mysql and php with form

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Hello PHP,

I am having a problem.  I know the area of the problem, but not how to
solve it.
It has to do with a php page with a form on it, and I am trying to
perform an insert query into
my mysql database.

I know that when I "submit" (post) the form, everything goes blank,
and the insert query is not run.
Basically here is my story.  Initially I had a page with all in-line
code, that uses includes for connection to the db, and a error
processing page.  I also have another include page that has some
functions in it, one of which is for resizing images.  That function,
cleverly named resizeImage returns a down-sized height and width,
which get loaded into the database table, along with info on the image
itself (name, location,etc).

this page has php code which reads a directory, finds jpeg images,
does a resizeImage for each image (in a for loop), and then performs
the insert query for each image.  I would run the whole thing just by
loading the page (no form tags on this page).  Everything works fine,
I call the resizeImage function from the fileloader.php page, the
function is in a page called size_image.php (I use a require for

I decided that I would like to add some flexibility to this page and
create a form where I could enter a parameter (an integer), and click
a button, which would then run this same insert query, and the
resizeImage function, and then tell me if I inserted the records.

I am using a if(isset($_REQUEST['update'])) type construct to respond
to the button click (named 'update').
and use the POST action and $_SERVER[PHP_SELF] as the form.

When I click the button, most of the page runs, and then all goes
blank in the browser, and the records are not inserted into the
database.  I am guessing that something in the post blitzes my
variables, etc, so the query never runs, etc.

Below is some of the code in the page - I have an input box for the
parameter, and a button to run the function.  I would appreciate any



Code below:

    @require_once '/usr/local/php/include/size_image.php';

    include '/usr/local/php/include/';
    include '/usr/local/php/include/';
    global $dbconnect, $query;

$p = $_REQUEST["p"];

  //echo "value for post is: $p";
} else {
    echo 'Post not set';

$serverName = $_SERVER["SERVER_NAME"];

if ($serverName != 'beaulinux')
//connection files for mysql
        @include 'c:/php/includes/';
    @include 'c:/php/includes/';
    @require_once 'c:/php/includes/size_image.php';
    @include '/usr/local/php/include/';
    @include '/usr/local/php/include/';

    $dbconnect = db_connect('portfolios') or trigger_error("Error
Connecting to Database: " . mysql_error(), E_USER_ERROR);

function performLoad($p)

$filecount = 0;
$filelist[0] = '';
$idx = 0;
$query = 0;

$path = 'testimage';

$dir_handle = @opendir($path) or die("Unable to open directory

/*** Load an array with the list of files in the dir ***/
while ($file = readdir($dir_handle))
    //$filetyp =getFileType($file);    no good for all images???OR $filetyp
== 'gif'
    $filetyp = strtolower(substr($file, -3));
    if ($filetyp == 'jpg' )
        //***$handle = fopen($path . "/" . $file,'r');
        $filelist[$idx] = $path . "/" . $file; //add file to array
        //echo $filelist[$idx];
        //***$file_content = fread($handle,filesize($path . "/" . $file));


// now read the array, and load the files into the database....

        for ($i=0; $i < $filecount; ++$i)
            list($width, $height, $type, $attr) = getimagesize($filelist[$i]);
            if ($type == 2) $filetype = 'image/jpeg';
                    $n_width = resizeImage($width,$height);
            $name = explode('/',$filelist[$i]);
                $filesize = filesize($filelist[$i]);
            //echo $name[1] . ' '. $n_width[0] . ' height: ' .
        $insertSQL = "INSERT INTO images3
VALUES(\"" .
     $name[1]."\", \"" .$path. "\", \"" .$filetype . "\", \"" .
$filesize . "\", \"" .
        $width. "\", \"" .$height. "\", \"" .$n_width[0]. "\", \"" .
$n_width[1]. "\", \"" . "$p" . "\")";

        /*** remember to comment or un-coment this line!! ***/
        //$query = @mysql_query($insertSQL) or trigger_error("Error
performing query: " . mysql_error(),E_USER_ERROR);
        //table is loaded with the files using a resized width by bad

    } //end func place holder

Re: mysql and php with form

Quoted text here. Click to load it

If uncommenting you insert query doesn't work, and the page goes blank,  
please remove all @'s. Errors are usefull when something doesn't work.

Furthermore you only echo something on errors, so having a blank page is  
just what this code does after a succesfull run.
Rik Wasmus
Posted on Usenet, not any forum you might see this in.
Ask Smart Questions:

Re: mysql and php with form

Quoted text here. Click to load it

also try not to get hacked:
make life easy on yourself, escape all values that go into the
database, to avoid SQL injection.

$name[1] -> string
$filesize -> int?
$height -> int?
$p -> string

mysql_real_escape() or better mysql_real_escape_string(

$insertSQL = sprintf(
"INSERT INTO `images3` " .
"(`name`, `folder`, `type`, `filesize`, `orig_width`, " .
"`orig_height`, `resize_width`, `resize_height`, `p`)" .
"VALUES( '%s', '%s', '%s', '%d', '%d', '%d' , '%d', '%d', '%s')",

this gets boring, so why not have your vars in an array and use
array_walk to escape the values

Also you should enforce bounds checking on all your vars, before entry
into the database, is your database only allowing 32 chars for a
$name[1], then use
$name[1] = substr($name[1],0,32);

stay neat and tidy and you will be able to see clearly.

Re: mysql and php with form

Quoted text here. Click to load it

Indeed, something I like to do when the variables are set up, really kee=
ps  =

it managable.

Also an option with MDB2 prepared statment.

$db = new MDB2();
$db->loadModule('Exended', null, false);
$inserts = array();
$stmt = $db->prepare(
    'INSERT INTO `table` (`field`,`foo`,`bar`) VALUES (:field,:foo,:bar)',
foreach($something as $item){
    //some code
    $inserts[]  = compact($bar,$foo,$field);

-- =

Rik Wasmus
Posted on Usenet, not any forum you might see this in.
Ask Smart Questions:

Re: mysql and php with form says...
Quoted text here. Click to load it

Wouldnt that truncate data without warning?  
Surely not a good idea?

Re: mysql and php with form

Quoted text here. Click to load it

Thanks for the tip - as always, there is much more for me to learn and


Site Timeline