Jump to content

Upload image code trying to add db connect to it


Html

Recommended Posts

Ah right, that don't know about that, I am only going on from what I've seen in the core files of the login system. It is listed there, and in the register.php file dbc, q is also listed at the end after closing connection.

{
    $q = "SELECT user_id FROM users WHERE email='$id'" ;
    $r = @mysqli_query ( $dbc, $q ) ;
    if ( mysqli_num_rows( $r ) != 0 ) ;
  }
  
  # On success register user inserting into 'users' database table.
  if ( empty( $errors ) ) 
  {
    $q = "INSERT INTO images (id, images) VALUES ('$id', '$images')";
    $r = @mysqli_query ( $dbc, $q ) ;
    if ($r)
  
    # Close database connection.
    mysqli_close($dbc); 

Hmm, this would be better, insert, not select, that is aim.😩

<?php

# Access session.
session_start() ; 

  # Open database connection.
require ( 'connect_db.php' ) ;
  
# DISPLAY COMPLETE LOGGED IN PAGE.

# Redirect if not logged in.
if ( !isset( $_SESSION[ 'user_id' ] ) ) { require ( 'login_tools.php' ) ; load()
  
  # Retrieve selective item data from 'images' database table. 
$q = "SELECT * FROM images WHERE id = $id" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) == 1 )
{
  $row = mysqli_fetch_array( $r, MYSQLI_ASSOC );
  
if( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )

  $name = $_FILES[ 'image' ][ 'name' ] ;
  $temp = $_FILES[ 'image' ][ 'tmp_name' ] ;
  $size = $_FILES[ 'image' ][ 'size' ] ;
  $ext = pathinfo( $name , PATHINFO_EXTENSION ) ;
  $ext = strtolower( $ext ) ;
  if( $ext != 'png' && $ext != 'jpg' && $ext != 'gif' )
  { echo 'Format must be PNG, JPG, or GIF' ; exit() ; }  
  if( $size > 512000)
  { echo 'File size must not exceed 500Kb' ; exit() ; }
  if( file_exists( $name ) )
  { echo 'File '.$name.' already uploaded' ; exit() ; }
  try
  
    move_uploaded_file( $temp , $name ) ;
    echo 'File uploaded : '.$name ;
    echo '<br><img src="'.$name.'">' ;
  }
  catch( Exception $e )
   echo 'File upload failed!' ; }
  
# Close database connection.
mysqli_close( $dbc ) ;
?> 

 

Link to comment
Share on other sites

  • Replies 80
  • Created
  • Last Reply

Top Posters In This Topic

You are NOT listening!

3 hours ago, dsonesuk said:

For instance, you should know that session_start() should be placed at the top of page before ANYTHING  I mean ANYTHING else!

And what do? you do this

 

SPACE

COMMENT

session_start();

 

Link to comment
Share on other sites

Here's your actual error message:

Parse error: syntax error, unexpected '$q' (T_VARIABLE) on line 15

Like I said, your code is full of syntax errors.  That error message has absolutely nothing to do with $q or what it's set to or anything else.  It means that when PHP gets to line 15 it sees you trying to set a variable and that doesn't make sense, because of (multiple) syntax errors on the previous line of code.  You're missing opening brackets, you're missing closing brackets, you're missing semicolons, and none of your code is going to run - at all - until you fix them.  I've said this multiple times and you're still not fixing the errors.  PHP is telling you that when it gets to line 15 it found something that it didn't expect, and when that happens you have an error above that line somewhere.

You need to figure out why there is a syntax error on the previous lines and fix it.  And if you get another error message, then fix that one too.  And then when you get another one, fix that one.  Don't jump around copying and pasting every example you can find, don't worry about how to set your database when you can't even get your code to run.  Work on one thing at a time.  Focus.  Pay attention.  You have basic errors about how to even structure the code that have nothing to do with programming logic or anything else, it doesn't even get that far because the code isn't even structured correctly in the first place.

Link to comment
Share on other sites

15 hours ago, Html said:

# Redirect if not logged in. if ( !isset( $_SESSION[ 'user_id' ] ) ) { require ( 'login_tools.php' ) ; load()

Previous line, well what other line?

