View Single Post
  #1 (permalink)  
Old September 7th, 2006, 02:44 AM
angelbeans angelbeans is offline
Registered User
 
Join Date: Sep 2006
Location: , , .
Posts: 1
Thanks: 0
Thanked 0 Times in 0 Posts
Default Php code to put&get images from mysql not working!

index.php page

<!DOCTYPE HTML PUBLIC
  "-//W3C//DTD HTML 4.0 Transitional//EN"
  "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
   <title>Browse Upload Files</title>
</head>
<body bgcolor="white">

<?php
  include 'db.inc';

  $query = "SELECT id, shortName, mimeName FROM files";

  if (!($connection = @ mysql_pconnect($hostName,
                                    $username,
                                    $password)))
     showerror();

  if (!mysql_select_db("files", $connection))
     showerror();

  if (!($result = @ mysql_query ($query, $connection)))
     showerror();
?>
    <h1>Image database</h1>

    <h3>Click <a href="insert.php">here</a> to
upload an image.</h3>
<?php
  require 'disclaimer';

  if ($row = @ mysql_fetch_array($result))
  {
?>

    <table>
    <col span="1" align="right">
    <tr>
       <th>Short description</th>
       <th>File type</th>
       <th>Image</th>

    </tr>
<?php
   do
   {
?>
    <tr>
       <td><?php echo "{$row["shortName"]}";?></td>
       <td><?php echo "{$row["mimeName"]}";?></td>
       <td><?php echo "<img src=\"view.php?file={$row["id"]}\">";?></td>
    </tr>

<?php
   } while ($row = @ mysql_fetch_array($result));
?>
    </table>
<?php
  } // if mysql_fetch_array()
  else
     echo "<h3>There are no images to display</h3>\n";
?>
</body>
</html>

db.inc page

<?php

// These are the DBMS credentials
$hostName = "localhost";
$username = "fred";
$password = "shhh";

// Show an error and stop the script
function showerror()
{
   if (mysql_error())
      die("Error " . mysql_errno() . " : " . mysql_error());
   else
      die("Could not connect to the DBMS");
}

// Secure the user data by escaping characters
// and shortening the input string
function clean($input, $maxlength)
{
  $input = substr($input, 0, $maxlength);
  $input = EscapeShellCmd($input);
  return ($input);
}

?>

view.php page

<?php
  include 'db.inc';

  $file = clean($file, 4);

  if (empty($file))
     exit;

  if (!($connection = @ mysql_pconnect($hostName,
                                       $username,
                                       $password)))
     showerror();

  if (!mysql_select_db("files", $connection))
     showerror();

  $query = "SELECT mimeType, fileContents FROM files
            WHERE id = $file";

  if (!($result = @ mysql_query ($query,$connection)))
     showerror();

  $data = @ mysql_fetch_array($result);

  if (!empty($data["fileContents"]))
  {
    // Output the MIME header
     header("Content-Type: {$data["mimeType"]}");
    // Output the image
     echo $data["fileContents"];
   }
?>

insert.php page

<?php
  include 'db.inc';

  if (empty($short) || empty($userfile))
  {
?>
    <!DOCTYPE HTML PUBLIC
               "-//W3C//DTD HTML 4.0 Transitional//EN"
               "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
      <title>Upload an Image File</title>
    </head>
    <body bgcolor="white">
    <form method="post" action="insert.php" enctype="multipart/form-data">
    <h1>Upload an Image File</h1>
    <h3>Please fill in the details below to upload your file.
    Fields shown in red are mandatory.</h3>
    <table>
    <col span="1" align="right">

    <tr>
       <td>Short description:</td>
       <td><input type="text" name="short" size=50></td>
    </tr>

    <tr>
       <td>File:</td>
       <td><input name="userfile" type="file"></td>
    </tr>

    <tr>
          <td><input type="submit" value="Submit"></td>
    </tr>
    </table>
    <input type="hidden" name="MAX_FILE_SIZE" value="30000">
    </form>
    <h3>Click <a href="index.php">here</a> to browse the images instead.</h3>
    </body>
    </html>
<?php
  }
  else
  {
     $short = clean($short, 50);
     $userfile = clean($userfile, 50);

     if (!($connection = @ mysql_pconnect($hostName,
                                         $username,
                                         $password)))
        showerror();

     if (!mysql_select_db("files", $connection))
        showerror();

     // Was a file uploaded?
     if (is_uploaded_file($userfile))
     {

       switch ($userfile_type)
       {
          case "image/gif";
             $mimeName = "GIF Image";
             break;
          case "image/jpeg";
             $mimeName = "JPEG Image";
             break;
          case "image/png";
             $mimeName = "PNG Image";
             break;
          case "image/x-MS-bmp";
             $mimeName = "Windows Bitmap";
             break;
          default:
             $mimeName = "Unknown image type";
       }

       // Open the uploaded file
       $file = fopen($userfile, "r");

       // Read in the uploaded file
       $fileContents = fread($file, filesize($userfile));

       // Escape special characters in the file
       $fileContents = AddSlashes($fileContents);
     }
     else
       $fileContents = NULL;

     $insertQuery = "INSERT INTO files VALUES (NULL, \"{$short}\",
         \"{$userfile_type}\", \"{$mimeName}\", \"{$fileContents}\")";

     if ((@ mysql_query ($insertQuery, $connection))
         && @ mysql_affected_rows() == 1)
       header("Location: receipt.php?status=T&file="
         . mysql_insert_id($connection));
     else
       header("Location: receipt.php?status=F&file="
         . mysql_insert_id($connection));
  } // if else empty()
?>

receipt.php page
<!DOCTYPE HTML PUBLIC
               "-//W3C//DTD HTML 4.0 Transitional//EN"
               "http://www.w3.org/TR/html4/loose.dtd">
    <html>
    <head>
      <title>File Insert Receipt</title>
    </head>
    <body bgcolor="white">

<body bgcolor="white">
<?php
  include 'db.inc';

  $status = clean($status, 1);
  $file = clean($file, 5);

  // did the insert operation succeed?
  switch ($status)
  {
  case "T":
     // Yes, insert operation succeeded.
     // Show details of the new file.

     $query = "SELECT shortName, mimeName FROM files WHERE id = $file";

     if (!($connection = @ mysql_pconnect($hostName,
                                       $username,
                                       $password)))
        showerror();

     if (!mysql_select_db("files", $connection))
        showerror();

     // Run the query on the DBMS
     if (!($result = @ mysql_query ($query, $connection)))
        showerror();

     if ($row = @ mysql_fetch_array($result))
     {
?>
    <h1>File Insert Receipt</h1>
    <h3>The following file was successfully uploaded:
    <table>
    <col span="1" align="right">
    <tr>
       <td>Short description:</td>
       <td><?php echo "{$row["shortName"]}";?></td>
    </tr>

    <tr>
       <td>File type:</td>
       <td><?php echo "{$row["mimeName"]}";?></td>
    </tr>

    <tr>
       <td>File:</td>
       <td><?php echo "<img src=\"view.php?file={$file}\">";?></td>
    </tr>
    </table>
<?php
     } // if mysql_fetch_array()

     break;

  case "F":
     // No, insert operation failed
     // Show an error message
     echo "The file insert operation failed.";
     echo "<br>Contact the system administrator.";

     break;

  default:
     // User did not provide a status parameter
     echo "You arrived unexpectedly at this page.";
  } // end of switch
?>
<h3>Click <a href="insert.php">here</a> to upload another image.</h3>
<h3>Click <a href="index.php">here</a> to browse the uploaded images.</h3>
</body>
</html>




Reply With Quote