Jump to content
Forums are read-only ×
Larry Ullman's Book Forums

philstar

Members
 View Profile  See their activity

  • Posts

    2

  • Joined

  • Last visited

 Content Type 

Posts posted by philstar

    Chapter 17 File Upload Only Works First Time

    in PHP 6 and MySQL 5 for Dynamic Web Sites: Visual QuickPro Guide (3rd Edition)

    Posted

    I have successfully implemented the "add_prints.php" script however it only works the first time I use it. When I try to add another entry, it fails with

     

    The file has been uploaded!

    The category has been added.

    Your submission could not be processed due to a system error.

     

    The artist (in my case category) is successfully added, however the print and image (in my case company) fail to be added.

     

    Attached is my code:

    <?php
// This page allows the administrator to add a company (product).

require_once ('../../../mysqli_connect.php');

if (isset($_POST['submitted'])) { // Handle the form.
	
	// Validate the incoming data...
	$errors = array();

	// Check for a company name:
	if (!empty($_POST['company_name'])) {
		$cn = trim($_POST['company_name']);
	} else {
		$errors[] = 'Please enter the company\'s name!';
	}
	
	// Check for a phone number:
	if (!empty($_POST['phone'])) {
		$p = trim($_POST['phone']);
	} else {
		$errors[] = 'Please enter the company\'s phone number!';
	}
	
	// Check for address 1:
	if (!empty($_POST['address_1'])) {
		$a1 = trim($_POST['address_1']);
	} else {
		$errors[] = 'Please enter the first line of the address.';
	}
	
	// Check for postcode:
	if (!empty($_POST['postcode'])) {
		$pc = trim($_POST['postcode']);
	} else {
		$errors[] = 'Please enter the postcode.';
	}
	
	// Check for an image:
	if (is_uploaded_file ($_FILES['image']['tmp_name'])) {
	
		// Create a temporary file name:
		$temp = '../../../uploads/' . md5($_FILES['image']['name']);
	
		// Move the file over:
		if (move_uploaded_file($_FILES['image']['tmp_name'], $temp)) {
	
			echo '<p>The file has been uploaded!</p>';
			
			// Set the $i variable to the image's name:
			$i = $_FILES['image']['name'];
	
		} else { // Couldn't move the file over.
			$errors[] = 'The file could not be moved.';
			$temp = $_FILES['image']['tmp_name'];
		}

	} else { // No uploaded file.
		$errors[] = 'No file was uploaded.';
		$temp = NULL;
	}

	//Check for not required data
	
	// Check for address 2(not required):
	$a2 = (!empty($_POST['address_2'])) ? trim($_POST['address_3']) : NULL;
	
	// Check for address 3(not required):
	$a3 = (!empty($_POST['address_2'])) ? trim($_POST['address_3']) : NULL;
	
	// Check for email(not required):
	$e = (!empty($_POST['email'])) ? trim($_POST['email']) : NULL;
	
	// Check for website(not required):
	$w = (!empty($_POST['website'])) ? trim($_POST['website']) : NULL;
	
	// Check for a description (not required):
	$d = (!empty($_POST['description'])) ? trim($_POST['description']) : NULL;
	
	// Validate the category...
	if (isset($_POST['category']) && ($_POST['category'] == 'new') ) {
		// If it's a new category, add the category to the database...