Link to comment
Share on other sites

Everything I have is from the Source files, I just viewed one file, and got the idea to put these bits of code together. So I don't know the ins and outs, but I thought I was onto something by doing this, I tried this before, but I don't remember what I did or perhaps I did this before, I don't recall now.

I only tried remove the brace ones that made the errors go away. You have two opening braces blah blah.

Link to comment
Share on other sites

Previous line, well what other line?

Yeah, that's the line.  Does that opening bracket before require have a matching closing bracket?  Because it looks to me like your code has 8 opening brackets and 6 closing brackets.  Don't you think those should be the same number?  You need to find the missing ones and add them where they are supposed to be.  And how about that call to the load function?  Every statement should end with a semicolon, right?  Well, where is it?  More importantly, why don't you notice these things?

and got the idea to put these bits of code together.

That's the reason.

I thought I was onto something by doing this

Maybe you are.  But you must. always. write. code. correctly.  There is not another option.  Adding or removing any single piece of punctuation outside of a string will cause all of your code to stop working.  Programming is not estimation or guessing, it must always be precise and specific.  The computer understands a very specific language, and if you are not using it according to the rules then the computer does not know what you want it to do.  You must follow the language rules.  There is not an option.  You are responsible for finding the errors when you're writing code.  I don't know how else to say it.  If you can't spot basic syntax errors then you don't know the language and you're not going to be able to make anything that works.

Link to comment
Share on other sites

I've not messed with any of the files, you stated yourself I lacked basics, and get going around in circles. If I can get through this example, I may try doing a php 7 and what ever variation of it as a login system. I'm using this dated stuff because it is what is there, and complete, and somehow needs a few tweaks to it.

Link to comment
Share on other sites

# Redirect if not logged in. if ( !isset( $_SESSION[ 'user_id' ] ) ) { require ( 'login_tools.php' ) ; load()

This is how it is from the other files.

So what is wrong with it, it has six, so ( and one { A ( instead of a curly?

Link to comment
Share on other sites

Like I said, the opening bracket before require does not have a closing bracket, and you're missing a semicolon.  I am not talking about parentheses, I'm talking about curly brackets.

Your computer does not have a finite supply of newline characters, format your code so that it's easy to read.  There's no prize for having the fewest lines of code.

if (!isset($_SESSION['user_id'])) 
{ 
  require('login_tools.php'); 
  load()

What is missing from this picture?  It should be pretty obvious.

Link to comment
Share on other sites

This is what happened when my IDE tried to reformat your code:

<?php

# Access session.
session_start();

# Open database connection.
require('connect_db.php');

# DISPLAY COMPLETE LOGGED IN PAGE.

# Redirect if not logged in.
if (!isset($_SESSION['user_id'])) {
    require('login_tools.php');
    load()
  
  # Retrieve selective item data from 'images' database table. 
$q = "SELECT * FROM images WHERE id = $id";
$r = mysqli_query($dbc, $q);
if (mysqli_num_rows($r) == 1) {
    $row = mysqli_fetch_array($r, MYSQLI_ASSOC);

    if ($_SERVER['REQUEST_METHOD'] == 'POST')

        $name = $_FILES['image']['name'];
    $temp = $_FILES['image']['tmp_name'];
    $size = $_FILES['image']['size'];
    $ext = pathinfo($name, PATHINFO_EXTENSION);
    $ext = strtolower($ext);
    if ($ext != 'png' && $ext != 'jpg' && $ext != 'gif') {
        echo 'Format must be PNG, JPG, or GIF';
        exit();
    }
    if ($size > 512000) {
        echo 'File size must not exceed 500Kb';
        exit();
    }
    if (file_exists($name)) {
        echo 'File ' . $name . ' already uploaded';
        exit();
    }
    try
  
    move_uploaded_file($temp, $name);
    echo 'File uploaded : ' . $name;
    echo '<br><img src="' . $name . '">';
  }
  catch(Exception $e )
   echo 'File upload failed!'; }

# Close database connection.
mysqli_close($dbc);
?> 

Line 17 is not indented because of the missing semicolon on the previous line.

