Jump to content

Recommended Posts

Just before you go  :) can you help me add "username" to the upload page 

<html>
    <head></head>
    <body>
        <form method="post" enctype="multipart/form-data">
            <table width="350" border="0" cellpadding="1"
                   cellspacing="1" class="box">
                <tr>
                    <td>please select a file</td></tr>
                <tr>
                    <td>
                        <input type="hidden" name="MAX_FILE_SIZE"
                               value="99000000">
                        <input name="userfile" type="file" id="userfile"> 
                    </td>
                    <td width="80"><input name="upload"
                                          type="submit" class="box" id="upload" value=" Upload "></td>
                </tr>
            </table>
        </form>
    </body>
</html>

<?php
if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) {
    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
    $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string(
                            $_FILES['userfile']['type']) : mysql_real_escape_string(
                            stripslashes($_FILES['userfile'])));
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if (!get_magic_quotes_gpc()) {
        $fileName = addslashes($fileName);
    }
    $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error());
    $db = mysql_select_db('company', $con);
    if ($db) {
        $query = "INSERT INTO upload (name, size, type, content ) " .
                "VALUES ('$fileName', '$fileSize', '$fileType', '$content')";
        mysql_query($query) or die('Error, query failed');
        mysql_close();
        echo "<br>File $fileName uploaded<br>";
    } else {
        echo "file upload failed";
    }
}
?>

This should allow me to upload the file with the username as opposed to editing the file l8r in myphpadmin as I have been through the testing

Edited by RidgeandGable

put the following two lines on top of the file you call, just to check if you have some session already started from the previous page:

<?php

session_start(true);

var_dump($_SESSION); 

?>
<html>
    <head></head>
...................................
Edited by jazzman1

Cheers. what about adding the username?

at the moment I upload the file, and then go into phpmyadmin and edit the uploaded file to enter the username, a long way round lol but it works, would be easier if I was able to add username and send that field through with the rest of the data.

Doesn't matter what I try I either get errors for index: username or something else

I will add that little bit of code tho, thanks

How many tables this database has at that moment? You need to create a second table, name it for instance - users, then you should establish a connection (relationship) between upload and user tables by foreign key. Do you know how to do this? 

 

Ops....disregard this posting...you already did it ( skipped the first one ).

 

 

at the moment I upload the file, and then go into phpmyadmin and edit the uploaded file to enter the username,
 

 

Why? Where is the user_id in this insert statement?

$query = "INSERT INTO upload (name, size, type, content ) " .
"VALUES ('$fileName', '$fileSize', '$fileType', '$content')";

upload table:

 

upid - Primary
id - Need to link this to the logged on user id

name
type
size

content
Edited by jazzman1

I scraped ID from the tbl Upload as it wasn't actually being used for anything as everything else calls on username as this is unique,in the tbl upload I have:

 

upid - primary

username

name

type

size

content

 

The upload script above uploads everything else but I can't figure out how to add the username to upload with the file at the same time. It just makes since to try and add the username field at upload than having to amend it manually later.

The script was downloaded, not my own work

 

To answer your other question I have 2 tables.

1: Login:

id

username

password

 

2: Upload

upid

username

name

type

size

content

 

Cheers

This is what I've tried with no luck

<html>
    <head></head>
    <body>
        <form method="post" enctype="multipart/form-data">
            <table width="350" border="0" cellpadding="1"
                   cellspacing="1" class="box">
                <tr>
                    <td>please select a file</td></tr>
                <tr>
                    <td>
                        <input type="hidden" name="MAX_FILE_SIZE"
                               value="99000000">
                        <input name="userfile" type="file" id="userfile">
                        <input name="username" type="text" id="username">   ADDED THIS LINE
                    </td>
                    <td width="80"><input name="upload"
                                          type="submit" class="box" id="upload" value=" Upload "></td>
                </tr>
            </table>
        </form>
    </body>
</html>

<?php

if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) {
    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
      $username = $_FILES['username']['username']; ADDED THIS LINE HERE
    $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string(
                            $_FILES['userfile']['type']) : mysql_real_escape_string(
                            stripslashes($_FILES['userfile'])));
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if (!get_magic_quotes_gpc()) {
        $fileName = addslashes($fileName);
    }
    $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error());
    $db = mysql_select_db('company', $con);
    if ($db) {
        $query = "INSERT INTO upload (username name, size, type, content ) " . ADDED USERNAME AT THE START
                "VALUES ('$fileName', '$fileSize', '$fileType', '$content')";
        mysql_query($query) or die('Error, query failed');
        mysql_close();
        echo "<br>File $fileName uploaded<br>";
    } else {
        echo "file upload failed";
    }
}
?>

No errors at loading but once submitted I get : Notice: Undefined index: username in C:\xampp\htdocs\ridge\upload.php on line 31

Error, query failed

Edited by RidgeandGable

so, you've got a session with name "alex", right?

