Hi
I'm currently creating a property website and it allows users to submit upto 7 images/property.
Currently on clicking the 'submit' button to Add A Propety my code checks for image size, file type and then moves the file from a tmp location to images/propertyimages file.
All the images from all users go to the same directory.
Therefore if one user has an image called kitchen.jpg and then another user submits an image called kitchen.jpg, the first one gets overwritten and both users will have the same image on their property.
I have a a few ideas, but not sure which one would be the most practical and whether there is a better, simpler solution available (bearing in mind my coding is still on an uphill learning curve)
1. On 'Submit' prefix or add a number to the image and each subsequent image submitted gets the next sequential number.
2. Prefix the User ID to the image (the user has to be logged in to Add A Property and therefore the ID is stored in the S_SESSION) and then get the 'Submit'to check for image name uniqueness using something like this for each of the 7 images:
if (!empty($image_main_name)
{
// Make sure name isn't already in use
$query = "SELECT * FROM property_details WHERE image = '$image_main_name'";
........
}This then at least keeps the issue within each of the users own properties.
3. Prefix each image name with the property ID. This would ensure that each image was unique across all users and no need to prompt users to change an image name before submitting etc etc.
However currently the site is based on the Property ID being created after the Property has been submitted with the column in the database automatically incrementing the property ID's as each one is submitted.
I do not know how to go about creating a unique property ID on clicking 'Submit'so that the the property ID is created upfront in order to prefix to the image name.
I'm also not sure how to append even the user ID to each image name.
I'm also not sure whether any of these ideas are the best way forward?
I've attached the code used to far to check the image size/type etc and submit to the required directly. Only the image name gets submitted to the database.
Any help in this would be great and much appreciated as I'm at a real sticking point now and the site is pretty much finished apart from this :-)
Many thanks in advance liz
<?php require_once('Connections/xxxxxxxx_localhost.php');
require_once('myaccess/appvars.php');
// Connect to the database
$dbc = mysqli_connect("localhost", "xxxxxxx", "xxxxxxxxxx", "xxxxxxxxx");
function checkfile($image_name,$type,$size,$tmp_name,$error)
{
$output ='start';
if (!empty($image_name))
{
if (
(($type == 'image/gif') || ($type == 'image/jpg') || ($type == 'image/pjpeg') || ($type == 'image/png') || ($type == 'image/jpeg'))
&& (($size > 0) && ($size <= GW_MAXFILESIZE))
&& ($error == '0'))
{
// Move the files to the target upload folder
$target = GW_UPLOADPATH . $image_name;
if (move_uploaded_file($tmp_name , $target) ) {$output = 'success';} else {$output = 'load error'; }
}
else { $output='error'; }
}
else { $output='success'; }
return $output;
}
if (isset($_POST['submit'])) {
// Grab the profile data from the POST - I have removed the non image fields.
$ID = ($_POST['ID']);
$screenpath = "images/propertyimages/";
$image_main_name = mysqli_real_escape_string($dbc, trim($_FILES['image_main']['name']));
$image_kitchen_name = mysqli_real_escape_string($dbc, trim($_FILES['image_kitchen']['name']));
$image_bed_name = mysqli_real_escape_string($dbc, trim($_FILES['image_bed']['name']));
$image_bath_name = mysqli_real_escape_string($dbc, trim($_FILES['image_bath']['name']));
$image_living_name = mysqli_real_escape_string($dbc, trim($_FILES['image_living']['name']));
$image_dining_name = mysqli_real_escape_string($dbc, trim($_FILES['image_dining']['name']));
$image_garden_name = mysqli_real_escape_string($dbc, trim($_FILES['image_garden']['name']));