Line 17 has a variable called $id in the query.  $id is not defined.

Why are you trying to select a row with a certain ID, and only process the form if you find one?

You get the database record on line 20 but don't do anything else with $row, what's the point?

The if statement on line 22 does not have brackets at all, so only the next line, line 24, is included in the if statement.

You have a try statement on line 41.  Again, it has no brackets.  At least, no opening bracket.  It looks like the closing bracket is supposed to be the one on line 46.

move_uploaded_file does not throw an exception, there's no point to putting it in a try/catch block.  If it fails it returns false, it does not throw an exception.

Link to comment
Share on other sites

14 hours ago, justsomeguy said:

Like I said, the opening bracket before require does not have a closing bracket, and you're missing a semicolon.  I am not talking about parentheses, I'm talking about curly brackets.

Your computer does not have a finite supply of newline characters, format your code so that it's easy to read.  There's no prize for having the fewest lines of code.


if (!isset($_SESSION['user_id'])) 
{ 
  require('login_tools.php'); 
  load()

What is missing from this picture?  It should be pretty obvious.

I removed the curly brace and there was no error reported in the php checker

Link to comment
Share on other sites

If all I do is remove that one bracket, it still just shows the next error it finds:

  • Error: There is 1 more closing curly braces '}' found
    This count is unaware if curly braces are inside of a string
  • PHP Syntax Check: Parse error: syntax error, unexpected '$q' (T_VARIABLE) in your code on line 17

You're not pasting individual blocks or lines, right, you're checking the entire file at once?  PHP checks the entire file at once before executing it.  If you're not doing the same, you're not doing it right.  The individual lines of code in your file do not live in a vacuum, they are surrounded by and part of other code.  The entire file is one piece of code.  That is why a syntax error in any part of the file causes the entire thing to fail.

I also pointed out 2 syntax errors in that block of code, the missing curly bracket is not the only error (and removing a curly bracket doesn't fix the fact that you have a missing one, it just causes another runtime error because now you've removed lines of code from your if statement).  The error message is related to the second error in that code that I've already pointed out at least four times.

Link to comment
Share on other sites

 # Retrieve selective item data from 'images' database table. 
$q = "SELECT * FROM images WHERE id = $id";
$r = mysqli_query($dbc, $q);
if (mysqli_num_rows($r) == 1) {
    $row = mysqli_fetch_array($r, MYSQLI_ASSOC);

The opening curly is there, that is what you are on about. There needs to be two in this block. If statement, like the others below. So under $row line a closing one is needed.

 

Link to comment
Share on other sites

There was only one missing opening bracket in your code, all of the other bracket issues were caused by no matching closing bracket.  The solution for a missing closing bracket isn't to remove the opening bracket, it's to figure out where the closing one should go.  That's why I pointed out that your solution above to remove the unmatched opening bracket was not the correct solution.  Also, the syntax error about the unexpected variable is not about brackets at all.

So under $row line a closing one is needed.

No, that does not seem like the right place to add one.  Although the entire logic of having that query there and checking the result doesn't make sense to me at all.  When someone uploads a file, you want to check the database to see if an image with a certain ID exists?  Why?  Why are you checking for the presence of a particular record in the database to decide whether or not to process an uploaded file?  I don't know why you have that there at all, but that opening bracket is one of the ones which actually does have a matching closing bracket.

Link to comment
Share on other sites

No, I want to store the image uploaded into the db from any user who uploads. 'INSERT INTO images where id' is is the sql I need.

Like I stated I took snippets from one file and have added them into the basic upload code as I think it would obviously need them to work with as the other files contain the similar consistent code.

Edited by Html
Link to comment
Share on other sites

Insert queries do not have a WHERE clause, ever.  A WHERE clause is for filtering.  You do not filter an insert.

Well, the first step is to fix your syntax errors.  After that you can work on getting the logic right once the code actually runs.

Link to comment
Share on other sites

Okay, so I need { one of those in a few places in the code.

