Jump to content

Variable dependent on user input issue

CloudBreaker

By CloudBreaker
in PHP Coding Help

 Share
Go to solution Solved by mac_gyver,

Recommended Posts

CloudBreaker Member

CloudBreaker

Posted
Posted

The entire form below is submitted all at once.  This creates a problem because I need id="name" (line 92) inserted into the database before the code at line 198 is initiated, because it's dependent upon the user input.  How would I go about having that "name" value entered into the database before the code at 198 is executed while at the same time having all the code on the same page?

 

thanks for you help.

 

CB

<?php

	$conn = mysqli_connect("localhost","root","","hsa_project_hub");

	session_start(); 

	if(!$_SESSION['user_loginName']){
	header("location: index.php");
	}
	else {
		
?>
<link href='http://fonts.googleapis.com/css?family=Josefin+Sans' rel='stylesheet' type='text/css'>
<style>
	form label {
	float: left;
	width: 150px;
	margin-bottom: 5px;
	margin-top: 5px;
	padding: 5px;
}
.clear {
	display: block;
	clear: both;
	width: 100%;
}

#rfi_container {
	background: #F0F0F0;
	font-family: 'Josefin Sans', sans-serif;
	font-weight: bold;
	color: #8F0000;
}

#files {
	background: yellow;
	display:block;
}
</style>


<?php //Grab Session Variable
 $project_id = $_SESSION['project_id'];
 ?>
		


<!DOCTYPE HTML>

<html>

	<head>
		<title>New RFI</title>

	<link href="hsastyle.css" rel="stylesheet">

	</head>
		<body>
			<div id="main_container">
				<p><em>version 1.0 beta</em></p>
		
				<div id="banner">
			
					<div id="logo">
						<img src="images/hsa-logo.jpg" alt=HSA logo>
						
					</div>					
						<div id="logout"><H5><a href="logout.php">Log Out</a></H5></div>
						<div id="welcome"><h6>Welcome  <?php echo $_SESSION['firstName'];?></h6></div>
						<div id="project_name">		
						<strong><em><?php echo $_SESSION['projName']?></em></strong>
					</div>
					
										
				</div> <!--End Banner-->
				
				
			
				
			
				<div id="user_list">
					<FORM>
						<INPUT Type="BUTTON" Value="Back to RFI List" Onclick="window.location.href='rfi_list.php'">
					</FORM>
				</div>
	<div id="rfi_container">
				
		<!--Create RFI for user input-->
		
			<form id="form1" name="form1" method="post" action="new_rfi.php" enctype="multipart/form-data"><br>
				<br class="clear" />
				<label for="name">RFI NO.</label><input type="text" name="name" id="name" placeholder="Ex: 003" required="required" />
				<br class="clear" /> 
				<label for="subject">Subject</label><input type="text" name="subject" id="subject" placeholder="Ex: Discontinued floor finish" />
				<br class="clear" /> 
				<label for="date_submit">Date submitted:</label><input type="date" name="date_submit" id="date_submit" />
				<br class="clear" /> 
				<label for="needed_by">Date Needed by:</label><input type="date" name="needed_by" id="needed_by" />
				<br class="clear" /> 
				<label for="question">Question:</label><textarea name="question" id="question" required="required" cols="100" rows="5"></textarea>
				<br class="clear" />
				<label for="gc_rsp">Contractor Suggestion:</label><textarea name="gc_rsp" id="gc_rsp" cols="100" rows="5"></textarea>
				<br class="clear" /> 
				<label for="owner_rsp">Owner Response:</label><textarea name="owner_rsp" id="owner_rsp" cols="100" rows="5"></textarea>
				<br class="clear" /> 
				<label for="engr_rsp">Engineer Response:</label><textarea name="engr_rsp" id="engr_rsp" cols="100" rows="5"></textarea>
				<br class="clear" /> 
				<label for="arch_rsp">Architect Response:</label><textarea name="arch_rsp" id="arch_rsp" cols="100" rows="5"></textarea><br>			
				<br class="clear" />
				<label for="final_by">Final Response by:</label><select name="final_by" id="final_by">
					<option></option>
					<option value="Architect">Architect</option>
					<option value="Owner">Owner</option>
					<option value="Structural Engineer">Structural Engineer</option>
					<option value="MEP Engineer">MEP Engineer</option>
					<option value="Civil Engineer">Civil Engineer</option>
					<option value="Landscape Architect">Landscape Architect</option>
				</select>
				<br class="clear" /> 
				<label for="date_returned">Date Returned:</label><input type="date" name="date_returned" id="date_returned" /><br>
				<br class="clear" />
				<label for="status">Status:</label><select name="status" id="status">
					<option></option>
					<option value="CLOSED">CLOSED</option>
					<option value="at Architect">at Architect</option>
					<option value="at MEP Engineer">at MEP Engineer</option>
					<option value="at Structural Engineer">at Structural Engineer</option>
					<option value="at Civil Engineer">at Civil Engineer</option>
					<option value="at Landscape Architect">at Landscape Architect</option>
					<option value="at Owner">at Owner</option>
					<option value="at General Contractor">at General Contractor</option>
				</select>
				<br class="clear" /><br> 
				<input type="file" name="files[]" multiple="" />
				<br class="clear" /><br> 
				<center><input type="submit" name="submit_data" id="submit_data" value="Submit RFI" /></center>
				
