Hi guys,
I'm trying to program a video blog and right now I'm building the upload script. But it has refused to work. I have tried all that I know to get it to work. Perhaps someone can help me out here. I will use this thread until the blog is over. For any questions I might have. So here's the code. If you have a better way of doing this please be sure to share with me. The blog will have different categories of videos, and each video will have a title and notes that go with it to help the end user better understand what is covered in the video. I'm using PHP Version 4.3.11 and MySQL 4.1.14.
<?php #add_video.php
// This page allows users to upload videos to the server.
// Set the page title, include the HTML header, and connect to the database.
$page_title = 'Upload a File';
include ('./includes/header.html');
if (isset($_POST['submitted'])) { // Handle the form.
require_once ('../mysql_connect.php'); // Connect to the database.
if ($_FILES['upload']['error'] > 0) // Check for errors.
{
echo 'Problem: ';
switch ($_FILES['upload']['error'])
{
case 1: echo 'File exceeded upload_max_filesize'; break;
case 2: echo 'File exceeded max_file_size'; break;
case 3: echo 'File only partially uploaded'; break;
case 4: echo 'No file uploaded'; break;
}
exit;
}
// move the file to the correct place on the server.
if (is_uploaded_file($_FILES['upload']['tmp_name']))
{
// Validate the notes, topic, and category.
if (!empty($_POST['notes'])) {
$n = "'" . escape_data($_POST['notes']) . "'";
} else {
$n = 'NULL';
}
if (!empty($_POST['topic'])) {
$t = escape_data($_POST['topic']);
} else {
$t = FALSE;
}
if (isset($_POST['types']) && (is_array($_POST['types']))) {
$type = TRUE;
} else {
$type = FALSE;
echo '<p><font color="red">Please select a course category!</font></p>';
}
if ($n && $t && $type) {
// Add the record to the database.
$query = "INSERT INTO video_uploads (file_name, file_size, file_type, notes, topics) VALUES ('{$_FILES['upload']['name']}', '{$_FILES['upload']['size']}', '{$_FILES['upload']['type']}', $n, $t)";
$result = mysql_query ($query);
$vid = @mysql_insert_id(); // Get the video ID.
if ($vid > 0) { // New video has been added.
// Make the video associations.
// Build the query.
$query = "INSERT INTO video_associations (video_id, video_category_id, approved) VALUES ";
foreach ($_POST['types'] as $v) {
$query .= "($vid, $v, 'Y'), ";
}
$query = substr ($query, 0, -2); // Chop off the last comma and space.
$result = @mysql_query ($query); // Run the query.
if (mysql_affected_rows() == count($_POST['types'])) { // Query ran OK.
echo '<p><b>Thank you for your submission!</b></p>';
$_POST = array(); // Reset values.
} else { // If second query did not run OK.
echo '<p><font color="red">Your submission could not be processed due to a system error. We apologize for any inconvenience.</font></p>'; // Public message.
echo '<p><font color="red">' . mysql_error() . '<br /><br />Query: ' . $query . '</font></p>'; // Debugging message.
// Delete the video from the video_uploads table.
$query = "DELETE FROM video_uploads WHERE video_id=$vid";
@mysql_query ($query); // Run the query.
} // End of mysql_affected_rows() IF.
} else { // If first query did not run OK.
echo '<p><font color="red">Your submission could not be processed due to a system error. We apologize for any inconvenience.</font></p>'; // Public message.
echo '<p><font color="red">' . mysql_error() . '<br /><br />Query: ' . $query . '</font></p>'; // Debugging message.
}
} else { // If one of the data tests failed.
echo '<p><font color="red">Please try again.</font></p>';
}
if (move_uploaded_file($_FILES['upload']['tmp_name'], "../uploads/$vid")) {
echo '<p>Your video number has been uploaded!</p>';
} else { // File could not be moved.
echo '<p><font color="red">Your video file could not be moved.</font></p>';
// Remove the record from the database.
$query = "DELETE FROM video_uploads WHERE video_id = $vid";
$result = mysql_query ($query);
}
}
else
{
echo 'Problem: Possible file upload attack. Filename: ';
echo $_FILES['upload']['name'];
}
} // End of the main Submit conditional.
// --------- DISPLAY THE FORM ---------
?>
<form enctype="multipart/form-data" action="add_video.php" method="post">
<fieldset><legend>Fill out the form to upload a video:</legend>
<input type="hidden" name="MAX_FILE_SIZE" value="1000000">
<p><b>File:</b> <input type="file" name="upload" /></p>
<p><b>Topic(s) covered in the video:</b> <input type="text" name="topic" size="60" maxlength="60" value="<?php if (isset($_POST['topic'])) echo $_POST['topic']; ?>" /></p>
<p><b>Notes:</b> <textarea name="notes" cols="40" rows="5"><?php if (isset($_POST['notes'])) echo $_POST['notes']; ?></textarea></p>
<p><b>Course Categories:</b> <select name="types[]" multiple="multiple" size="3">
<?php // Create the pull-down menu information.
$query = "SELECT * FROM video_categories ORDER BY category ASC";
$result = @mysql_query ($query);
while ($row = mysql_fetch_array ($result, MYSQL_NUM)) {
echo "<option value=\"$row[0]\"";
// Make sticky, if necessary.
if (isset($_POST['types']) && (in_array($row[0], $_POST['types']))) {
echo 'selected="selected"';
}
echo ">$row[1]</option>\n";
}
?>
</select></p>
</fieldset>
<input type="hidden" name="submitted" value="TRUE" />
<div align="center"><input type="submit" name="submit" value="Submit" /></div>
</form>
<?php
mysql_close(); // Close the database connection.
include ('./includes/footer.html');
?>