upload script

[DEVILofDARKNESS]

Hi, I want to make an upload script.

I actually already have the script,

but I want to let it automatic create a new row in the database, where I can see which user_id has post it and with which poem_id it is linked?

 

f.e. you're on a page with /url.php?poem_id=1

if I use the upload script It should add a new row to the database tabel 'extra'

extra:

id int(11)

type enum ('picture','video','music')

poem_id int(11)

user_id int(11)

 

this is the script: (I just found it on the web, because I'm not known with $_FILES...

<?PHP  

// In welke map komen de bestanden ? ( zorg dat deze de permissies 777 krijgt ) 
$map = "uploadmap/"; 

// Wat is de maximale groote van het bestand in bytes ( 1 kb = 1000 bytes ) 
$max = "100000";  

// Welke extensies kunnen er worden geupload ( als alles mag dan niks invullen ) 
$ext = "jpg JPG gif GIF png PNG exe EXE php PHP zip ZIP htm HTM html HTML";  

// Hieronder niks aanpassen 

// Controleren 

if ($_POST['Uploaden'])
{  
    if (!$_FILES['bestand'])  
        print ("Geef een bestand op!"); 
    else
    {  
        // Bestands naam opvragen 
        $bestand2 = explode("\\", $_FILES['bestand']['name']);  
        $laatste = count($bestand2) - 1;  
        $bestand2 = "$bestand2[$laatste]";   
        
        // Extensie van bestand opvragen 
        $bestand3 = explode(".", $bestand2);  
        $laatste = count($bestand3) - 1;  
        $bestand3 = "$bestand3[$laatste]";   
        $bestand3 = strtolower($bestand3);  
        
        // Toegestaande extensies opvragen 
        
        $ext = strtolower($ext);  
        $ext = explode(" ", $ext);  
        $aantal = count($ext);  
        
        for ($tel = 0;$tel < $aantal; $tel++)
        {  
            if ($bestand3 == $ext[$tel])
            {  
                $extfout = "nee";  
            }
        }  
    
        if (!$extfout)
        {  
            print ("Het bestand \"$bestand2\" kan niet worden geupload omdat de extensie niet is toegestaan!");  
        }  
        else  
        {  
            if ($_FILES['bestand']['size'] > $max)  
                print ("Het bestand \"$bestand2\" is groter dan $max bytes!");  
            else  
            {  
                // Opslaan van het bestand 
                move_uploaded_file($_FILES['bestand'], "$map$bestand2");   
                print ("Het bestand \"$bestand2\" is met succes geupload!");  
            }  
        }
    }
}  


// Upload formulier 

print ("<form method=post action=" . $_SERVER['PHP_SELF'] . " enctype=multipart/form-data> 
Bestand: <input type=\"file\" name=\"bestand\"><br><br> 
<input type=\"submit\" name=\"Uploaden\" value=\"Uploaden\"></form>"); 

?> 

[DEVILofDARKNESS]

Why won't anybody answer?

is it to dificult (what never is for you guys )

or takes it to much time

or do you hate me (what I hope not. )

I really would be happy if anyone could give me an answer on my upload script problem...

[monkeypaw201]

Well, my first question is where does the poem_id and user_id come from?

[DEVILofDARKNESS]

I will give the full script where you can see it.

<?php
session_start();
// DATABASE SETTINGS

$test = (int)$_GET["poem_id"];
$type = $_GET["type"];

$query = "SELECT user_id FROM poems WHERE poem_id = '$test'";
$result = mysql_query($query);
list($user_id) = mysql_fetch_row($result);
$username = mysql_real_escape_string($_SESSION['username']);
$query = "SELECT user_id FROM users WHERE user_name = '$username'";
$result = mysql_query($query);
list($own_id) = mysql_fetch_row($result);

if(isset($test)) {
	$query= "SELECT p.*, u.*, c.*, b.*, a.*
  FROM poems p
  INNER JOIN users u ON u.user_id = p.user_id
  INNER JOIN categories c ON c.category_id = p.category_id
  INNER JOIN books b ON b.book_id = p.book_id
  INNER JOIN authors a ON a.author_id = b.author_id
  WHERE p.poem_id = '$test'";
$result = mysql_query($query) or die(mysql_error());
while($row = mysql_fetch_array($result)) :
switch($type) {

case "poem":
$title = $row['poem_name'];
$text = $row['poem_text'];
break;
case "info":
$title = "INFO";
$text = "<table border = '0'><tr><td colspan='2'><center>Info over dit gedicht: </center></td></tr>
							<tr></tr>
							 <tr><td>Naam Gedicht</td><td><b>{$row['poem_name']}</b></td></tr>
							 <tr><td>Naam Auteur</td><td><b>{$row['author_name']}</b></td></tr>
							 <tr><td>Naam Poster</td><td><b>{$row['user_name']}</b></td></tr>
							 <tr><td>Categorie</td><td><b>{$row['category_name']}</b></td></tr>
							 <tr><td>Naam Bundel</td><td><b>{$row['book_name']}</b></td></tr>
		 </table>";
break;
case "music":
$title = "MEDIA";
$text = "Hier komt het beeld- en geluidsmateriaal => voorlopig forum";
break;
case "video":
  $title="video";
$text = "hier komen video's, voorlopig moet je deze op het forum doorsturen.";
break;
case "picture":
/*
// In welke map komen de bestanden ? ( zorg dat deze de permissies 777 krijgt )
$map = "/";