			</form>
			
			<br>
			
	
			
	<?php
	
		
		
		

	//Enter info in database
		if(isset($_POST['submit_data'])){	
	
	//Getting the form information and saving in local variables 
		$name 			= mysqli_real_escape_string($conn,$_POST['name']);  
		$subject 		= mysqli_real_escape_string($conn,$_POST['subject']);  
		$date_submit 	= mysqli_real_escape_string($conn,$_POST['date_submit']);
		$needed_by 		= mysqli_real_escape_string($conn,$_POST['needed_by']); 
		$question		= mysqli_real_escape_string($conn,$_POST['question']);  
		$gc_rsp 		= mysqli_real_escape_string($conn,$_POST['gc_rsp']);  
		$owner_rsp 		= mysqli_real_escape_string($conn,$_POST['owner_rsp']);  
		$engr_rsp 		= mysqli_real_escape_string($conn,$_POST['engr_rsp']);  
		$arch_rsp 		= mysqli_real_escape_string($conn,$_POST['arch_rsp']);		 
		$final_by 		= mysqli_real_escape_string($conn,$_POST['final_by']);  
		$date_returned 	= mysqli_real_escape_string($conn,$_POST['date_returned']);  
		$status 		= mysqli_real_escape_string($conn,$_POST['status']); 

		
		// Creating local variable for query from Session variable
		$first_name = $_SESSION['firstName'];
		
		$sql = " INSERT INTO rfis ( id, name, subject, issued_by, date_submit, needed_by, question, gc_rsp, owner_rsp, engr_rsp, 
			arch_rsp, final_by, date_returned, status )  VALUES ( '$project_id', '$name', '$subject', '$first_name', '$date_submit', '$needed_by', '$question',
			'$gc_rsp', '$owner_rsp', '$engr_rsp', '$arch_rsp', '$final_by', '$date_returned', '$status' ) ";
			
		
			
		if (mysqli_query($conn, $sql)) {
			echo "Success with first query";
			//echo "<script>alert('RFI added successfully')</script>";
			//echo "<script>window.open('rfi_list.php','_self')</script>";
			//} else {
			//echo "Error: " . $sql . "<br>" . mysqli_error($conn);
		}
		
		
		}
	
	
		
?>
   
<?php
	//Fetch new RFI No. from database
	
	$s = "SELECT rfis.id,rfis.name\n"
    . "FROM rfis\n"
    . "where rfis.id=$project_id\n"
    . "and rfis.name=$name";
	
	
	$result=mysqli_query($conn,$s);
	$row=mysqli_fetch_assoc($result);
	$i=0;
	
	$run = mysqli_query($conn, $s);
	//assign values to local variables
	while($row=mysqli_fetch_array($run)){
	$rfiNo		=$row["name"];
	$i++;
	}
	
