Associate
Morning all.
I'm trying to finish off the last bit of a website and it requires a file upload. I've tried numerous ways of getting this to work but its not having any of it.
Would appreciate it if someone could give the code a once over and tell me if there's anything wrong or at least some new ideas to try and get this working.
The offending code:
Very many thanks
I'm trying to finish off the last bit of a website and it requires a file upload. I've tried numerous ways of getting this to work but its not having any of it.
Would appreciate it if someone could give the code a once over and tell me if there's anything wrong or at least some new ideas to try and get this working.
The offending code:
Code:
<?php
require_once("../includes/dba.php");
mysql_select_db($db_name, $db_connect);
$submitted = $_GET['submitted'];
$self = $_SERVER['PHP_SELF'];
$sid = $_GET['sid'];
$store = mysql_query("SELECT * FROM links WHERE sid = $sid", $db_connect);
$store_row = mysql_fetch_assoc($store);
if(isset($submitted))
{
$title = $_GET['title'];
$description = $_GET['description'];
$paypal = $_GET['paypal'];
if(isset($_FILES["image"]))
{
$image = basename($_FILES['image']['name']);
move_uploaded_file($_FILES['image']['tmp_name'], "../images/store/" . basename($_FILES['image']['name']));
}
else
{
$image = "";
}
mysql_query("INSERT INTO `store` (`uid` , `sid` , `title` , `description` , `image` , `paypal_link`) VALUES (NULL, '$sid' , '$title' , '$description' , '$image' , '$paypal')", $db_connect) or die(mysql_error());
echo "<script type=\"text/javascript\" src=\"../includes/refreshparent.js\"></script>";
}
else
{
echo "
<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">
<html>
<head>
<title>Add Store Item</title>
<link href=\"../includes/style.css\" rel=\"stylesheet\" type=\"text/css\">
</head>
<body>
<div style=\"text-align: center\">Add item to <strong>$store_row[title]</strong> store</div><br>
<form action=\"$self\" method=\"get\">
<table width=\"490\" height=\"290\">
<tr>
<td>Product Name:</td>
<td><input type=\"text\" name=\"title\"></td>
</tr>
<tr>
<td>Product Description</td>
<td><textarea name=\"description\" rows=\"3\" cols=\"40\"></textarea></td>
</tr>
<tr>
<td>Paste Paypal Button Code:</td>
<td><textarea name=\"paypal\" rows=\"3\" cols=\"40\"></textarea></td>
</tr>
<tr>
<td>Image Upload:</td>
<td><input type=\"file\" name=\"image\"></td>
</tr>
<tr>
<td colspan=\"2\"><input type=\"hidden\" name=\"submitted\" value=\"true\"><input type=\"submit\" value=\"Submit\"><input type=\"button\" value=\"Cancel\" onclick=window.close()><input type=\"hidden\" name=\"sid\" value=\"$sid\"></td>
</table>
</form>
</body>
</html>
";
}
?>