How to include user uploaded files to index.php

[Chatrapati]

PHP:

how can i link the files stored in directory

 

to the index.php

 

eg: if a user upload's a file it should also be linked in index.php as

'RECENT UPLOADS'

i tried this

 

$path="/uploadedfiles/.$HTTP_POST_FILES['file']['name'];

 

<img src=\"$path\" >

 

but it only show's the file when it is uploaded.

 

can any help me?

[PravinS]

image source should be like this

<img src="<?php echo $path;?>" >

[Chatrapati]

But it only shows when the user uploads,

 

not in index page,

 

 

how to include using database.

[PaulRyan]

I would personally go with the database approach.

 

Set up a database to store user uploads, possible columns:

1 - id

2 - uploaded_by

3 - file_path

4 - upload_time

 

Then create the upload form/page, Upload page:

1 - Create upload form

2 - On successful upload, add new record to the table

 

Then on the Index page:

1 - Retrieve the records from the table and display them on the page.

Edited August 8, 2013 by PaulRyan

[Chatrapati]

Can yu gv that code to insert file path into database @PaulRyan

[PaulRyan]

I can't give you the code, you have to give it a try yourself, then post when you are stuck.

 

It's a simple INSERT query into the database table.

[Matt_C]

I would do it in a more oop kind of way but since you don't know how to show all records from a db i have written this simple approach. Just call the function on any page you want to display the uploads.

 

    <?php
    define("DB_SERVER", "server");
    define("DB_USER", "username");
    define("DB_PASS", "password");
    define("DB_NAME", "database_name");


  $connection = mysqli_connect(DB_SERVER, DB_USER, DB_PASS, DB_NAME);
  if(mysqli_connect_errno()) {
    die("Database connection failed: " .
         mysqli_connect_error() .
         " (" . mysqli_connect_errno() . ")"
    );
  }
    
    function display_all_uploads() {
        
        // Make the connection
        global $connection;

        // check to see if we are looking for a particlar set of records
            $query  = "SELECT * ";
            $query .= "FROM table_name ";
            $query .= "ORDER BY value ASC";
            
            // query the database
            $upload_set = mysqli_query($connection, $query);
            confirm_query($upload_set);
        
        // use the results
        while($upload = mysqli_fetch_assoc($upload_set)) {
            // do something here
            $output = "";
        }
        
        // return the output
        return $output;
    }
    
    function confirm_query($result_set) {
        if (!$result_set) {
            die("Database query failed.");
        }
    }
    ?>

 

To do the insert just use the insert statement...i have 3 oop functions that i use all the time. I just call it when i need it. All my classes that require db actions inherit from this one.

 

<?php
require_once(LIB_PATH.DS.'database.php');

class DatabaseObject {

    public static function find_all() {
        return static::find_by_sql("SELECT * FROM ".static::$table_name);
  }
 
  public static function find_by_id($id=0) {
      global $database;
    $result_array = static::find_by_sql("SELECT * FROM ".static::$table_name." WHERE id=".$database->escape_value($id)." LIMIT 1");
        return !empty($result_array) ? array_shift($result_array) : false;
  }
 
  public static function find_by_sql($sql="") {
    global $database;
    $result_set = $database->query($sql);
    $object_array = array();
    while ($row = $database->fetch_array($result_set)) {
      $object_array[] = static::instantiate($row);
    }
    return $object_array;
  }

    public static function count_all() {
      global $database;
      $sql = "SELECT COUNT(*) FROM ".static::$table_name;
      $result_set = $database->query($sql);
      $row = $database->fetch_array($result_set);
          return array_shift($row);
      }

    private static function instantiate($record) {
        // Could check that $record exists and is an array
        $class_name = get_called_class();
        $object = new $class_name;
        foreach($record as $attribute=>$value){
          if($object->has_attribute($attribute)) {
            $object->$attribute = $value;
          }
        }
        return $object;
    }
    
    private function has_attribute($attribute) {
      // We don't care about the value, we just want to know if the key exists
      // Will return true or false
      return array_key_exists($attribute, $this->attributes());
    }

    protected function attributes() {
        // return an array of attribute names and their values
      $attributes = array();
      foreach(static::$db_fields as $field) {
        if(property_exists($this, $field)) {
          $attributes[$field] = $this->$field;
        }
      }
      return $attributes;
    }
    
    public function save() {
      // A new record won't have an id yet.
      return isset($this->id) ? $this->update() : $this->create();
    }
    
    protected function sanitized_attributes() {
      global $database;
      $clean_attributes = array();
      // sanitize the values before submitting
      // Note: does not alter the actual value of each attribute
      foreach($this->attributes() as $key => $value){
        $clean_attributes[$key] = $database->escape_value($value);
      }
      return $clean_attributes;
    }
    
    
    public function create() {
        global $database;
        $attributes = $this->sanitized_attributes();
      $sql = "INSERT INTO ".static::$table_name." (";
        $sql .= join(", ", array_keys($attributes));
      $sql .= ") VALUES ('";
        $sql .= join("', '", array_values($attributes));
        $sql .= "')";
      if($database->query($sql)) {
        $this->id = $database->insert_id();
        return true;
      } else {
        return false;
      }
    }

    public function update() {
      global $database;
        $attributes = $this->sanitized_attributes();
        $attribute_pairs = array();
        foreach($attributes as $key => $value) {
          $attribute_pairs[] = "{$key}='{$value}'";
        }
        $sql = "UPDATE ".static::$table_name." SET ";
        $sql .= join(", ", $attribute_pairs);
        $sql .= " WHERE id=". $database->escape_value($this->id);
      $database->query($sql);
      return ($database->affected_rows() == 1) ? true : false;
    }

    public function delete() {
        global $database;
      $sql = "DELETE FROM ".static::$table_name;
      $sql .= " WHERE id=". $database->escape_value($this->id);
      $sql .= " LIMIT 1";
      $database->query($sql);
      return ($database->affected_rows() == 1) ? true : false;

    }
    
}

Edited August 8, 2013 by Matt_C

[Chatrapati]

THIS IS MY CODE:

 

BUT ONLY FILE NAME IS STORED IN DATABASE !

 

NOT PATH

// can any correct it?

 

<?php

 

 

$path="upload/".$_FILES['uname']['name'];

 

 

if(copy($_FILES['uname']['tmp_name'], $path))

{

 

$id=$_POST['id'];

 

$a=$_FILES['uname']['name'];

 

$sql="INSERT INTO image(id,uname) VALUES ('$id','$a')";

 

$result=mysql_query($sql);

}

else

{

echo "error";

}

 

$sql1="SELECT * FROM image";

$result1=mysql_query($sql1);

 

while($r=mysql_fetch_array($result1))

 

{

echo $r['id'];

$pic=$r['uname'];

echo "<img src=http://wapfull.site90.net/upload/.$pic>";

 

 

}

 

?>

[jazzman1]

You cannot use the copy() function in that way.

Check this out.

Also, you should have to use some useful php functions helping you to debug your script.

Debugging: A Beginner's guide

[mac_gyver]

ummm. yes you can use the copy() function, but you should use the move_uploaded_file() function.