php uploads - problem stripping the filename and file size -- send to db

[redd]

Hello PHP' ers

 

I'm new to php..I'm uploading a file to my server and also storing information from a form into a database.

 

I'm having trouble storing or (stripping) the uploaded file's ( file name & filesize) to the database.

 

 

 

- redd

 

 

<?php


// EDITED VERISON Code For Upload the image...


if ($_FILES["file"]["size"] < 1000000000)
{

if ($_FILES["file"]["error"] > 0)
{
echo "Return Code: " . $_FILES["file"]["error"] . "<br />";
}
else
{

if (file_exists("upload/" . $_FILES["file"]["name"]))
{
echo "<br />";
echo '<span class="Exists">'." Image file already exists.".'</span>' ;
echo "<br />";
}
else
{
move_uploaded_file($_FILES["file"]["tmp_name"],
"upload/" . $_FILES["file"]["name"]);

//upload the text to the database tables...
$con = mysql_connect(); //Replace with your actual MySQL DB Username and Password

//Connect
if (!$con)
{
die('Could not connect: ' . mysql_error());
}
mysql_select_db("", $con); //Replace with your MySQL DB Name

//add information to the following database tables
$firstName=mysql_real_escape_string($_POST['firstName']); //This value has to be the same as in the HTML form file
$lastName=mysql_real_escape_string($_POST['lastName']); //This value has to be the same as in the HTML form file
$Email=mysql_real_escape_string($_POST['Email']); //This value has to be the same as in the HTML form file

$sql1="INSERT INTO user (first,last,email) VALUES ('$firstName','$lastName','$Email')"; //form_data is the name of the MySQL table where the form data will be saved.

$City=mysql_real_escape_string($_POST['City']); //This value has to be the same as in the HTML form file
$State=mysql_real_escape_string($_POST['State']); //This value has to be the same as in the HTML form file
$Type=mysql_real_escape_string($_POST['Type']); //This value has to be the same as in the HTML form file
$currentdatetime= date("Y-m-d H:i:s");



$fileName = $_FILES['userfile']['name'];
$fileSize = $_FILES['userfile']['size'];

$sql2="INSERT INTO pic (size, date, town, state, image_type, name) VALUES ('$fileSize','$currentdatetime','$City','$State','$Type','$fileName')"; 

//form_data is the name of the MySQL table where the form data will be saved.



$textarea=mysql_real_escape_string($_POST['textarea']); //This value has to be the same as in the HTML form file

$sql3="INSERT INTO submits (caption) VALUES ('$textarea')"; //form_data is the name of the MySQL table where the form data will be saved.

if (!mysql_query($sql1,$con)) {
die('Error: ' . mysql_error());
}

if (!mysql_query($sql2,$con)) {
die('Error: ' . mysql_error());
}

if (!mysql_query($sql3,$con)) {
die('Error: ' . mysql_error());
}

echo '<br />';
echo '<span class="Success">'."Submitted for Review.".'</span>';
mysql_close($con);

}
}
}
else
{
echo '<span class="Error">'."Invalid File".'</span>'."<br />";
}
?>


[code] 

[s0c0]

Start echoing out data from the beginning of receiving the upload to the end point where you insert the data.  Thats how I debug these nasty little glitches.

 

FYI, you don't need to set $_FILES or $_POST or $_GET or any global variables like that to your own variable.  You can access this just fine without that.  For instance there is no need for this:

 

$fileName = $_FILES['userfile']['name'];
$fileSize = $_FILES['userfile']['size'];

 

You can access this just fine by referencing:

 

$_FILES['userfile']['name'];
$_FILES['userfile']['size'];

 

Not sure where folks get the idea that its some how bad to directly reference global variables.  Just trying to save you some lines friend.

 

Also another thing that will save you time is doing this:

 

INSERT INTO user SET user='$firstName',last='$lastName',email='$Email';

 

Instead of this:

INSERT INTO user (first,last,email) VALUES ('$firstName','$lastName','$Email')

 

Both work the same, one is just less key strokes and I feel it is easier to read, especially when dealing with large tables.

[redd]

 

THX for the Reply..

 

The insert into, this way is much easier.

 

I attempted to use your suggestion regarding variables comes up with an error...

 

When I change the variables FROM

$fileName = $_FILES['userfile']['name'];
$fileSize = $_FILES['userfile']['size'];

$sql2="INSERT INTO pic SET size='$fileSize',town='$City',state='$State',image_type='$Type',name='$fileName'";

 

          TO

 

$sql2="INSERT INTO pic SET size='$_FILES['userfile']['size']',town='$City',state='$State',image_type='$Type',name='$_FILES['userfile']['name']'";

 

I get ERROR msg when the page loads...............

 

Parse error: syntax error, unexpected T_ENCAPSED_AND_WHITESPACE, expecting T_STRING or T_VARIABLE or T_NUM_STRING in /var///// on line 76

[saint959]

Hi, you ca try this...

 

$sql2="INSERT INTO pic SET size='".$_FILES['userfile']['size']."',town='$City',state='$State',image_type='$Type',name='".$_FILES['userfile']['name']."'";

 

I also just noticed that you changed the "file" from $_FILES['file'].... to $_FILES['userfile']....

I am not sure if i missed something but that may be it too

[redd]

THANKS that did the trick!!

 

switched the userfile to file

 

switch to using concat/nation - Works

     

$sql2="INSERT INTO pic SET size='".$_FILES['file']['size']."',town='$City',state='$State',image_type='$Type',name='".$_FILES['file']['name']."'";

[s0c0]

Now that we've improved some of your coding practices, how about an update on the original problem lol?

 

Once you get that fixed I advised you to read up on object oriented programming in PHP 5.  That is definitely a coding practice I see drastically lacking in the PHP community.  You can find examples of OOP on phpclasses.org