Member Avatar for Kniggles

Hi , I am trying to get a photo type base to work and have got stuck ,
I have 3 files ,
1- the html - that takes the input called door.html
2- the connect.php to open the base.
3- the php to insert insert.php.

1=

<FORM method=post action=insert.php><P>
</P><P><INPUT name=title value="Text Field">
</P><P><INPUT style="WIDTH: 635px; HEIGHT: 101px" value="Text Field" size=81></P>
<P><INPUT name=photo type=file></P><P></P>
<P><INPUT value="Submit Query" type=submit>
<INPUT value=Reset type=reset></P>
<P>&nbsp;</P></FORM>

2=

<?php

$con=mysqli_connect("localhost","user_me","password123","mybase1");


if (mysqli_connect_errno($con))
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
?>

3=

<?php

require "connect.php";
$target = "images/";
$target = $target . basename( $_FILES['photo']['title']);

$photo = ($_FILES['photo']['name']);
$query="INSERT INTO mytable1 ( name, photo, date)

VALUES

('$_POST[title]','$_POST[photo]','$_POST[date]')";
$result = mysql_query($query, $connection)





or die ("you missed up again<br>$query");

if(move_uploaded_file($_FILES['photo']['tmp_name'], $target))
{

echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory";
}
else {

echo "Sorry, there was a problem uploading your file.";
}
?>
<HTML><HEAD><META name=GENERATOR content="MSHTML 9.00.8112.16457"></HEAD>
<BODY>
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target))
{

echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory";
}
else {

echo "Sorry, there was a problem uploading your file.";
}

the error i am getting is Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in public_html/insert.php on line 13

any advice please ?
thank you .

  • 7 Contributors
  • 23 Replies
  • 476 Views
  • 3 Days Discussion Span
  • Latest Post Latest Post by Kniggles
Member Avatar for diafol

cHANGE

<FORM method=post action=insert.php>

to

<form method="post" action="insert.php" enctype="multipart/form-data">

There may be other issues, but this is the screamer.

Member Avatar for Kniggles

HI diafol thanks for helpping ,
not seen this before,
enctype="multipart/form-data">

I am guessing this is needed to let them know the form is to be posted into two places, or to tell them it is a .jpeg and it needs to be stored somewhere else ?

Would that be the same for anything thats not text on a form ?

Member Avatar for IIM

Below is the quote from w3 site http://www.w3.org/TR/html401/interact/forms.html#h-17.13.4.2

The content type "application/x-www-form-urlencoded" is inefficient for sending large quantities of binary data or text containing non-ASCII characters. The content type "multipart/form-data" should be used for submitting forms that contain files, non-ASCII data, and binary data.

The content "multipart/form-data" follows the rules of all multipart MIME data streams as outlined in [RFC2045]. The definition of "multipart/form-data" is available at the [IANA] registry.

A "multipart/form-data" message contains a series of parts, each representing a successful control. The parts are sent to the processing agent in the same order the corresponding controls appear in the document stream. Part boundaries should not occur in any of the data; how this is done lies outside the scope of this specification.

As with all multipart MIME types, each part has an optional "Content-Type" header that defaults to "text/plain". User agents should supply the "Content-Type" header, accompanied by a "charset" parameter.

It states clearly that encoding type must be mulipart/form-data when data sent is any file,non-ascii data and binary data.

Member Avatar for Kniggles

have re coded as I found out some of the fields were not named , heres the new,

1=

<html>
<body>
<FORM encType=multipart/form-data method=post action=insert.php><P>
</P>
<P><INPUT name=title value="Text Field"></P>
<P><INPUT style="WIDTH: 635px; HEIGHT: 101px" name=text value="Text Field" size=81></P>
<P><INPUT name=photo type=file></P><P></P>
<P><INPUT value="Submit Query" type=submit>

<P> </P></FORM>

</body></html>

3=

<?php

require "connect.php";
$target = "images/";
$target = $target . basename( $_FILES['photo']['title']);

$photo = ($_FILES['photo']['title']);
$query="INSERT INTO order ( title, text, photo)

