help with file upload please

[zipadee]

Hi all,

 

On the website I'm creating, there's going to be a page with articles on. Basically what I want to do is allow my client to upload articles himself on a regular basis.

 

My PHP knowledge is very limited. However, using online tutorials etc. I've managed to create a user login. I've also created a form for uploading files to the server. This all (apparently) works fine.

 

I'm stuck now tho

 

How do I get the uploaded articles from the server back down into the actual articles page?

 

Ideally, I would like the articles' name and author (from the form) to be stored in a database. But I'm not sure if it's feasible to have the actual file that's being uploaded stored in the database too - I think the space I have is quite limited.

 

Thanks.

[redarrow]

1 min...

 

When you uplaod a file/img do you put the name off the img in the database mate......

[zipadee]

It's pdfs i'll probably be uploading. But, no, I'm not putting them in the database. I'm not completely sure how to do it :S

[redarrow]

example only, image from database.....

<?php session_start();

//database connection.

$sql="SELECT image_name FROM file WHERE id='$id'"; //$id assuming in session


$sql_result=mysql_query($sql) or die(mysql_error());


while($file=mysql_fetch_assoc($sql_result)){


echo "<img src='folder/".$file['image_name']." ' />";
}

?>

[zipadee]

thanks for your help.

 

This is getting the images from the database, isn't it? So how do I get the images to go to the database when the upload form is filled in? and if I wanted all the files to go into a table on my page, how would i go about doing that?

 

sorry, I'm probably asking completely dumb questions...

[redarrow]

very basic to show you the princable ok............

 

// create code to upload a pdf and put name in database .....
<?php session_start();

//database connection


// directory uploads for pdf file......
$uploaddir = '/uploads/';


// userfile name
$uploadfile = $uploaddir . basename($_FILES['userfile']['name']);


//put file in the directory as set

if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
    
echo "File is valid, and was successfully uploaded.\n";

// update database with file name

$sql="UPDATE database set pdf_name='".$_FILES['userfile']['name']."' WHERE id='$id'";

$sql_result=mysql_query($sql)or die(mysql_error);

} else {

    echo "Possible file upload attack!\n";
}

?>





//  create form post to it self...

<!-- The data encoding type, enctype, MUST be specified as below -->
<form enctype="multipart/form-data" action=" " method="POST">
    <!-- MAX_FILE_SIZE must precede the file input field -->
    <input type="hidden" name="MAX_FILE_SIZE" value="30000" />
    <!-- Name of input element determines name in $_FILES array -->
    Send this file: <input name="userfile" type="file" />
    <input type="submit" value="Send File" />
</form>

 

[redarrow]

 

now i tried please read this link to accomplish your goals ok m8........

 

 

http://www.php-mysql-tutorial.com/php-mysql-upload.php

[zipadee]

ah thanks very much! and thanks for the link.

 

I'll have a go implementing this

[redarrow]

you enjoy your self mate your welcome.....

 

dont forget before you go live with a upload script cheek with us to see it it safe to go live ok mate good luck enjoy.......

[zipadee]

please will you check I've done this right?

 

Here's my form:

<?
session_start();
if(!session_is_registered(myusername)){
header("location:main_login.php");
}
?>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Untitled Document</title>
</head>

<body>

<form enctype="multipart/form-data" action="uploader.php" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />

Article Title: <input type="text" name="title" id="title" />

Author: <input type="text" name="author" id="author" />

Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Upload File" />
</form>

<br />

<form name="logout" method="post" action="logout.php">
<input type="submit" value="Logout" />
</form>

</body>
</html>

 

and here's uploader.php:

<?php
ob_start();
$host="fdb1.awardspace.com"; // Host name
$username=""; // Mysql username
$password=""; // Mysql password
$db_name="zipadee_oldhill"; // Database name
$tbl_name="articles"; // Table name

// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

$target_path = "articles/";

$target_path = $target_path . basename( $_FILES['uploadedfile']['title']); 

if(move_uploaded_file($_FILES['uploadedfile']['title']['author'], $target_path)) {
    echo "The file ".  basename( $_FILES['uploadedfile']['title']['author']). 
    " has been uploaded";	

$sql="UPDATE database set pdf_name='".$_FILES['title']['author']['uploadedfile']."' WHERE id='$id'";

$sql_result=mysql_query($sql)or die(mysql_error);

} else{
    echo "There was an error uploading the file, please try again!";
}
?>

 

I've created a table in my database called 'articles' and I have fields for 'ID', 'title', 'author' and file'. Is that what I need?

 

Thanks so much for your patience

 

[redarrow]

you need to tell the code that you want the file to be a pdf only, and the size allowed only back to the

totaral lol

 

nice coding theo........

[zipadee]

how do I do that? :S

 

thanks, but it's not really my coding - it's bits of other people's!!

[redarrow]

 

 

$_FILES['userfile']['type']

The mime type of the file, if the browser provided this information. An example would be "image/gif".

 

$_FILES['userfile']['size']

The size, in bytes, of the uploaded file.

 

 

 

 

dont be lazy now go back and read and apply what needed..........