?>

<?php

	
		//Choose files to be uploaded
		if(isset($_FILES['files'])){
			$errors= array();
			foreach($_FILES['files']['tmp_name'] as $key => $tmp_name ){
				$file_name = $key.$_FILES['files']['name'][$key];
				$file_size =$_FILES['files']['size'][$key];
				$file_tmp =$_FILES['files']['tmp_name'][$key];
				$file_type=$_FILES['files']['type'][$key];	
				if($file_size > 2097152){
					$errors[]='File size must be less than 2 MB';
				}		
				$query="INSERT into rfi_files(`rfi_id`,`rfi_project_id`,`rfi_fileName`,`rfi_fileSize`,`rfi_fileType`) VALUES('$rfiNo','$project_id','$file_name','$file_size','$file_type'); ";
				$desired_dir="rfi_files";
				if(empty($errors)==true){
					if(is_dir($desired_dir)==false){
						mkdir("$desired_dir", 0700);		// Create directory if it does not exist
					}
					if(is_dir("$desired_dir/".$file_name)==false){
						move_uploaded_file($file_tmp,"$desired_dir/".$file_name);
					}else{									// rename the file if another one exist
						$new_dir="$desired_dir/".$file_name.time();
						 rename($file_tmp,$new_dir) ;				
					}
				 mysqli_query($conn,$query);			
				}else{
						print_r($errors);
				}
			}
			if(empty($error)){
				echo "<script>alert('RFI $rfiNo added successfully')</script>";
				echo "<script>window.open('rfi_list.php','_self')</script>";
			}
				}
			
			
	
	
		?>
			
		
			
		
			
		
						
			<!--<div id="files"><a href="rfi_files<?php// echo $rfiFilename;?>"><?php //echo $rfiFilename;?></a></div>	USE LATER TO SHOW LINK FOR DOWNLOAD-->
			
		<?php } ?>
		
		<div><!--end of container-->
		
		
		
		</body>
		
		
</html>
Link to comment
Share on other sites
CloudBreaker Member

CloudBreaker

Posted
  • Author
Posted

Ex:  user enters 003 in the form (line 90 and it's local variable is set on line 154.) , fills out the rest of the form and selects a file to be uploaded.  He then hits submit.   The query is run and and 003 should be in the "name" column at this point..right?

 

Now we're at line 195 where that 003 needs to be placed into a different table where file name, size, etc are posted to in order to associate the uploaded file to this form that the user is filling out.  A SELECT query is run and 003 should be available to be pulled from the database.

The problem is that the 003 is apparently not yet in the database, so I get an undefined variable at line 204.  If I type in 003 manually in the place of $name on line 208 everything works great....but I can't do that, because that's user input.  I could just create create separate page before this form and ask the user to enter this "RFI" number, then carry it over to this form page, but that just doesn't seem like the right thing to do. 

 

I'm fried over this.

 

thnks

 

CB

Link to comment
Share on other sites
mac_gyver Prolific Member

mac_gyver

Posted
Posted

some things to consider -
 
1) this form/form processing is for creating a RFI. it shouldn't be up to the user to enter/manage the RFI number (and if he was, the form field name, php variables, and database column name should all match and have a name the reflects the purpose of the value.) you should use an auto-increment column in your database table to manage the RFI number.
 
2) ALL the form processing code that belongs to one form should be together, inside one logic test. your code around line 200 isn't even inside of any form processing logic and will be executed each time the page gets requested.
 
3) you need to arrange your code better. any post method form processing code should come near the start of your file. your code should be laid out in this general order - initialization, user state/permission check, post method form processing, get method business logic (produces/retrieves data needed to display the page), get method presentation logic (uses the data from the business logic and produces the dynamic output for the page), html page/template (the actual html document that the dynamic output is put into to make the complete page.) doing this will reduce the amount of code, because it will consolidate the different sections that you now have scattered throughout your file. it will also make it easier to test each section and then to only post the relevant section if you need help.

