Hi everyone,
I’m working on a class assignment where I have to use the time() function in my php code to make file names unique once them are uploaded via a forum to a created database.
In this assignment my professor mentioned that this function was work fine making the files names unique on within my images folder but wasn’t actually changing/updating the filename to the changed in my phpmyadmin database.
I’ve posted my code below and highlighted the in question portion in blue: (line 86-87)
[php]
$page_title =‘Add Home Record’; // variable used to change individual page title.
require_once(‘header.php’);
require_once(‘appvars.php’);
require_once(‘connectvars.php’);
$featured = 0;
$street_address = NULL;
$price = NULL;
$number_bedrooms = NULL;
$number_baths = NULL;
$sq_ft = NULL;
$year_built = NULL;
$featured = NULL;
$pImage = NULL;
//create storage for the checkbox values for featured house items.
$pool = 0;
$finished_basement = 0;
$fenced_yard = 0;
if (isset($_POST[‘submit’])) {//did the user submit the form.
// print_r ($_POST);
// print_r($_FILES);
// Grab the product data from the POST
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME)
or DIE('Connection Failed');
//mysqli_real_escape_string is used to trim the exact spaces used into the data entered.
$street_address = mysqli_real_escape_string($dbc, trim($_POST['street_address']));
$price = mysqli_real_escape_string($dbc, trim($_POST['price']));
$number_bedrooms = mysqli_real_escape_string($dbc, trim($_POST['number_bedrooms']));
$number_baths = mysqli_real_escape_string($dbc, trim($_POST['number_baths']));
$sq_ft = mysqli_real_escape_string($dbc, trim($_POST['sq_ft']));
$year_built = mysqli_real_escape_string($dbc, trim($_POST['year_built']));
// $featured = mysqli_real_escape_string($dbc, trim($_POST['featured']));
$pDesc = mysqli_real_escape_string($dbc, trim($_POST['pDesc']));
//new global variable $_FILES used to store file information for uploaded files.
$pImage = mysqli_real_escape_string($dbc, trim($_FILES['pImage']['name']));
$pImage_type = $_FILES['pImage']['type'];
$pImage_size = $_FILES['pImage']['size'];
mysqli_close($dbc);
if (isset($_POST['pool']) ) {
$pool = $_POST['pool'];
} else {
$pool = 0;
} // this end bracket is “attached” to the process checking to see if the checkbox was ‘ticked’.
//process checked finished basement box.
if (isset($_POST[‘finished_basement’]) ) {
$finished_basement = $_POST[‘finished_basement’];
} else {
$finished_basement = 0;
} // end of finished_basement checkbox check
//process checked fenced yard box.
if (isset($_POST['fenced_yard']) ) { // Fenced Yard Checkbox Process Check
$fenced_yard = $_POST['fenced_yard'];
} else {
$fenced_yard = 0;
} // end of finished_basement checkbox check
// Street Address Validation Check - See if address was entered into the form.
if (empty($street_address)) {
echo "You didn’t fill in a street address.
";
$output_form = true; // will print form.
} // end of street_address check
// Image , Price & Image validation check
// Price Validation Check - See if Price was entered into the form as a number.
if (!is_numeric($price)) { //is not a number function.
echo “You didn’t fill in price as a number.”;
$output_form = true; // will print form.
}
if ((($pImage_type == 'image/gif') || ($pImage_type == 'image/jpeg') || ($pImage_type == 'image/pjpeg') || ($pImage_type == 'image/png'))
&& ($pImage_size > 0) && ($pImage_size <= GW_MAXFILESIZE)) {//check to make sure that the file type is valid and the file is larger than 0 but less than 1meg.
if ($_FILES['pImage']['error'] == 0) { //check to make sure the file gets uploaded.
$target = GW_UPLOADPATH . time(). $pImage; // try to move file to images folder // FILE UNIQUE time function added from book (page 252) that duplicates and chages file name if there
// is more than one version. PLACEMENT OF time () changed according to book 4/10/2016
if (move_uploaded_file($_FILES['pImage']['tmp_name'], $target)) { //try to move file to images folder
// Connect to the database
$dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME)
or DIE('Connection Failed');
// Write the data to the database //we don't need to remove pPrime from query because we have default value 0.
$query = "INSERT INTO homes ( street_address, price, number_bedrooms, number_baths, sq_ft, year_built, pool, finished_basement, fenced_yard, featured, pDesc, pImage ) " .
"VALUES ('$street_address', '$price', '$number_bedrooms', '$number_baths', '$sq_ft', '$year_built', '$pool', '$finished_basement', '$fenced_yard', '$featured', '$pDesc','$pImage')";
// echo $query;
mysqli_query($dbc, $query)
or DIE("Query FAILED.");
// User confirmation
echo '<p>The home listing has been added to the database.</p>';
//it helps remove the slash before the special character used in the name or Desc.
echo '<p><strong>Street Address:</strong> ' . stripslashes($street_address) . '<br />';
echo '<strong>Price:</strong> ' . '$' . number_format($price, 2, '.', ',' ). '<br />';
// echo '<strong>Featured:</strong> ' ;
// if ($featured == 1) {echo ' Yes <br />'; } else {echo ' No <br /> ';}
echo '<strong>Desc:</strong><span class="desc"> ' . stripslashes($pDesc). '</span><br />';
echo '<strong> Image File: </strong>';
//example of using ternary format of if/else -- additional items of home (pool, finished basement, fenced in yard ) checkboxes
echo 'Pool: ' . (($pool) ? 'YES' : 'NO' ). '<br />' ;
echo 'Finished Basement: ' . (($finished_basement) ? 'YES' : 'NO' ). '<br />' ;
echo 'Fenced Yard: ' . (($fenced_yard) ? 'YES' : 'NO' ). '<br />' ;
echo '<img src= " ' . GW_UPLOADPATH . $pImage . ' " alt="home Image" /></p>';
echo '<p><a href="index.php"><< Back to Home Listings.</a></p>';
// Clear the data in the form
$street_address = "";
$price = "";
$number_bedrooms = "";
$number_baths = "";
$sq_ft = "";
$year_built = "";
$pool = "";
$finished_basement = "";
$featured = "";
$pImage = "";
$pDesc ="";
} //movefile worked yahoo....
else { //movefile didn't work print out an error message.
echo '<p class="error">Sorry, there was a problem loading your home image.</p>';
}//end of movefile error msg.
} //there was no file error in submit.
else {// error with file move not == zero
echo '<p class ="error"> The file did not get uploaded: error code: '. $_FILES['pImage']['error'] . '</p>';}
}//no file type or size error
else { //there was a file type or size error.
echo '<p class="error">The screen shot must be a GIF, JPEG, or PNG image file no greater than ' . (GW_MAXFILESIZE / 1024) . ' KB in size.</p>';
} //type size error message printed.
@unlink($_FILES['pImage']['tmp_name']);//unlink is the php command to delete a file.
} //data validated.
else { //data didn't validate show error message.
echo '<p class="error">Please enter all the required product information.</p>';
}//end of error message.
//form submission
[/php]
I have looked online and tried moving this function within the line with no luck. I guess my question would be do I place the time() before or aftter the variable (which is called pImage) in order to database the filename in my actual database