Johnny
Reputation: 576
Determine whether or not a file has been uploaded and adjust sql accordingly
I am trying to edit a profile and have a problem with the image.
When I create the profile, I can upload the image successfully and see the image when I view the profile.
However when I go to edit the profile, if I do not change values such as name, age etc then these get written back to the database with the unchanged / original value.
Unfortunately if the image is not changed, when the edit button is clicked, it gets overwritten with blank values.
What I am after is a way to say:
IF $FILES[] is empty {
do not update image details
}
ELSE
{
update image details
}
My current code looks like this:
// EDIT A PLAYER PROFILE
if (isset($_POST['action']) and $_POST['action'] == 'Edit' )
{
include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
try
{
// $sql = 'SELECT id, name, age, position, height, weight, satscore, gpa FROM player WHERE id = :id';
$sql = 'SELECT player.id, player.name AS name, age, position, height, weight, previousclubs.id AS previousclubsid, GROUP_CONCAT(distinct previousclubs.name) previousclubs,
satscore, gpa, GROUP_CONCAT(distinct link) link, email, filename, mimetype, filedata
FROM player INNER JOIN playerpreviousclubs
ON player.id = playerid
INNER JOIN previousclubs
ON previousclubid = previousclubs.id
INNER JOIN links
ON links.playerid = player.id
WHERE player.id = :id';
$s = $pdo->prepare($sql);
$s->bindValue(':id', $_POST['id']);
$s->execute();
}
catch (PDOException $e)
{
$error = 'Error fetching profile details.' . $e->getMessage();
include 'error.html.php';
exit();
}
$row = $s->fetch();
$pageTitle = 'Edit Profile';
$action = 'editform';
$name = $row['name'];
$age = $row['age'];
$position = $row['position'];
$height = $row['height'];
$weight = $row['weight'];
$satscore = $row['satscore'];
$gpa = $row['gpa'];
$previousclubs = $row['previousclubs'];
$previousclubsid = $row['previousclubsid'];
$link = $row['link'];
$email = $row['email'];
$filename = $row['filename'];
$mimetype = $row['mimetype'];
$filedata = $row['filedata'];*/
$id = $row['id'];
$button = 'Update Profile';
include 'addplayerprofile.html.php';
exit();
}
if (isset($_GET['editform']))
{
include $_SERVER['DOCUMENT_ROOT'] . '/includes/db.inc.php';
// UPDATE MAIN PLAYER PROFILE DETAILS
try
{
$sql = "UPDATE player SET
name = :name,
age = :age,
position = :position,
height = :height,
weight = :weight,
satscore = :satscore,
gpa = :gpa,
email = :email,
filename = :filename,
mimetype = :mimetype,
filedata = :filedata
WHERE id = :id";
$s = $pdo->prepare($sql);
$s->bindValue(':id', $_POST['id']);
$s->bindValue(':name', $_POST['name']);
$s->bindValue(':age', $_POST['age']);
$s->bindValue(':position', $_POST['position']);
$s->bindValue(':height', $_POST['height']);
$s->bindValue(':weight', $_POST['weight']);
$s->bindValue(':satscore', $_POST['satscore']);
$s->bindValue(':gpa', $_POST['gpa']);
$s->bindValue(':email', $_POST['email']);
$s->bindValue(':filename', $uploadname);
$s->bindValue(':mimetype', $uploadtype);
$s->bindValue(':filedata', $uploaddata);
$s->execute();
}
catch (PDOException $e)
{
$error = 'Error editing player profile main details.' . $e->getMessage();
include 'error.html.php';
exit();
}
I thought I could do something like this but it is not working:
if (isset($_FILES['upload']) && $_FILES['upload'] <> '')
{
$s->bindValue(':filename', $uploadname);
$s->bindValue(':mimetype', $uploadtype);
$s->bindValue(':filedata', $uploaddata);
}
else
{
$s->bindValue(':filename', $filename);
$s->bindValue(':mimetype', $mimetype);
$s->bindValue(':filedata', $filedata);
}
All help is appreciated.
Thanks
Upvotes: 0
Views: 76
Answers (2)
SMka
Reputation: 3021
main algo to your code
if (isset($_POST['action']) and $_POST['action'] == 'Edit')
{
if (!empty($_FILES) and is_uploaded_file($_FILES['upload']['tmp_name'])) {
$sql = "UPDATE player SET
name = :name,
age = :age,
position = :position,
height = :height,
weight = :weight,
satscore = :satscore,
gpa = :gpa,
email = :email,
filename = :filename,
mimetype = :mimetype,
filedata = :filedata
WHERE id = :id";
} else {
$sql = "UPDATE player SET
name = :name,
age = :age,
position = :position,
height = :height,
weight = :weight,
satscore = :satscore,
gpa = :gpa,
email = :email
WHERE id = :id";
}
try {
//skipped
if (!empty($_FILES) and is_uploaded_file($_FILES['upload']['tmp_name'])) {
$s->bindValue(':filename', $uploadname);
$s->bindValue(':mimetype', $uploadtype);
$s->bindValue(':filedata', $uploaddata);
}
} catch(PDOException $e) {
//skipped
}
}
http://www.php.net/manual/en/function.is-uploaded-file.php
Upvotes: 1
deceze
Reputation: 522342
if (isset($_FILES['upload']['error']) && $_FILES['upload']['error'] == UPLOAD_ERR_OK) {
// a file has been uploaded
}
Then see Security threats with uploads.
Upvotes: 1
Related Questions
- How to check whether the user uploaded a file in PHP?
- php how to test if file has been uploaded completely
- If file exist returns else note
- Check if a file is going to be uploaded? CodeIgniter
- PHP - Checking a file has been uploaded but the rest of the information is empty
- How to check if a file was uploaded?
- Check whether file is uploaded
- Check if file uploaded successfully
- How to compare filename of uploaded file and string
- PHP File Validation using If statements uploads