Today's Posts Follow Us On Twitter! TFL Members on Twitter  
Forum search: Advanced Search  
  Members Login:
Lost password?
  Forum Statistics:
Forum Members: 24,253
Total Threads: 80,789
Total Posts: 566,444
There are 85 users currently browsing (tf).
  Our Partners:
  TalkFreelance     Design and Development     Programming     PHP and MySQL :

File Upload Script Only Working Occasionally

Thread title: File Upload Script Only Working Occasionally
    Thread tools Search this thread Display Modes  
09-24-2012, 06:30 PM
j-leist is offline j-leist
Status: I'm new around here
Join date: Sep 2012
Location: Leicester, England
Expertise: PHP, MySQL, HTML5, CSS3
Software: Dreamweaver!
Posts: 1
iTrader: 0 / 0%

j-leist is on a distinguished road

  Old  File Upload Script Only Working Occasionally


Basically I have written a script to allow the user in the back end to upload pictures for the gallery. The script is supposed to upload the file to the server and then post the file name and info into the database.

It always uploads the file to the server without fail, however for some reason it only posts it to the database occasionally. Sometimes it works fine but 8 times out of 10 it uploads the file and thats it, the script is as follows.

PHP Code:
//This is the directory where images will be saved 
$target "images/"
$target $target basename$_FILES['photo']['name']); 
//This gets all the other information from the form 
//Connecting to the database
//Writes the information to the database 
mysql_query("INSERT INTO `gallery` VALUES ('$name', '$caption', '$pic', '$live')") ; 
//Writes the photo to the server 
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target)) 
//Tells you if its all ok 
echo "The file "basename$_FILES['uploadedfile']['name']). " has been uploaded successfully, press back to upload more"
 else { 
//Gives and error if its not 
echo "Sorry, there was a problem uploading your file."
 <a href="admin-gallery.php"> Back </a>

01-02-2013, 01:32 PM
unikorndesigns is offline unikorndesigns
unikorndesigns's Avatar
Status: Junior Member
Join date: May 2011
Expertise: Web Designing and Development
Software: Photoshop, Dreamweaver and etc
Posts: 41
iTrader: 0 / 0%

unikorndesigns is on a distinguished road


i dont know if this would help checkout my upload script

PHP Code:
function get_mime_type($file) {
// our list of mime types
$mime_types = array( 
$extension strtolower(end(explode('.',$file)));
move_uploaded_file($_FILES['file']['tmp_name'], "../../uploads/".$_FILES['file']['name'])){
// connect to the mysql server 
$link mysql_connect("localhost""root"""
        or die (
'Could not connect to mysql because '.mysql_error()); 
// select the database 
        or die (
'Could not select database because '.mysql_error());
$query1="SELECT * FROM media WHERE media_filename='".$_FILES['file']['name']."'";
mysql_query("INSERT INTO media VALUES ('','".$_FILES['file']['name']."','".filesize("../../uploads/".$_FILES['file']['name'])."','../uploads/','".$media_type."',CURDATE())");    
$query1="SELECT * FROM media WHERE media_filename='".$_FILES['file']['name']."'";
'<div class="dfiles"><img src="../../uploads/'.$_FILES['file']['name'].'" style="float: left; padding-top: 3px;" height="30" width="30"/><h5><b>'.$filename.'</b> </h5>
<div class="progress" style="font-size: 11px"><a href="media/edit_media/'
.$id.'">Edit Media</a></div></div>';

Reply With Quote
01-02-2013, 07:06 PM
Village Genius is offline Village Genius
Village Genius's Avatar
Status: Geek
Join date: Apr 2006
Location: Denver, CO
Expertise: Software
Software: Chrome, Notepad++
Posts: 6,894
iTrader: 18 / 100%

Village Genius will become famous soon enough


You are inserting stuff into your database without escaping it, making it vulnerable to SQL injection. Things like the file name are passed along like any other input string would be so an attacker could easily exploit that.

Reply With Quote

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools
Display Modes

  Posting Rules  
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump:
  Contains New Posts Forum Contains New Posts   Contains No New Posts Forum Contains No New Posts   A Closed Forum Forum is Closed