hbphoto

Hi, I created two input fields in my form named image and image1. The code I used to process the upload looks like this. The code here uploads the first image. I then copied and pasted this same exact code underneath and changed everything that referenced "image" to "image1". And that's about it. if (is_uploaded_file ($_FILES['image']['tmp_name']) && ($_FILES['image']['error'] == UPLOAD_ERR_OK)) { $file = $_FILES['image']; $size = ROUND($file['size']/1024); // Validate the file size: if ($size > 99999999999) { $errors['image'] = 'The uploaded file was too large.'; } // Validate the file type: $allowed_mime = array ('image/gif', 'image/pjpeg', 'image/jpeg', 'image/JPG', 'image/X-PNG', 'image/PNG', 'image/png', 'image/x-png'); $allowed_extensions = array ('.jpg', '.gif', '.png', 'jpeg'); $image_info = getimagesize($file['tmp_name']); $ext = substr($file['name'], -4); if ( (!in_array($file['type'], $allowed_mime)) || (!in_array($image_info['mime'], $allowed_mime) ) || (!in_array($ext, $allowed_extensions) ) ) { $errors['image'] = 'The uploaded file was not of the proper type.'; } // Move the file over, if no problems: if (!array_key_exists('image', $errors)) { // Create a new name for the file: $oi = $file['name']; // Move the file to its proper folder but add _tmp, just in case: $dest = "../photography/uploads/$oi"; if (move_uploaded_file($file['tmp_name'], $dest)) { // Store the data in the session for later use: $_SESSION['image']['oi'] = $oi; $_SESSION['image']['file_name'] = $file['name']; // Print a message: echo '<h4>The file has been uploaded!</h4>'; } else { trigger_error('The file could not be moved.'); unlink ($file['tmp_name']); } } // End of array_key_exists() IF. } elseif (!isset($_SESSION['image'])) { // No current or previous uploaded file. switch ($_FILES['image']['error']) { case 1: case 2: $errors['image'] = 'The uploaded file was too large.'; break; case 3: $errors['image'] = 'The file was only partially uploaded.'; break; case 6: case 7: case 8: $errors['image'] = 'The file could not be uploaded due to a system error.'; break; case 4: default: $errors['image'] = 'No file was uploaded.'; break; } // End of SWITCH. } // End of $_FILES IF-ELSEIF-ELSE.

I was able to finally solve uploading both images to the directory. I'm trying to insert the information to the table and I'm receiving the following error message: An error occurred in script 'add_image.php' on line 195: mysqli_stmt_bind_param() expects parameter 1 to be mysqli_stmt, boolean given My connection to the database works because I have a select statement in my form to create a drop down list of my clients. I also made sure that the number of '?' marks equal the number of columns in my table. Also, I made sure that I have the same number of bind parameters for each variable. I'm not sure what else I can do to troubleshoot this. Can someone lend me a hand? Thank you in advance. Here is the INSERT code. $q = 'INSERT INTO photo (client_id, photo_name, description, image_original, image_thumb) VALUES (?, ?, ?, ?, ?,)'; $stmt = mysqli_prepare($dbc, $q); Line 195: mysqli_stmt_bind_param($stmt, 'issss', $c, $pn, $d, $oi, $ti); mysqli_stmt_execute($stmt);

Yes, I'm a product photographer. I want my clients to sign into the website and view their photos so they can decide which ones they want. I want them brought to a page with thumbnails and then they can click on a thumbnail and a larger photo appears. As for the size of the thumbnails, I have a size which works very well. My one concern regarding automatically generating the thumbnails is that the page may take a long time to load. If there is an efficient way of doing this, I'm all ears.

Ok, great, that's exactly what I have. I guess where I'm stumped is after the form is submitted, how do I process both images through validation and moving to and from the temporary directory?

With the code written as above, can I put the file from the first input into a field in the table called ORIGINAL and the file from the secon input into a field in the table called THUMB?