VALUES('$_POST[title]','$_POST[photo]','$_POST[text]')";
$result = mysql_query($query, $connection)





or die ("you missed up again brains<br>$query");

if(move_uploaded_file($_FILES['photo']['tmp_title'], $target))
{

echo "The file ". basename( $_FILES['uploadedfile']['title']). " has been uploaded, and your information has been added to the directory";
}
else {

echo "Sorry, there was a problem uploading your file.";
}
?><HTML><HEAD><META name=GENERATOR content="MSHTML 9.00.8112.16457"></HEAD><BODY>
if(move_uploaded_file($_FILES['photo']['tmp_title'], $target))
{

echo "The file ". basename( $_FILES['uploadedfile']['title']). " has been uploaded, and your information has been added to the directory";
}
else {

echo "Sorry, there was a problem uploading your file.";
}


</BODY></HTML>

and the error is

Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /public_html/insert.php on line 11

the table in the base looks like

         TYPE 
id        int (50)
title     varchar (999)
photo     varchar (999)   <not sure if this should be here as the photo should go to the /image folder
date      datetime
text      varchar (999)

.

Member Avatar for IIM

check if $connection is defined,try to define locally and then check if its working.
and try to print out query:-

$query="INSERT INTO order ( title, text, photo)
VALUES('$_POST[title]','$_POST[photo]','$_POST[text]')";
echo $query;
Edited by IIM
Member Avatar for diafol 
encType=multipart/form-data

you need to put quotes around this value. That html of yours is very 1990s. How about updating it?

Member Avatar for Kniggles

Hi IIM
thanks for helpping,

heres the output,

INSERT INTO order ( title, text, photo) VALUES('lisa test','396px-Mona_Lisa-restored.jpg','')
PHP Error Message

Warning: mysql_query(): supplied argument is not a valid MySQL-Link resource in /public_html/insert.php on line 11


you missed up again brains
INSERT INTO order ( title, text, photo) VALUES('lisa test','396px-Mona_Lisa-restored.jpg','')

I can see that the value from the text box 'text' is not coming through . think we maybe getting somewhere now.

Member Avatar for pixelsoul

Well, one of the problem is

$result = mysql_query($query, $connection)

Should be

$result = mysql_query($connection, $query);

Also, why are you using mysqli_connect for the db connection but then mysql_query for the query? And, if that is your real database connection script, then your query statement should be

$result = mysqli_query($con, $query);
Edited by pixelsoul
Member Avatar for IIM

wrong pixelsoul.The syntax for mysql_query is correct.

$result = mysql_query($connection, $query);

is not correct syntax for mysql_query.

It is

$result = mysql_query($query,$connection);

Check http://php.net/manual/en/function.mysql-query.php

I think so you are mixing mysql_query() with mysqli_query().

@Kniggles:- you must prefer to use mysqli as mysql is about to be deprecated in next version of php.
http://php.net/manual/en/mysqli.query.php

Check your query

   $query="INSERT INTO order ( title, text, photo)
VALUES('$_POST[title]','$_POST[text]','$_POST[photo]')";//text is second parameter and photo is third.You have swapped that.

Also check if $connection contains correct value of connection string.

Edited by IIM
Member Avatar for pixelsoul

I haven't used it in a while, so you're correct.
The variable is still wrong and should be $con and not $connection if that is the db connection script.

Member Avatar for TonyG_cyprus

My ten cents... there seem to be a lot of element values without quotes,
with or without, but keep it constant, makes easier reading/debugging

Edited by TonyG_cyprus
Member Avatar for Webville312

First rectify your connection, just as Pixelsoul noted. Then let us know if there is still an error

Member Avatar for Kniggles

Hello Webville ,Tony and pixelsoul. thanks for hellping,
I only have 1/2 a clue on that which i am doing, I am a wee bit dislexi and trying to teach myself by finding lines of code to do what I am thinking. and since i can not find the bits i want I am trying to make a libary of the basics for myself and this should of been simple to add a photo with title and a small text of what the pic is into a base.