// Wat is de maximale groote van het bestand in bytes ( 1 kb = 1000 bytes )
$max = "100000"; 

// Welke extensies kunnen er worden geupload ( als alles mag dan niks invullen )
$ext = "jpg JPG gif GIF png PNG bmp BMP"; 

// Hieronder niks aanpassen

// Controleren

if ($_POST['Uploaden'])
{ 
    if (!$_FILES['bestand']) 
        print ("Geef een bestand op!");
    else
    { 
        // Bestands naam opvragen
        $bestand2 = explode("\\", $_FILES['bestand']['name']); 
        $laatste = count($bestand2) - 1; 
        $bestand2 = "$bestand2[$laatste]";   
       
        // Extensie van bestand opvragen
        $bestand3 = explode(".", $bestand2); 
        $laatste = count($bestand3) - 1; 
        $bestand3 = "$bestand3[$laatste]";   
        $bestand3 = strtolower($bestand3); 
       
        // Toegestaande extensies opvragen
       
        $ext = strtolower($ext); 
        $ext = explode(" ", $ext); 
        $aantal = count($ext); 
       
        for ($tel = 0;$tel < $aantal; $tel++)
        { 
            if ($bestand3 == $ext[$tel])
            { 
                $extfout = "nee"; 
            }
        } 
   
        if (!$extfout)
        { 
            print ("Het bestand \"$bestand2\" kan niet worden geupload omdat de extensie niet is toegestaan!"); 
        } 
        else 
        { 
            if ($_FILES['bestand']['size'] > $max) 
                print ("Het bestand \"$bestand2\" is groter dan $max bytes!"); 
            else 
            { 
                // Opslaan van het bestand
                move_uploaded_file($_FILES['bestand'], "$map$bestand2");   
                print ("Het bestand \"$bestand2\" is met succes geupload!"); 
            } 
        }
    }
} 


// Upload formulier
$title = "PICTURES";
$text = ("<form method=post action=" . $_SERVER['PHP_SELF'] . " enctype=multipart/form-data>
Bestand: <input type=\"file\" name=\"bestand\"><br><br>
<input type=\"submit\" name=\"Uploaden\" value=\"Uploaden\"></form>"); */
$text = "Hier komen de foto's : forum";
break;
case "note":

  $title="react";
$text = "hier komen besprekingen, herschrijvingen, ... voorlopig moet je deze op het forum plaatsen.";
break;
case "edit":
$title = "EDIT";
if($user_id == $own_id) {
$poemch = $_POST["poemch"];
if(isset($poemch)) {
$poem = $_POST['poem'];
$query = "UPDATE poems SET poem_text = '$poem' WHERE poem_id = '$test'";
$result = mysql_query($query);
}
$text="
<form action='' method='post'><table border='0'><tr><td colspan='2'><CENTER>VERANDER JE GEDICHT</td></tr>
<tr><td>Gedicht:</td><td><textarea name='poem' cols='50' rows='10'>{$row['poem_text']}</textarea><input type='submit' value='change' name='poemch'></td></tr>
</table></form>";}else{$text = "
You don't have acces to this Poem, if it is yours,<br>
1) <a href='../../login.php'>login</a><br>
2) <a href='../forum'>Meld een probleem aan de administrator op het forum</a><p>
If it isn't yours,<br>
1) <a href='../test/testgedicht.php?poem_id={$test}&type=poem'>go to the poem</a><br>
2) <a href='../../index.html'>Go to the home page</a><br>
";}
break;
default:
$text = "Deze pagina bestaat niet, als dit een fout is, meld dit dan op het forum aub!";

break;}
?>
<html dir="ltr">
    <head>
        <title><?php echo $title; ?></title>
<meta name="author" content="Kruptein">
<link rel="shortcut icon" href="/favicon.ico">

        <link href="../../standard.css" type="text/css" rel="stylesheet" />
<link href='liefde.css' type='text/css' rel="stylesheet" />
<script type="text/javascript">
var gaJsHost = (("https:" == document.location.protocol) ? "https://ssl." : "http://www.");
document.write(unescape("%3Cscript src='" + gaJsHost + "google-analytics.com/ga.js' type='text/javascript'%3E%3C/script%3E"));
</script>
<script type="text/javascript">
try {
var pageTracker = _gat._getTracker("UA-7805438-1");
pageTracker._trackPageview();
} catch(err) {}</script>
    </head>
    <body>
        <table class="look" height="100%" width="100%" border="1">
            <tbody>
                <tr>
                    <td width="10%" height="100%"><iframe class="frames" src="../../functieknoppen/functieknoppengedicht.php?poem_id=<?php echo $_GET['poem_id']; ?>" frameborder="0" width="100%" height="100%" scrolling="no"></iframe>
                    </td>
                    <td><center>
<?php
echo $text;
?>
</center></td>
                </tr>
            </tbody>
        </table>
    </body>
</html>
<?php
endwhile;
}
?>

[DEVILofDARKNESS]

Alright, Forget what I told above.

I want to have just a nice uploadsystem,

where other people can upload pictures, videos, texts, ...

those uploads should be uploaded to the same dir

and I should have a page where I can see a list of all the uploads from a certain page.

 

Is that possible? (Ofcourse it is, but am I possible to do it too)?