Hello: I have a form which uploads the photo name, description, client name, original size image, and thumbnail size image. I have a table which contains the following fields: photo_id, client_id, photo_name, description, image_original, image_thumb Can someone help me figure out a more efficient way to upload two images on the same form? Here is the code for the form. <form enctype="multipart/form-data" action="add_image.php" method="post" accept-charset="utf-8"> <input type="hidden" name="MAX_FILE_SIZE" value="10485760 " /> <label><strong>Image Name:</strong></label><?php create_form_input('name', 'text', $add_image_errors); ?> <br><br><br> <label><strong>Description:</strong></label><?php create_form_input('description', 'text', $add_image_errors); ?> <br><br><br> <label><strong>Client:</strong></label> <select name="client"<?php if (array_key_exists('client', $add_image_errors)) echo ' class="error"'; ?>> <option>Select One</option> <?php // Retrieve all the categories and add to the pull-down menu: $q = "SELECT client_id, CONCAT_WS(' ', first_name, last_name) FROM client ORDER BY last_name, first_name ASC"; $r = mysqli_query ($dbc, $q); while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) { echo "<option value=\"$row[0]\""; // Check for stickyness: if (isset($_POST['client_id']) && ($_POST['client_id'] == $row[0]) ) echo ' selected="selected"'; echo ">$row[1]</option>\n"; } ?> </select> <br><br><br> <label><strong>Original Image:</strong></label> <?php // Check for an error: if (array_key_exists('image', $add_image_errors)) { echo '<span class="error">' . $add_image_errors['image'] . '</span><input type="file" name="image" class="error"/>'; } else { // No error. echo '<input type="file" name="image" />'; // If the file exists (from a previous form submission but there were other errors), // store the file info in a session and note its existence: if (isset($_SESSION['image'])) { echo "<br />Currently '{$_SESSION['image']['file_name']}'"; } } // end of errors IF-ELSE. ?> <br><br><br> <label><strong>Thumbnail Image:</strong></label> <?php // Check for an error: if (array_key_exists('image_thumb', $add_image_errors)) { echo '<span class="error">' . $add_image_errors['image_thumb'] . '</span><input type="file" name="image_thumb" class="error"/>'; } else { // No error. echo '<input type="file" name="image_thumb" />'; // If the file exists (from a previous form submission but there were other errors), // store the file info in a session and note its existence: if (isset($_SESSION['image_thumb'])) { echo "<br />Currently '{$_SESSION['image_thumb']['file_name_thumb']}'"; } } // end of errors IF-ELSE. ?> <br><br><br> <label> </label><img src="Captcha/captcha/captchac_code.php" id="captcha"><br><br> <label> </label><input type="text" name="imgverify" value="" maxlength="100" size="10" /> <br><br> <button type="submit">Submit</button> </form> Here is the PHP code for the actual upload. When I tested the form, only one of the images was uploaded. With my limited PHP experience, I began by having two blocks of code. One for the original size and the other for the thumbnail size. The code is the same except the variables were changed to have _thumb to identify the thumbnails. ############ Check for the ORIGINAL sized image: ######################## if (is_uploaded_file ($_FILES['image']['tmp_name']) && ($_FILES['image']['error'] == UPLOAD_ERR_OK)) { $file = $_FILES['image']; $size = ROUND($file['size']/1024); // Validate the file size: if ($size > 99999999999) { $add_image_errors['image'] = 'The uploaded file was too large.'; } // Validate the file type: $allowed_mime = array ('image/gif', 'image/pjpeg', 'image/jpeg', 'image/JPG', 'image/X-PNG', 'image/PNG', 'image/png', 'image/x-png'); $allowed_extensions = array ('.jpg', '.gif', '.png', 'jpeg'); $image_info = getimagesize($file['tmp_name']); $ext = substr($file['name'], -4); if ( (!in_array($file['type'], $allowed_mime)) || (!in_array($image_info['mime'], $allowed_mime) ) || (!in_array($ext, $allowed_extensions) ) ) { $add_product_errors['image'] = 'The uploaded file was not of the proper type.'; } // Move the file over, if no problems: if (!array_key_exists('image', $add_image_errors)) { // Create a new name for the file: $new_name = (string) sha1($file['name'] . uniqid('',true)); // Add the extension: $new_name .= ((substr($ext, 0, 1) != '.') ? ".{$ext}" : $ext); // Move the file to its proper folder but add _tmp, just in case: $dest = "../photography/uploads/$new_name"; if (move_uploaded_file($file['tmp_name'], $dest)) { // Store the data in the session for later use: $_SESSION['image']['new_name'] = $new_name; $_SESSION['image']['file_name'] = $file['name']; // Print a message: echo '<h4>The file has been uploaded!</h4>'; } else { trigger_error('The file could not be moved.'); unlink ($file['tmp_name']); } } // End of array_key_exists() IF. } elseif (!isset($_SESSION['image'])) { // No current or previous uploaded file. switch ($_FILES['image']['error']) { case 1: case 2: $add_image_errors['image'] = 'The uploaded file was too large.'; break; case 3: $add_image_errors['image'] = 'The file was only partially uploaded.'; break; case 6: case 7: case 8: $add_image_errors['image'] = 'The file could not be uploaded due to a system error.'; break; case 4: default: $add_image_errors['image'] = 'No file was uploaded.'; break; } // End of SWITCH. } // End of $_FILES IF-ELSEIF-ELSE. ############ Check for the THUMBNAIL sized image: ######################## if (is_uploaded_file ($_FILES['image_thumb']['tmp_name']) && ($_FILES['image_thumb']['error'] == UPLOAD_ERR_OK)) { $file = $_FILES['image_thumb']; $size = ROUND($file['size']/1024); // Validate the file size: if ($size > 99999999999) { $add_image_errors['image_thumb'] = 'The uploaded file was too large.'; } // Validate the file type: $allowed_mime = array ('image/gif', 'image/pjpeg', 'image/jpeg', 'image/JPG', 'image/X-PNG', 'image/PNG', 'image/png', 'image/x-png'); $allowed_extensions = array ('.jpg', '.gif', '.png', 'jpeg'); $image_info = getimagesize($file['tmp_name']); $ext = substr($file['name'], -4); if ( (!in_array($file['type'], $allowed_mime)) || (!in_array($image_info['mime'], $allowed_mime) ) || (!in_array($ext, $allowed_extensions) ) ) { $add_product_errors['image_thumb'] = 'The uploaded file was not of the proper type.'; } // Move the file over, if no problems: if (!array_key_exists('image_thumb', $add_image_errors)) { // Create a new name for the file: $new_name_thumb = (string) sha1($file['name'] . uniqid('',true)); // Add the extension: $new_name_thumb .= ((substr($ext, 0, 1) != '.') ? ".{$ext}" : $ext); // Move the file to its proper folder but add _tmp, just in case: $dest = "../photography/uploads/$new_name_thumb"; if (move_uploaded_file($file['tmp_name'], $dest)) { // Store the data in the session for later use: $_SESSION['image_thumb']['new_name_thumb'] = $new_name_thumb; $_SESSION['image_thumb']['file_name_thumb'] = $file['name']; // Print a message: echo '<h4>The file has been uploaded!</h4>'; } else { trigger_error('The file could not be moved.'); unlink ($file['tmp_name']); } } // End of array_key_exists() IF. } elseif (!isset($_SESSION['image_thumb'])) { // No current or previous uploaded file. switch ($_FILES['image_thumb']['error']) { case 1: case 2: $add_image_errors['image_thumb'] = 'The uploaded file was too large.'; break; case 3: $add_image_errors['image_thumb'] = 'The file was only partially uploaded.'; break; case 6: case 7: case 8: $add_image_errors['image_thumb'] = 'The file could not be uploaded due to a system error.'; break; case 4: default: $add_image_errors['image_thumb'] = 'No file was uploaded.'; break; } // End of SWITCH. } // End of $_FILES IF-ELSEIF-ELSE. Thanks for the help

