zero_ZX Posted August 21, 2010 Share Posted August 21, 2010 Hi, I was testing my script, but for some strange reason.. it appears that my php is skipping some code.. Here's the part of my code which is getting skipped: if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $fullfile)) { $kundeid = mysql_real_escape_string($_GET['kundeid']); $mappeid = mysql_real_escape_string($_GET['mappe']); $navn = mysql_real_escape_string($_POST['navn']); $date = date(d-m-Y); echo "$kundeid"; echo "<br>"; echo "$mappeid"; echo "<br>"; echo "$navn"; echo "<br>"; mysql_query("INSERT INTO files (client, location, folder, name) VALUES ('$kundeid', '$fullfile', '$mappeid', '$navn')" or die(mysql_error())); echo ' <div class="response-msg success ui-corner-all"> <span>Fil tilføjet</span> Filen blev tilføjet uden nogle problemer. </div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div>'; The output of this is: 1 1 saddsa Fil tilføjet Filen blev tilføjet uden nogle problemer. Meaning, that the file was uploaded successfully, and it outputs the different variables. As you see the text is beneath the sql code, and the variables are before.. Both gets displayed correct, and the file also gets moved without problems but for some reason the mysql code isn't executed, as no error occurs and nothing change in my database. Full code (in case you need): <?php include('header.php'); ?> <?php session_start(); // dBase file include "inc/config.php"; if (!$_SESSION["valid_user"]) { // Ikke logget ind Header("Location: index.php"); } $staff = $_SESSION['valid_user']; $result = mysql_query("SELECT * FROM admin WHERE brugernavn=('$staff') LIMIT 1"); $row = mysql_fetch_array($result); if ($row["kunder"] != "1") { echo ' <div class="response-msg error ui-corner-all"> <span>Meddelelse</span> Adgang til denne side blev nægtet af serveren. <br /> Du har muligvis ikke fået tildelt en personale konto. Kontakt din administrator vedrørende dette problem. </div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div>'; include('sidebar.php'); echo' </div> <div class="clear"></div> </div> </div>'; include('footer.php'); echo '</div> </body> </html> '; exit(); } ?> <div id="sub-nav"><div class="page-title"> </div> <?php include('top_buttons.php'); ?></div> <div id="page-layout"><div id="page-content"> <div id="page-content-wrapper"> <div class="inner-page-title"> <h2>Tilføjer fil</h2> <span>Din fil bliver nu tilføjet.</span> </div> <?PHP $kunde = mysql_real_escape_string($_GET['kunde']); $mappeid = mysql_real_escape_string($_GET['mappe']); $result2 = mysql_query("SELECT * FROM folders WHERE id = '".$mappeid."'"); $inforow2 = mysql_fetch_array($result2); $mappe = $inforow2['location']; // Configuration - Your Options $allowed_filetypes = array('.jpg','.gif','.bmp','.png','.doc','.docx','.xls','.xlsx','.pdf'); // These will be the types of file that will pass the validation. $result = mysql_query("SELECT * FROM indstillinger LIMIT 1"); $row = mysql_fetch_array($result); $max_filesize = $row["uploadsize"]; // Maximum filesize in BYTES (currently 0.5MB). $upload_path = "../folders/$mappe/"; // The place the files will be uploaded to (currently a 'files' directory). $filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension). $ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename. //Create random string function rand_string( $length ) { $chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"; $size = strlen( $chars ); for( $i = 0; $i < $length; $i++ ) { $str .= $chars[ rand( 0, $size - 1 ) ]; } return $str; } $md5file = md5($filename); $salt_string = rand_string( 5 ); $encrypted_file_array = array($salt_string,$md5file); $file = implode($encrypted_file_array); $array_ext = array($file,$ext); $fullfile = implode($array_ext); /* Check if the filetype is allowed, if not DIE and inform the user. if(!in_array($ext,$allowed_filetypes)) die('The file you attempted to upload is not allowed.'); */ // Now check the filesize, if it is too large then DIE and inform the user. if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize) { echo ' <div class="response-msg error ui-corner-all"> <span>Meddelelse</span> Filen var for stor. <br /> Filen er større end hvad systemsadministatoren har tilldat. Du bør kontakte din admministrator omgående, eller formindske filen. </div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div>'; include('sidebar.php'); echo' </div> <div class="clear"></div> </div> </div>'; include('footer.php'); echo '</div> </body> </html> '; exit(); } if (file_exists("$upload_path" . $fullfile)) { echo ' <div class="response-msg error ui-corner-all"> <span>Meddelelse</span> Denne fil eksistere allerede. <br /> Du bør omdøbe filen, eller prøve en gang til. </div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div>'; include('sidebar.php'); echo' </div> <div class="clear"></div> </div> </div>'; include('footer.php'); echo '</div> </body> </html> '; exit(); } // Check if we can upload to the specified path, if not DIE and inform the user. if(!is_writable($upload_path)) { echo ' <div class="response-msg error ui-corner-all"> <span>Meddelelse</span> Der er ikke skrive rettigheder i fil mappen. <br /> Dette skal du informere din systems-adminisrator så han kan rette fejlen. </div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div>'; include('sidebar.php'); echo' </div> <div class="clear"></div> </div> </div>'; include('footer.php'); echo '</div> </body> </html> '; exit(); } // Upload the file to your specified path. if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $fullfile)) { $kundeid = mysql_real_escape_string($_GET['kundeid']); $mappeid = mysql_real_escape_string($_GET['mappe']); $navn = mysql_real_escape_string($_POST['navn']); $date = date(d-m-Y); echo "$kundeid"; echo "<br>"; echo "$mappeid"; echo "<br>"; echo "$navn"; echo "<br>"; mysql_query("INSERT INTO files (client, location, folder, name) VALUES ('$kundeid', '$fullfile', '$mappeid', '$navn')" or die(mysql_error())); echo ' <div class="response-msg success ui-corner-all"> <span>Fil tilføjet</span> Filen blev tilføjet uden nogle problemer. </div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div>'; include('sidebar.php'); echo' </div> <div class="clear"></div> </div> </div>'; include('footer.php'); echo '</div> </body> </html> '; exit(); } else { echo ' <div class="response-msg error ui-corner-all"> <span>Meddelelse</span> Fejl! <br /> Der skete en uventet fejl. Kontakt din serveradministrator. </div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div> <div class="clear"></div>'; include('sidebar.php'); echo' </div> <div class="clear"></div> </div> </div>'; include('footer.php'); echo '</div> </body> </html> '; exit(); } include('sidebar.php'); ?> </div> <div class="clear"></div> </div> </div> <?php include('footer.php'); ?></div> </body> </html> Hope that some one can solve this mystery. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.