Form Fun!

daebat · January 5, 2010

Ok, I'm pretty new to php and I'm surprised I've made it this far... what I have is a login system set up for the backend of a public website. The person who logs in should be able to upload in the following manner:

Title: (text box)

Thumb: (image upload)

PDF: (file upload)

ZIP: (file upload)

SIT: (file upload)

Once this person submits, the files should upload to an uploads folder, the names should be stored in the database, and then the website should automatically pull the reference data from the database and display.

At the moment I have successfully created an upload form that throws files into the upload directory. What do I need to do to store the file names in the database?

(note: the current system only allows for one upload at a time)

<?php
$message = "";
$file_path = "path/upload/";

if($_SERVER["REQUEST_METHOD"] == "POST")
{
    $target_path = $file_path.basename($_FILES['uploadedfile']['name']); 

    if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) 
       $message = "The file ".  basename( $_FILES['uploadedfile']['name']). " has been uploaded";
    else
       $message =  "There was an error uploading the file, please try again!";
}
echo $message;
?>

<form enctype="multipart/form-data" action="<?= $_SERVER['PHP_SELF']?>" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload: 
<input name="uploadedfile" type="file" />
<br />
<input type="submit" value="Upload File" />
</form>

Thanks for any help you can provide.

RaythMistwalker · January 5, 2010

<?php
$message = "";
$file_path = "path/upload/";
mysql_connect(localhost,username,password);
@mysql_select_db(DatabaseName) or die( "Unable to select database");

if($_SERVER["REQUEST_METHOD"] == "POST")
{
    $target_path = $file_path.basename($_FILES['uploadedfile']['name']); 

    if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) 
       $message = "The file ".  basename( $_FILES['uploadedfile']['name']). " has been uploaded";
    else
       $message =  "There was an error uploading the file, please try again!";
}
echo $message;
?>
$qry = "INSERT INTO tablename(filename) VALUES('$_FILES['uploadedfile']['name']')";
        $result = mysql_query($qry);
<form enctype="multipart/form-data" action="<?= $_SERVER['PHP_SELF']?>" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload:
<input name="uploadedfile" type="file" />
<br />
<input type="submit" value="Upload File" />
</form>

This should do it. just change database connect details and table name.

daebat · January 5, 2010

Don't I have to declare a variable or something and then an if statement? Sorry I'm such a noob at this.

RaythMistwalker · January 5, 2010

i just found an error in my code

<?php
$message = "";
$file_path = "path/upload/";
mysql_connect(localhost,username,password);
@mysql_select_db(DatabaseName) or die( "Unable to select database");

if($_SERVER["REQUEST_METHOD"] == "POST")
{
    $target_path = $file_path.basename($_FILES['uploadedfile']['name']); 

    if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) 
       $message = "The file ".  basename( $_FILES['uploadedfile']['name']). " has been uploaded";
    else
       $message =  "There was an error uploading the file, please try again!";
}
echo $message;

$qry = "INSERT INTO tablename(filename) VALUES('$_FILES['uploadedfile']['name']')";
        $result = mysql_query($qry);

?>

<form enctype="multipart/form-data" action="<?= $_SERVER['PHP_SELF']?>" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
Choose a file to upload:
<input name="uploadedfile" type="file" />
<br />
<input type="submit" value="Upload File" />
</form>

What do you mean by if statement? as long as i have the variable $_FILES['uploadedfile']['name'] as the filename you want to save in database then it should technically work. if you mean by checking if the name saved then you could do

if (!$result) { 
$message="Sorry filename not saved in database.";
}

daebat · January 5, 2010

It doesn't seem to recognize I'm getting a syntax error in Zend Development because my password has a '>' to connect to the db. Like I said, I am new to php but I thought that to declare a connection to the database you had to say something like this:

$con = mysql_connect(localhost,username,password);
@mysql_select_db(DatabaseName) or die( "Unable to select database");

if ($con...

I've attached a screen shot of the code giving me an error.

[attachment deleted by admin]

RaythMistwalker · January 5, 2010

nah the way i have my connect works fine as its running a whole website ::)

Erm i dunno what to do about your password except maybe change it?

daebat · January 5, 2010

Hmm I changed the password and am not getting the syntax error in the code anymore but when I bring up the page it is blank.

RaythMistwalker · January 5, 2010

blank usually means your missing a small piece of code such as " ' ) or ;

Try putting your database name such as

@mysql_select_db("Name") or die( "Unable to select database");

If that doesn't work try

@mysql_select_db('Name') or die( "Unable to select database");

ignace · January 5, 2010

@Rayth If you are to post code make sure it's correct:

}
echo $message;

$qry = "INSERT INTO tablename(filename) VALUES('$_FILES['uploadedfile']['name']')";
        $result = mysql_query($qry);

Insert empty records in the database on each request + yield warnings because it can not find offset 'uploadedfile' in the $_FILES array. The correct complete code should be:

<?php
$message = '';
$file_path = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'path' . DIRECTORY_SEPARATOR . 'upload'; // ../path/upload on linux, ..\path\upload on windows

if($_SERVER['REQUEST_METHOD'] == 'POST')
{
    $basename = basename($_FILES['uploadedfile']['name']);
    $extension = pathinfo($basename, PATHINFO_EXTENSION);
    $filename = md5($basename); // security measure
    $target_path = $file_path . DIRECTORY_SEPARATOR . $filename . '.' . $extension;
        
    if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
        $connection = mysql_connect('server', 'username', 'password') or trigger_error('Connection to the database server failed on \'server\' using \'username\'');
        mysql_select_db('mydatabase', $connection) or trigger_error('Failed to select database \'mydatabase\' on server \'server\'');
        
        $sql = "INSERT INTO table (name, uri, ..) VALUES ('$basename', '$target_path', ..)";
        mysql_query($sql, $connection) or trigger_error('Query execution failed: ' . PHP_EOL . $sql . PHP_EOL . 'MySQL Info: ' . PHP_EOL . mysql_error());
        
        $message = "The file $basename has been uploaded.";
    } else {
        $message =  'There was an error uploading the file, please try again!';
    }
}
echo $message;
?>

<form enctype="multipart/form-data" action="<?= $_SERVER['PHP_SELF']?>" method="POST">
<input type="hidden" name="MAX_FILE_SIZE" value="100000" />
<label for="uploadedfile">Choose a file to upload:</label>
<input name="uploadedfile" id="uploadedfile" type="file" />
<br />
<input type="submit" value="Upload File" />
</form>

Tips:

- Don't run the same operation over and over (eg basename($_FILES['uploadedfile']['name']))

- Use resources only when absolutly required (lazy)

- Use " only when you require the extra functionality (eg "\$variable value: $variable") use ' otherwise

Sign In

Form Fun!

Recommended Posts

daebat

Link to comment

Share on other sites

RaythMistwalker

Link to comment

Share on other sites

daebat

Link to comment

Share on other sites

RaythMistwalker

Link to comment

Share on other sites

daebat

Link to comment

Share on other sites

RaythMistwalker

Link to comment

Share on other sites

daebat

Link to comment

Share on other sites

RaythMistwalker

Link to comment

Share on other sites

ignace

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information