I changed my field to UNSIGNED while using BIGINT. The result was the same. I then changed my field to CHAR. The result is now correct. I'm at a loss as to why the INT wasn't working. The example in the book is using INT.

Hello: Changing the INT to BIGINT generated the same result. I'm going to try CHAR.

Yes, I am doing debugging steps. First, I echo'd the results of my form submission so I'm certain that what I typed into the form is being passed through the validation process. Here is the code and the results: // Check for a phone number: // Strip out spaces, hyphens, and parentheses: $phone = str_replace(array(' ', '-', '(', ')'), '', $_POST['phone']); if (preg_match ('/^[0-9]{10}$/', $phone)) { $ph = $phone; } else { $add_client_errors['phone'] = 'Please enter your phone number!'; } echo $_POST['phone']; echo "<br />"; // creating a new line echo $phone; echo "<br />"; // creating a new line echo $ph; echo "<br />"; // creating a new line Results: 333-444-5555 3334445555 3334445555 --------------------------------------- Here is the code for my insert statement and the result of the numbers of rows which were inserted. // Add the client to the database: $pwd = get_password_hash($p); $q = "INSERT INTO client (first_name, last_name, address, city, state, zip, phone, email, pass, date_created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, CURDATE() )"; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'sssssiiss', $fn, $ln, $sa, $c, $st, $z, $ph, $e, $pwd); mysqli_stmt_execute($stmt); printf("%d Row inserted.\n", mysqli_stmt_affected_rows($stmt)) Result: 1 Row inserted ----------------------------------------------------------------------------- Finally, here is the code and results from a select statement from the table. You will see that the phone number that was entered into the table is not the same phone number as entered into the form. //Checking results inserted into table $q = "SELECT * FROM client WHERE email='$e'"; $r = mysqli_query ($dbc, $q); // Prints insert results from table while($row = mysqli_fetch_assoc($r)){ foreach($row as $cname => $cvalue){ print "$cname: $cvalue\t"; } print "\r\n"; } Results: client_id: 22 first_name: Minnie last_name: Mouse address: 123 Minnie Lane city: Ft. Myers state: FL zip: 30309 *** phone: 2147483647 email: minnie@mouse.com pass: £9•Øq?ë%+uÞðÈ÷í÷áÖýŸ õ-]tÜX¥Vô4 user_level: 0 active: date_created: 2012-08-29 I'm not sure what else to do to check my script.

