Hey everyone, I’m fairly new to PHP and a friend referred me to this forum to get some help with this script I’ve had a little trouble with.
I’m developing a php website for a gaming clan, and I’ve had no problem with any php scripts until now, when I tried making a gallery. I could have googled a regular image uploader, but to save space I want to store URL’s from remote sites (such as imageshack) in the SQL. So, I tried making my own…
Keep in mind: This website uses many require functions, so if you see some variable missing, its probably in something I didn’t show here. The site is built with an index page that uses require_once to get the configuration, the global functions/objects, the template, and the content in that order.
My problem: $ret doesn’t seem to pass (after submitting), and returns the given error message…
Index.php:
<?php
// You may change the location of your configuration file here if you wish.
require_once 'config.php';
// Includes the necessary globals
require_once $globals;
// Includes of the website, as defined in the configuration
require_once $header;
require_once $page_head;
require_once $page_main;
require_once $page_foot;
require_once $footer;
?>
Config.php has the mysql essentials (dbname ect.), and defines the other page variables like $page_head ect. It also has the later used upload password. Theres nothing wrong with it, im sure.
$globals (global.php):
<?php
$connect = @mysql_pconnect($mysql_host,$db_username,$db_userpass) or die("Cannot connect to DB!");
@mysql_select_db($database_name) or die("Cannot select DB!");
function add_to_database( $imageurl, $text ) {
$imageurl = mysql_real_escape_string( $imageurl );
$text = mysql_real_escape_string( $text );
$query = "INSERT INTO uploaded_images ( imageurl, text )
values( '$imageurl', '$text' )";
}
function write_uploader() {
echo <<<EOF
<form method="post" action="{$SERVER['PHP_SELF']}">
URL: <input type="text" name="imageurl" size="20" />
Password: <input type="password" name="uploadpass" size="20" />
Annotation: <input type="text" name="text" size="10" /><br />
<input type="submit" value="Upload" />
</form>
EOF;
}
?>
Other functions and objects that are irrelevant have been omitted.
Content (gallery.php, is required from $page_main.)
<div id="g1">
Pictures Here
</div>
<div id="g2">
<?php
if ( !empty($_REQUEST['imageurl'] ) && !empty( $_REQUEST['uploadpass'] ) && !empty( $_REQUEST['text'] )) {
if ( $_REQUEST['uploadpass'] != $uploadpw ) {
echo "Wrong Upload Password";
} elseif ( $_REQUEST['uploadpass'] == $uploadpw ) {
$ret = add_to_database( $_REQUEST['imageurl'],
$_REQUEST['text'] );
if ( !$ret ) {
echo "Error<br />n";
} else {
echo "Thank you very much<br />n";
}
}
} else {
write_uploader();
}
?>
</div>
So when I try to ‘upload’ something, I get "Error: " in the content.
Thanks for any help you can give, I’m sure its probably a small mistake I made and overlooked, but I haven’t been able to find the problem for a while now
P.S.
I realize there is absolutely no security in any of my coding thus far, but that I will do later. For now im just trying to get everything working, as this is on my local server for now anyways.