 

so, if the database is creating/managing the RFI number, after you successful INSERT the new row, you can retrieve the just assigned auto-increment id by calling mysqli_insert_id($conn)

Link to comment
Share on other sites
  • Solution
mac_gyver Prolific Member

mac_gyver

Posted
  • Solution
Posted

the following is your code, rearranged as suggested -

<?php
// initialization
$conn = mysqli_connect("localhost","root","","hsa_project_hub");

session_start();


// user state/permission check
if(!$_SESSION['user_loginName']){
    header("location: index.php");
    exit; // in one your other threads, it was suggested that you add this here. this elimiates the need for the else {} statement -
}
// else { // not needed if you exit after the header() redirect. you also don't have the closing } in your code in the correct place, so it's best to simply elimiate unnecessary code. i have removed the closing } from this example code.


// post method form processing
if($_SERVER['REQUEST_METHOD'] == 'POST') // an overall check if a post method form was submitted
{
    //Enter info in database
    if(isset($_POST['submit_data'])){
        //Getting the form information and saving in local variables
        // $name            = mysqli_real_escape_string($conn,$_POST['name']); // this is the RFI number and should be produced by the database
        $subject        = mysqli_real_escape_string($conn,$_POST['subject']);
        $date_submit    = mysqli_real_escape_string($conn,$_POST['date_submit']);
        $needed_by      = mysqli_real_escape_string($conn,$_POST['needed_by']);
        $question       = mysqli_real_escape_string($conn,$_POST['question']);
        $gc_rsp         = mysqli_real_escape_string($conn,$_POST['gc_rsp']);
        $owner_rsp      = mysqli_real_escape_string($conn,$_POST['owner_rsp']);
        $engr_rsp       = mysqli_real_escape_string($conn,$_POST['engr_rsp']);
        $arch_rsp       = mysqli_real_escape_string($conn,$_POST['arch_rsp']);
        $final_by       = mysqli_real_escape_string($conn,$_POST['final_by']);
        $date_returned  = mysqli_real_escape_string($conn,$_POST['date_returned']);
        $status         = mysqli_real_escape_string($conn,$_POST['status']);

        // Creating local variable for query from Session variable
        $first_name = $_SESSION['firstName'];
        $project_id = $_SESSION['project_id'];

        $sql = " INSERT INTO rfis ( id, name, subject, issued_by, date_submit, needed_by, question, gc_rsp, owner_rsp, engr_rsp,
        arch_rsp, final_by, date_returned, status )  VALUES ( '$project_id', '$name', '$subject', '$first_name', '$date_submit', '$needed_by', '$question',
        '$gc_rsp', '$owner_rsp', '$engr_rsp', '$arch_rsp', '$final_by', '$date_returned', '$status' ) ";
        if (mysqli_query($conn, $sql)) {
            echo "Success with first query";
            // at this point you can get the auto-increment id that was assigned to the inserted row
            
            // all the code that's dependetn on the INSERT query working would need to be here or would need to check for errors from the above code (you would have to actually set elements in the $errors array to do this.)
            
        } else {
            // you ALWAYS need to handle errors. if you use trigger_error() you can display them when devloping/debugging and log them on a live server since trigger_error() uses php's error_reporting/display_errors/log_errors settings
            //echo "Error: " . $sql . "<br>" . mysqli_error($conn);
        }
    }

    // the following section of code goes-a-way once you use the auto-increment value from the INSERT query
    //Fetch new RFI No. from database
    /*
    $s = "SELECT rfis.id,rfis.name\n"
    . "FROM rfis\n"
    . "where rfis.id=$project_id\n"
    . "and rfis.name=$name";
    $result=mysqli_query($conn,$s);
    $row=mysqli_fetch_assoc($result);
    $i=0;
    $run = mysqli_query($conn, $s);
    //assign values to local variables
    while($row=mysqli_fetch_array($run)){
    $rfiNo      =$row["name"];
    $i++;
    }
    */


    // the following code is part of the form processing. you should validate the uploaded file infomration when you validate the other form data.
    // at this point, you will have the auto-increment id value from the INSERT query above.

