Jump to content
Sign in to follow this  
nicedad

Problem with upload file into database

Recommended Posts

Hello folks,

I want to upload a file into DB unfortunately, my code writes only the name of the file and dose not submit the file itself into the DB (see attached image)
I changed the field type to INT as well as VARCHAR but the same problem occurred.
is there any preferred data type for files data type, what the cause of this problem?
thanks,

 

here are the files,

 

 

insert.php

<table width="300" border="0" align="left" cellpadding="0" cellspacing="1">
	<br></br>
<tr>
<td><form name="form1" method="post" action="insert_ac.php">
<table width="100%" border="0" cellspacing="1" cellpadding="3">
<tr>
<td colspan="3"><strong>Insert Data Into mySQL Database </strong></td>
</tr>

<tr>
<td width="71">Name</td>
<td width="6">:</td>
<td width="301"><input name="name" type="text" id="name"></td>
</tr>

<tr>
<td width="71">Geburtstag</td>
<td width="6">:</td>
<td width="301"><input name="geburtstag" type="text" id="Geburtstag"></td>
</tr>


<tr>
<td width="71">Staat</td>
<td width="6">:</td>
<td width="301"><input name="staat" type="text" id="staat"></td>
</tr>

<tr>
<td width="71">Permit</td>
<td width="6">:</td>
<td width="301"><input name="permit" type="text" id="permit"></td>
</tr>

<tr>
<td width="71">Kontaktdatils</td>
<td width="6">:</td>
<td width="301"><input name="contact" type="text" id="contact"></td>
</tr>

<tr>
<td width="71">Gemeinde</td>
<td width="6">:</td>
<td width="301"><input name="gemeinde" type="text" id="gemeinde"></td>
</tr>

<tr>
<td width="71">Beruf</td>
<td width="6">:</td>
<td width="301"><input name="beruf" type="text" id="beruf"></td>
</tr>


<tr>
<!--<td width="71">Erfahrung</td>
<td width="6">:</td>
<td width="301"><input name="erfahrung" type="text" id="erfahrung"></td>
</tr>

<tr>
<td colspan="3" align="center"><input type="submit" name="Submit" value="Submit"></td>
</tr>
 !-->
</table> 
<br>

<div id="body">
	<form action="upload.php" method="post" enctype="multipart/form-data">
	<input type="file" name="file" />
	<button type="submit" name="btn-upload">upload</button>
	</form>
    <br /><br />
    <?php
	if(isset($_GET['success']))
	{
		?>
        <label>File Uploaded Successfully...  <a href="view.php">click here to view file.</a></label>
        <?php
	}
	else if(isset($_GET['fail']))
	{
		?>
        <label>Problem While File Uploading !</label>
        <?php
	}
	else
	{
		?>
        <label>Try to upload any files(PDF, DOC, EXE, VIDEO, MP3, ZIP,etc...)</label>
        <?php
	}
	?>
</div>

</div>

</form>
</td>
</tr>
</table>

insert_ac.php

<?php
error_reporting(0);
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="work"; // Database name
$tbl_name="worker3"; // Table name

mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");

$name=$_POST['name'];
$geburtstag=$_POST['geburtstag'];
$staat=$_POST['staat'];
$permit=$_POST['permit'];
$contact=$_POST['contact'];
$gemeinde=$_POST['gemeinde'];
$beruf=$_POST['beruf'];
$erfahrung=$_POST['file'];



$sql="INSERT INTO $tbl_name(name, Geburtstag, Staat, Permit, Kontaktdetails, Gemeinde, Beruf, Erfahrung) 
VALUES('$name', '$geburtstag', '$staat', '$permit', '$contact', '$gemeinde', '$beruf', '$erfahrung')";
$result=mysql_query($sql);

if($result){
echo "Successful";
echo "<BR>";
echo "<a href='insert.php'>Back to main page</a>";
}
else {
//echo "ERROR";
die (mysql_error());
}
?>
<?php
mysql_close();
?>

upload.php

<?php
error_reporting(0);
$host="localhost"; // Host name
$username="root"; // Mysql username
$password=""; // Mysql password
$db_name="home_work"; // Database name
$tbl_name="worker3"; // Table name

mysql_connect("$host", "$username", "$password")or die("cannot connect");
mysql_select_db("$db_name")or die("cannot select DB");
if(isset($_POST['btn-upload']))
{    
     
