Hi all I am working on a modified version of digitizepoint plugin and want to upload some image files when inserting a point. the form is enctype="multipart/form-data".
the link is http://www.simsity.it/pmapper/PPBwebgis.phtml the correct plugin is the red pencil the code is ok but I don't have the uploaded files I know that it seems not to be a pmapper related problem but I'm missing something about the use of variables, in fact $_POST[] and, more important, $_FILES[] are empty. I try to explain the code After the form is submitted all the the fields in the table are correctly filled, after this the script creates a subdir with the name of the 'gid' value of the table and two subdirs (one for file) under the 'gid' directory newly created. then using the PHP move_uploaded_file() function the files doesn't get copied in the subdirs. Note that the same code out of pmapper works correctly. follows the code, the table name is 'poippb' with this schema: gid | integer | not null default nextval('poippb_gid_seq'::regclass) nome | character varying(20) | descrizione | text | giudizio | integer | file1 | character varying(200) | file2 | character varying(200) | link1 | character varying(200) | video | character varying(2000) | autore | character varying(100) | mail | character varying(100) | infoautore | character varying(1000) | utente | character varying(30) | ip | character varying(15) | the_geom | geometry the code: <?php //------------------------------------------------------------------------- // This file is part o digitizepoints, a plugin for p.mapper. // It allow to digitize points into a PostgreSQL/PostGIS table. // See http://www.pmapper.net/ // // Copyright (C) 2009 Niccolo Rigacci, Thomas Raffin // // This program is free software: you can redistribute it and/or modify // it under the terms of the GNU Affero General Public License as // published by the Free Software Foundation, either version 3 of the // License, or (at your option) any later version. // // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. // // Authors: Niccolo Rigacci <nicc...@rigacci.org> // Thomas Raffin //------------------------------------------------------------------------- // alex //http://www.sv-design.org/blog/php-thumbandcrop-resize-crop-immagini-con-php/ // includo la classe // require_once("../../incphp/thumbncrop.inc.php"); //valorizzo la variabile // $tb = new ThumbAndCrop(); // prevent XSS if (isset($_REQUEST['_SESSION'])) exit(); session_start(); // If plugin is not activated, do not execute. if (!isset($_SESSION['pointinfo_activated']) or !$_SESSION['pointinfo_activated']) { exit(); } require_once($_SESSION['PM_INCPHP'] . '/common.php'); require_once($_SESSION['PM_INCPHP'] . '/globals.php'); require_once('DB.php'); require_once('include.php'); require_once('include_conf.php'); // TODO: // * Now the pkey must be numeric, add proper escaping if needed. // * Trap errors on fetchRow, when getting lon/lat of existing point. $distance = 'st_distance'; // Name for 'SELECT ... AS', must not conflict with other table fields. $prefix = '__db'; // Prefix for database fields used into the html form. print "<html>\n"; print "<head>\n"; print "</head>\n"; print "<body>\n"; $lon = (float)$_REQUEST['lon']; $lat = (float)$_REQUEST['lat']; //------------------------------------------------------------------------ // Connect to the database. //------------------------------------------------------------------------ $db = DB::connect($dsn, true); if (DB::isError($db)) die ($db->getMessage()); //------------------------------------------------------------------------ // What to do? //------------------------------------------------------------------------ $action = isset($_REQUEST['__action']) ? $_REQUEST['__action'] : false; switch($action) { //-------------------------------------------------------------------- // Do insert. //-------------------------------------------------------------------- case 'insert': // Get all the fields from the web form. list($columns, $values) = get_columns_and_values($_REQUEST, $prefix, $db); // Add the geometry. $val = sprintf('ST_SetSRID(ST_MakePoint(%f, %f), %d)', $lon, $lat, $srid_map); if ($srid_geom != $srid_map) $val = "ST_Transform($val, $srid_geom)"; array_push($columns, $the_geom); array_push($values, $val); // Make the SQL statement. $sql = 'INSERT INTO ' . $db_table . ' (' . implode(', ', $columns) . ')'; $sql .= ' VALUES (' . implode(', ', $values) . ')'; //$sql = 'INSERT INTO poippb (colonne, a,b,c) values (valori, a,b,c)'; $result = $db->query($sql); if (DB::isError($result)) { print "<b>Errore di inserimento eseguendo</b> " . my_html($sql) ."<p>\n"; die ($result->getMessage()); } else { msg_and_close(_p('Inserimento avvenuto con successo.')); } //$estrae "select gid,video, ECC FROM poippb WHERE //ciclo // colonna='valore' AND colonna='valore' $query = "SELECT max(gid) AS maximo FROM poippb"; $res = $db->query($query); if (DB::isError($res)) { print "<b>Errore di estrazione eseguendo</b> " . my_html($query) ."<p>\n"; die ($res->getMessage()); } else { //msg_and_close(_p('Inserimento avvenuto con successo.')); } $rec = $res->fetchRow(DB_FETCHMODE_ASSOC); $GID = $rec[maximo]; //-------------------------------------------------------------------- // crea dir e sottodir e upload file utenti //-------------------------------------------------------------------- $uploaddir = '/var/www/simsity.it/file_utenti/ppb/'; // creare sottodir $DIR = $uploaddir . "$GID"; $DIR1 = $uploaddir . "$GID" . "/1/"; $DIR2 = $uploaddir . "$GID" . "/2/"; echo "DIR: $DIR<hr>DIR1: $DIR1<hr>DIR2: $DIR2<hr>"; echo "QUERY: $query<hr>"; mkdir("$DIR", 0777); mkdir("$DIR1", 0777); mkdir("$DIR2", 0777); //$uploadfile1 = $DIR1 . basename($_FILES['_c_file1']['name']); //$uploadfile2 = $DIR2 . basename($_FILES['_c_file2']['name']); $uploadfile1 = $DIR1 . $_REQUEST['__db_c_file1']; $uploadfile2 = $DIR1 . $_REQUEST['__db_c_file2']; echo "<script langauge=\"javascript\">alert(\" " .$DIR. " " .$DIR1. " " .$DIR2. " " .$uploadfile1. " " .$uploadfile2. " " .$GID."\");</script>"; if (move_uploaded_file($_REQUEST['__db_c_file1'], $uploadfile1)) { echo "$uploadfile1 - File is valid, and was successfully uploaded.\n"; } else { echo "Possible file upload attack!\n"; } if (move_uploaded_file($_REQUEST['__db_c_file2'], $uploadfile2)) { echo "File is valid, and was successfully uploaded.\n"; } else { echo "Possible file upload attack!\n"; } foreach ($_REQUEST as $valore) { echo "a $valore<br/>"; // 4 e 5 } //-------------------------------------------------------------------- // taglia, thumba e salva le immagini //-------------------------------------------------------------------- ### per alex: non sono riuscito a farla funzionare ### e non crea + le dir per i files # $tb->openImg($uploadfile1); # $newHeight = $tb->getRightHeight(100); # $tb->creaThumb(100, $newHeight); # $tb->saveThumb($DIR1 . '/cropthumb.jpg'); //echo 'Here is some more debugging info:'; //print_r($_FILES); print "</pre>"; if (!$result) { print "<b>Error executing statement:</b> " . $sql ."<p>\n"; die ($result->getMessage()); } else { msg_and_close(_p('Insert successful.')); } //echo $VIDEO; break; //-------------------------------------------------------------------- // Get points near the clik and get table info. //-------------------------------------------------------------------- default: $point = sprintf("ST_PointFromText('POINT(%f %f)', %d)", $lon, $lat, $srid_map); $geom_ll = $the_geom; // Function ST_Distance_Sphere() requires EPSG:4326 lon/lat points. if ($srid_map != 4326) $point = "ST_Transform($point, 4326)"; if ($srid_geom != 4326) $geom_ll = "ST_Transform($the_geom, 4326)"; $sql = 'SELECT *, ST_Distance_Sphere(%s, %s) AS %s'; // $sql = 'SELECT *, ST_Distance(%s, %s) AS %s'; $sql .= ' FROM %s WHERE ST_Distance_Sphere(%s, %s) < %f'; $sql .= ' ORDER BY %s'; $sql = sprintf($sql, $geom_ll, $point, $distance, $db_table, $geom_ll, $point, $tolerance, $distance); $result = $db->query($sql); if (DB::isError($result)) die ($result->getMessage()); $tableinfo = $result->tableInfo(); // If there is a near point, we will do an update. if (!isset($_REQUEST['addnew']) and $result->numRows() > 0) { $record = $result->fetchRow(DB_FETCHMODE_ASSOC); $point = $the_geom; if ($srid_geom != $srid_map) $point = "ST_Transform($point, $srid_map)"; $sql = 'SELECT ST_X(%s), ST_Y(%s) FROM %s WHERE %s = %s'; $sql = sprintf($sql, $point, $point, $db_table, $pkey, $record[$pkey]); list($point_lon, $point_lat) = $db->query($sql)->fetchRow(DB_FETCHMODE_ORDERED); $new_record = false; $action = 'update'; $id = $record[$pkey]; //-------------------------------------------------------------------- // inizio definizioni record PPB //-------------------------------------------------------------------- $video = $record[video]; $media1 = $record[file1]; $media2 = $record[file2]; $link1 = $record[link1]; $nome = $record[nome]; $descrizione = $record[descrizione]; //-------------------------------------------------------------------- // visualizza immagine a seconda del giudizio sul puntoPPB //-------------------------------------------------------------------- if ( $record[giudizio]== '0' ) { $GIUD = "Bene del Paesaggio"; $GIUDIMG = "<img src='/img/PPB0.gif' alt='Giudizio positivo'>"; } elseif ( $record[giudizio]== '1' ) { $GIUD = "Migliorabile"; $GIUDIMG = "<img src='/img/PPB1.gif' alt='Si poteva fare di meglio'>"; } else { //2 $GIUD = "Offesa al Paesaggio"; $GIUDIMG = "<img src='/img/PPB2.gif' alt='Giudizio negativo'>"; } $pippo = substr($media1, -3, 3); if ( substr($media1, -3, 3)=="jpg" ) { $MEDIA1 ="<b><a href='../file_utenti/ppb/$id/1/$record[file1]'> <img src='../file_utenti/ppb/$id/1/thumb.jpg' border='0' alt='Miniatura'> </a></b>"; } elseif ( substr($media1, -3, 3)=="mp3" ) { $MEDIA1 ="<b><a href='../file_utenti/ppb/$id/1/$record[file1]'>Audio (1)</a></b>"; } else { $MEDIA1 ="<b>! $media1 !</b>"; } //$DIV_video="<div style='border: 1px solid blue; width: 350px; height: 260px'; padding 5px'>"; //$DIV_descrizione = "<div style='border: 1px solid red; width: 350px; height: 260px'; padding 5px'>"; echo "<div class='infopointcontaniner' id='infopointcontaniner'> <div class='giudimg' id='giudimg'> $GIUDIMG</div> <div class='giudizio' id='giudizio'>giudizio</div> <div class='giud' id='giud'>$GIUD</div> <div class='coordinate' id='coordinate'>lon:<b>$lon</b> lat:$lat</div> <div class='nome' id='nome'>nome: <b>$nome</b></div> <div class='descrizione' id='descrizione'>descrizione: $descrizione</div> <div class='media1' id='media1'>$MEDIA1</div> <div class='media2' id='media2'>$MEDIA2</div> <div class='video' id='video'>$video</div> <div class='id' id='id'>(id:$id)</div> <div class='segnalato' id='segnalato'>Segnalato da: $record[autore]</div> </div>"; } else { list($point_lon, $point_lat) = array($lon, $lat); $new_record = true; $action = 'insert'; $id = ''; // tolgo la form dal caso in cui i dati ci siano gia'} //------------------------------------------------------------------------ // Display the insert/update form. //------------------------------------------------------------------------ $html = ''; $heading = ($new_record) ? _p('Inserisci un nuovo punto') : _p('Update point'); $html .