1 now =

    <HTML><HEAD><TITLE></TITLE><META content="text/html; charset=utf-8" http-equiv=Content-Type><META name=GENERATOR content="MSHTML 9.00.8112.16457"><STYLE type=text/css>BODY {
        FONT-FAMILY: verdana, arial, sans-serif
    }</STYLE></HEAD><BODY><P>&nbsp;</P>
    <FORM encType="multipart/form-data" method="post" action="insert1.php"><P>
    </P>
    <P><INPUT name="title" value="Text Field"></P>
    <P><INPUT style="WIDTH: 635px; HEIGHT: 101px" name="text" value="Text Field" size=81></P>
    <P><INPUT name="photo" type="file"></P><P></P>
    <P><INPUT value="Submit Query" type="submit">

    <P>&nbsp;</P></FORM><P>

    </P></BODY></HTML>

2 =

<?php
// Create connection
$con=mysqli_connect("scenario1.com","user_me","passwrod123987","base_test");

// Check connection
if (mysqli_connect_errno($con))
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
?><HTML><HEAD><META name=GENERATOR content="MSHTML 9.00.8112.16457">
</HEAD><BODY></BODY></HTML>

3 =

<?php

require "connect.php";
$target = "images/";
$target = $target . basename( $_FILES['photo']['title']);

$photo = ($_FILES['photo']['title']);
    $query="INSERT INTO order ( title, text, photo)
    VALUES('$_POST[title]','$_POST[text]','$_POST[photo]')";
    echo $query;
    $result = mysqli_query($con, $query);





or die ("you messed up again brains<br>$query");

if(move_uploaded_file($_FILES['photo']['tmp_title'], $target))
{

echo "The file ". basename( $_FILES['uploadedfile']['title']). " has been uploaded, and your information has been added to the directory";
}
else {

echo "Sorry, there was a problem uploading your file.";
}
?><HTML><HEAD><META name=GENERATOR content="MSHTML 9.00.8112.16457"></HEAD><BODY>
if(move_uploaded_file($_FILES['photo']['tmp_title'], $target))
{

echo "The file ". basename( $_FILES['uploadedfile']['title']). " has been uploaded, and your information has been added to the directory";
}
else {

echo "Sorry, there was a problem uploading your file.";
}


</BODY></HTML>

error now reads

Parse error: syntax error, unexpected T_LOGICAL_OR in /public_html/insert1.php on line 17
Member Avatar for pritaeas

Line 17 should be directly after line 11, so you'll need to remove the semi-colon at the end of 11.

Member Avatar for Kniggles

hi yea pritaeas , ltns, did this now get the output-

INSERT INTO order ( title, text, photo) VALUES('namme text test ','text box test 1234566','')you messed up again brains
INSERT INTO order ( title, text, photo) VALUES('namme text test ','text box test 1234566','')

however when i look in the data base there is nothing recorded, and nothing in the /images folder.

Member Avatar for TonyG_cyprus

Try
2,

  <?php
 // Create connection
 $con=mysqli_connect("scenario1.com","user_me","password123987","base_test");
// Check connection
if (mysqli_connect_errno($con))
 {
 echo "Failed to connect to MySQL: " . mysqli_connect_error();
 }
?>

3,

<?php
require "connect.php";
$target = "images/";
$target = $target . basename( $_FILES['photo']['title']);
$photo = ($_FILES['photo']['title']);
$query="INSERT INTO order ( title, text, photo)
VALUES('$_POST[title]','$_POST[text]','$_POST[photo]')";
$result = mysqli_query($con, $query) or die ("you messed up again brains<br>");
if(move_uploaded_file($_FILES['photo']['tmp_title'], $target))
{
echo "The file ". basename( $_FILES['uploadedfile']['title']). " has been uploaded, and your information has been added to the directory";
}
 else {
 echo "Sorry, there was a problem uploading your file.";
}
?>

The no1 has got me going a bit, but I think this may be what you want.

