INSERTING AN IMAGE FROM A SERVER INTO A CMSB DATABASE RECORD - Dec 17th, 2011


This one's probably not going to be extremely useful, but you never know...

I had a client who was already allowing subscribers to uploading an image to a directory on their server. I took over
the project because they wanted to convert to a content managed site.

One of the things I was stuck on was how to save the uploaded image into a CMSB database record.

First I’ll describe how they were uploading their image to a folder on their server in case it comes in handy for
someone.

The subscriber was presented a form like this, in a file called purchase.php:



<form name="ordernow" enctype="multipart/form-data" action="ordernow.php" method="post" >
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="text_field">
<tr>
<td valign="top" class="title" height="30">First Name
</td>
<td>
<input type="text" name="first_name" id="first_name">
</td>
</tr>
<tr>
<td valign="top" class="title" height="30">Last Name
</td>
<td>
<input type="text" name="last_name" id="last_name">
</td>
</tr>
<tr>
<td valign="top">
Select your image: <br /> (upload time will depend on the speed of your internet connection)
</td>
<td> <input type="file" name="photo"></td>
</tr>
<tr>
<td>&nbsp;</td>
<td align="left" valign="top">
<input type="submit" value="Submit" name="submit">
</td>
</tr>
</table>
</form>


The orginal ordernow.php file that did the processing looked like this:


<?php session_start();
{
if(
$_POST){
$name_of_uploaded_file =basename($_FILES['photo']['name']);
//get the file extension of the file
$type_of_uploaded_file =substr($name_of_uploaded_file,strrpos($name_of_uploaded_file, '.') + 1);

$size_of_uploaded_file =$_FILES["photo"]["size"]/1024;//size in KBs

//copy the temp. uploaded file to attachdoc folder
$upload_folder='photo/';
$path_of_uploaded_file = $upload_folder . $name_of_uploaded_file;
//echo 'path_of_uploaded_file'.$path_of_uploaded_file;
$tmp_path = $_FILES["photo"]["tmp_name"];

if(
is_uploaded_file($tmp_path))
{
copy($tmp_path,$path_of_uploaded_file);
if(!
copy($tmp_path,$path_of_uploaded_file))
{
$errors .= '\n error while copying the uploaded file';
}
}

$photo=$path_of_uploaded_file;
$first_name1=$_POST['first_name'];
$last_name1=$_POST['last_name'];
$errors='Order placed.';
}

?>


With the changes below I was able to get all of the text fields to get added to the CMSB database but couldn’t figure
out how to get the image to upload. Jason Shautuch from interactive tools came to the rescue.

Here’s what I changed and added to the ordernow.php file

At the top of the page:


<?php header('Content-type: text/html; charset=utf-8'); ?>
<?php
$libraryPath = 'cmsAdmin/lib/viewer_functions.php';
$dirsToCheck = array('','../','../../','../../../','../../../../');
foreach (
$dirsToCheck as $dir) { if (@include_once("$dir$libraryPath")) { break; }}
if (!
function_exists('getRecords')) { die("Couldn't load viewer library, check filepath in sourcecode."); }
// load records
list($common_informationRecords, $common_informationMetaData) = getRecords(array(
'tableName' => 'common_information',
'allowSearch' => '0',
'limit' => '1',
));
$common_informationRecord = @$common_informationRecords[0]; // get first record
// load records

if($_POST){
// turn off strict mysql error checking for: STRICT_ALL_TABLES
mysqlStrictMode(false); // disable Mysql strict errors for when a field isn't defined below (can be caused when fields
are added later)

$name_of_uploaded_file =basename($_FILES['photo']['name']);

//get the file extension of the file
$type_of_uploaded_file =substr($name_of_uploaded_file,strrpos($name_of_uploaded_file, '.') + 1);

$size_of_uploaded_file =$_FILES["photo"]["size"]/1024;//size in KBs

//copy the temp. uploaded file to attachdoc folder
$upload_folder='photo/';
$path_of_uploaded_file = '/home/users/web/b1587/ipw.peteralanportraits/public_html/' .$upload_folder .
$name_of_uploaded_file;

$tmp_path = $_FILES["photo"]["tmp_name"];
// echo $path_of_uploaded_file;
if(is_uploaded_file($tmp_path))
{
copy($tmp_path,$path_of_uploaded_file);
if(!
copy($tmp_path,$path_of_uploaded_file))
{
$errors .= '\n error while copying the uploaded file';
}
}


$photo=$path_of_uploaded_file;
$first_name1=$_POST['first_name'];
$last_name1=$_POST['last_name'];

}


Then to create the new record in the CMSB Table customer_uploads I added:


mysql_query("INSERT INTO `{$TABLE_PREFIX}customer_uploads` SET

first_name = '".$first_name."',
last_name = '".$last_name1."',
createdDate = NOW(),
updatedDate = NOW(),
createdByUserNum = '0',
updatedByUserNum = '0'")
or die(
"MySQL Error Creating Record:<br />\n". htmlspecialchars(mysql_error()) . "\n");
$userNum = mysql_insert_id();
// image upload code will go here
$errors='Thank You <br /> Your Order Has Been Successfully Placed.';
}

?>
To get the image to upload Jason suggested that I add the following :

or die("MySQL Error Creating Record: <br /> \n". htmlspecialchars(mysql_error()) . "\n");
$userNum = mysql_insert_id();
// upload the image file
@saveUploadFromFilepath('customer_uploads', 'uploads', $userNum, '123456789' , $path_of_uploaded_file);
$errors='Thank You <br /> Your Order Has Been Successfully Placed.';
}

?>


When I tried to use the same code to insert an image into an already existing record where an order code had been
entered by the system admin, it didn’t work.

Jason suggested the following:

In an update form add a field for an order_code


<form name="ordernow" enctype="multipart/form-data" action="ordernow2.php" method="post" >
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="text_field">
<tr>
<td valign="top" class="title">Upload</td>
<td> <input type="file" name="photo"></td>
</tr>
<tr>
<td valign="top" class="title" height="30">Order Code:</td>
<td><input type="text" name="order_code">
</td>
</tr>
<tr>
<td>&nbsp;</td>
<td align="left" valign="top">
<input type="submit" value="Submit" name="submit"></td>
</tr>
</table>
</form>


Then in the update file that does the processing, now called ordernow2.php change the mysql_query("INSERT INTO code to:


//first load the customer_upload records
list($customer_uploadsRecords, $customer_uploadsMetaData) = getRecords(array(
'tableName' => 'customer_uploads',
));

//Then update the records (limited by the WHERE clause further down)
mysql_query("UPDATE `{$TABLE_PREFIX}customer_uploads` SET

first_name = '".$first_name."',
last_name = '".$last_name1."',
updatedDate = NOW(),
updatedByUserNum = '0'

// limits records to only those where the order code entered matches the order code in the record
WHERE order_code = '".mysql_escape($order_code)."'")

or die("MySQL Error updating Record: <br /> \n". htmlspecialchars(mysql_error()) . "\n");

$customerUploadsRecords = mysql_select("customer_uploads", "order_code = '".mysql_escape($order_code)."'");

foreach ($customerUploadsRecords as $record) {
@saveUploadFromFilepath('customer_uploads', 'uploads', $record['num'], '123456789' , $path_of_uploaded_file);
}
$errors='Thank You <br /> Your Order Has Been Successfully Updated.';

}

?>


That worked just fine.



The materials on this web site have been created for use with CMS Builder content management software. CMS Builder software is published and licensed for use by InteractiveTools.com. Please contact Interactive Tools for information on the downloading of the software or the purchasing of licenses.


Terms of Service