INOH INOH - 2 months ago 7
HTML Question

html submit file and text data to php

I am unsucessfully trying to capture file and data and upload to a php file. I am not sure what i am doing wrong if someone can maybe see what i am doing wrong please. It will upload file/image no problem but when i add a text input to post it will not work, here is what i have been using as a template to trial

<iframe name="my_iframe" src="" id="my_iframe"></iframe>
<form action="http://www.********/upload11.php" method="post" enctype="multipart/form-data" target="my_iframe">
<input type="file" input id="input" name="image" />
<input type="text" name="Description" value="Image of Time"/>
<div>
<input type="submit" value="Send">
</div>
</form>


upload11.php

<?php
$upload_image = $_FILES["image"][ "name" ];
$folder = "images/";
move_uploaded_file($_FILES["image"]["tmp_name"], "$folder".$_FILES["image"]["name"]);;
$file = 'images/'.$_FILES["image"]["name"];
$uploadimage = $folder.$_FILES["image"]["name"];
$newname = $_FILES["image"]["name"];

$resize_image = $folder.$newname;
list( $width,$height ) = getimagesize( $uploadimage );
$newwidth = 550;
$newheight = 350;
$thumb = imagecreatetruecolor( $newwidth, $newheight );
$source = imagecreatefromjpeg( $resize_image );
imagecopyresized($thumb, $source, 0, 0, 0, 0, $newwidth, $newheight, $width, $height);
imagejpeg( $thumb, $resize_image, 100 );
$out_image=addslashes(file_get_contents($resize_image));
$msg = '';
if($_SERVER['REQUEST_METHOD']=='POST'){
$a = ('" alt="" />');
$b = ("'<img src=\"\https://www.******/images/".$_FILES['image']['name']."$a'");
$Description = $_POST['Description'];
$image = $_FILES['image']['tmp_name'];
$img = file_get_contents($image);
$con = mysqli_connect('***','******','******','********');
$sql = "INSERT INTO links (hyper_links, link ) VALUES ($b, $Description)";

$stmt = mysqli_prepare($con,$sql);

mysqli_stmt_bind_param($stmt, "s",$img);
mysqli_stmt_execute($stmt);

$check = mysqli_stmt_affected_rows($stmt);
if($check==1){
$msg = 'Successfullly UPloaded';
}else{
$msg = 'Could not upload';
}
mysqli_close($con);
}
?>
<?php
echo $msg;
?>

Answer

I've been rewriting half your script to get rid of all the errors and unnessesary variables. This should make it work. If not, it should at least give usefull information about what is going on:

<?php

if(!empty($_FILES["image"])){
    $imgName = $_FILES["image"]["name"];
    $imgTmpName = $_FILES['image']['tmp_name'];
    $upload_dir = "images/";

    if(move_uploaded_file($imgTmpName, $folder . basename($imgName))){
        $imgPath = $upload_dir . $imgName;

        list( $imgWidth, $imgHeight ) = getimagesize( $imgPath );

        $newImgWidth = 550;
        $newImgHeight = 350;

        $thumbnailImg = imagecreatetruecolor( $newImgWidth, $newImgHeight );
        $originalImg = imagecreatefromjpeg( $imgPath );
        imagecopyresized($thumbnailImg, $originalImg, 0, 0, 0, 0, $newImgWidth, $newImgHeight, $imgWidth, $imgHeight);

        imagejpeg( $thumbnailImg, $imgPath, 100 );

        $mysqli = new mysqli("localhost", "user", "password", "database");

        if ($mysqli->connect_errno) {
            echo "Failed to connect to MySQL: " . $mysqli->connect_error;
        }

        if($stmt = $mysqli->prepare("INSERT INTO links (hyper_links, link ) VALUES (?, ?)")){
            if($stmt->bind_param("ss", $html, $descryption)){

                $html = "<img src=\"https://www.******/". $imgPath ."\">";
                $descryption = $_POST['Description'];

                if($stmt->execute()){
                    if($stmt->affected_rows > 0){
                        echo "Successfully Uploaded";

                        $stmt->close();
                        $mysqli->close();
                    } else {
                        echo "Could not upload";
                    }
                } else {
                    die("Execute() failed: " . htmlspecialchars($stmt->error));
                }
            } else {
                die("Bind_param() failed: " . htmlspecialchars($stmt->error));
            }
        } else {
            die("Prepare() failed: " . htmlspecialchars($stmt->error));
        }
    } else {
        die("Unable to move uploaded file to upload folder.");
    }
} else {
    die("You did not select a file to upload.");
}

?>

Make a backup of what you have right now, and test this out. Let me know how it went.