Hi there,
Not sure if anyone can help me with a coding problem that has arisen when creating a user registration system with an image upload. Everything was working great until I began coding the image upload feature (I want to force users to add a profile picture image when registering). If all the parameters are entered correctly, the script works properly and will upload their picture and display it with their other profile information. However, I am getting an undefined index error that is conflicting with the scripts internal error reporting, thereby causing it to fail.
Here is the relevant php:
[php]if (isset ($_POST[‘username’])){
$username = preg_replace('#[^A-Za-z0-9]#i', '', $_POST['username']); // filter everything but letters and numbers
$gender = preg_replace('#[^a-z]#i', '', $_POST['gender']); // filter everything but lowercase letters
$b_m = preg_replace('#[^0-9]#i', '', $_POST['birth_month']); // filter everything but numbers
$b_d = preg_replace('#[^0-9]#i', '', $_POST['birth_day']); // filter everything but numbers
$b_y = preg_replace('#[^0-9]#i', '', $_POST['birth_year']); // filter everything but numbers
$email1 = $_POST['email1'];
$email2 = $_POST['email2'];
$pass1 = $_POST['pass1'];
$pass2 = $_POST['pass2'];
$user_pic = $_POST['user_pic'];
include_once "scripts/connect_to_mysql.php";
$emailCHecker = mysql_real_escape_string($email1);
$emailCHecker = str_replace("`", "", $emailCHecker);
$sql_uname_check = mysql_query("SELECT username FROM myMembers WHERE username='$username'");
$uname_check = mysql_num_rows($sql_uname_check);
$sql_email_check = mysql_query("SELECT email FROM myMembers WHERE email='$emailCHecker'");
$email_check = mysql_num_rows($sql_email_check);
if ((!$username) || (!$gender) || (!$b_m) || (!$b_d) || (!$b_y) || (!$email1) || (!$email2) || (!$pass1) || (!$pass2) || (!$user_pic)) {
$errorMsg = 'ERROR: You did not submit the following required information:<br /><br />';
if(!$username){
$errorMsg .= ' * User Name<br />';
}
if(!$gender){
$errorMsg .= ' * Gender: Confirm your sex.<br />';
}
if(!$b_m){
$errorMsg .= ' * Birth Month<br />';
}
if(!$b_d){
$errorMsg .= ' * Birth Day<br />';
}
if(!$b_y){
$errorMsg .= ' * Birth year<br />';
}
if(!$email1){
$errorMsg .= ' * Email Address<br />';
}
if(!$email2){
$errorMsg .= ' * Confirm Email Address<br />';
}
if(!$pass1){
$errorMsg .= ' * Login Password<br />';
}
if(!$pass2){
$errorMsg .= ' * Confirm Login Password<br />';
}
if(!$user_pic){
$errorMsg .= ' * Add a Profile Plank<br />';
}
} else if ($email1 != $email2) {
$errorMsg = 'ERROR: Your Email fields below do not match<br />';
} else if ($pass1 != $pass2) {
$errorMsg = 'ERROR: Your Password fields below do not match<br />';
} else if ($humancheck != "") {
$errorMsg = 'ERROR: The Human Check field must be cleared to be sure you are human<br />';
} else if (strlen($username) < 4) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too short. 4 - 20 characters please.<br />";
} else if (strlen($username) > 20) {
$errorMsg = "<u>ERROR:</u><br />Your User Name is too long. 4 - 20 characters please.<br />";
} else if ($uname_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your User Name is already in use inside of our system. Please try another.<br />";
} else if ($email_check > 0){
$errorMsg = "<u>ERROR:</u><br />Your Email address is already in use inside of our system. Please use another.<br />";
} else if ($_FILES['user_pic']['tmp_name'] != "") {
$maxfilesize = 51200; // 51200 bytes equals 50kb
if($_FILES['user_pic']['size'] > $maxfilesize ) {
$error_msg = '<font color="#FF0000">ERROR: Your image was too large, please try again.</font>';
unlink($_FILES['user_pic']['tmp_name']);
} else if (!preg_match("/\.(gif|jpg|png)$/i", $_FILES['user_pic']['name'] ) ) {
$error_msg = '<font color="#FF0000">ERROR: Your image was not one of the accepted formats, please try again.</font>';
unlink($_FILES['user_pic']['tmp_name']);
}
} {
$email1 = mysql_real_escape_string($email1);
$pass1 = mysql_real_escape_string($pass1);
$db_password = md5($pass1);
$full_birthday = "$b_y-$b_m-$b_d";
$ipaddress = getenv('REMOTE_ADDR');
$sql = mysql_query("INSERT INTO myMembers (username, gender, birthday, email, password, ipaddress, sign_up_date)
VALUES('$username','$gender','$full_birthday','$email1','$db_password', '$ipaddress', now())")
or die (mysql_error());
$id = mysql_insert_id();
mkdir("members/$id", 0755);
$newname = "image01.jpg";
$place_file = move_uploaded_file( $_FILES['user_pic']['tmp_name'], "members/$id/".$newname);
include_once ‘msgToUser.php’;
exit();
}
} else { // if the form is not posted with variables, place default empty variables so no warnings or errors show
$errorMsg = "";
$username = "";
$gender = "";
$b_m = "";
$b_d = "";
$b_y = "";
$email1 = "";
$email2 = "";
$pass1 = "";
$pass2 = "";
$user_pic = "";
}
[/php]
And the html form:
<table class="table_f" width="100%" cellpadding="3">
<form action="register.php" method="post" enctype="multipart/form-data">
<tr>
<td colspan="2"><font color="#94A0D1"><?php print "$errorMsg"; ?></font></td></tr>
<tr><td><h11>Add Profile Photo: </h11></td>
<td width="521"><input name="user_pic" type="file" class="formFields" id="user_pic" size="42" />
50 kb max </td></tr>
<tr><td>
<input type="submit" style="color: #a2a2a2; font-family: helvetica; font-size: 11px; letter-spacing: 1px" name="Submit" value="Register" /></td></tr>
</form>
</table>I am getting an undefined index for “user_pic” on line $user_pic = $_POST['user_pic']; that seems to be conflicting with the scripts internal error reporting. When everything is entered properly, the script works fine. But if the user inputs incorrect information (i.e. image too large, duplicate username, invalid email, etc) the script fails.
Does anyone have any ideas? I feel as if I have painted myself into a corner.
Thanks in advance for any suggestions.
nbewley