# Redirect if not logged in.
if (!isset($_SESSION['user_id'])) {
    require('login_tools.php');
    load()
  
  # Retrieve selective item data from 'images' database table. 
$q = "SELECT * FROM images WHERE id = $id";
$r = mysqli_query($dbc, $q);
if (mysqli_num_rows($r) == 1) {
    $row = mysqli_fetch_array($r, MYSQLI_ASSOC);

    if ($_SERVER['REQUEST_METHOD'] == 'POST')

        $name = $_FILES['image']['name'];
    $temp = $_FILES['image']['tmp_name'];
    $size = $_FILES['image']['size'];
    $ext = pathinfo($name, PATHINFO_EXTENSION);
    $ext = strtolower($ext);
    if ($ext != 'png' && $ext != 'jpg' && $ext != 'gif') {
        echo 'Format must be PNG, JPG, or GIF';
        exit();
    }
    if ($size > 512000) {
        echo 'File size must not exceed 500Kb';
        exit();
    }
    if (file_exists($name)) {
        echo 'File ' . $name . ' already uploaded';
        exit();
    }
    try
  
    move_uploaded_file($temp, $name);
    echo 'File uploaded : ' . $name;
    echo '<br><img src="' . $name . '">';
  }
  catch(Exception $e )
   echo 'File upload failed!'; }

The problem is here.

Link to comment
Share on other sites

There are several problems there, still.  For the fifth time, you're missing a semicolon. 

Again, the first opening bracket doesn't have a matching closing one, so figure that out.  If the person is not logged in, what do you specifically want to do?  Which lines of code should be executed if the person is not logged in?  Figure it out and add the missing bracket.

When you're checking if it's a post request, you're missing your brackets.

A try block should have brackets.  Again, missing.  And, again, the try/catch block is completely unnecessary and won't impact how the code runs at all.  I've already explained why.  The code will never enter the catch block even if move_uploaded_file fails.

Link to comment
Share on other sites

The code above will prevent anyone from accessing upload.php same when logging into home.php has the same code. Otherwise upload.php can be accessed by any visitor. It just redirects to login, so one has to register to use any features of the site.

if ( !isset( $_SESSION[ 'user_id' ] ) ) { require ( 'login_tools.php' ) ; load() ; }

That is the correct code for the top.

    try
  
    move_uploaded_file($temp, $name);
    echo 'File uploaded : ' . $name;
    echo '<br><img src="' . $name . '">';
  }

{ That is missing above move.

Link to comment
Share on other sites

I don't know, I tried this again, I removed the braces above, not suppose to do that, I keep now getting a catch error.

<?php

# Access session.
session_start() ; 

# Open database connection.
require ( 'connect_db.php' ) ;
  
# DISPLAY COMPLETE LOGGED IN PAGE.

# Redirect if not logged in.
if ( !isset( $_SESSION[ 'user_id' ] ) ) { require ( 'login_tools.php' ) ; load() ; }

# Retrieve selective item data from 'images' database table. 
$q = "INSERT * INTO images WHERE id = $id" ;
$r = mysqli_query( $dbc, $q ) ;
if ( mysqli_num_rows( $r ) == 1 ) 
  $row = mysqli_fetch_array( $r, MYSQLI_ASSOC );
  
if( $_SERVER[ 'REQUEST_METHOD' ] == 'POST' )

  $name = $_FILES[ 'image' ][ 'name' ] ;
  $temp = $_FILES[ 'image' ][ 'tmp_name' ] ;
  $size = $_FILES[ 'image' ][ 'size' ] ;
  $ext = pathinfo( $name , PATHINFO_EXTENSION ) ;
  $ext = strtolower( $ext ) ;
  if( $ext != 'png' && $ext != 'jpg' && $ext != 'gif' )
  { echo 'Format must be PNG, JPG, or GIF' ; exit() ; }  
  if( $size > 512000)
  { echo 'File size must not exceed 500Kb' ; exit() ; }
  if( file_exists( $name ) )
  { echo 'File '.$name.' already uploaded' ; exit() ; }


  try
  
    move_uploaded_file( $temp , $name ) ;
    echo 'File uploaded : '.$name ;
    echo '<br><img src="'.$name.'">' ;
  
  catch ( Exception $e ) 
   echo 'File upload failed!' ; 

# Close database connection.
mysqli_close( $dbc ) ;
?> 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...