VEX
01-24-2007, 03:01 AM
This is so weird. This script works perfectly fine and updates the database fine until I try to upload an jpg or jpeg image. What am I doing wrong? I have traced my steps and have reconstructed via cut n' paste and it handles the jpeg fine but it won't in this script for some reason???? I get "Your request was not successful" as I have instructed it to if the upload is not successful.
Can anyone help?
<html>
<head>
<title>Catalog Setup</title>
<script language="JavaScript">
function goToURL() {window.location = "/lp/catsu.html";}
</script>
</head>
<body>
<body bgcolor=#ddddaa>
<center>
<h1>CATALOG SETUP</h1>
<hr height=8>
</center>
<?php
if ($_SERVER['REQUEST_METHOD'] =='POST') {
$input = $_FILES['userfile']['name'];
$input = EscapeShellCmd($input);
if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
$type = strtolower($_FILES['userfile']['type']);
switch ($type) {
case "image/bmp";
$mimeType = "bmp";
break;
case "image/jpg";
$mimeType = "jpg";
break;
case "image/jpeg";
$mimeType = "jpeg";
break;
case "image/pjpeg";
$mimeType = "jpg";
break;
case "image/gif";
$mimeType = "gif";
break;
default:
$mimeType = "unknown";
}
$file = fopen($_FILES['userfile']['tmp_name'], "r");
$file = fread($file, filesize($_FILES['userfile']['tmp_name']));
$file = addslashes($file);
$link = mysql_connect('localhost', 'root');
if (!$link) {
die('could not connect to catalog' . mysql_error());
}
echo "<center><font color=#aa0000><i>you have connected to the catalog.</i></font></center>";
echo "<a href='/lp/catsu.html'>MAIN MENU</a>";
mysql_select_db('prototad', $link);
$tmp = $_FILES['userfile']['tmp_name'];
$id = mysql_insert_id() + 1;
if ($_POST['seasonal'] == "y") {
$sql = "INSERT into seasonal values ($id, '{$_POST[name]}', {$_POST[quantity]}, '{$_POST[description]}', {$_POST[price]}, '$mimeType')";
$result = mysql_query($sql);
}
$sql = "insert into {$_POST['type']} (id, name, seasonal, quantity, description, price, ext, pic_id) values (0, '{$_POST[name]}', default, {$_POST['quantity']}, '{$_POST[description]}', {$_POST['price']}, '$mimeType', LAST_INSERT_ID())";
$result = mysql_query($sql);
if (mysql_affected_rows($link)) {
$sql = "select * from necklaces";
$result = mysql_query($sql);
$id = mysql_num_rows($result);
$folder = $_POST['type'];
$destination = "uploads\\" . $folder . "\\" . $id . "." . $mimeType;
}
if (move_uploaded_file($tmp, $destination)) {
echo "<p><center>your merchandise was submitted succesfully</center><br><hr>";
}
}
else
{
$file = NULL;
echo "<center>Your request was not successful.</center>";
}
}
?>
<html>
<form action=<?=$_SERVER['PHP_SELF']?> method="POST" enctype="multipart/form-data">
<font color=#aa0000 style=bold> Fields that are in red are required or else your submission will not go through.</font>
<p>
<font color=#aa0000 style=bold>What type of merchandise are you submiting?</font><p>
<select name=type>
<option value=necklaces>Necklaces</option>
<option value=earrings>Earrings</option>
<option value=bracelets>Bracelets</option>
<option value=anklets>Anklets</option>
<option value=watches>Watches</option>
</select>
<p>
Give this item a label for easy lookup if wanted:<p>
<input type=text name=name></text><p>
Give a short description of this item:<p>
<textarea name="description" width=400 height=250></textarea><p>
Would you like to mark this item as seasonal?<p>
<input type="radio" name="seasonal" value="y">
Seasonal<p>
<font color=#aa0000 style=bold>How many are you holding in inventory?<p>
<input type=text name="quantity"><p>
What would you like to set the price to? (please show your answer in the format such as: 1.25 or 10.50)<p>
<input type=text name="price"><p>
<p>
Upload your picture:<p>
<input type="hidden" name='max_file_size' value='30000'>
<input name='userfile' type="file">
</font><p>
<center>
<input type="submit"><p>
<input type=button value="MAIN MENU" onClick="goToURL()">
</script>
</form>
<p>
</center>
</html>
I also just noticed that the pjpeg case in the switch is shifted over in my code I just pasted? Is that relevant? I hope I'm not missing anything minor that I already know but I'm really not catching anything here.
