user photo upload with a few details

do you have a php script where details of a form and an uploaded photo will be stored somewhere in my server awaiting moderation?

so far i came up with this for my site:

http://filipina.freehostia.com/gallery/join/

as you can see, since i dont know anything about php, i just made 2 pages for 2 scripts, one will receive the inputs of the form and another upload the photo into my server. can you give me a script which can do it in 1 step?

Yes you can, check the the example "upload_db_example.php", this file doesn't use a database at the moment but it will five you an idea how to do it.
First you need to upload the file and on success insert the data to a database.
To get this "moderating" feature you need am extra value in the database like show = "y"
this value is the indicator if a photo will show up or not inside the gallery.

thanks.

where can i find this "upload_db_example.php" script? with the Easy PHP Upload ver. 2.31 in your site?

it's within the zip file...

found it. thanks!

OK don't forget to open a new thread if you need assistance for the upload class

my concern with file uploads is when script kiddies send you a virus disguised as a jpg or gif file. my server could be vulnerable to attacks.

so to address it i decided to use FormMail. its a free php script that sends the content of your user submitted form to your email account. i configured the script to send it to my yahoo email. yahoo mail has built-in virus scanning and a thumbnail preview of the photos attached so i will know outright if it is a real photo or just a virus in disguise before i open it.

my problem is solved!

never heard about this, this way it should be dangerous for millions of websites. If you upload a file to send it by mail the same risk exists because the file is uploaded first...

Off topic: Should we move that thread to the Olaf's forums?

not yet since he is not using the uplaod class ;)

no, the file is not uploaded first since i configured the script not to. it just emails me the file.

and ive encountered a virus which disguises itself into any file by adding another filename after its own like this: virusname.virusfile.jpg but i cant remember the name of that virus, only that it caught me offguard and infected my pc.

yes, it is possible. and sending the file to my yahoo email first will provide the needed virus scanning.

than you missunderstand something, a file selected with a file formelement is always uploaded first and processed adterwards...

uploading a file will not say that the file is stored on the server, but anyway if you feel save with your solution go for it (never got a virus with by and uploaded file) :)

"a file selected with a file formelement is always uploaded first and processed adterwards..."

oh ok. as long as i dont have to open it from there just to feel safe.

hehe, al actions on the client side has to be verified by the user...

by the way the most viruses wouldn't harm a linux webserver

"hehe, al actions on the client side has to be verified by the user..."

what i meant was, if i want to see what was uploaded on my server, then i have to view it on my computer, right? if it was a virus in disguise, how would i know?

if i click on a virus disguised as a picture file, then i have already downloaded it in my computer too.

in this case you should virusscan the files first ;) (never had a virus since I own a PC)

thats where yahoo mail comes in. all form submissions will be sent to my yahoo email since they have virus scanning and displays a thumbnail of the photos sent to me.

yes gmail too...