Ahsun Taquveem Chohan » php & mysql http://ahsun.xenoglaux-solutions.com The Blog for computer scientists Sat, 04 Dec 2010 08:47:33 +0000 en hourly 1 http://wordpress.org/?v=3.1.1 Creating A File Upload Script http://ahsun.xenoglaux-solutions.com/2009/04/28/creating-a-file-upload-script/ http://ahsun.xenoglaux-solutions.com/2009/04/28/creating-a-file-upload-script/#comments Tue, 28 Apr 2009 18:31:12 +0000 Ahsun Taquveem Chohan http://ahsun.xenoglaux-solutions.com/2009/04/28/creating-a-file-upload-script/ I will teach you how to create a basic script that allow people to upload files and stores details of their uploads in a database. Follow up, it is not hard at all…. If you have questions, feel free to ask

First we need to create the database table with the following SQL:

 

CREATE TABLE `uploads` (
`id` int(10) unsigned NOT NULL auto_increment,
`whenuploaded` datetime NOT NULL default '0000-00-00 00:00:00',
`ipaddress` varchar(15) NOT NULL default 'unknown',
`imageloc` varchar(255) NOT NULL default 'unknown',
`imagesize` int(10) unsigned default NULL,
`imagetype` varchar(30) default NULL,
PRIMARY KEY (`id`)
) TYPE=MyISAM;

 

Then here’s the PHP code you need at the top of the page where you’re going to have your upload form. You need to change the database access details at the top and the ‘defines’ to specify your domain and path names. Create the DEST_DIR directory on the server with 777 permissions.

define('MAX_ALLOWED_FILE_SIZE', 1024000); // change 1024000 with the size you wish to allow people to upload
define("DEST_DIR", '/upload/'); / / set your upload dir
define('DEST_PATH', '/home/public_html' . DEST_DIR); //path to your dir
define('DEST_URL', 'http://yourwebsite.com' . DEST_DIR);

$allowed_types = array("image/gif", "image/pjpeg", "image/x-png", "image/bmp"); //set the allowed extensions

$dbhost = "localhost";
$dbname = "yourdb_name";
$dbuser = "yourdb_user";
$dbpass = "yourdb_password";

$errormessage = "Please enter file to be uploaded."; //change this message to whatever U want

if ((isset($_REQUEST['form_submit'])) && ('form_uploader' == $_REQUEST['form_submit']))
{
$picfile_name = $_FILES['picfile']['name'];
$picfile_type = $_FILES['picfile']['type'];
$picfile_size = $_FILES['picfile']['size'];
$picfile_temp = $_FILES['picfile']['tmp_name'];

if (MAX_ALLOWED_FILE_SIZE >= $picfile_size)
{
if (in_array($picfile_type, $allowed_types))
{
if (is_uploaded_file($_FILES['picfile']['tmp_name']))
{

if (file_exists(DEST_PATH . $picfile_name))
{
$unique_id = time();
$picfile_name = $unique_id . '_' . $picfile_name;
}

if (move_uploaded_file($picfile_temp, DEST_PATH . $picfile_name))
{
$errormessage = "File uploaded as:
" . DEST_URL . $picfile_name . "";

if(mysql_connect($dbhost, $dbuser, $dbpass))
{
if(mysql_select_db($dbname))
{
$sql1 = "INSERT INTO uploads (whenuploaded, ipaddress, imageloc, imagesize, imagetype) VALUES (";
$sql1 .= "'" . date("Y-m-d H:i:s") . "',";
$sql1 .= "'" . $_SERVER['REMOTE_ADDR'] . "',";
$sql1 .= "'" . DEST_DIR . $picfile_name . "',";
$sql1 .= "" . $picfile_size . ",";
$sql1 .= "'" . $picfile_type . "')";

if (!mysql_query($sql1))
{
$errormessage .= "
Query failed [$sql1].";
}
}
else
{
$errormessage .= "
Could not select database.";
}
}
else
{
$errormessage .= "
Could not connect to database.";
}
}
else
{
$errormessage = "File upload failed for obscure reasons (error code: " . $_FILES['picfile']['error'] . ").";
}
}
else
{
$errormessage = "No file uploaded.";
}
}
else
{
$errormessage = "Invalid file type.";
}
}
else
{
$errormessage = "File too big (maximum size is " . MAX_ALLOWED_FILE_SIZE . ").";
}
$_REQUEST['form_submit'] = "";
}

?>
]]> http://ahsun.xenoglaux-solutions.com/2009/04/28/creating-a-file-upload-script/feed/ 1 Login & Logout tutorial http://ahsun.xenoglaux-solutions.com/2009/04/01/login-logout-tutorial/ http://ahsun.xenoglaux-solutions.com/2009/04/01/login-logout-tutorial/#comments Wed, 01 Apr 2009 17:46:28 +0000 Ahsun Taquveem Chohan http://ahsun.xenoglaux-solutions.com/?p=7 Create a file for Login and Logout (PHP + MySQL) using with a SESSION variable. This file contains Login form, Login authorize program and Logout program. All in one but Short and Easily.

This tutorial require 2 PHP files and 1 table of mySQL database.

  1. index.php this file is the Login and Logout file.
  2. main.php this file is the target when login is O.K.
  3. Database “tutorial” and table “admin” with 3 fields: id(auto_increment), username(varchar, 50), password(varchar, 32).
    * The “password” field is design for md5() password for more sucurity.Then put a record into this table. In this tutorial, put a record with name “admin” and password “81dc9bdb52d04dc20036dbd8313ed055“. This password was encrypted by md5() function from the real password “1234“.

    * When you test this script you must to put the real password (1234) in “password” box.

index.php

The mainly file for do 3 things.

  • Login form. Including 2 fields “username” and “password” and submit button “Login”.
  • Login authorize program. Do authorize check after you submit form, if passed in username and password, this page will re-direct to main.php. If not, show the invalid user or password message.
  • Logout. Clear the login session when come back or refresh this page.

<?
// Use session variable on this page. This function must put on the top of page.
session_start();

////// Logout Section. Delete all session variable.
session_destroy();

$message=”";

////// Login Section.
$Login=$_POST['Login'];
if($Login){ // If clicked on Login button.
$username=$_POST['username'];
$md5_password=md5($_POST['password']); // Encrypt password with md5() function.

// Connect database.
$host=”localhost”; // Host name.
$db_user=”"; // MySQL username.
$db_password=”"; // MySQL password.
$database=”tutorial”; // Database name.
mysql_connect($host,$db_user,$db_password);
mysql_select_db($database);

// Check matching of username and password.
$result=mysql_query(“select * from admin where username=’$username’ and password=’$md5_password’”);
if(mysql_num_rows($result)!=’0′){ // If match.
session_register(“username”); // Craete session username.
header(“location:main.php”); // Re-direct to main.php
exit;
}else{ // If not match.
$message=”— Incorrect Username or Password —”;
}

} // End Login authorize check.
?>

<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
<title>Untitled Document</title>
</head>

<body>
<? echo $message; ?>
<form id=”form1″ name=”form1″ method=”post” action=”<? echo $PHP_SELF; ?>“>
<table>
<tr>
<td>User : </td>
<td><input name=”username” type=”text” id=”username” /></td>
</tr>
<tr>
<td>Password : </td>
<td><input name=”password” type=”password” id=”password” /></td>
</tr>
</table>
<input name=”Login” type=”submit” id=”Login” value=”Login” />
</form>
</body>
</html>

———————————————————————————————————————————

main.php

This file is the target file when authorize check on index.php has been passed. It checks for session variable name “username”. If this variable does not exist, re-direct to index.php.

If you have PHP files must Login before open them, copy the PHP section and place it on the top of them.

<?
// You may copy this PHP section to the top of file which needs to access after login.
session_start(); // Use session variable on this page. This function must put on the top of page.
if(!session_is_registered(“username”)){ // if session variable “username” does not exist.
header(“location:index.php”); // Re-direct to index.php
}
?>

<html xmlns=”http://www.w3.org/1999/xhtml”>
<head>
<meta http-equiv=”Content-Type” content=”text/html; charset=utf-8″ />
<title>Untitled Document</title>
</head>
<body>
<p>Hello <? echo $_SESSION['username']; ?>! You are now Logged in.</p>
<p><a href=”index.php”>Logout</a></p>
</body>
</html>

—————————–
Now just run it and enjoy :-)

]]> http://ahsun.xenoglaux-solutions.com/2009/04/01/login-logout-tutorial/feed/ 0