    // process uploaded files
    if(isset($_FILES['files'])){ // unless you exceed the post max size setting, this will be set if the form was submitted.
        $errors= array();
        foreach($_FILES['files']['tmp_name'] as $key => $tmp_name ){
            $file_name = $key.$_FILES['files']['name'][$key];
            $file_size =$_FILES['files']['size'][$key];
            $file_tmp =$_FILES['files']['tmp_name'][$key];
            $file_type=$_FILES['files']['type'][$key];
            if($file_size > 2097152){
                $errors[]='File size must be less than 2 MB';
            }
            $query="INSERT into rfi_files(`rfi_id`,`rfi_project_id`,`rfi_fileName`,`rfi_fileSize`,`rfi_fileType`) VALUES('$rfiNo','$project_id','$file_name','$file_size','$file_type'); ";
            $desired_dir="rfi_files";
            if(empty($errors)==true){
                if(is_dir($desired_dir)==false){
                    mkdir("$desired_dir", 0700);        // Create directory if it does not exist
                }
                if(is_dir("$desired_dir/".$file_name)==false){
                    move_uploaded_file($file_tmp,"$desired_dir/".$file_name);
                }else{                                  // rename the file if another one exist
                    $new_dir="$desired_dir/".$file_name.time();
                    rename($file_tmp,$new_dir) ;
                }
                mysqli_query($conn,$query);
            }else{
                print_r($errors);
            }
        }
        if(empty($error)){ // you have a typo in this line, it should be $errors
            echo "<script>alert('RFI $rfiNo added successfully')</script>";
            echo "<script>window.open('rfi_list.php','_self')</script>";
        }
    }
}


// get method business logic (produces/retrieves data needed to display the page)
// in this case, you are not producing/retrieving any data (if you were editing an existing record, you would retreive that data here...)

// the dividing line between the business logic and the presentation logic. you can close any database connection since you are done retreiving any database data at this point.

// get method presentation logic (uses the data from the business logic and produces the dynamic output for the page)
// if the output doesn't require any heavy processing/formatting, just use the data directly in the html page/template code.
// again, not used in this case


// html page/template (the actual html document that the dynamic output is put into to make the complete page.)
// only simple php conditional logic/loops and echo statements should be present beyond this point.
?>
<!DOCTYPE HTML>
<html>
<head>
    <title>New RFI</title>

    <link href="hsastyle.css" rel="stylesheet">
    <link href='http://fonts.googleapis.com/css?family=Josefin+Sans' rel='stylesheet' type='text/css'>

    <style>
    form label {
        float: left;
        width: 150px;
        margin-bottom: 5px;
        margin-top: 5px;
        padding: 5px;
    }
    .clear {
        display: block;
        clear: both;
        width: 100%;
    }
    #rfi_container {
        background: #F0F0F0;
        font-family: 'Josefin Sans', sans-serif;
        font-weight: bold;
        color: #8F0000;
    }
    #files {
        background: yellow;
        display:block;
    }
    </style>
</head>

<body>
    <div id="main_container">
    <p><em>version 1.0 beta</em></p>
    <div id="banner">
    <div id="logo">
    <img src="images/hsa-logo.jpg" alt=HSA logo>
    </div>
    <div id="logout"><H5><a href="logout.php">Log Out</a></H5></div>
    <div id="welcome"><h6>Welcome  <?php echo $_SESSION['firstName'];?></h6></div>
    <div id="project_name">
    <strong><em><?php echo $_SESSION['projName']?></em></strong>
    </div>
    </div> <!--End Banner-->
    
    <div id="user_list">
    <FORM>
    <INPUT Type="BUTTON" Value="Back to RFI List" Onclick="window.location.href='rfi_list.php'">
    </FORM>
    </div>
    
    <div id="rfi_container">
    <!--Create RFI for user input-->
    <form id="form1" name="form1" method="post" action="new_rfi.php" enctype="multipart/form-data"><br>