	$file = rand(1000,100000)."-".$_FILES['file']['name'];
    //$file_loc = $_FILES['file']['tmp_name'];
	//$file_type = $_FILES['file']['type'];
	$folder="uploads/";
	
	// new file size in KB
	$new_size = $file_size/1024;  
	// new file size in KB
	
	// make file name in lower case
	$new_file_name = strtolower($file);
	// make file name in lower case
	
	$final_file=str_replace(' ','-',$new_file_name);
	
	if(move_uploaded_file($file_loc,$folder.$final_file))
	{
		$sql="INSERT INTO worker3(Erfahrung) VALUES('$final_file')";
		mysql_query($sql);
		?>
		<script>
		alert('successfully uploaded');
        window.location.href='index.php?success';
        </script>
		<?php
	}
	else
	{
		?>
		<script>
		alert('error while uploading file');
        window.location.href='index.php?fail';
        </script>
		<?php
	}
}
?>

post-179690-0-39794700-1442308130_thumb.png

Share this post


Link to post
Share on other sites

You commented out $file_loc

 

//$file_loc = $_FILES['file']['tmp_name'];

if(move_uploaded_file($file_loc,$folder.$final_file))

Edited by QuickOldCar

Share this post


Link to post
Share on other sites

Hi QuickOldCar,

thanks for the reply. I de-commented the variable unfortunately, still the same problem.

 

cheers,

Share this post


Link to post
Share on other sites

Why do you have a separate forms for the file upload? The file upload field should be in the same <form> as your other fields, making sure to still apply  enctype="multipart/form-data"  attribute to the form.

 

You will need to move the code that processes the upload into insert_ac.php

Share this post


Link to post
Share on other sites

In my opinion, storing files in a database is not a good idea. Store the file location in the database and the file in the file system. If you do have to store a file in the database, then you need to be storing it as type BLOB.

  • Like 1

Share this post


Link to post
Share on other sites

Please move your code to use something other than the deprecated mysql_ functions (mysqli or PDO) and use prepared statements. You are totally open to SQL injection attacks.

Share this post


Link to post
Share on other sites

@Ch0cu3r, I know that the code seems unstable, but I'm just trying to do something for me and learn by doing at the same time.

@boompa, I know there some functions have been deprecated I'll change them later on. I don't want it to be complicated for me right now as I'm a nowbie.

 

@hansford, I changed the data type to BLOB, however, it stores the file as kind of binary file (see attached image please).

 

best,

Share this post


Link to post
Share on other sites

 

@hansford, I changed the data type to BLOB, however, it stores the file as kind of binary file (see attached image please).

 

That is what it's suppose to do. It's a database, not a file system. In order to convert it back into a file, you need to write that data to a file with the proper file extension of whatever it used to be before you placed it in the database.

Share this post


Link to post
Share on other sites

Need to follow some of the suggestions posted and post back the new code

 

Some things to look at

$erfahrung=$_POST['file'];//yeah that's the file upload

 

$sql="INSERT INTO $tbl_name(name, Geburtstag, Staat, Permit, Kontaktdetails, Gemeinde, Beruf, Erfahrung)
VALUES('$name', '$geburtstag', '$staat', '$permit', '$contact', '$gemeinde', '$beruf', '$erfahrung')";

 

OK, so $erfahrung must be set to NULL in mysql if inserts go through

 

 

later on other script (which as mentioned should all be same page or pass the values with get or something)

 

$sql="INSERT INTO worker3(Erfahrung) VALUES('$final_file')";

 

This is trying to insert new one and missing other values most likely needed, if now want to add that image an additional query would need to use UPDATE and set the value a specific column WHERE id='mysql_id'

You need to know where to insert it such as it's id in mysql, something unique.

 

The best thing you can do is insert to mysql at the end after everything is checked and is no errors.

And it's better to save the location of the file and not as a blob.

 

If you still want to update that image into the same as above query use mysql_insert_id() to get that AUTO_INCREMENT id from mysql

Edited by QuickOldCar

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.