etsted

okey so i think its fixed, but every time i add only blank space, all the data from my database is displayed. how can i prevent that? new code: <form action="search.php" method="get" class="search"> <input type="text" name="k" size='50' /> <input type="submit" name="submit" value='Search' /> </form> <?php $username = $_SESSION['username']; if(isset($username)) { include "navigator/navigator_login.php"; } else { include "navigator/navigator.php"; } ?> <hr /> <?php include "connect.php"; $k = mysqli_real_escape_string($con, htmlentities($_GET['k'])); $terms = explode(" ", $k); $query = "SELECT * FROM videos WHERE "; $i = 0; foreach($terms as $each) { $i++; if($i == 1) { $query .= "description LIKE '%$each%' "; } else { $query .= "OR description LIKE '%$each%' "; } } $result = mysqli_query($con, $query) or die(mysqli_error($con)); $numrows = mysqli_num_rows($result); if($numrows > 0) { while($row = mysqli_fetch_array($result)) { $id = $row['id']; $title = $row['title']; $url = $row['url']; $description = $row['description']; if($k == "") { echo ""; } else { echo "<h3><a href='$url'>$title</a></h3> $description"; } } } else { echo "no results on $k"; } mysqli_close($con); ?>

new code: Error: SELECT * FROM videos WHERE OR description LIKE '%%' You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'OR description LIKE '%%'' at line 1 <h1>Search:</h1> <form action="search.php" method="get" class="search"> <input type="text" name="k" size='50' /> <input type="submit" name="submit" value='Search' /> </form> <?php $username = $_SESSION['username']; if(isset($username)) { include "navigator/navigator_login.php"; } else { include "navigator/navigator.php"; } ?> <hr /> <?php include "connect.php"; $k = mysqli_real_escape_string($con, htmlentities($_GET['k'])); $terms = explode(" ", $k); $query = "SELECT * FROM videos WHERE "; $i = 0; foreach($terms as $each) { $i++; if($i == 0) { $query .= "description LIKE '%$each%' "; } else { $query .= "OR description LIKE '%$each%' "; } } print_r($query); echo "<br />"; $result = mysqli_query($con, $query) or die(mysqli_error($con)); $numrows = mysqli_num_rows($result); if($numrows > 0) { while($row = mysqli_fetch_array($result)) { $id = $row['id']; $title = $row['title']; $url = $row['url']; $description = $row['description']; if($k == "") { echo ""; } else { echo "<h3><a href='$url'>$title</a></h3> $description"; } } } else { echo "no results on $k"; } mysqli_close($con); ?>

it didnt work. now i get the error message all the time. Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'OR description LIKE '%%'' at line 1

how do i fix that?

this is my video upload script, and i have inserted a max file size check, but i doesnt seem to work, every time i upload a script that is larger than 2mb it checkes the other if statment on the script,, which is wheter or not the user has filled out the forms script: $form =" <form action='upload.php' method='POST' enctype='multipart/form-data'> <input type='text' name='title' placeholder='Title' /> <br /> <textarea rows='8' cols='30' name='description'></textarea><br /> <input type='file' name='file' /><br /> <input type='submit' name='submit' /> </form>"; echo $form; $title = mysql_real_escape_string(htmlentities($_POST['title'])); $description = mysql_real_escape_string(htmlentities($_POST['description'])); if($_FILES["file"]["size"] < 10000000) { if($title && $description) { $path = pathinfo($_FILES['file']['name']); $allowed = array('jpg','jpeg','gif','png','swf','MP4','flv','mgp','mpeg','webm','rm','ram','mov','wmv','avi','MPEG-4'); if(in_array($path['extension'],$allowed)) { include "connect.php"; $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; move_uploaded_file($temp, "upload/".$name); $url = "http://localhost:81/upload/$name"; mysqli_query($con, "INSERT INTO videos VALUES('','$title','$name','$url','$description')") or die(mysql_error()); echo "<p>You're file has been uploaded.</p> <br />"; mysqli_close($con); } else { echo "<p>must be a video or a picture</p> <br />"; } } else { echo "<p>You must fill out the form.</p> <br />"; } } else { echo "<p>You're file is to big.</p> <br />"; } } else { echo "<p>You must be logged in, in order to upload a file.</p><br />"; }