Can anyone help?
<html>
<head>
<title>Catalog Setup</title>
<script language="JavaScript">
function goToURL() {window.location = "/lp/catsu.html";}
</script>
</head>
<body>
<body bgcolor=#ddddaa>
<center>
<h1>CATALOG SETUP</h1>
<hr height=8>
</center>
<?php
if ($_SERVER['REQUEST_METHOD'] =='POST') {
$input = $_FILES['userfile']['name'];
$input = EscapeShellCmd($input);
if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
$type = strtolower($_FILES['userfile']['type']);
switch ($type) {
case "image/bmp";
$mimeType = "bmp";
break;
case "image/jpg";
$mimeType = "jpg";
break;
case "image/jpeg";
$mimeType = "jpeg";
break;
case "image/pjpeg";
$mimeType = "jpg";
break;
case "image/gif";
$mimeType = "gif";
break;
default:
$mimeType = "unknown";
}
$file = fopen($_FILES['userfile']['tmp_name'], "r");
$file = fread($file, filesize($_FILES['userfile']['tmp_name']));
$file = addslashes($file);
$link = mysql_connect('localhost', 'root');
if (!$link) {
die('could not connect to catalog' . mysql_error());
}
echo "<center><font color=#aa0000><i>you have connected to the catalog.</i></font></center>";
echo "<a href='/lp/catsu.html'>MAIN MENU</a>";
mysql_select_db('prototad', $link);
$tmp = $_FILES['userfile']['tmp_name'];
$id = mysql_insert_id() + 1;
if ($_POST['seasonal'] == "y") {
$sql = "INSERT into seasonal values ($id, '{$_POST[name]}', {$_POST[quantity]}, '{$_POST[description]}', {$_POST[price]}, '$mimeType')";
$result = mysql_query($sql);
}
$sql = "insert into {$_POST['type']} (id, name, seasonal, quantity, description, price, ext, pic_id) values (0, '{$_POST[name]}', default, {$_POST['quantity']}, '{$_POST[description]}', {$_POST['price']}, '$mimeType', LAST_INSERT_ID())";
$result = mysql_query($sql);
if (mysql_affected_rows($link)) {
$sql = "select * from necklaces";
$result = mysql_query($sql);
$id = mysql_num_rows($result);
$folder = $_POST['type'];
$destination = "uploads\\" . $folder . "\\" . $id . "." . $mimeType;
}
if (move_uploaded_file($tmp, $destination)) {
echo "<p><center>your merchandise was submitted succesfully</center><br><hr>";
}
}
else
{
$file = NULL;
echo "<center>Your request was not successful.</center>";
}
}
?>
<html>
<form action=<?=$_SERVER['PHP_SELF']?> method="POST" enctype="multipart/form-data">
<font color=#aa0000 style=bold> Fields that are in red are required or else your submission will not go through.</font>
<p>
<font color=#aa0000 style=bold>What type of merchandise are you submiting?</font><p>
<select name=type>
<option value=necklaces>Necklaces</option>
<option value=earrings>Earrings</option>
<option value=bracelets>Bracelets</option>
<option value=anklets>Anklets</option>
<option value=watches>Watches</option>
</select>
<p>
Give this item a label for easy lookup if wanted:<p>
<input type=text name=name></text><p>
Give a short description of this item:<p>
<textarea name="description" width=400 height=250></textarea><p>
Would you like to mark this item as seasonal?<p>
<input type="radio" name="seasonal" value="y">
Seasonal<p>
<font color=#aa0000 style=bold>How many are you holding in inventory?<p>
<input type=text name="quantity"><p>
What would you like to set the price to? (please show your answer in the format such as: 1.25 or 10.50)<p>
<input type=text name="price"><p>
<p>
Upload your picture:<p>
<input type="hidden" name='max_file_size' value='30000'>
<input name='userfile' type="file">
</font><p>
<center>
<input type="submit"><p>
<input type=button value="MAIN MENU" onClick="goToURL()">
</script>
</form>
<p>
</center>
</html>
I also just noticed that the pjpeg case in the switch is shifted over in my code I just pasted? Is that relevant? I hope I'm not missing anything minor that I already know but I'm really not catching anything here.