Passing variables in same page

#1.) use a remote style sheet.. (/css/style.css)
#2.) Don't put everything in php as it makes load time slower... even if it a mili second

I hope you will make a separate file named: style.css and insert the following code there

body {
	background-color:#000000;
	color:#E27907;
	font-family:Verdana,Arial;
	font-size:10pt;
	letter-spacing:2;
	}
.thumbNormal {
	border:4px solid #000000;
	}
.thumbSelected {
	border:4px solid #ff0000;
	}
.prevImage {
        border: 8px solid #ccc;
        width: 200px;
        height: 100px;
    }

And also make separate files where you will put all the functions.
In the main file, load necessary functions and also the external cascading style sheet(css).

The upload path (line 147) is not the website url but the DOCUMENT_ROOT, use this command to get the path:

echo $_SERVER['DOCUMENT_ROOT']

it will give you something like /var/www/yourwebiste.tld/ so an example is this:

$upload = $_SERVER['DOCUMENT_ROOT'] . 'images/' . $path;

I see you set $path from the database, it should be a sub-directory inside images/ right? If yes then this example it should work fine :)

Thanks guys.

I have the style sheet, just wanted to let you know what I have.

I'll try suggestions and let you know what happens

OK,

I added this as suggested.

$upload = $_SERVER['DOCUMENT_ROOT'] . '/images/' . $path;

The response is this.

Warning: copy(/home/mine/public_html/mydir/images//) [function.copy]: failed to open stream: Is a directory in /home/mine/public_html/mydir/Admin/Edit/image.php on line 139

OK,

I added this as suggested.

$upload = $_SERVER['DOCUMENT_ROOT'] . '/images/' . $path;

The response is this.

Warning: copy(/home/mine/public_html/mydir/images//) [function.copy]: failed to open stream: Is a directory in /home/mine/public_html/mydir/Admin/Edit/image.php on line 139

No $path or $name.

Thanks

Exactly, but looking at your code $name seems to be $_POST
I don't see that in the form, so where you get the old filename?

Exactly, but looking at your code $name seems to be $_POST
I don't see that in the form, so where you get the old filename?

From dd.php

<!doctype html public "-//w3c//dtd html 3.2//en">

<html>

<head>
<title>Multiple drop down list box from plus2net</title>
<SCRIPT language=JavaScript>
function reload(form)
{
var val=form.cat.options[form.cat.options.selectedIndex].value;
self.location='image.php?cat=' + val ;
}

</script>
</head>

<body>
<?

/*
If register_global is off in your server then after reloading of the page to get the value of cat from query string we have to take special care.
To read more on register_global visit.
  http://www.plus2net.com/php_tutorial/register-globals.php
*/
@$cat=$_GET['cat']; // Use this line or below line if register_global is off
if(strlen($cat) > 0 and !is_numeric($cat)){ // to check if $cat is numeric data or not. 
echo "Data Error";
exit;
}


//@$cat=$HTTP_GET_VARS['cat']; // Use this line or above line if register_global is off

///////// Getting the data from Mysql table for first list box//////////
$quer2=mysql_query("SELECT DISTINCT directory,DID FROM directory order by directory"); 
///////////// End of query for first list box////////////

/////// for second drop down list we will check if category is selected else we will display all the subcategory///// 
if(isset($cat) and strlen($cat) > 0){
$quer=mysql_query("SELECT DISTINCT name FROM images where DID=$cat order by name"); 
}else{$quer=mysql_query("SELECT DISTINCT name FROM images order by name"); } 
////////// end of query for second subcategory drop down list box ///////////////////////////

echo "<form method=post name=f1 action='image.php'>";
/// Add your form processing page address to action in above line. Example  action=dd-check.php////
//////////        Starting of first drop downlist /////////
echo "<select name='cat' onchange=\"reload(this.form)\"><option value=''>Select one</option>";
while($noticia2 = mysql_fetch_array($quer2)) { 
if($noticia2['DID']==@$cat){echo "<option selected value='$noticia2[DID]'>$noticia2[directory]</option>"."<BR>";}
else{echo  "<option value='$noticia2[DID]'>$noticia2[directory]</option>";}
}
echo "</select>";
//////////////////  This will end the first drop down list ///////////

//////////        Starting of second drop downlist /////////
echo "<select name='subcat'><option value=''>Select one</option>";
while($noticia = mysql_fetch_array($quer)) { 
echo  "<option value='$noticia[name]'>$noticia[name]</option>";
}
echo "</select>";
//////////////////  This will end the second drop down list ///////////
//// Add your other form fields as needed here/////
echo "<input type=submit value=Submit>";
echo "</form>";
?>

</body>

</html>

So subcat is set by $noticia[name] and this could be a problem because you need a filename without spaces or at least you need to escape them:

/var/www/yourwebsite.tld/images/file name.jpg #bad, will return an error
/var/www/yourwebsite.tld/images/file\ name.jpg #good
/var/www/yourwebsite.tld/images/file_name.jpg #good
"/var/www/yourwebsite.tld/images/file name.jpg" #good

If you don't explain better, I can't help you more than this. Bye :)

OK, starting from the beginning.

dd.php
Generates the vars (cat and subcat).

they get brought into image.php via;

$id=$_POST['cat'];
$name=$_POST['subcat'];

$id is used to generate the var $path via;

$sql = "SELECT directory FROM directory WHERE DID = '$id'";
	$result = mysql_query($sql) or die('A error occured: ' . mysql_error());

	while ($row = mysql_fetch_assoc($result)) {
    	$path = $row['directory'];

This generates a preview image with the correct subdirectory and image name;

print "<img class='thumbNormal' src='http://mysite.com/images/$path/$name' width=200 onclick='SelectImg($id)'>";
	print "<br>";
	print $path."/".$name;
	}

Now we come to the tricky part. I want to use $path and $name later in the code. I want to use it like this;

$upload = $_SERVER['DOCUMENT_ROOT'] . '/images/' . $path;

Just like I did with the preview image section.

I also want to use $name as the new image name so that I do not have to edit 3 XML files later, like this;

$image_name=$name;
$newname=$upload . "/" . $image_name;

$copied = copy($_FILES['image']['tmp_name'], $newname);

When I do this I get;

Warning: copy(/home/mine/public_html/mydir/images//) 
[function.copy]: failed to open stream: Is a directory in /home/mine/public_html/mydir/Admin/Edit/image.php on line 139

That's because I am not using the $path and $name to here. $name nor $path contain no spaces between names I use "_".

$path and $name should contain the same content as in the preview image area.

I hope this clears up my problem.

Thank you for your help this far.

OK, thank you! But there are some errors you should fix.

If I'm understanding the script, your intention is:

1) to upload an image, save it into a the directory you get from the query $result
2) the destination directory is a sub-directory of /images/
3) the new name ($newname) of the file will be the subcat you get from the first form

But there's no connection between the first form and the second.

When you send the first form you select subcat and cat: you set $_POST and $_POST.
Right after you submit the second form so you can upload the file, with this action PHP will delete $_POST and $_POST that you previously set.
If you want to save them you have to use a session: http://php.net/manual/en/book.session.php
Otherwise you can only echo them to hidden input fields in the second form:

<form name='newad' method='post' enctype='multipart/form-data'  action=''>
    <table>
        <tr><td><input type='file' name='image'></td></tr>
        <tr><td><input name="Submit" type="submit" value="Upload image"></td></tr>
    </table>
    <input type="hidden" name="subcat" value="<?php echo $_POST['subcat']; ?>" />
    <input type="hidden" name="cat" value="<?php echo $_POST['cat']; ?>" />
</form>

About the errors:

You have two different forms on the same page, the first is included through dd.php which it should be a simple php script, not an HTML page with PHP script.

Currently you're going to output a page with two doctypes, two html sections, two head sections and two body sections. This is wrong. You may want to fix this problem.

Check if parts1.php has the same problems of dd.php

If you look at your code, you're hiding some errors like @$cat on lines 25, 49 of dd.php, so if there's a problem you won't get the error, in development stage you need them. Remove @ and check it better.

Another problem, the page is supposed to be open with cat on his url, example:

http://my.website/image.php?cat=1

when you run the first form the browser will reload without cat=1, you should remove image.php from the action parameter of the form.

Few suggestions:

Don't trust is_numeric() because it will accept also hexadecimal values like 0x12 or 0xf5, instead of that use ctype_digit().

If you're using PHP 5.3 or above you should also use finfo() or an alternative to get the mime-type of the file you're uploading because a script can be submitted with jpg extension and then get executed.

I hope this will help you, bye :)

Thanks I'll give all a try

OK.

Made all the changes, thanks for the heads up on HTML sections, totally bypassed that.

Everything works as I wanted. The only reason I needed to do this is because the client did not want to pay me a maintenance fee for uploading new images.

Without this I needed to supply them with access to the server so they could edit XML and TXT files.

Again, Thank you so much for helping an amature PHP developer. For the last 30 years I've had developers do this kind of thing for me, I'm a (Project Manager). LOL

* If you want to see what I put together minus the admin section look here, http://tegojewelers.com

Great! You're welcome and great website :)

Yeah it's a cool website.

BTW, if you are bored of text tutorials, you may try out these cool php tutorials : http://www.thenewboston.com/?cat=67&pOpen=tutorial

Moreover, it's absolutely free and the explanations are very clear.