how to get rid of these erros ?

Question

junaid_5 0 Light Poster

10 Years Ago

Hi i have this image upload script, its giving me errors.
this script should get description of the image from user and upload image to database. please someone could take a look at my code. i really messed up the code. i am puzzled now.

<?php
if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{


?>


 <form action="upload.php" method="post">
 Image Description: <input  type="text" name="imgdesc">
                               <input type="submit" value="submit">
</form>

<?php

$allowed_filetypes = array('.jpg','.jpeg','.png','.gif');
$max_filesize = 1445760;
$description = $_POST['imgdesc'];

$filename = $_FILES['userfile']['name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);

if(!in_array($ext,$allowed_filetypes))
  die('The file you attempted to upload is not allowed.');

if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
  die('The file you attempted to upload is too large.');



} else {
     echo 'There was an error during the file upload.  Please try again.';
}




$fileName = $_FILES['userfile']['name'];
$tmpName  = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$fp      = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
fclose($fp);
if(!get_magic_quotes_gpc())
{
    $fileName = addslashes($fileName);
}
include 'config.php';
include 'opendb.php';
$query = "INSERT INTO upload (name, size, type, content , description ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$content', '$description')";
mysql_query($query) or die('Error, query failed');
include 'closedb.php';
echo "<br>File $fileName uploaded<br>";


?>
<form method="post" enctype="multipart/form-data">
    <table width="350" border="0" cellpadding="1" cellspacing="1" class="box">
        <tr>
            <td width="246">
                <input type="hidden" name="MAX_FILE_SIZE" value="2000000">
                <input name="userfile" type="file" id="userfile">
            </td>
            <td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td>
        </tr>
    </table>
</form>

mysql php

2 Contributors
3 Replies
140 Views
2 Days Discussion Span
Latest Post 10 Years Ago Latest Post by broj1

broj1 356 Humble servant

10 Years Ago

What is the error? Can you post it?

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

junaid_5 0 Light Poster · Answer 1 · 2014-04-24T22:22:09+00:00

1.Notice: Undefined index: userfile in \upload_new\upload.php on line 22
2.Notice: Undefined index: userfile in upload_new\upload.php on line 23
3. Notice: Undefined index: userfile in \upload_new\upload.php on line 24
4. Notice: Undefined index: userfile in \upload_new\upload.php on line 25
5. Warning: fopen(): Filename cannot be empty in \upload_new\upload.php on line 26
6. Warning: fread() expects parameter 1 to be resource, boolean given in upload_new\upload.php on line 27
7. Warning: fclose() expects parameter 1 to be resource, boolean given in \upload_new\upload.php on line 29
8. Notice: Undefined variable: description in \upload_new\upload.php on line 37

broj1 356 Humble servant Featured Poster · Answer 2 · 2014-04-25T19:33:09+00:00

Sory for late reply. Obviously $_FILES['userfile'] does not exist. You should place the code that reads the uploaded file information and writes to the database within the if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) block. Something like this:

if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
{

    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if(!get_magic_quotes_gpc())
    {
        $fileName = addslashes($fileName);
    }
    include 'config.php';
    include 'opendb.php';
    $query = "INSERT INTO upload (name, size, type, content , description ) ".
    "VALUES ('$fileName', '$fileSize', '$fileType', '$content', '$description')";
    mysql_query($query) or die('Error, query failed');
    include 'closedb.php';
    echo "<br>File $fileName uploaded<br>";
?>


 <form action="upload.php" method="post">
 Image Description: <input  type="text" name="imgdesc">
                               <input type="submit" value="submit">
</form>

<?php

$allowed_filetypes = array('.jpg','.jpeg','.png','.gif');
$max_filesize = 1445760;
$description = $_POST['imgdesc'];

$filename = $_FILES['userfile']['name'];
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1);

if(!in_array($ext,$allowed_filetypes))
  die('The file you attempted to upload is not allowed.');

if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
  die('The file you attempted to upload is too large.');



} else {
     echo 'There was an error during the file upload.  Please try again.';
}

This way the file gets inserted into the db only when some data about it exists. You might want to reaarange the code depending on what you actually want to achieve.