TalkPHP - View Single Post

cliffgs · 10-16-2010, 11:34 PM

Hi

Probably not the best method (I am still trying to learn), but I have solved my problem:

PHP Code:


			
//Process editform

if (isset($_GET['editform'])) { 

include $_SERVER['DOCUMENT_ROOT'] . '/../code2/admindb.inc.php';



    $fname = mysqli_real_escape_string($link, $_POST['fname']);

    $lname = mysqli_real_escape_string($link, $_POST['lname']);

    $bio = mysqli_real_escape_string($link, $_POST['elm1']);

    $id = (int) $id = mysqli_real_escape_string($link, $_POST['id']);

    if ($fname == '' || $lname == '') {

        $error = 'You must give the artist a first name and a surname. Click &lsquo;back&rsquo; and try again.';

        include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php');

        exit();    

    }



    if ($_FILES["image"]["size"] > 0) {

if ((($_FILES["image"]["type"] == "image/gif")

|| ($_FILES["image"]["type"] == "image/jpeg")

|| ($_FILES["image"]["type"] == "image/pjpeg"))

&& ($_FILES["image"]["size"] < 200000))

  {

  if ($_FILES["image"]["error"] > 0)

    {

    echo "Return Code: " . $_FILES["image"]["error"] . "<br />";

    } else {

    if (file_exists("../../meetArtists/" . $_FILES["image"]["name"]))

      {

          $filename = $_FILES["image"]["name"];

      } else {

      move_uploaded_file($_FILES["image"]["tmp_name"],

      "../../meetArtists/" . $_FILES["image"]["name"]);

         $filename = $_FILES["image"]["name"];

         }

    }

            $sql = "UPDATE artists SET filename = '$filename' WHERE id = '$id'";

if (!mysqli_query($link, $sql)) {

    $error = 'Error updating selected artist.';

        include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php');

        exit();    

    }



  } else {

  echo "Invalid file";

  }

    }

include $_SERVER['DOCUMENT_ROOT'] . '/../code2/admindb.inc.php';



    $fname = mysqli_real_escape_string($link, $_POST['fname']);

    $lname = mysqli_real_escape_string($link, $_POST['lname']);

    $bio = mysqli_real_escape_string($link, $_POST['elm1']);

    $id = (int) $id = mysqli_real_escape_string($link, $_POST['id']);

    if ($fname == '' || $lname == '') {

        $error = 'You must give the artist a first name and a surname. Click &lsquo;back&rsquo; and try again.';

        include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php');

        exit();    

    }

    $sql = "SELECT filename FROM artists WHERE id = $id";

    $result = mysqli_query($link, $sql);

    if (!$result) {

    $error = 'Error updating selected artist.';

        include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php');

        exit();

    }

    $row = mysqli_fetch_array($result);

    $filename = $row['filename'];

$sql = "UPDATE artists SET

    fname = '$fname',

    lname = '$lname',

    filename = '$filename',

    bio = '$bio'

    WHERE id = '$id'";

if (!mysqli_query($link, $sql)) {

    $error = 'Error updating selected artist.';

        include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php');

        exit();    

    }

    header('Location: .');

    exit();

}

Many thanks.

Cliff

10-16-2010, 11:34 PM	#4 (permalink)
cliffgs The Wanderer Join Date: Aug 2010 Location: West Coast, New Zealand Posts: 5 Thanks: 2	Hi Probably not the best method (I am still trying to learn), but I have solved my problem: PHP Code: //Process editform if (isset($_GET['editform'])) { include $_SERVER['DOCUMENT_ROOT'] . '/../code2/admindb.inc.php'; $fname = mysqli_real_escape_string($link, $_POST['fname']); $lname = mysqli_real_escape_string($link, $_POST['lname']); $bio = mysqli_real_escape_string($link, $_POST['elm1']); $id = (int) $id = mysqli_real_escape_string($link, $_POST['id']); if ($fname == '' \|\| $lname == '') { $error = 'You must give the artist a first name and a surname. Click ‘back’ and try again.'; include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'); exit(); } if ($_FILES["image"]["size"] > 0) { if ((($_FILES["image"]["type"] == "image/gif") \|\| ($_FILES["image"]["type"] == "image/jpeg") \|\| ($_FILES["image"]["type"] == "image/pjpeg")) && ($_FILES["image"]["size"] < 200000)) { if ($_FILES["image"]["error"] > 0) { echo "Return Code: " . $_FILES["image"]["error"] . "<br />"; } else { if (file_exists("../../meetArtists/" . $_FILES["image"]["name"])) { $filename = $_FILES["image"]["name"]; } else { move_uploaded_file($_FILES["image"]["tmp_name"], "../../meetArtists/" . $_FILES["image"]["name"]); $filename = $_FILES["image"]["name"]; } } $sql = "UPDATE artists SET filename = '$filename' WHERE id = '$id'"; if (!mysqli_query($link, $sql)) { $error = 'Error updating selected artist.'; include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'); exit(); } } else { echo "Invalid file"; } } include $_SERVER['DOCUMENT_ROOT'] . '/../code2/admindb.inc.php'; $fname = mysqli_real_escape_string($link, $_POST['fname']); $lname = mysqli_real_escape_string($link, $_POST['lname']); $bio = mysqli_real_escape_string($link, $_POST['elm1']); $id = (int) $id = mysqli_real_escape_string($link, $_POST['id']); if ($fname == '' \|\| $lname == '') { $error = 'You must give the artist a first name and a surname. Click ‘back’ and try again.'; include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'); exit(); } $sql = "SELECT filename FROM artists WHERE id = $id"; $result = mysqli_query($link, $sql); if (!$result) { $error = 'Error updating selected artist.'; include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'); exit(); } $row = mysqli_fetch_array($result); $filename = $row['filename']; $sql = "UPDATE artists SET fname = '$fname', lname = '$lname', filename = '$filename', bio = '$bio' WHERE id = '$id'"; if (!mysqli_query($link, $sql)) { $error = 'Error updating selected artist.'; include($_SERVER['DOCUMENT_ROOT'] . '/includes/error.html.php'); exit(); } header('Location: .'); exit(); } Many thanks. Cliff