= '<h2>' . $heading . "</h2>\n"; $html .= '<form id="pointinfo_form" name="inputform" enctype="multipart/form-data" method="post" action="' . $_SERVER['SCRIPT_NAME'] . '">' . "\n"; $html .= '<input type="hidden" name="__action" value="' . $action . "\">\n"; $html .= '<input type="hidden" name="__id" id="point_id" value="' . my_html($id) . "\">\n"; $html .= '<input type="hidden" name="__click_lon" id="click_lon" value="' . my_html($lon) . "\">\n"; $html .= '<input type="hidden" name="__click_lat" id="click_lat" value="' . my_html($lat) . "\">\n"; $html .= '<input type="hidden" name="MAX_FILE_SIZE" value="1000000" />'. "\n"; // Display the form for record insert/update. $html .= "<table>\n"; // Display the form for record insert/update. $html .= "<tr><td>Nome breve</td><td><input type='text' id='text1' name='__db_c_nome' maxlength='20' class='required'/></td></tr>\n"; $html .= "<tr><td valign='top'>Descrizione</td><td><textarea name='__db_c_descrizione' cols='40' rows='2'></textarea></td></tr>\n"; $html .= "<tr><td>Il tuo giudizio</td><td> <select name='__db_n_giudizio'> <option value='' selected='yes'>Scegli...</option>\n <option value='0'>Bellissimo</option>\n <option value='1'>Migliorabile</option>\n <option value='2'>Tragico</option>\n </select></td></tr>\n"; $html .= "<tr><td>Foto o mp3</td><td><input type='file' name='__db_c_file1' size='36'></td></tr>\n"; $html .= "<tr><td>Foto o mp3</td><td><input type='file' name='__db_c_file2' size='36'></td></tr>\n"; $html .= "<tr><td>Link</td><td><input type='text' name='__db_c_link1' size='36'></td></tr>\n"; $html .= "<tr><td>Link You Tube</td><td><input type='text' name='__db_c_video' size='36'></td></tr>\n"; $html .= "<tr><td>Il tuo nome</td><td><input type='text' name='__db_c_autore' size='36'></td></tr>\n"; $html .= "<tr><td>la tua mail (privacy)</td><td><input type='text' name='__db_c_mail' size='36'></td></tr>\n"; $html .= "<tr><td valign='top'>Parlaci di te</td><td><textarea name='__db_c_infoautore' cols='40' rows='2'></textarea></td></tr>\n"; // Input fields for longitude and latitude. $html .= '<tr><th>' . _p('Longitudine') . '</th><td align="right">'; $html .= sprintf('<input type="text" size="36" name="lon" value="%s" readonly="yes">', my_html($point_lon)); $html .= "</td></tr>\n"; $html .= '<tr><th>' . _p('Latitudine') . '</th><td align="right">'; $html .= sprintf('<input type="text" size="36" name="lat" value="%s" readonly="yes">', my_html($point_lat)); $html .= "</td></tr>\n"; $addnew_url = sprintf('?addnew=yes&lon=%f&lat=%f', $lon, $lat); $delete_url = sprintf('?__action=delete&__id=%d', my_html($id)); $disabled = $new_record ? 'disabled' : ''; $html .= "<tr><th> </th><td>\n"; $html .= '<input type="button" class="primaryAction" value="' . _p('INSERISCI') . "\" onClick=\"javascript: PM.Plugin.pointinfo.pntSave();\" />\n"; $html .= '<input type="button" value="' . _p('ANNULLA') . "\" onClick=\"javascript: PM.Plugin.pointinfo.closeDlg();\" />\n"; $html .= "<p>\n"; // $html .= '<input type="button" value="' . _p('Delete point') . '" onClick="javascript: if (!confirm(\'Delete point?\')) return false; PM.Plugin.pointinfo.pntDelete();"' . $disabled . ">\n"; // $html .= '<input type="button" value="' . _p('Do not edit, add new') . '" onClick="javascript: PM.Plugin.pointinfo.pntAddNew();"' . $disabled . ">\n"; $html .= "</td>\n"; $html .= "</table>\n"; $html .= "</form>\n"; $html .= "</body>\n"; $html .= "</html>\n"; echo $html; //inserisco fine else non esiste gia' } break; } $db->disconnect(); thanks in advice alessandro e carlo ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ pmapper-users mailing list pmapper-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/pmapper-users
