...

View Full Version : Using $_GET with HTML form



ccarrin2
02-20-2012, 03:03 PM
Hello Everyone.

I have a program that prompts the user for a image file, uploads that file to my database, and then displays the image. So far I have created a display.php file and an upload.php file. In the display.php file I have an html form that prompts the user for a file location and their userID. The userID is calculated by an assignment statement and the field is hidden so the user only needs to worry about entering in their file name. Here is the code for the HTML form.



<div id="mngl-photo-tab" class="mngl-profile-tab mngl-hidden">

<form action="upload.php" method="post" enctype="multipart/form-data" name="uploadform">
<input type="hidden" name="MAX_FILE_SIZE" value="7500">
<table width="400" border="0" cellspacing="0" cellpadding="0">
<tr style="display:none">
<td width="90"><strong>User ID:</strong></td>
<td width="286" align="left"><input name="user_id" value="<?php echo $mngl_user->id; ?>" type="text" id="user_id" size="25"></td>
<td width="74" align="right"></td>
</tr>
<tr>
<td width="90"><strong>Image 1:</strong></td>
<td width="286" align="left"><input name="picture" type="file" id="picture" size="25"></td>
<td width="74" align="right"><input type="reset" value="Reset"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td align="left">&nbsp;</td>
<td align="right">&nbsp;</td>
</tr>
<tr>
<td>&nbsp;</td>
<td align="right">&nbsp;</td>
<td align="right"><input name="upload" type="submit" id="upload" value="Upload"></td>
</tr>
</table>

</form>

</div>


Then in my upload.php file there is a bit of code that extracts the file from the form and submits this into my database. Where I am having trouble is extracting the userID and submitting that to the database. I would like to make a variable entitled $user_id that gets the value from the userID field in the form. I already have a column within my database for this I am just not sure of the syntax to get that value. How do I go about doing this? Here is my code.



<?php
// if something was posted, start the process...
if(isset($_POST['upload']))
{

// define the posted file into variables
$name = $_FILES['picture']['name'];
$tmp_name = $_FILES['picture']['tmp_name'];
$type = $_FILES['picture']['type'];
$size = $_FILES['picture']['size'];


// get the width & height of the file (we don't need the other stuff)
list($width, $height, $typeb, $attr) = getimagesize($tmp_name);

// if width is over 1000 px or height is over 1000 px, kill it
if($width>1000 || $height>1000)
{
echo $name . "'s dimensions exceed the 1000x1000 pixel limit.";
?> <a href="form.html">Click here</a> to try again. <?
die();
}

// if the mime type is anything other than what we specify below, kill it
if(!(
$type=='image/jpeg' ||
$type=='image/jpg' ||
$type=='image/bmp' ||
$type=='image/png'
)) {
echo $type . " is not an acceptable format.";
?> <a href="form.html">Click here</a> to try again. <?
die();
}

// if the file size is larger than 350 KB, kill it
if($size>'350000') {
echo $name . " is over 350KB. Please make it smaller.";
?> <a href="form.html">Click here</a> to try again. <?
die();
}

// if your server has magic quotes turned off, add slashes manually
if(!get_magic_quotes_gpc()){
$name = addslashes($name);
}

// open up the file and extract the data/content from it
$extract = fopen($tmp_name, 'r');
$content = fread($extract, $size);
$content = addslashes($content);
fclose($extract);



// connect to the database
include "connect.php";

// the query that will add this to the database
$addfile = "INSERT INTO files (name, size, type, content, mngl_id) ".
"VALUES ('$name', '$size', '$type', '$content' , '$user_id')";

mysql_query($addfile) or die(mysql_error());

// get the last inserted ID if we're going to display this image next
$inserted_fid = mysql_insert_id();

mysql_close();

// display the image
?>
<div align="center">
<strong><? echo $name; ?><br>
</strong><img name="<? echo $name; ?>" src="getpicture.php?fid=<? echo $inserted_fid; ?>" alt="Unable to view image #<? echo $inserted_fid; ?>">
<br>
<a href="form.html">upload more images</a>
</div>
<?
// we still have to close the original IF statement. If there was nothing posted, kill the page.
}else{die("No uploaded file present");
}
?>

mlseim
02-20-2012, 04:15 PM
to get the value from your form, see red line below ...

<?php
// if something was posted, start the process...
if(isset($_POST['upload']))
{

// define the posted file into variables
$name = $_FILES['picture']['name'];
$tmp_name = $_FILES['picture']['tmp_name'];
$type = $_FILES['picture']['type'];
$size = $_FILES['picture']['size'];
$user_id=$_POST['user_id'];


But in your form, I notice that you already know the user ID ... is that true?
If so, you can change make that one 'hidden' instead of 'text', so it doesn't show.

Also, you could set a PHP SESSION that is their user_id. When they log in, you
would be able to view that variable from any of your scripts, once the SESSION is set.


.

ccarrin2
02-20-2012, 04:44 PM
Thank you very much for helping me! That was exactly what I needed!

haithamedrees23
02-20-2012, 07:06 PM
can i see what getpicture.php script do ?



EZ Archive Ads Plugin for vBulletin Copyright 2006 Computer Help Forum