this time i used a mysqli_error() to check for errors on a new script, and got this message: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'description LIKE '%w%'' at line 1 I used the following search engine code below. <h1>search engine</h1> <form action="search.php" method="get"> <input type="text" name="k" size='50' /> <input type="submit" name="submit" value='Search' /> </form> <hr /> <?php $k = $_GET['k']; $terms = explode(" ", $k); $query = "SELECT * FROM videos WHERE "; foreach($terms as $each) { $i = 0; $i++; if($i == 1) { $query .= "description LIKE '%$each%' "; } else { $query .= "OR description LIKE '%$each%' "; } } include "connect.php"; $result = mysqli_query($con, $query) or die(mysqli_error($con)); $numrows = mysqli_num_rows($result); if($numrows > 0) { while($row = mysqli_fetch_array($result)) { $id = $row['id']; $title = $row['title']; $url = $row['url']; $description = $row['description']; if($k == "") { echo ""; } else { echo "<h3><a href='$url'>$title</a></h3> $description"; } } } else { echo "no results on $k"; } ?>

this script is supposed to let me search by multiple keywords, but only lets me search by one at a time. The error i get when i try to type in several keywords is: Warning: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given in C:wampwwwsearch.php on line 32 <h1>search engine</h1> <form action="search.php" method="get"> <input type="text" name="k" size='50' /> <input type="submit" name="submit" value='Search' /> </form> <hr /> <?php include "connect.php"; $k = $_GET['k']; $terms = explode(" ", $k); $query = "SELECT * FROM search WHERE "; foreach($terms as $each) { $i = 0; $i++; if($i == 1) { $query .= "keywords LIKE '%$each%' "; } else { $query .= "OR keywords LIKE '%$each%' "; } } $result = mysqli_query($con, $query); $numrows = mysqli_num_rows($result); if($numrows > 0) { while($row = mysqli_fetch_array($result)) { $id = $row['id']; $title = $row['title']; $description = $row['description']; $keywords = $row['keywords']; $link = $row['link']; if($k == "") { echo ""; } else { echo "<h2><a href='$link'>$title</a></h2> $description"; } } } else { echo "no result on $k"; }

how many kb is there in a video that last for 10 minutes?

my name is etsted, cool

it worked it's just that 20 000 was to little for a video to be uploaded.

this is my latest code, and it works, but i also want to add a MAX SIZE limit. I have tried if($_FILES['file']['size'] < 20 000) { my code goes here } else { echo "you're file is to big"; } But it did not work. Also here is my code. <?php $path = pathinfo($_FILES['file']['tmp_name']); $allowed = array('jpg','jpeg','gif','png','swf','MP4','flv','mgp','mpeg','webm','rm','ram','mov','wmv','avi','MPEG-4'); if(!in_array($path['extension'],$allowed)) { include "connect.php"; $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; move_uploaded_file($temp, "upload/".$name); $url = "http://localhost:81/upload/$name"; mysqli_query($con, "INSERT INTO videos VALUES('','$name','$url')") or die(mysql_error()); mysqli_close($con); } else { echo "må være et bilde"; } ?> <html> <body> <form action="index.php" method="POST" enctype="multipart/form-data"> <input type="file" name="file" /><br /> <input type="submit" name="submit" /> </form> <a href='videos.php'>videos</a> <?php if(isset($_POST['submit'])) { echo "<br />".$name." has been uploaded"; } ?> </body> </html>

it worked

here is the new code i made, but every time i upload a picture it works, but if i try to upload a video it says: NOTICE undefined variable: name <?php $allowedExts = array("gif", "jpeg", "jpg", "png","MP4","MPEG-4","mp4"); $temp = explode(".", $_FILES["file"]["name"]); $extension = end($temp); if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/jpg") || ($_FILES["file"]["type"] == "image/pjpeg") || ($_FILES["file"]["type"] == "image/x-png") || ($_FILES["file"]["type"] == "image/png")) && ($_FILES["file"]["size"] < 20000) && in_array($extension, $allowedExts)) { include "connect.php"; $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; move_uploaded_file($temp, "upload/".$name); $url = "http://localhost:81/upload/$name"; mysqli_query($con, "INSERT INTO videos VALUES('','$name','$url')") or die(mysql_error()); mysqli_close($con); } else { echo "Invalid file"; } ?> <html> <body> <form action="index.php" method="POST" enctype="multipart/form-data"> <input type="file" name="file" /><br /> <input type="submit" name="submit" /> </form> <a href='videos.php'>videos</a> <?php if(isset($_POST['submit'])) { echo "<br />".$name." has been uploaded"; } ?> </body> </html>

