirection. It can be disabled.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

sarithak 0 Junior Poster · Answer 1 · 2009-07-02T11:07:39+00:00

Hi Sir...
I used this one, but no execution...same problem..The page is not redirecting to previous page..

Due to page cache you got this problem. Remove cache using header() with options.
However, I think javascript way is very handy. You may add javascript at the end of page for the same.
...
 if($name9!='')
 {	
  $path="$title"."/"."$name9";
  $sql="insert into eventgallery values('','$title','$path')"; 
  mysql_query($sql)or die(mysql_error());
  }
 ?>
 <script type="text/javascript">
    open("uploadimages.php" ,"_self");
 </script>

sarithak 0 Junior Poster · Answer 2 · 2009-07-02T11:10:35+00:00

Hello Sir,

Thanks 4 ur response..
I have bee check this code, but no operations is going here.and no output..just page redirecting to previous page,......plz check this once in these lines..

foreach( $_FILES['test'] as $name => $parts ) {

In this what is test field..
Plz be patience to solve this one...

Thanks again...

I have never had a problem with cache and the header function.

I have updated your code by simplifying your code and making it more secure. I hate seeing so many security holes in peoples code.

<?php

ob_start();
session_start();

include '../../includes/dbconnect.php';

$allowed = array( 'jpg','jpeg','png','pdf' );
$maxsize = 50000;

if ( isset( $_POST['title'] ) ) {
	$title = mysql_real_escape_string( $_POST['title'] );
	$files = array();
	foreach( $_FILES['test'] as $name => $parts ) {
		foreach( $parts as $key => $part ) {
			$files[$key][$name] = $part;
		}
	}
	foreach( $files as $file ) {
		if ( is_uploaded_file( $file['tmp_name'] ) ) {
			if ( $file['name'] !== '' && $file['error'] == 0 ) {
				$extn = strrev( substr( strrev( $file['name'] ),0,( strpos( strrev( $file['name'] ),'.' ) ) ) );
				if ( in_array( $extn,$allowed ) ) {
					if ( filesize( $file['tmp_name'] ) <= $maxsize ) {
						$path = "{$title}/" . md5(uniqid(rand(),true)) . ".{$extn}";
						if ( copy( $file['tmp_name'],$path ) ) {
							mysql_query("INSERT INTO `eventgallery` VALUES ('','{$title}','{$path}')") or die('Error: ' . mysql_error());
						}
					}
				}
			}
		}
	}
	header("Location: uploadimages.php");
	exit;
}

?>

Make sure you change the allowed extensions.

Don't use javascript for redirection. It can be disabled.

somedude3488 228 Nearly a Posting Virtuoso · Answer 3 · 2009-07-02T12:47:35+00:00

somedude3488 228 Nearly a Posting Virtuoso

15 Years Ago

change 'test' to 'attachment4'.

sarithak 0 Junior Poster · Answer 4 · 2009-07-02T13:16:45+00:00

change 'test' to 'attachment4'.

Hello Sir,

I checked, but no execution..no process is going here...sry 4 iritating u...

Thanks..

somedude3488 228 Nearly a Posting Virtuoso · Answer 5 · 2009-07-02T20:57:04+00:00

did you change the allowed file extensions and the max filesize?