hi guys, i have simple form submission with title, description and file upload, this file having size,type,filename will insert to table3, ALL same time after ADD. am trying to make a simple PHP form submission and insert data to 3 MySQL tables: category: -id -category_name (dropdown menu) table1: -id -category_id(FK, automatic when dropdown selected) NOT WORKING -title -description table2: (automatic insert file properties info here)
-id // auto increment -table1_id(FK, automatic get ID from table1) NOT WORKING -filetype -filesize -filedate -filename FORM: -Date -Title -description -category(drop down) -upload file (get the file info like type,ext,size,filename) Status: it is inserting but only 2 not working
$sql2, I just try to use it but some problem in real escape string, but anyway, I think this is simple, maybe either mysql statement or handling of php data?
here's the CODE: FORM:
<strong>Fill up the form:</strong><br /><br>
<form enctype="multipart/form-data" action="upfileone.php" method="POST">
Date: <?php echo date("d-M-Y") ?>
<p>Title:
<input type="text" name="title" value="<?php echo $sel_filepage['file_title']; ?>" id="file_title" />
</p>
<p>Description:<br>
<textarea name="description" rows="4" cols="24">
<?php echo $sel_filepage['content']; ?></textarea>
</p>
Category:
<select name="select_cat">
<?php $cat_set = get_all_categs();
while($category = mysql_fetch_array($cat_set)){
$catname = $category['cat_name'];
echo '<option value="'.$catname.'">'.$catname.'</option>';
}
?>
</select>
<br><br>
<label for="file">Choose File to Upload:</label>
<input type="file" name="upfile" id="upfile" > <br /><br />
<input type="hidden" name="MAX_FILE_SIZE" value="1000000" />
<input type="hidden" name="filepage" value="<?php echo $_GET['filepage']?>">
<input type="submit" name="upload" value="Add" class="pure-button pure-button-success">
<a href="content.php?filepage=<?php echo $sel_filepage['id']; ?>" class="pure-button">Cancel</a>
</form> <!-- END FORM -->
ACTION FILE:
<?php
require_once("includes/functions.php");
// directory to be saved
$target = "server/php/files/";
$target = $target . basename($_FILES['upfile']['name']);
// gets info from FORM
$currentDate = date("Y-m-d");
$file_title = $_POST['title'];
$content = $_POST['description'];
$category = $_POST['select_cat'];
$upfile = ($_FILES['upfile']['name']);
/*
$currentDate = date("Y-m-d");
$file_title = mysqli_real_escape_string($_POST['title']);
$content = mysqli_real_escape_string($_POST['description']);
$category = mysqli_real_escape_string($_POST['select_cat']);
$upfile = ($_FILES['upfile']['name']);
*/
// connects to db
$con = mysqli_connect("localhost", "root", "password", "database");
if(mysqli_connect_errno())
{
echo "error connection" . mysqli_connect_error();
}
// insert to database
$sql = "INSERT INTO filepages (category_id,file_title,content)
VALUES ('$category','$file_title','$content')";
$new_id = mysqli_insert_id($con);
$sql2 = "INSERT INTO fileserv (filepages_id, filetype, filesize, filedate, filename)
VALUES ($new_id, '{$_FILES["upfile"]["type"]}', '{$_FILES["upfile"]["size"]}', '$currentDate', '{$_FILES["upfile"]["name"]}')";
if(!mysqli_query($con, $sql2))
{
die('Error ' . mysqli_error());
}
/*
$sql3 = "BEGIN
INSERT INTO filepages (category_id, file_title, content)
VALUES ('$category','$file_title','$content')
INSERT INTO fileserv (file_date)
VALUES ($currentDate)
COMMIT";
*/
if(!mysqli_query($con, $sql2))
{
die('Error ' . mysqli_error());
}
echo "1 File Added <br>";
if (file_exists("server/php/files/" . $_FILES["upfile"]["name"]))
{
echo $_FILES["upfile"]["name"] . " already exists. ";
}
else
{
insertFile( $_POST['filepage'],
$_FILES["upfile"]["type"],
($_FILES["upfile"]["size"] / 1024),
$_FILES["upfile"]["name"]);
move_uploaded_file($_FILES["upfile"]["tmp_name"],"server/php/files/" . $_FILES["upfile"]["name"]);
echo "The FILE " . basename($_FILES['upfile']['name']) . " has been uploaded.<br>";
echo "Stored in: " . "server/php/files/" . $_FILES["upfile"]["name"] . "<br>";
echo "Upload: " . $_FILES["upfile"]["name"] . "<br>";
echo "Type: " . $_FILES["upfile"]["type"] . "<br>";
echo "Size: " . ($_FILES["upfile"]["size"] / 1024) . " kB<br>";
echo "Temp file: " . $_FILES["upfile"]["tmp_name"] . "<br>";
}
?>