Jump to content

How to include user uploaded files to index.php


Chatrapati

Recommended Posts

PHP:

how can i link the files stored in directory

 

to the index.php

 

eg: if a user upload's a file it should also be linked in index.php as

'RECENT UPLOADS'

i tried this

 

$path="/uploadedfiles/.$HTTP_POST_FILES['file']['name'];

 

<img src=\"$path\" >

 

but it only show's the file when it is uploaded.

 

can any help me?

Link to comment
Share on other sites

I would personally go with the database approach.

 

Set up a database to store user uploads, possible columns:

1 - id

2 - uploaded_by

3 - file_path

4 - upload_time

 

Then create the upload form/page, Upload page:

1 - Create upload form

2 - On successful upload, add new record to the table

 

Then on the Index page:

1 - Retrieve the records from the table and display them on the page.

Edited by PaulRyan
Link to comment
Share on other sites

I would do it in a more oop kind of way but since you don't know how to show all records from a db i have written this simple approach. Just call the function on any page you want to display the uploads.

 

    <?php
    define("DB_SERVER", "server");
    define("DB_USER", "username");
    define("DB_PASS", "password");
    define("DB_NAME", "database_name");


  $connection = mysqli_connect(DB_SERVER, DB_USER, DB_PASS, DB_NAME);
  if(mysqli_connect_errno()) {
    die("Database connection failed: " .
         mysqli_connect_error() .
         " (" . mysqli_connect_errno() . ")"
    );
  }
    
    function display_all_uploads() {
        
        // Make the connection
        global $connection;

        // check to see if we are looking for a particlar set of records
            $query  = "SELECT * ";
            $query .= "FROM table_name ";
            $query .= "ORDER BY value ASC";
            
            // query the database
            $upload_set = mysqli_query($connection, $query);
            confirm_query($upload_set);
        
        // use the results
        while($upload = mysqli_fetch_assoc($upload_set)) {
            // do something here
            $output = "";
        }
        
        // return the output
        return $output;
    }
    
    function confirm_query($result_set) {
        if (!$result_set) {
            die("Database query failed.");
        }
    }
    ?>

 

To do the insert just use the insert statement...i have 3 oop functions that i use all the time. I just call it when i need it. All my classes that require db actions inherit from this one.

 

<?php
require_once(LIB_PATH.DS.'database.php');

class DatabaseObject {

    public static function find_all() {
        return static::find_by_sql("SELECT * FROM ".static::$table_name);
  }
 
  public static function find_by_id($id=0) {
      global $database;
    $result_array = static::find_by_sql("SELECT * FROM ".static::$table_name." WHERE id=".$database->escape_value($id)." LIMIT 1");
        return !empty($result_array) ? array_shift($result_array) : false;
  }
 
  public static function find_by_sql($sql="") {
    global $database;
    $result_set = $database->query($sql);
    $object_array = array();
    while ($row = $database->fetch_array($result_set)) {
      $object_array[] = static::instantiate($row);
    }
    return $object_array;
  }

    public static function count_all() {
      global $database;
      $sql = "SELECT COUNT(*) FROM ".static::$table_name;
      $result_set = $database->query($sql);
      $row = $database->fetch_array($result_set);
          return array_shift($row);
      }

    private static function instantiate($record) {
        // Could check that $record exists and is an array
        $class_name = get_called_class();
        $object = new $class_name;
        foreach($record as $attribute=>$value){
          if($object->has_attribute($attribute)) {
            $object->$attribute = $value;
          }
        }
        return $object;
    }
    
    private function has_attribute($attribute) {
      // We don't care about the value, we just want to know if the key exists
      // Will return true or false
      return array_key_exists($attribute, $this->attributes());
    }

    protected function attributes() {
        // return an array of attribute names and their values
      $attributes = array();
      foreach(static::$db_fields as $field) {
        if(property_exists($this, $field)) {
          $attributes[$field] = $this->$field;
        }
      }
      return $attributes;
    }
    
    public function save() {
      // A new record won't have an id yet.
      return isset($this->id) ? $this->update() : $this->create();
    }
    
    protected function sanitized_attributes() {
      global $database;
      $clean_attributes = array();
      // sanitize the values before submitting
      // Note: does not alter the actual value of each attribute
      foreach($this->attributes() as $key => $value){
        $clean_attributes[$key] = $database->escape_value($value);
      }
      return $clean_attributes;
    }
    
    
    public function create() {
        global $database;
        $attributes = $this->sanitized_attributes();
      $sql = "INSERT INTO ".static::$table_name." (";
        $sql .= join(", ", array_keys($attributes));
      $sql .= ") VALUES ('";
        $sql .= join("', '", array_values($attributes));
        $sql .= "')";
      if($database->query($sql)) {
        $this->id = $database->insert_id();
        return true;
      } else {
        return false;
      }
    }

    public function update() {
      global $database;
        $attributes = $this->sanitized_attributes();
        $attribute_pairs = array();
        foreach($attributes as $key => $value) {
          $attribute_pairs[] = "{$key}='{$value}'";
        }
        $sql = "UPDATE ".static::$table_name." SET ";
        $sql .= join(", ", $attribute_pairs);
        $sql .= " WHERE id=". $database->escape_value($this->id);
      $database->query($sql);
      return ($database->affected_rows() == 1) ? true : false;
    }

    public function delete() {
        global $database;
      $sql = "DELETE FROM ".static::$table_name;
      $sql .= " WHERE id=". $database->escape_value($this->id);
      $sql .= " LIMIT 1";
      $database->query($sql);
      return ($database->affected_rows() == 1) ? true : false;

    }
    
}

Edited by Matt_C
Link to comment
Share on other sites

THIS IS MY CODE:

 

BUT ONLY FILE NAME IS STORED IN DATABASE !

 

NOT PATH

// can any correct it?

 

<?php

 

 

$path="upload/".$_FILES['uname']['name'];

 

 

if(copy($_FILES['uname']['tmp_name'], $path))

{

 

$id=$_POST['id'];

 

$a=$_FILES['uname']['name'];

 

$sql="INSERT INTO image(id,uname) VALUES ('$id','$a')";

 

$result=mysql_query($sql);

}

else

{

echo "error";

}

 

$sql1="SELECT * FROM image";

$result1=mysql_query($sql1);

 

while($r=mysql_fetch_array($result1))

 

{

echo $r['id'];

$pic=$r['uname'];

echo "<img src=http://wapfull.site90.net/upload/.$pic>";

 

 

}

 

?>

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.