samato

Using the FTP i checked and there are no files uploading. For some reason the page redirects me to my index page even tho the download doesn't complete. Odd. It also kills one of my session variables.

Thanks. Ill check that now. The problem is that it claims it has been uploaded, but no file appears in the directory. EDIT: Full permissions are already set. Doesn't seem to be that. Furthermore, is there a way to restrict access to the folder via URL, but allow the php app to access it? Perhaps another session variable?

Yup. If you set your primary key as an INT (integer) and select "Auto Increment," every time you enter a new record into the database, it will have a unique ID number. Now, like xyph said, if they need to be complicated and hard to guess, then dont use this method, but if not, this will start at 1 and increase by 1 for every new record you add to the table.

If you are using phpMyAdmin as a database manager, you do realize you can generate MySQL which you can then implement in your code, right? An update query looks like this: $u = "UPDATE `table_name` SET (`column1`='$value1',`column2`='$value2') WHERE `primary_key`='$primary_key'"; mysql_query($u); Naturally you have to replace the generic names with the correct names and the variables with the variables specified in your code above. Delete looks like this: $d = "DELETE FROM `table_name` WHERE `primary_key`='$primary_key'"; mysql_query($d); Again, replace the generic names and variables as needed.

If you want to have multiple usernames and passwords, you need to look into databases, usually MySQL. Without this you the login system would be greatly flawed.

Hello everyone. I'm posting because I'm having difficulty using a file upload script I wrote in PHP. (Based on a tutorial naturally.) May someone more skilled than I could take a look at it? Form: (simple, no ajax or jquery involved. I'll add that later.) <form enctype="multipart/form-data" action="upload.php" method="POST"> <table><tr><td>File</td><td><input name="uploaded" type="file" /></td></tr> <tr><td colspan="2"><input type="submit" value="Upload" style="float:right;" /></td></tr></table> </form> Upload Script: <? session_start(); include('include/session.php'); /*IMAGE*/ $target = "upload/"; $target = $target . basename($_FILES['uploaded']['name']); $name = basename( $_FILES['uploaded']['name']); $ok=1; global $database; //This is our size condition if ($uploaded_size > 350000000) { echo "Your file is too large.<br>"; $ok=0; } //This is our limit file type condition if ($uploaded_type =="text/php") { echo "No PHP files<br>"; $ok=0; } //Here we check that $ok was not set to 0 by an error if ($ok==0) { Echo "Sorry your file was not uploaded"; } //If everything is ok we try to upload it else { if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) { $channel_number = $_SESSION['channel_number']; $n = "INSERT INTO `documents` (`name`,`channel_number`) VALUES ('$name','$channel_number')"; mysql_query($n); header("Location:index.php"); } else { echo "Sorry, there was a problem uploading your file."; } } ?> The mysql query works fine, and it's just so that I can keep track of the uploads. I'm well aware this is not a secure script, btw. I'm just doing it to learn.