I have changed everything back to normal. Whit my normal script, but i want to make sure that the user can only upload videos and images. Anyone knows how to fix that? I also want to be able to set a maximum size. Here is my script: <?php include "connect.php"; $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; move_uploaded_file($temp, "upload/".$name); $url = "http://localhost:81/upload/$name"; mysqli_query($con, "INSERT INTO videos VALUES('','$name','$url')") or die(mysql_error()); mysqli_close($con); ?> <html> <body> <form action="index.php" method="POST" enctype="multipart/form-data"> <input type="file" name="file" /><br /> <input type="submit" name="submit" /> </form> <a href='videos.php'>videos</a> <?php if(isset($_POST['submit'])) { echo "<br />".$name." has been uploaded"; } ?> </body> </html>

i did that, but i am just showing the error when i print out $_FILES and $path

when i try to upload a video or image, i get this error: Array ( [file] => Array ( [name] => bill 004.MP4 [type] => video/mp4 [tmp_name] => C:wamptmpphp145C.tmp [error] => 0 => 1472766 ) ) 1Array ( [dirname] => C:wamptmp [basename] => php145C.tmp [extension] => tmp [filename] => php145C ) 1

yeah that worked. Thank you man...

Mudsaf, it didnt work :S

the error message: mysqli_num_rows() expects parameter 1 to be mysqli_result, boolean given

this script keep returning warning mysqli_num_rows expect paramter 1 to be a result boolean given. Why? <html> <body> <h1>search engine</h1> <form action="search.php" method="get"> <input type="text" name="k" size='50' /> <input type="submit" name="submit" value='Search' /> </form> <hr /> <?php include "connect.php"; $k = $_GET['k']; $terms = explode(".", $k); $query = "SELECT * FROM users WHERE "; foreach($terms as $each) { $i++; if($i == 1) { $query .= "keywords LIKE '%$each%' "; } else { $query .= "OR keywords LIKE '%$each%' "; } } $query = mysqli_query($con, $query); $numrows = mysqli_num_rows($query); if($numrows > 0) { while($row = mysqli_fetch_array($query)) { $id = $row['id']; $title = $row['title']; $description = $row['description']; $keywords = $row['keywords']; $link = $row['link']; if($k == "") { echo ""; } else { echo "<h2><a href='$link'>$title</a></h2> $description"; } } } else { echo "no result on $k"; } ?> </body> </html>

it keeps saying "must be a pic" and if i try to upload a pic then it just does the same.

i tried to add MP4 SWF and some other video formats, but i doesnt work. what am i doing wrong? here is my code: <?php @$path = pathinfo(@$_FILES['file']['tmp_name']); $allowed = array('jpg','jpeg','gif','png','swf','MP4','flv','mgp','mpeg','webm','rm','ram','mov','wmv','avi','MPEG-4'); if(in_array(@$path['extension'],$allowed)) { include "connect.php"; $name = $_FILES['file']['name']; $temp = $_FILES['file']['tmp_name']; move_uploaded_file($temp, "upload/".$name); $url = "http://localhost:81/upload/$name"; mysql_query("INSERT INTO videos VALUES('','$name','$url')") or die(mysql_error()); mysql_close(); } else { echo "må være et bilde"; } ?> <html> <body> <form action="index.php" method="POST" enctype="multipart/form-data"> <input type="file" name="file" /><br /> <input type="submit" name="submit" /> </form> <a href='videos.php'>videos</a> <?php if(isset($_POST['submit'])) { echo "<br />".$name." has been uploaded"; } ?> </body> </html>

i want the user to be able to upload both videos and images, which in this case work, but this script also allows other files such as exe. How can i prevent that?

i fixed it

so here is my search engine script, and it works, but every time i refresh the page, all of the data in my database are displayed on my search.php page. Why? What can i do? <h1>search engine</h1> <form action="./search.php" method="get"> <input type="text" name="k" size='50' value="" /> <input type="submit" name="submit" value='Search' /> </form> <hr /> <?php @$k = $_GET['k']; $terms = explode(" ", $k); $query = "SELECT * FROM search WHERE "; foreach($terms as $each) { @$i++; if($i == 1) { $query .= "keywords LIKE '%$each%' "; } else { $query .= "OR keywords LIKE '%$each%' "; } } include "connect.php"; $query = mysql_query($query); $numrows = mysql_num_rows($query); if($numrows > 0) { while($row = mysql_fetch_assoc($query)) { $id = $row['id']; $title = $row['title']; $description = $row['description']; $keywords = $row['keywords']; $link = $row['link']; echo "<a href='$link'>$title</a><br /> $description <br /> "; } } else { echo "ingen match funnet ved $k"; } ?>