CODEWITHSUNDEEP
phpdatabaseimage-uploading
Christina
Christina

Reputation: 255

PHP Image upload stored as url

For a project I need to build some kind of auction platform using PHP for the backend. I am currently trying to upload images using PHP and then storing the url in the "Item" table in my sql database. I followed this tutorial for image uploading, however, I am not sure now how to connect it to my database now. My code for the image uploading looks as follows: server > images > upload.php:

// Tutorial: https://www.w3schools.com/php/php_file_upload.asp

<?php
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
}
// Check if file already exists
if (file_exists($target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}
// Check file size - if more than 500MB, display error
if ($_FILES["fileToUpload"]["size"] > 500000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}
// Allow certain file formats (JPG, JPEG, PNG, and GIF)
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
        echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
    } else {
        echo "Sorry, there was an error uploading your file.";
    }
}
?>

As mentioned I would like to retrieve the image url and store it in the "Item" table. I connected the database by building an API using this tutorial. So basically my "Item" model looks as follows: server > model > Item.php

<?php

include_once '../sql_functions.php';

class Item
{
    // database connection and table name
    private $conn;

    // object properties
    public $ID;
    public $Name;
    public $Description;
    public $AuctionStart;
    public $AuctionEnd;
    public $AuctionFinished;
    public $StartingPrice;
    public $ReservePrice;
    public $FinalPrice;
    public $PhotoURL;
    public $SellerID;

    // constructor with $db as database connection
    public function __construct($db)
    {
        $this->conn = $db;
    }

    // read products
    function read()
    {

        return p_Item_sel_all($this->conn);
    }

    // search products
    function search($search)
    {

        return p_Item_search($this->conn,$search);
    }

    function create()
    {

        // TODO: Check that start date is in the future, and before the end date
        // check reserver price is positive


        // sanitize
        $this->Name = htmlspecialchars(strip_tags($this->Name));
        $this->Description = htmlspecialchars(strip_tags($this->Description));
        $this->AuctionStart = htmlspecialchars(strip_tags($this->AuctionStart));
        $this->AuctionEnd = htmlspecialchars(strip_tags($this->AuctionEnd));
        $this->StartingPrice = htmlspecialchars(strip_tags($this->StartingPrice));
        $this->ReservePrice = htmlspecialchars(strip_tags($this->ReservePrice));
        $this->PhotoURL = htmlspecialchars(strip_tags($this->PhotoURL));
        $this->SellerID = htmlspecialchars(strip_tags($this->SellerID));
//        $this->created=htmlspecialchars(strip_tags($this->created));

        if (p_Item_ins($this->conn, $this->Name, $this->Description, $this->AuctionStart, $this->AuctionEnd, $this->StartingPrice, $this->ReservePrice, $this->PhotoURL, $this->SellerID)) {
            return true;
        };

        return false;

    }

    // used when filling up the update product form
    function readOne()
    {

        $stmt = p_Item_sel_id($this->conn, $this->ID);

        // get retrieved row
        $row = $stmt->fetch(PDO::FETCH_ASSOC);

        // set values to object properties
        $this->ID = $row['ID '];
        $this->Name = $row['Name '];
        $this->Description = $row['Description '];
        $this->AuctionStart = $row['AuctionStart '];
        $this->AuctionEnd = $row['AuctionEnd '];
        $this->AuctionFinished = $row['AuctionFinished '];
        $this->StartingPrice = $row['StartingPrice '];
        $this->ReservePrice = $row['ReservePrice '];
        $this->FinalPrice = $row['FinalPrice '];
        $this->PhotoURL = $row['PhotoURL '];
        $this->SellerID = $row['SellerID '];
    }

    function increment_views()
    {
        return p_Item_incr_views($this->conn, $this->ID);
    }

    function update(){

        // execute the query
        if (p_Item_upd($this->conn, $this->ID, $this->Name, $this->Description, $this->AuctionStart, $this->AuctionEnd, $this->AuctionFinished, $this->StartingPrice, $this->ReservePrice, $this->FinalPrice, $this->PhotoURL, $this->SellerID)) {
            return true;
        }

        return false;
    }

        // delete the Item
    function delete(){

        // execute query
        if(p_Item_del_id($this->conn, $this->ID)){
            return true;
        }

        return false;

    }

}

The functions (create, delete, read_one, read, search, update) are all in different files. The SQL queries are stored in sproc files. If needed, I can of course also include the code here.

This is probably quite a simple connection from upload to the database but as I am completely new to PHP with a tight project deadline, I would very much appreciate any help!

Upvotes: 0

Views: 99

Answers (2)

S. Edward
S. Edward

Reputation: 54

In your class you are missing your "setter"

You need to instantiate your Database connector as a proper object...

    public function setDbObject($domain, $user, $pw, $db) {

        $conn = mysqli_connect("$domain", "$user", "$pw", "$db");

        if (!$conn) {
              return false();
        }

        else {

             return $conn;
        }

    }

this will return your connection "object" which you can then use to run your queries.

Hope that helps.

Upvotes: 1

Godfather
Godfather

Reputation: 372

my suggestion is to define some storage path for your files (or images) and define the url of that folder for example

define('STORAGE_DIR',dirname(__FILLE__).'/../storage/');
define('STORAGE_url','http://example.com/storage/');

and then, make some random names for your files and save the name in database. if you do this you would know the exact location and url of any of your files.

Upvotes: 0

Related Questions