$image_main_check = checkfile($_FILES['image_main']['name'],$_FILES['image_main']['type'],$_FILES['image_main']['size'],$_FILES['image_main']['tmp_name'],$_FILES['image_main']['error']) ;
$image_kitchen_check = checkfile($_FILES['image_kitchen']['name'],$_FILES['image_kitchen']['type'],$_FILES['image_kitchen']['size'],$_FILES['image_kitchen']['tmp_name'],$_FILES['image_kitchen']['error']) ;
$image_bed_check = checkfile($_FILES['image_bed']['name'],$_FILES['image_bed']['type'],$_FILES['image_bed']['size'],$_FILES['image_bed']['tmp_name'],$_FILES['image_bed']['error']) ;
$image_bath_check = checkfile($_FILES['image_bath']['name'],$_FILES['image_bath']['type'],$_FILES['image_bath']['size'],$_FILES['image_bath']['tmp_name'],$_FILES['image_bath']['error']) ;
$image_living_check = checkfile($_FILES['image_living']['name'],$_FILES['image_living']['type'],$_FILES['image_living']['size'],$_FILES['image_living']['tmp_name'],$_FILES['image_living']['error']) ;
$image_dining_check = checkfile($_FILES['image_dining']['name'],$_FILES['image_dining']['type'],$_FILES['image_dining']['size'],$_FILES['image_dining']['tmp_name'],$_FILES['image_dining']['error']) ;
$image_garden_check = checkfile($_FILES['image_garden']['name'],$_FILES['image_garden']['type'],$_FILES['image_garden']['size'],$_FILES['image_garden']['tmp_name'],$_FILES['image_garden']['error']) ;
if ($image_main_check == 'success' && $image_kitchen_check == 'success' && $image_bed_check == 'success' && $image_bath_check == 'success' && $image_living_check == 'success' && $image_dining_check == 'success' && $image_garden_check == 'success')
{
// Connect to the database
$dbc = mysqli_connect("localhost", "xxxxxxx", "xxxxxxxx", "xxxxxxxx");
$query = "INSERT INTO property_details
VALUES (0, NOW(), '$ID', '$add_owner', '$add_block', '$add_road', '$add_house', '$add_unit', '$add_area', '$add_postcode', '$add_zone', '$prop_cat', '$prop_hot', 'Active', '$prop_contact', '$prop_type', '$prop_saletype', '$prop_desc', '$prop_tenure', '$prop_bedroom', '$prop_bathroom', '$prop_price', '$prop_garage', '$prop_park', '$prop_pool', '$prop_garden', '$prop_alarm', '$prop_appliance', '$screenpath', '$image_main_name', '$image_kitchen_name', '$image_bed_name', '$image_bath_name', '$image_living_name', '$image_dining_name', '$image_garden_name')";
mysqli_query($dbc, $query);
// Confirm success with the user - I've taken out this bit as it just adds unecessary length...
// Clear the image data to clear the form
$image_main = "";
$image_kitchen = "";
$image_bed = "";
$image_bath = "";
$image_living = "";
$image_dining = "";
$image_garden = "";
mysqli_close($dbc);
exit();
}
elseif (($image_main_check == 'error' ) || ($image_kitchen_check == 'error' ) || ($image_bed_check == 'error' ) || ($image_bath_check == 'error' ) || ($image_living_check == 'error' ) || ($image_dining_check == 'error' ) || ($image_garden_check == 'error' )) {
echo '<p class="maintextactive">All the images must be a GIF, JPG, JPEG, or PNG image file no greater than ' . (GW_MAXFILESIZE / 1024) . ' KB in size. Please return to the form and re-select your images.</p>';
}
elseif (($image_main_check == 'load error' ) || ($image_kitchen_check == 'load error' ) || ($image_bed_check == 'load error' ) || ($image_bath_check == 'load error' ) || ($image_living_check == 'load error' ) || ($image_dining_check == 'load error' ) || ($image_garden_check == 'load error' )) {
echo '<p class="maintextactive">The files did not load successfully. Please try again</p>'; }
else {echo '<p class="maintextactive">Someting else has gone wrong</p>'; }
// Try to delete the temporary screen shot image file
@unlink($_FILES['image_main']['tmp_name']) && ($_FILES['image_kitchen']['tmp_name']) && ($_FILES['image_bed']['tmp_name']) && ($_FILES['image_bath']['tmp_name']) && ($_FILES['image_living']['tmp_name']) && ($_FILES['image_dining']['tmp_name']) && ($_FILES['image_garden']['tmp_name']);
}
else { echo '<p class="maintextbold">Please enter all of the information to add to your property.</p>'; }
?>