    <br class="clear" />
    <label for="name">RFI NO.</label><input type="text" name="name" id="name" placeholder="Ex: 003" required="required" />
    <br class="clear" />
    <label for="subject">Subject</label><input type="text" name="subject" id="subject" placeholder="Ex: Discontinued floor finish" />
    <br class="clear" />
    <label for="date_submit">Date submitted:</label><input type="date" name="date_submit" id="date_submit" />
    <br class="clear" />
    <label for="needed_by">Date Needed by:</label><input type="date" name="needed_by" id="needed_by" />
    <br class="clear" />
    <label for="question">Question:</label><textarea name="question" id="question" required="required" cols="100" rows="5"></textarea>
    <br class="clear" />
    <label for="gc_rsp">Contractor Suggestion:</label><textarea name="gc_rsp" id="gc_rsp" cols="100" rows="5"></textarea>
    <br class="clear" />
    <label for="owner_rsp">Owner Response:</label><textarea name="owner_rsp" id="owner_rsp" cols="100" rows="5"></textarea>
    <br class="clear" />
    <label for="engr_rsp">Engineer Response:</label><textarea name="engr_rsp" id="engr_rsp" cols="100" rows="5"></textarea>
    <br class="clear" />
    <label for="arch_rsp">Architect Response:</label><textarea name="arch_rsp" id="arch_rsp" cols="100" rows="5"></textarea><br>
    <br class="clear" />
    
    <label for="final_by">Final Response by:</label><select name="final_by" id="final_by">
    <option></option>
    <option value="Architect">Architect</option>
    <option value="Owner">Owner</option>
    <option value="Structural Engineer">Structural Engineer</option>
    <option value="MEP Engineer">MEP Engineer</option>
    <option value="Civil Engineer">Civil Engineer</option>
    <option value="Landscape Architect">Landscape Architect</option>
    </select>
    <br class="clear" />
    
    <label for="date_returned">Date Returned:</label><input type="date" name="date_returned" id="date_returned" /><br>
    <br class="clear" />
    
    <label for="status">Status:</label><select name="status" id="status">
    <option></option>
    <option value="CLOSED">CLOSED</option>
    <option value="at Architect">at Architect</option>
    <option value="at MEP Engineer">at MEP Engineer</option>
    <option value="at Structural Engineer">at Structural Engineer</option>
    <option value="at Civil Engineer">at Civil Engineer</option>
    <option value="at Landscape Architect">at Landscape Architect</option>
    <option value="at Owner">at Owner</option>
    <option value="at General Contractor">at General Contractor</option>
    </select>
    <br class="clear" /><br>
    
    <input type="file" name="files[]" multiple="" />
    <br class="clear" /><br>
    
    <center><input type="submit" name="submit_data" id="submit_data" value="Submit RFI" /></center>
    </form>
    <br>
    <!--<div id="files"><a href="rfi_files<?php// echo $rfiFilename;?>"><?php //echo $rfiFilename;?></a></div>  USE LATER TO SHOW LINK FOR DOWNLOAD-->
    <div><!--end of container-->
</body>
</html>

note: i didn't actually FIX anything in this code, it may in fact have php syntax errors. other than a few minor changes, which are commented, there are only comments added to this code or commented out code.

 

Link to comment
Share on other sites
CloudBreaker Member

CloudBreaker

Posted
  • Author
Posted

Thanks for taking time to help me out mac_gyver.  I haven't been doing this long, so I get confused when new problems arise.    I'm combing over all your comments.

 

Making the RFI number incremental presents a problem because there is more than one project, which means there will be more than one RFI No.001, ann RFI No.002...etc.  

Link to comment
Share on other sites
CloudBreaker Member

CloudBreaker

Posted
  • Author
Posted (edited)

Thanks mac_gyver.  Using the A.I number in the rfis table did trick (no warnings or errors).  I  assigned a variable to mysqli_insert_id($conn), then used it later to associate the uploaded file into rfis_files table.   The only issue now is when uploading more than one file, only the last file selected is entered into the the table, however all the files that are selected are successfully copied to the appropriate folder.  Correct me if I'm wrong, but shouldn't the "foreach loop"  in the code cover this?

