Test form field

[lbh2011]

Hello!

 

Please could someone have a look at the following code and suggest why upload.php is not being included. I basically want to test whether the form field (upload) contains a value (local file path). If it does contain a value I want to include a file upload script but if it doesn't I want to continue to the next section which processes the form. Due to the way the rest of the code is structured I can't check for a blank field first before continuing to the next step.

 

$upload = trim(mysql_real_escape_string($_POST["upload"]));

if(!isset($upload))
{ include 'upload.php';
}
else
{

[MDCode]

! basically means return false on. so !isset() will look if it isn't set.

[lbh2011]

Is that the correct code to use then if I want to include upload.php if a value is submitted?

[MDCode]

Remove the !. The mysql_real_escape_string() and trim() you added may also return it true.

[Barand]

  Quote

if(!isset($upload))

 

 

$upload will always be set. You have just set it on the previous line.

[lbh2011]

OK! Thanks for your help.

[lbh2011]

Does anyone know why this won't work. Even when nothing is entered into the file upload field, it is processed as if something was...

 

$file_upload = trim(mysql_real_escape_string($_POST["file_upload"]));

if(isset($file_upload)) {
include ('contract_upload.php'); $rsUpdate = mysql_query("UPDATE contract
SET date_added = '$date_added', file_upload = '$upload_path'
WHERE id = '$id' ");} else {
$rsUpdate = mysql_query("UPDATE contract
SET date_added = '$date_added'
WHERE id = '$id' ");}

if($rsUpdate) { echo "Successfully Update";} else { die('Invalid query: '.mysql_error());; }

 

[EDIT] This is for an update form by the way, hence why I don't want to overwrite the $upload_path record in the database if a new file is not uploaded...

[haku]

if(isset($file_upload)) {

 

You set $file_upload right above this line. So it will always be set, meaning it will always be true.

[lbh2011]

OK In that case how to I work out if it contains a value or not?

[DavidAM]

You need to check $_POST['file_upload'] itself. Although, I think it will always be set as well, so you want to check to see if it is empty. Or check to see if your $file_upload variable is empty.

[lbh2011]

@DavidAM I've tried the following but this doesn't appear to work either...

 

$file_upload = trim(mysql_real_escape_string($_POST["file_upload"]));
if(empty($_POST["file_upload"])) {
include ('contract_upload.php'); $rsUpdate = mysql_query("UPDATE contract
SET date_added = '$date_added', file_upload = '$upload_path'
WHERE id = '$id' ");} else {
$rsUpdate = mysql_query("UPDATE contract
SET date_added = '$date_added'
WHERE id = '$id' ");}
if($rsUpdate) { echo "Successfully Update";} else { die('Invalid query: '.mysql_error());; }

[haku]

You are running mysql_real_escape_string() before necessary. You only need to run that function if there is a value on which to run it. Change your code to this:

 

$file_upload = trim($_POST["file_upload"]);

 

If you are still running problems, then echo $file_upload before your conditional, as it will contain a value of some sorts.

 

You can then run mysql_real_escape_string() inside your if() conditional.

[DavidAM]

  Quote

if(empty($_POST["file_upload"])) {
include ('contract_upload.php'); $rsUpdate = mysql_query("UPDATE contract
SET date_added = '$date_added', file_upload = '$upload_path'
WHERE id = '$id' ");} else {
$rsUpdate = mysql_query("UPDATE contract
SET date_added = '$date_added'
WHERE id = '$id' ");}

 

Think about the code you write. That statement says:

 

"If the user did NOT upload a file, then record the name of the file they DID upload"

[haku]

Hah - I was so busy looking at syntax, I ignored the logic