 

Try,

$u_name = $_SESSION['MM_Username'];

$query = "INSERT INTO upload (`username`, `name`, `size`, `type`, `content`) VALUES ('$u_name','$fileName', '$fileSize', '$fileType', '$content')";

I added this at the top of the page 

session_unset('void') 

now the var dump shows array (0)

 

I've added username etc to several other bits and have no errors at all but also no files being uploaded

<?php

session_start(true);

var_dump($_SESSION); 
session_unset('void')
?>


<html>
    <head></head>
<html>
    <head></head>
    <body>
        <form method="post" enctype="multipart/form-data">
            <table width="350" border="0" cellpadding="1"
                   cellspacing="1" class="box">
                <tr>
                    <td>please select a file</td></tr>
                <tr>
                    <td>
                        <input type="hidden" name="MAX_FILE_SIZE"
                               value="99000000">
                        <input name="userfile" type="file" id="userfile"> 
                        <input name="username" type="text" id="username"> 
                    </td>
                    <td width="80"><input name="upload"
                                          type="submit" class="box" id="upload" value=" Upload "></td>
                </tr>
            </table>
        </form>
    </body>
</html>

<?php

if (isset($_POST['upload']) && $_FILES['userfile']['size']['username'] > 0) {
    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
      $username = $_FILES['userfile']['username'];
    $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string(
                            $_FILES['userfile']['type']['username']) : mysql_real_escape_string(
                            stripslashes($_FILES['userfile'])));
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if (!get_magic_quotes_gpc()) {
        $fileName = addslashes($fileName)AND($username);
    }
    $con = mysql_connect('localhost', 'root', '1234') or die(mysql_error());
    $db = mysql_select_db('company', $con);
    if ($db) {
        $query = "INSERT INTO upload (name, size, type, content,username ) " . 
                "VALUES ('$username','$fileName', '$fileSize', '$fileType', '$content')";
        mysql_query($query) or die('Error, query failed');
        mysql_close();
        echo "<br>File $fileName uploaded<br>";
    } else {
        echo "file upload failed";
    }
}
?>

The idea is that I print my PDF files Invoices, Estimates from Sage account (PDF Printer), I upload this Via Upload.php like:

*Select file to upload* Browse Button
Enter Username: alex

submit

 

Tbl looks like:

 

upid - 5

name: invoicealex1.pdf

type - pdf

size - 1mb

content: blah blah

username: alex

Pretty much kinda thing

The success page that returns the results for the files in the tbl using MM_Username, at the moment this works by me uploading the files through the above script, I have been using phpmyadmin to then go in and manually enter Alex as the username during the building and testing. I'm now looking to automate that so I don't have to log into phpmyadmin anymore. So if I can add username to the upload, then I only need to up and then I'm done

I don't know much about php lol, but from what I can see, you're calling the MM_Username statement, as I will be accessing upload.php directly, there will be no MM_Username session in play as that's only active from Login?

Sorry if I got that wrong lol

I don't know much about php lol, but from what I can see, you're calling the MM_Username statement, as I will be accessing upload.php directly, there will be no MM_Username session in play as that's only active from Login?

 

Sorry if I got that wrong lol

No, So long as you call session_start() at the beginning of your script the $_SESSION variables will be available to use. 

 

jazzman1's code suggestion inserts the logged in users username along with the uploaded files details into the upload table.

 

That is what is what you are wanting to do right? 

no lol, its probably the way I'm explaining it , sorry I just want to add a normal text field to the script above "upload.php" like this 

<input name="username" type="text" id="username"> 

This will allow me (not anyone logged in, as I will be adding uploads, no one else) this will allow me to upload the invoice and manually type the username into that field, and when I click on submit, if that manually entered username can be sent to mysql as an input to the tbl upload along with the file.

