I have successfully implemented the "add_prints.php" script however it only works the first time I use it. When I try to add another entry, it fails with
The file has been uploaded!
The category has been added.
Your submission could not be processed due to a system error.
The artist (in my case category) is successfully added, however the print and image (in my case company) fail to be added.
Attached is my code:
<?php
// This page allows the administrator to add a company (product).
require_once ('../../../mysqli_connect.php');
if (isset($_POST['submitted'])) { // Handle the form.
// Validate the incoming data...
$errors = array();
// Check for a company name:
if (!empty($_POST['company_name'])) {
$cn = trim($_POST['company_name']);
} else {
$errors[] = 'Please enter the company\'s name!';
}
// Check for a phone number:
if (!empty($_POST['phone'])) {
$p = trim($_POST['phone']);
} else {
$errors[] = 'Please enter the company\'s phone number!';
}
// Check for address 1:
if (!empty($_POST['address_1'])) {
$a1 = trim($_POST['address_1']);
} else {
$errors[] = 'Please enter the first line of the address.';
}
// Check for postcode:
if (!empty($_POST['postcode'])) {
$pc = trim($_POST['postcode']);
} else {
$errors[] = 'Please enter the postcode.';
}
// Check for an image:
if (is_uploaded_file ($_FILES['image']['tmp_name'])) {
// Create a temporary file name:
$temp = '../../../uploads/' . md5($_FILES['image']['name']);
// Move the file over:
if (move_uploaded_file($_FILES['image']['tmp_name'], $temp)) {
echo '<p>The file has been uploaded!</p>';
// Set the $i variable to the image's name:
$i = $_FILES['image']['name'];
} else { // Couldn't move the file over.
$errors[] = 'The file could not be moved.';
$temp = $_FILES['image']['tmp_name'];
}
} else { // No uploaded file.
$errors[] = 'No file was uploaded.';
$temp = NULL;
}
//Check for not required data
// Check for address 2(not required):
$a2 = (!empty($_POST['address_2'])) ? trim($_POST['address_3']) : NULL;
// Check for address 3(not required):
$a3 = (!empty($_POST['address_2'])) ? trim($_POST['address_3']) : NULL;
// Check for email(not required):
$e = (!empty($_POST['email'])) ? trim($_POST['email']) : NULL;
// Check for website(not required):
$w = (!empty($_POST['website'])) ? trim($_POST['website']) : NULL;
// Check for a description (not required):
$d = (!empty($_POST['description'])) ? trim($_POST['description']) : NULL;
// Validate the category...
if (isset($_POST['category']) && ($_POST['category'] == 'new') ) {
// If it's a new category, add the category to the database...
// Check for a category name...
if (!empty($_POST['category_name'])) {
$cn = trim($_POST['category_name']);
// Add the category to the database:
$q = 'INSERT INTO categories (category_name) VALUES (?)';
$stmt = mysqli_prepare($dbc, $q);
mysqli_stmt_bind_param($stmt, 's', $cn);
mysqli_stmt_execute($stmt);
// Check the results....
if (mysqli_stmt_affected_rows($stmt) == 1) {
echo '<p>The category has been added.</p>';
$catid = mysqli_stmt_insert_id($stmt); // Get the category ID.
} else { // Error!
$errors[] = 'The new category could not be added to the database!';
}
// Close this prepared statement:
mysqli_stmt_close($stmt);
} else { // No category name value.
$errors[] = 'Please enter the category\'s name!';
}
} elseif ( isset($_POST['category']) && ($_POST['category'] == 'existing') && ($_POST['existing'] > 0) ) { // Existing category.
$catid = (int) $_POST['existing'];
} else { // No category selected.
$errors[] = 'Please enter or select the category\'s name!';
}
if (empty($errors)) { // If everything's OK.
// Add the company to the database:
$q = 'INSERT INTO companies (category_id, company_name, phone, email, website, address_1, address_2, address_3, postcode, description, image_name) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
$stmt = mysqli_prepare($dbc, $q);
mysqli_stmt_bind_param($stmt, 'issssssssss', $catid, $cn, $p, $e, $w, $a1, $a2, $a3, $pc, $d, $i);
mysqli_stmt_execute($stmt);
// Check the results...
if (mysqli_stmt_affected_rows($stmt) == 1) {
// Print a message:
echo '<p>The company has been added.</p>';
// Rename the image:
$id = mysqli_stmt_insert_id($stmt); // Get the company ID.
rename ($temp, "../../../uploads/$id");
// Clear $_POST:
$_POST = array();
} else { // Error!
echo '<p style="font-weight: bold; color: #C00">Your submission could not be processed due to a system error.</p>';
}
mysqli_stmt_close($stmt);
} // End of $errors IF.
// Delete the uploaded file if it still exists:
if ( isset($temp) && file_exists ($temp) && is_file($temp) ) {
unlink ($temp);
}
} // End of the submission IF.
// Check for any errors and print them:
if ( !empty($errors) && is_array($errors) ) {
echo '<h1>Error!</h1>
<p style="font-weight: bold; color: #C00">The following error(s) occurred:<br />';
foreach ($errors as $msg) {
echo " - $msg<br />\n";
}
echo 'Please reselect the company image and try again.</p>';
}
// Display the form...
?>
<h1>Add a Company</h1>
<form enctype="multipart/form-data" action="add_company.php" method="post">
<input type="hidden" name="MAX_FILE_SIZE" value="524288" />
<fieldset><legend>Fill out the form to add a company to the directory:</legend>
<p><b>Company Name:</b> <input type="text" name="company_name" size="30" maxlength="60" value="<?php if (isset($_POST['company_name'])) echo htmlspecialchars($_POST['company_name']); ?>" /></p>
<p><b>Image:</b> <input type="file" name="image" /></p>
<div><b>Category:</b>
<p><input type="radio" name="category" value="existing" <?php if (isset($_POST['category']) && ($_POST['category'] == 'existing') ) echo ' checked="checked"'; ?> /> Existing =>
<select name="existing"><option>Select One</option>
<?php // Retrieve all the categories and add to the pull-down menu.
$q = "SELECT category_id, category_name FROM categories ORDER BY category_name ASC";
$r = mysqli_query ($dbc, $q);
if (mysqli_num_rows($r) > 0) {
while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) {
echo "<option value=\"$row[0]\"";
// Check for stickyness:
if (isset($_POST['existing']) && ($_POST['existing'] == $row[0]) ) echo ' selected="selected"';
echo ">$row[1]</option>\n";
}
} else {
echo '<option>Please add a new category.</option>';
}
mysqli_close($dbc); // Close the database connection.
?>