 

thx

CB

<?php
	// initialization
		$conn = mysqli_connect("localhost","root","","hsa_project_hub");

		session_start(); 

	// user state/permission check
		if(!$_SESSION['user_loginName']){
		header("location: index.php");
		exit; //this elimiates the need for the else {} statement
		}
	
	
	// post method form processing
		if($_SERVER['REQUEST_METHOD'] == 'POST') // an overall check if a post method form was submitted
		{
			
	//Enter info in database
			if(isset($_POST['submit_data'])){	
	
		//Getting the form information and saving in local variables 
			$name 			= mysqli_real_escape_string($conn,$_POST['name']);  
			$subject 		= mysqli_real_escape_string($conn,$_POST['subject']);  
			$date_submit 	= mysqli_real_escape_string($conn,$_POST['date_submit']);
			$needed_by 		= mysqli_real_escape_string($conn,$_POST['needed_by']); 
			$question		= mysqli_real_escape_string($conn,$_POST['question']);  
			$gc_rsp 		= mysqli_real_escape_string($conn,$_POST['gc_rsp']);  
			$owner_rsp 		= mysqli_real_escape_string($conn,$_POST['owner_rsp']);  
			$engr_rsp 		= mysqli_real_escape_string($conn,$_POST['engr_rsp']);  
			$arch_rsp 		= mysqli_real_escape_string($conn,$_POST['arch_rsp']);		 
			$final_by 		= mysqli_real_escape_string($conn,$_POST['final_by']);  
			$date_returned 	= mysqli_real_escape_string($conn,$_POST['date_returned']);  
			$status 		= mysqli_real_escape_string($conn,$_POST['status']); 

		// Creating local variable for query from Session variable
			$first_name = $_SESSION['firstName'];
			$project_id = $_SESSION['project_id'];
			
			$sql = " INSERT INTO rfis ( id, name, subject, issued_by, date_submit, needed_by, question, gc_rsp, owner_rsp, engr_rsp, 
			arch_rsp, final_by, date_returned, status )  VALUES ('$project_id', '$name', '$subject', '$first_name', '$date_submit', '$needed_by', '$question',
			'$gc_rsp', '$owner_rsp', '$engr_rsp', '$arch_rsp', '$final_by', '$date_returned', '$status' ) ";
			
			if (mysqli_query($conn, $sql)) {
						
			
			$rfi_match = mysqli_insert_id($conn);
			
			
			}
		//Choose files to be uploaded
			if(isset($_FILES['files'])){
				$errors= array();
				foreach($_FILES['files']['tmp_name'] as $key => $tmp_name ){
					$file_name = $key.$_FILES['files']['name'][$key];
					$file_size =$_FILES['files']['size'][$key];
					$file_tmp =$_FILES['files']['tmp_name'][$key];
					$file_type=$_FILES['files']['type'][$key];	
					if($file_size > 2097152){
						$errors[]='File size must be less than 2 MB';
					}		
					$query="INSERT into rfi_files(`no`,`rfi_project_id`,`rfi_fileName`,`rfi_fileSize`,`rfi_fileType`) VALUES('$rfi_match','$project_id','$file_name','$file_size','$file_type'); ";
					$desired_dir="rfi_files";
					if(empty($errors)==true){
						if(is_dir($desired_dir)==false){
							mkdir("$desired_dir", 0700);		// Create directory if it does not exist
						}
						if(is_dir("$desired_dir/".$file_name)==false){
							move_uploaded_file($file_tmp,"$desired_dir/".$file_name);
						}else{									// rename the file if another one exist
							$new_dir="$desired_dir/".$file_name.time();
							 rename($file_tmp,$new_dir) ;				
						}
					 mysqli_query($conn,$query);			
					}else{
							print_r($errors);
					}
				}
				if(empty($error)){
					echo "<script>alert('RFI added successfully')</script>";
					echo "<script>window.open('rfi_list.php','_self')</script>";
				}
					}
			
			
			
			
			}
		}
			
			
?>
Edited by CloudBreaker
Link to comment
Share on other sites
This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.