xclusivzik Posted November 18, 2014 Share Posted November 18, 2014 (edited) <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Import a CSV File with PHP & MySQL</title> </head> <body> <form action="" method="post" enctype="multipart/form-data" name="csv" id="csv"> Choose your file: <br /> <input name="csv" type="file" id="csv" /> <input type="submit" name="Submit" value="Submit" /> </form> </body> but i keep having this error Notice: Undefined index: csv in C:\wamp\www\youngsoul\upload\file.php on line 7 Edited November 18, 2014 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted November 18, 2014 Share Posted November 18, 2014 And what are we supposed to do now? None of us is psychic, so if you want help with your code, you need to actually show us that code. Quote Link to comment Share on other sites More sharing options...
xclusivzik Posted November 18, 2014 Author Share Posted November 18, 2014 (edited) sowi About that, here is the code <?php include ('db_connection.php'); //connect to the database // if ($_FILES['csv']['size'] > 0) { //get the csv file $file = $_FILES[csv][tmp_name]; $handle = fopen($file,"r"); if ($handle !== FALSE) { while (!feof($handle)) { $data = fgetcsv($handle,10000,",","'"); if ($data[0]) { mysql_query("INSERT INTO data (name, Groups,phone numbers) VALUES ( '".addslashes($data[0])."', '".addslashes($data[1])."', '".addslashes($data[2])."' ) "); } } fclose($handle); } //redirect header('Location: file.php?success=1'); die; } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Import a CSV File with PHP & MySQL</title> </head> <body> <form action="" method="post" enctype="multipart/form-data" name="csv" > Choose your file: <br /> <input name="csv" type="file" id="csv" /> <input type="submit" name="Submit" value="Submit" /> </form> </body> </html> Edited November 18, 2014 by Ch0cu3r Quote Link to comment Share on other sites More sharing options...
Ch0cu3r Posted November 18, 2014 Share Posted November 18, 2014 If you are just going to be importing csv data straigh into the database with no further processsing required then use a LOAD DATA INFILE query. Also please wrap you code in [/code][/code] tags or click the <> button in the editor when posting code Quote Link to comment Share on other sites More sharing options...
Jacques1 Posted November 18, 2014 Share Posted November 18, 2014 (edited) If you are just going to be importing csv data straigh into the database with no further processsing required then use a LOAD DATA INFILE query. That's a very, very bad idea. In fact, there's something wrong with your server configuration if your application can use this query. The LOAD DATA INFILE query requires the FILE permission. Granting this to your application means that it can both read and write external files. It's easy to see that an SQL injection attack may now compromise the entire server: The attacker just has to grab critical passwords from your filesystem or create a malicious script. Sure, the Unix account of the MySQL database should not have unlimited access to the filesystem. But if the database server is already misconfigured, I wouldn't bet on that. Long story short: You do not want LOAD DATA INFILE. If it's active, turn it off. Then use a plain INSERT query. Edited November 18, 2014 by Jacques1 Quote Link to comment Share on other sites More sharing options...
xclusivzik Posted November 20, 2014 Author Share Posted November 20, 2014 so what do you suggest is wrong with the code , the query refuses to work, even when i use this code <?php $con=mysqli_connect("localhost","root","","book") or die(mysql_error()); if (isset($_POST['submit'])) { //get the csv file $file = $_FILES['file']['tmp_name']; $handle = fopen($file,"r"); while (($filelop= fgetcsv($handle,10000,",")) !==false) { $name = $filelop[0]; $group = $filelop[1]; $phone = $filelop[2]; $sql=mysql_query("INSERT INTO data (name, Groups, phone_number) VALUES ('$name','$group','$phone)"); if ($sql) { echo "uploaded"; } } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Import a CSV File with PHP & MySQL</title> </head> <body> <form action="file.php" method="post" enctype="multipart/form-data" > Choose your file: <br /> <input name="csv" type="file" id ="csv" /> <input type="submit" name="Submit" value="Submit" /> </form> </body> </html> Quote Link to comment Share on other sites More sharing options...
Barand Posted November 20, 2014 Share Posted November 20, 2014 You have a mysqli connection but you are using mysql_query(). You can't mix the two libraries. Use mysqli_query(). Better would by to create a mysqli prepared statement and repeatedly execute that with the new data values each time. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.