Hi, In the second example in this book, in the checkout.php, a phone number is checked as part of form submission. I'm using the same syntax for the validation as well as the form field. When I run my script, the phone number that I enter into the form, 222-333-4444, does not insert into the database table as 2223334444. Instead, the result that is being populated into my table for phone is 2147483647. I have no clue as to what is causing this. In my table, the phone field is set as INT(10) NOT NULL just as in the book. Can someone help? Here's my code starting with the form field and then to validation and then to insert. Form Field: <label><strong>Phone:</strong></label><input type="text" name="phone" value="<?php if (isset($_POST['phone'])) echo $_POST['phone']; ?>" /> Form Validation: // Check for a phone number: // Strip out spaces, hyphens, and parentheses: $phone = str_replace(array(' ', '-', '(', ')'), '', $_POST['phone']); if (preg_match ('/^[0-9]{10}$/', $phone)) { $ph = $phone; } else { $add_client_errors['phone'] = 'Please enter your phone number!'; } INSERT statement: $pwd = get_password_hash($p); $q = "INSERT INTO client (first_name, last_name, address, city, state, zip, phone, email, pass, date_created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, CURDATE() )"; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'sssssiiss', $fn, $ln, $sa, $c, $st, $z, $ph, $e, $pwd); mysqli_stmt_execute($stmt); As I mentioned, I'm not sure why the phone number is being switched from what I enter to another number. This is happening to any number I enter into the form and generates the same result.

I fixed the problem. Here's what I did. I createda variable $pwd which hashes the password first. Then I referenced this new variable in the bind_param statement. $pwd = get_password_hash($p); $q = "INSERT INTO client (first_name, last_name, address, city, state, zip, phone, email, pass, date_created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, NOW() )"; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'sssssiiss', $fn, $ln, $sa, $c, $st, $z, $ph, $e, $pwd); mysqli_stmt_execute($stmt); Thanks to everyone for the help!

I made some modifications to my code and when I run the script I'm receiving the following error message: Fatal error: Only variables can be passed by reference in add_client.php on line 105. Here is the code: line 102: $q = "INSERT INTO client (first_name, last_name, address, city, state, zip, phone, email, pass, date_created) line 103: VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, NOW() )"; line 104: $stmt = mysqli_prepare($dbc, $q); line 105: mysqli_stmt_bind_param($stmt, 'sssssiiss', $fn, $ln, $sa, $c, $st, $z, $ph, $e, '" . get_password_hash($p) . "'); line 106: mysqli_stmt_execute($stmt); Can someone help? Thank you!

Ok, I'll give this a try.

I will give it a try. As for the date, if I use NOW() in my VALUES of the insert statement, I don't include it as a bind variable. Would that be correct? Otherwise, how do I insert a date? And, for the password, if I place a ? in the VALUES, in the bind statement how do I hash the password to be inserted?

Hello: My password field in the table is set as varbinary. I removed the formmating from the code. The error message I received stated that only variables could be bound. $q = "INSERT INTO client (first_name, last_name, address, city, state, zip, phone, email, pass, date_created) VALUES (?, ?, ?, ?, ?, ?, ?, ?, get_password_hash(?), NOW() )"; $stmt = mysqli_prepare($dbc, $q); mysqli_stmt_bind_param($stmt, 'sssssiiss', $fn, $ln, '$sa', '$c', '$st', '$z', '$ph', '$e', '$p'); mysqli_stmt_execute($stmt);