		// Check for a category name...
		if (!empty($_POST['category_name'])) {
			
			$cn = trim($_POST['category_name']);
			
			// Add the category to the database:
			$q = 'INSERT INTO categories (category_name) VALUES (?)';
			$stmt = mysqli_prepare($dbc, $q);
			mysqli_stmt_bind_param($stmt, 's', $cn);
			mysqli_stmt_execute($stmt);
			
			// Check the results....
			if (mysqli_stmt_affected_rows($stmt) == 1) {
				echo '<p>The category has been added.</p>';
				$catid = mysqli_stmt_insert_id($stmt); // Get the category ID.
			} else { // Error!
				$errors[] = 'The new category could not be added to the database!';
			}
			
			// Close this prepared statement:
			mysqli_stmt_close($stmt);
			
		} else { // No category name value.
			$errors[] = 'Please enter the category\'s name!';
		}
		
	} elseif ( isset($_POST['category']) && ($_POST['category'] == 'existing') && ($_POST['existing'] > 0) ) { // Existing category.
		$catid = (int) $_POST['existing'];
	} else { // No category selected.
		$errors[] = 'Please enter or select the category\'s name!';
	}
	
	if (empty($errors)) { // If everything's OK.
	
		// Add the company to the database:
		$q = 'INSERT INTO companies (category_id, company_name, phone, email, website, address_1, address_2, address_3, postcode, description, image_name) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)';
		$stmt = mysqli_prepare($dbc, $q);
		mysqli_stmt_bind_param($stmt, 'issssssssss', $catid, $cn, $p, $e, $w, $a1, $a2, $a3, $pc, $d, $i);
		mysqli_stmt_execute($stmt);
		
		// Check the results...
		if (mysqli_stmt_affected_rows($stmt) == 1) {
		
			// Print a message:
			echo '<p>The company has been added.</p>';
			
			// Rename the image:
			$id = mysqli_stmt_insert_id($stmt); // Get the company ID.
			rename ($temp, "../../../uploads/$id");
			
			// Clear $_POST:
			$_POST = array();
			
		} else { // Error!
			echo '<p style="font-weight: bold; color: #C00">Your submission could not be processed due to a system error.</p>'; 
		}
		
		mysqli_stmt_close($stmt);
		
	} // End of $errors IF.
	
	// Delete the uploaded file if it still exists:
	if ( isset($temp) && file_exists ($temp) && is_file($temp) ) {
		unlink ($temp);
	}
	
} // End of the submission IF.

// Check for any errors and print them:
if ( !empty($errors) && is_array($errors) ) {
	echo '<h1>Error!</h1>
	<p style="font-weight: bold; color: #C00">The following error(s) occurred:<br />';
	foreach ($errors as $msg) {
		echo " - $msg<br />\n";
	}
	echo 'Please reselect the company image and try again.</p>';
}

// Display the form...
?>
<h1>Add a Company</h1>
<form enctype="multipart/form-data" action="add_company.php" method="post">

	<input type="hidden" name="MAX_FILE_SIZE" value="524288" />
	
	<fieldset><legend>Fill out the form to add a company to the directory:</legend>
	
	<p><b>Company Name:</b> <input type="text" name="company_name" size="30" maxlength="60" value="<?php if (isset($_POST['company_name'])) echo htmlspecialchars($_POST['company_name']); ?>" /></p>
	
	<p><b>Image:</b> <input type="file" name="image" /></p>
	
	<div><b>Category:</b> 
	<p><input type="radio" name="category" value="existing" <?php if (isset($_POST['category']) && ($_POST['category'] == 'existing') ) echo ' checked="checked"'; ?> /> Existing =>
	<select name="existing"><option>Select One</option>
	<?php // Retrieve all the categories and add to the pull-down menu.
	$q = "SELECT category_id, category_name FROM categories ORDER BY category_name ASC";		
	$r = mysqli_query ($dbc, $q);
	if (mysqli_num_rows($r) > 0) {
		while ($row = mysqli_fetch_array ($r, MYSQLI_NUM)) {
			echo "<option value=\"$row[0]\"";
			// Check for stickyness:
			if (isset($_POST['existing']) && ($_POST['existing'] == $row[0]) ) echo ' selected="selected"';
			echo ">$row[1]</option>\n";
		}
	} else {
		echo '<option>Please add a new category.</option>';
	}
	mysqli_close($dbc); // Close the database connection.
	?>
×
×
  • Create New...