bahaa
-
Posts
147 -
Joined
-
Last visited
Posts posted by bahaa
-
-
//Move the file over
if(is_uploaded_file($_FILES['photo']['tmp_name'])){
if(move_uploaded_file($temp_photo_filename, $target_path.$photo_file_name)){
if(file_exists($target_path. $photo_file_name)){
$unique_photo_name = uniqid(md5(time())).".".$photo_file_extension;
rename($target_path.$photo_name, $target_path.$unique_photo_name);
}//if(file_exists($target_path. $photo_file_name)){
-
this is how i do it
// check for an image
if(is_uploaded_file($_FILES['photo']['tmp_name'])){
//Create a temporary file name
$target_path = "../uploads/";
$photo_name = strtolower($_FILES['photo']['name']);
$temp_photo_filename = $_FILES['photo']['tmp_name'];
$photo_file_size = $_FILES['photo']['size'];
$photo_file_type = strtolower($_FILES['photo']['type']);
$photo_file_extension = strtolower(substr(strchr($_FILES['photo']['name'],'.'), 1));
$imageInfo = getimagesize($temp_photo_filename);
$imageInfo = $imageInfo['mime'];
//Convert all applicable characters to HTML entities
$photo_file_name = htmlentities($photo_name);
$photo_file_type = htmlentities($photo_file_type);
$allowed = array('image/pjepg', 'image/jpeg', 'image/JPG', 'image/X-PNG', 'image/PNG',
'image/png', 'image/x-png', 'image/gif', 'image/GIF');
if(!in_array($photo_file_type, $allowed)){
$errors[]="<p>إمتداد الملف الذي قمت بتحميله غير مصرح به.</p>";
}// end of if(in_array($_FILES['upload']['type'], $allowed)){
if(!is_numeric($photo_file_size)){
$errors[]="<p>نوع الملف الذي تحاول تحميله غير معروف</p>";
}//if(!is_numeric($photo_file_size)){
}//if(is_uploaded_file($_FILES['photo']['tmp_name'])){
-
mysqli_stmt_insert_id () function can be use to retrieve last inserted id.
I am not trying to retrieve the last id I inserted.
I want to insert a new record into a table and used the next available id for a field that is not auto increment.
All I am tasking is that if there is a function to be used within the insert statement to insert the next available id.
-
initialize that field to a value and then increment it by a value as you need when you insert next row to the database...
The table she gave us contains 23 records, so I need to insert the record number 24, but I want to be able to insert id 24 without going back to the table and look what was the last record.
Is there a function to do that in the insert statement?
-
Hello,
How do I insert the next available id for a field if it is not auto increment?
Is there a function I can use within the insert statement to get the last id and increment it by one?
I was trying this
INSERT INTO wine(wineID, wineYear, wineName, winePrice, wineHarvest)
VALUES((select(MAX(wineID)+1) FROM wine ), 2009, 'Vidal icewine', 13.5, '2010-01-29');
But It did not work. It said, Error Code: 1093. You can't specify target table 'wine' for update in FROM clause
I know you would say why just don't you use auto increment on the id field
This table was given to us by the teacher in school and she did not auto increment the id field.
Regards,
-
-
Hello everybody,
From security and efficiency prospective, what is best to use for the visible field column in database? enum('yes', 'no') or
INT 1 for visible and 0 for invisible?
Regards,
-
My problem is with handling the multi upload not with the query
I am trying this but i am getting
Notice: Undefined offset: 2 in C:\wamp\www\Site\htdocs\admin\upload1.php on line 33
Notice: Undefined offset: 2 in C:\wamp\www\Site\htdocs\admin\upload1.php on line 34
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>
<body>
<?php
if(isset($_FILES['upload'])){
//target path
for($i=0; $i <count($_FILES['upload']['name']); $i++){
$target_path = "../uploads/";
$file_name = strtolower($_FILES['upload']['name'][$i]);
$temp_filename = $_FILES['upload']['tmp_name'][$i];
$file_size = $_FILES['upload']['size'][$i];
$file_type = $_FILES['upload']['type'][$i];
$file_extension = substr(strchr($_FILES['upload']['name'][$i],'.'), 1);
//Convert all applicable characters to HTML entities
$file_name = htmlentities($file_name);
$file_type = htmlentities($file_type);
//Validate the type.Should be JPEH or PNG
$allowed = array('image/pjepg', 'image/jpeg', 'image/JPG', 'image/X-PNG', 'image/PNG',
'image/png', 'image/x-png', 'image/gif', 'image/GIF', 'flv', 'FLV');
if(!in_array($file_type, $allowed)){
$errors[]="<p>إمتداد الملف الذي قمت بتحميله غير مصرح به.</p>";
}// end of if(in_array($_FILES['upload']['type'], $allowed)){
}// for($i=0; count($_FILES['upload']['name']); $i++){
if(empty($errors)){
//if everything went ok
if(move_uploaded_file($_FILES['upload']['tmp_name'][$i],
$target_path.$_FILES['upload']['name'][$i])){
if(file_exists($target_path.$_FILES['upload']['name'][$i])){
//Generate uniqe file name
$unique_name = uniqid(md5(time())).".".$file_extension;
//Rename the file to an uniqid version
rename($target_path . $_FILES['upload']['name'][$i], $target_path . $unique_name);
}//end of if(file_exists($target_path/$filename)){
}else {
$unique_name = NULL;
}
}//if(isset($_FILES['upload
}// end of if(empty($errors)){
?>
<form action="upload1.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="MAX_FILE_SIZE" value="1000000" />
<input type="file" name="upload[]" />
<input type="file" name="upload[]" />
<input type="submit" name="submit" value="send"/>
</form>
</body>
</html>
Can any body point out where is my mistake?