Just to clarify:

 

Users / Customers won't be uploading any files so no need to have MM_Username at all for uploads. Just a manual input textbox that also sends the input to tbl upload, username?

This is your script from reply #31.

<html>
    <head></head>
    <body>
        <form method="post" enctype="multipart/form-data">
            <table width="350" border="0" cellpadding="1"
                   cellspacing="1" class="box">
                <tr>
                    <td>please select a file</td></tr>
                <tr>
                    <td>
                        <input type="hidden" name="MAX_FILE_SIZE"
                               value="99000000">
                        <input name="userfile" type="file" id="userfile">
                        <input name="username" type="text" id="username">   ADDED THIS LINE
                    </td>
                    <td width="80"><input name="upload"
                                          type="submit" class="box" id="upload" value=" Upload "></td>
                </tr>
            </table>
        </form>
    </body>
</html>

<?php

if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) {
    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
      $username = $_FILES['username']['username']; ADDED THIS LINE HERE
    $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string(
                            $_FILES['userfile']['type']) : mysql_real_escape_string(
                            stripslashes($_FILES['userfile'])));
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if (!get_magic_quotes_gpc()) {
        $fileName = addslashes($fileName);
    }
    $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error());
    $db = mysql_select_db('company', $con);
    if ($db) {
        $query = "INSERT INTO upload (username name, size, type, content ) " . ADDED USERNAME AT THE START
                "VALUES ('$fileName', '$fileSize', '$fileType', '$content')";
        mysql_query($query) or die('Error, query failed');
        mysql_close();
        echo "<br>File $fileName uploaded<br>";
    } else {
        echo "file upload failed";
    }
}
?>

Replace $username = $_FILES['username']['username']; to $u_name = $_POST['username'];

 

Your query should be:

$query = "INSERT INTO upload (`username`, `name`, `size`, `type`, `content`) VALUES ('$u_name','$fileName', '$fileSize', '$fileType', '$content')";

Try the following and tell me if you get an error:

<?php

ini_set('display_startup_errors', 1);

ini_set('display_errors', 1);

error_reporting(-1);

if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) {
    $fileName = $_FILES['userfile']['name'];
    $tmpName = $_FILES['userfile']['tmp_name'];
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
    $u_name = $_POST['username'];
  
    $fileType = (get_magic_quotes_gpc() == 0 ? mysql_real_escape_string(
                            $_FILES['userfile']['type']) : mysql_real_escape_string(
                            stripslashes($_FILES['userfile'])));
    $fp = fopen($tmpName, 'r');
    $content = fread($fp, filesize($tmpName));
    $content = addslashes($content);
    fclose($fp);
    if (!get_magic_quotes_gpc()) {
        $fileName = addslashes($fileName);
    }
    $con = mysql_connect('localhost', 'username', 'password') or die(mysql_error());
    $db = mysql_select_db('company', $con);
    $query = "INSERT INTO upload (`username`, `name`, `size`, `type`, `content`) VALUES ('$u_name','$fileName', '$fileSize', '$fileType', '$content')";
    $result = mysql_query($query,$con);
    if ($result) {
        echo "<br>File $fileName uploaded<br>";
    } else {
        echo "file upload failed"; exit;
    }
}
?>

<html>
    <head></head>
    <body>
        <form method="post" enctype="multipart/form-data">
            <table width="350" border="0" cellpadding="1"
                   cellspacing="1" class="box">
                <tr>
                    <td>please select a file</td></tr>
                <tr>
                    <td>
                        <input type="hidden" name="MAX_FILE_SIZE"
                               value="99000000">
                        <input name="userfile" type="file" id="userfile">
                        <input name="username" type="text" id="username">
                    </td>
                    <td width="80"><input name="upload"
                                          type="submit" class="box" id="upload" value=" Upload "></td>
                </tr>
            </table>
        </form>
    </body>
</html>


You can put the php content surround by <?php ?> tags everywhere you want in the document. Since php is a server-side language, all the fancy work is done and parsed from the php parser before any html content gets a peek by the browser. As for the variable name $u_name you can be free to use any name you want following the rule of a valid php variable name.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.