<HTML>
<HEAD>
<TITLE></TITLE>
<META content="text/html; charset=utf-8" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 9.00.8112.16457">
<STYLE type=text/css>
BODY {
    FONT-FAMILY: verdana, arial, sans-serif
}</STYLE>
</HEAD>
<BODY>

<FORM encType="multipart/form-data" method="post" action="insert1.php">
<INPUT type="text" name="title" value="Text Field"><br />
 ###### not sure what this is #######
<INPUT style="WIDTH: 635px; HEIGHT: 101px" name="text" value="Text Field" size=81><br />
  ###### if it's a text field copy the one above it and change the name ##########
  ###### if it's a text area, its below######
<TEXTAREA name="somename" ROWS="10" COLS="10"></TEXTAREA>    
<INPUT type="file" name="photo" ><br />
<INPUT type="submit" value="Submit Query" >
</FORM>
</BODY>
</HTML>

if I've messed up somewhere there I'm sure someone will help with corrections!

Member Avatar for Kniggles

still not working , getting the my error message

you messed up again brains

just had a thought , this is connect.php is for to the database , do i need to connect to the ftp. server az well ? since the file is to go into the /images folder to store the file.

Member Avatar for pixelsoul

As long as the "images" folder is in the same location your upload script is running you don't need to connect to anything else. I got home from work and had some free time to cruise through your code. I found a few issues that would completely stop it from working.

So, rather than list every single thing out here and make it too confusing. I corrected everything that I saw as a problem. I commented all of the changes so you can see what was done and learn from it. After you understand the functionality of this code I would highly recommend working toward more error/security checks if you plan on using this in a real production environment. I did not test this but it is a lot closer to working than before.

Also, I would go through this as it gives a good explination of the basics for file uploads and also talks about putting some restrictions on the file types that are allowed to be uploaded.

<?php
require "connect.php";

// defined us a constant I use often to get the absolute path of where the script is running from.
define ('SITE_ROOT', realpath(dirname(__FILE__))."/");

// setting the target folder with an absolute path which is much better for moving files.
// this is assuming that your upload script is one directory above your images folder.
$target = SITE_ROOT."images/"; 

// there is no ['title'] only ['name'] so changed that for you to $_FILES['photo']['name'].
// setting the variables and using mysqli_real_escape_string to escape any special characters and minimally sanitize the data before inserting to the database.
$photo = mysqli_real_escape_string($con, $_FILES['photo']['name']); 
$title = mysqli_real_escape_string($con, $_POST['title']);
$text = mysqli_real_escape_string($con, $_POST['text']);

// set the new variables in your query string. A lot cleaner now.
// traded out your custom error that was not very informative for a real error from the database.
$query = "INSERT INTO order ( title, text, photo) VALUES ('$title','$text','$photo')";
$result = mysqli_query($con, $query) or die (mysqli_error($con));

// no ['tmp_title'] only ['tmp_name'].
// used the $target.$photo for the upload location. It would give us something like "/home/folder/public/images/file.jpg".
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target.$photo))
{
    echo "The file ". $_FILES['uploadedfile']['name'] . " has been uploaded, and your information has been added to the directory";
}
else
{
    echo "Sorry, there was a problem uploading your file.";

    // push out the real error for the failed upload.
    echo "Error: ". $_FILES['photo']['error']; 
}
?>
Member Avatar for Kniggles

Am now getting

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order ( title, text, photo) VALUES ('mona test','testting 1234567890','396px-Mon' at line 1

this to me would be at line 19
$query = "INSERT INTO order ( title, text, photo) VALUES ('$title','$text','$photo')";

had a look in the manual and found this

INSERT INTO tbl_name () VALUES();

which looks the same as your code.

this line is the ['name'] the name box of the photo not the name I use az the title of the photo then ?

$photo = mysqli_real_escape_string($con, $_FILES['photo']['name']);

Member Avatar for pritaeas

order is a reserved word. If you use it as a table name put backticks around it.

commented: nice catch, totally missed that. +5
Member Avatar for Kniggles

yeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa

Thanks pritaeas , just turned it into order1 and it works :)

Member Avatar for pixelsoul

Awesome.

Member Avatar for Kniggles

i used order as a table name as i am trying to merrory map my programing learning into a cafe type scenario,
am thinking it maybe simpler if i upgrade to a hotel and forms become room service orders,

rest of this is just cloud thinking,

hg-hotel guest,
checks into room, = player reg.
hg-calls {room service} [menu = {post/get{is post goto.scenario1/if get get.scenario2 }};

]
endthinktank.game1o1;


`it must be possible to build a layer above a compiler that can be used for play/learning,
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.