-
Hello,
I want to upload two files with different extension at once, and I want each one of them to be stored in the database in different row.
Does any body know how to handle that ?
regards,
-
Thanks Pejman
Very helpful
-
I tried that but it did not work.
-
Hello,
I want to display the date in Arabic.
Is there a function to convert the day of the week and month into Arabic?
PHP Version 5.3.0
Regards,
-
mysqli_affected_rows:
http://php.net/manual/en/mysqli.affected-rows.php
mysqli_fetch_array:
http://php.net/manual/en/mysqli-result.fetch-array.php
The examples below the explanation are the most immediately understandable, I think. For a prepared statement, the query itself will not really change, just the way of structuring it.
I am not using the Object oriented style in my code.
Do you know to to check for the num rows and fetching the array not using the Object oriented style?
-
How about reading the forum guidelines to see what kind of information might be required here? You've not been good about abiding by the forum guidelines before, which is why I'm giving you a particular hard time with this. But if you look at your question, you should be able to think of what other information someone would be needed in order to answer your question.
As a contrary example, what if I were to pose this question to you: what windshield wipers do I need for my car?
I am sorry if I did not give enough information.
I know to to write the statement, but I dont know how to check for the num rows and how to fetch it.
here is my code
<?phpif(isset($_POST['login'])){
$errors = array();
if(!empty($_POST['username']) && (!empty($_POST['password']))){
$username = trim($_POST['username']);
$password = trim($_POST['password']);
$password = sha1($password);
}else {
$errors[]="<p>جميع الحقول مطلوبة</p>";
}
if(empty($errors)){
$q = "SELECT username, user_id FROM users
WHERE username = ? AND pass = ? ";
$stmt = mysqli_prepare ($con, $q);
mysqli_stmt_bind_param($stmt, 'ss', $username, $password);
if( mysqli_stmt_execute($stmt)){
//
}else{
echo "<p class='error'> خطأ في إسم المستخدم و كلمة المرور.</p>";
}
}// end of empty errors
}//end of if(isset($_POST['login'])){
as you see the code is missing the part where to check the num rows, fetching it, and redirect the user
-
Given the information provided, no.
what information do you need?
-
Yes, I do. Well, in theory.
can you please tell me how to write the statement?
-
Hello,
Does any one know how to check login using prepared statement?
help appreciated
-
If the connection is properly defined, you can use echo mysqli_connect_error() to see if something went wrong and you are not getting connected to the database.
I don't have any problem with the connection. I have other queries on the same page and they work fine.
-
Do you using a proper connection to the database for example.
$q = " SELECT username FROM user WHERE username = ?"; $stmt = mysqli_prepare($dbc, $q);
.
Yes, I use the proper connection.
-
Hi bahaa, i'm not sure is this is what you are looking for but give a try.
$q = " SELECT username FROM users WHERE username = ? "; $stmt = mysqli_prepare ($con, $q); mysqli_stmt_bind_param($stmt, 's', $username); mysqli_stmt_execute($stmt); if(mysqli_stmt_num_rows($stmt) != 0){ echo "<p class='error'> The username you have chosen is already taken.</p>"; }else{ //something else }
Hope this help or get you on the right track.
i get this error
mysqli_bind_param() expects parameter 1 to be mysqli_stmt, boolean given
-
If you want to check that mysqli_num_row($R) is not equal to zero, you should use != 0 or > 0; not !== 0.
Thanks
it was a typo but how to rewrite it using prepared statement?
-
If you want to use a prepared statement, then please follow the explanation in Larry's book, or Google something like "PHP prepared statements". You'll get plenty of good, relevant hits.
I already know how to use the insert and update prepare statement, but for some reason I can't use the select one.
I searched on the internet and followed the instruction but it fives me an error.
This is what I want to do
$Q = " SELECT username FROM users Where username = '$username' ";
$R = mysqli_query($con, $Q);
if(mysqli_num_rows($R) !=0){
echo "The username you have chosen already taken";
}
Can any one rewrite it using the prepared statement?
-
I am sorry , I really did not explain what I need.
I want to use the prepared select statement
-
The mysqli_real_escape_string() function is used for an INSERT or an UPDATE — or similar queries that involve inserting data into the database — so as to avoid problematic characters. You don't need it to retrieve data with a SELECT query.
Were you thinking of prepared statements that avoid the use of the mysqli_real_escape_string() function? (That's covered in chapter 12, "Preventing SQL Injection Attacks".)
I am making a registration page and I need to use the select statement to check if username exists or not, so in this case I need to escape the value coming from the user.
How To Insert The Next Available Id If The Field Not Auto Increment?
in PHP 6 and MySQL 5 for Dynamic Web Sites: Visual QuickPro Guide (3rd Edition)
Posted
I figured it out
INSERT INTO wine(wineID, wineYear, wineName, winePrice, wineHarvest)
SELECT 1+ (SELECT MAX(wineID) FROM wine), 2009, 'Vidal icewine', 13.5, '2010-01-29';