Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 3 of 3
  1. #1
    New to the CF scene
    Join Date
    Dec 2007
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Coding problem moving from php versions

    I have a online dating site. I am moving it from PHP Version 4.3.10 To PHP version 5.2.5
    After installing the script I noticed the pictures would not post after upload. I think the problem is in the file below. Can anyone see a problem I am missing?
    What I have been getting when I try to upload picture is User not Specified.
    <?php
    session_start();

    // Database connection variables
    require("./config.php");

    $dbServer = $server1;
    $dbUser = $username1;
    $dbPass = $password1;
    $dbDatabase = $database1;
    $active1=$ShowPicture;
    $pixallowed=$PicsAllowed;

    //echo "****" . $UserID;

    $sConn = mysql_connect($dbServer, $dbUser, $dbPass)
    or die("Couldn't connect to database server");

    $dConn = mysql_select_db($dbDatabase, $sConn)
    or die("Couldn't connect to database $dbDatabase");

    if($UserID == "")
    {
    die("User Not Specified.");
    }

    $dbQuery = "SELECT * FROM date_images Where User_ID = '" . $UserID . "'";
    $result=mysql_query($dbQuery);
    $num_results=mysql_num_rows($result);
    if ($num_results<=$pixallowed)
    {
    //echo "Allowed";
    if($fileUpload1 == "")
    {
    }
    else
    {
    $fileHandle = fopen($fileUpload1, "r");
    $fileContent1 = fread($fileHandle, filesize($fileUpload1));
    $fileContent1 = addslashes($fileContent1);
    $dbQuery = "INSERT INTO date_images (User_ID, Picture1, pactive) VALUES ('" . $UserID . "','" . $fileContent1 . "','" . $active1 . "')";
    mysql_query($dbQuery) or die("Couldn't add file to database");
    }
    }
    else
    {
    //echo "Not Allowed";
    die("Maximum allowed pictures already uploaded. Use the Member Menu to delete uploaded pictures.");
    }


    //echo " " . $dbQuery;

    echo "<h1>File(s) Uploaded</h1>";
    echo "Return to the Home page by clicking below:<br><br>";
    echo "<a href='Main.php'>Home</a>";

    ?>

  • #2
    Super Moderator Inigoesdr's Avatar
    Join Date
    Mar 2007
    Location
    Florida, USA
    Posts
    3,647
    Thanks
    2
    Thanked 406 Times in 398 Posts
    I don't see an error in that code, and PHP isn't giving any syntax errors. Make sure you have error reporting on.
    PHP Code:
    ini_set('display_errors'1);
    error_reporting(E_ALL); 

  • #3
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,987
    Thanks
    4
    Thanked 2,660 Times in 2,629 Posts
    Likely a simple solution.
    I cannot remember exactly when the changed it, but the default for the ini directive: register_globals is now OFF.
    This is a move by php to help secure variable instantiation. Now you can no longer access undefined variables without the use of a superglobal (or a registered long array in older versions, and if still enabled - will also be gone with version 6).
    So, when you call things like:
    $userID
    This has to come from somewhere, likely a post request from a form. With this in mind, you now have to access it through a superglobal known as $_POST (or you can use $_REQUEST if you know how to control it better than its defaults).
    These:
    $dbServer = $server1;
    $dbUser = $username1;
    $dbPass = $password1;
    $dbDatabase = $database1;
    $active1=$ShowPicture;
    $pixallowed=$PicsAllowed;
    Likely come from the configuration files. So they are ok, they have been initialized, assigned a value, and registered into the current scope with your inclusion. However, things that you would get from the user, yep, you guessed it, need to be accessed through the superglobals.
    So:
    $userID
    is now accessed from
    $_POST['userID'];
    Assuming its through the form.

    Of course, you *could* always re-enable your globals, but not only is that insecure, it will also kill every script when php 6 is rolled out.
    Hope that helps you, and hope you don't have too much work ahead of you!
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 


  •  

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •