fri3ndly Posted January 8, 2008 Share Posted January 8, 2008 Hi all. I have created a system and I am just working on making a page where the admin can upload files to a database. The verification messages are all working fine, but the file does not upload (I have never done a file upload in php so not sure what I have done is right). I want it to add the data to the database and store the file in a folder depending on the user that is selected. Please see the code below for this page. Hope you can help, thanks <form id="uploadform" name="uploadform" method="post" action="<?php echo $PHP_SELF; ?>"> <label>User name:<br/> <select name="FileUser" id="FileUser"> <option value="">Select a User...</option> <?php $query = mysql_query("SELECT * FROM login") or die(mysql_error()); while ($row = mysql_fetch_array($query)) { $username = $row['username']; $fullname = $row['fullname']; print "<option value=" . $username . ">" . $fullname . " (" . $username . ")</option>"; } ?> </select> </label> <br /><br /> <label> File (PDF):<br/> <input name="FileName" type="file" id="FileName" /> </label> <label><br /> <br /> <input type="submit" name="submit" value="Upload" /> </label> </form> <?php // Post variables and see if they are empty if (isset($_POST['submit'])){ $errors = false; $error = '<p>The following errors were detected</p><ul>'; if(isset($_POST['FileUser']) && trim($_POST['FileUser'])) { $FileUser = trim($_POST['FileUser']); } else { $errors = true; $error .= '<li>You did not select a user'; } if(isset($_POST['FileName']) && trim($_POST['FileName'])) { $FileName = trim($_POST['FileName']); } else { $errors = true; $error .= '<li>You did not select a PDF file to upload'; } // echo out the errors if there are any if($errors) { echo $error.'</ul><br/>'; } else{ // remove slashes for magic_quotes_gpc and injection attacks $FileUser = stripslashes($_REQUEST["FileUser"]); //$FileName = stripslashes($_REQUEST["FileName"]); // the following code is all on one line - insert into database variable $query = "INSERT INTO downloads (username, filename, dateadded, download ) VALUES ('".mysql_real_escape_string($FileUser)."', '".mysql_real_escape_string($FileName)."', '".mysql_real_escape_string(date("j M Y"))."', '". mysql_real_escape_string($DownloadLink)."' )"; if (mysql_query($query)) { // set upload save directory $upload_save_dir = '/Login_System2/downloads/$FileUser'; //check if upload save directory for this mime type exists, if not create it if(!file_exists($upload_save_dir)) { mkdir($upload_save_dir); } //set the upload save path $upload_save_path = $upload_save_dir."/".$upload_id; //attempt to save the file if (move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $upload_save_path) === FALSE) { // attempt to save the upload //upload failed $error_msg = "<strong>ERROR</strong><br />Failed to upload the file, please try again.\n"; } //upload exists all ready } else { $upload_exists = $upload_exists[0]; $error_msg = "<strong>ERROR</strong><br /><strong>".$upload_exists['upload_orig_filename']."</strong> has already been uploaded to the website.<br />"; } } } ?> Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/ Share on other sites More sharing options...
The Little Guy Posted January 8, 2008 Share Posted January 8, 2008 You will want to add enctype="multipart/form-data" to your form tag, it wont allow uploads with out it. Also have a look at this: http://us2.php.net/manual/en/features.file-upload.php Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/#findComment-433629 Share on other sites More sharing options...
fri3ndly Posted January 9, 2008 Author Share Posted January 9, 2008 Hi, thanks for that The Little Guy OK I have read through that and changed my script. This is as it stands now: <form id="uploadform" enctype="multipart/form-data" name="uploadform" method="post" action="<?php echo $PHP_SELF; ?>"> <label>User name:<br/> <select name="FileUser" id="FileUser"> <option value="">Select a User...</option> <?php $query = mysql_query("SELECT * FROM login") or die(mysql_error()); while ($row = mysql_fetch_array($query)) { $username = $row['username']; $fullname = $row['fullname']; print "<option value=" . $username . ">" . $fullname . " (" . $username . ")</option>"; } ?> </select> </label> <br /><br /> <label> File (PDF):<br/> <!-- MAX_FILE_SIZE must precede the file input field --> <input type="hidden" name="MAX_FILE_SIZE" value="300000" /> <!-- Name of input element determines name in $_FILES array --> <input name="FileName" type="file" id="FileName" /> </label> <label><br /> <br /> <input type="submit" name="submit" value="Upload" /> </label> </form> <?php // Post variables and see if they are empty if (isset($_POST['submit'])){ $errors = false; $error = '<p>The following errors were detected</p><ul>'; if(isset($_POST['FileUser']) && trim($_POST['FileUser'])) { $FileUser = trim($_POST['FileUser']); } else { $errors = true; $error .= '<li>You did not select a user'; } /* if(isset($_POST['FileName']) && trim($_POST['FileName'])) { $FileName = trim($_POST['FileName']); } else { $errors = true; $error .= '<li>You did not select a PDF file to upload'; }*/ // echo out the errors if there are any if($errors) { echo $error.'</ul><br/>'; } else{ $uploaddir = 'http://localhost/Login_system2/downloads/$FileUser/'; $uploadfile = $uploaddir . basename($_FILES['name']); echo '<pre>'; if (move_uploaded_file($_FILES['$FileName']['tmp_name'], $uploadfile)) { echo "File is valid, and was successfully uploaded.\n"; } else { echo "Possible file upload attack!\n\n"; } echo 'Here is some more debugging info:'; print_r($_FILES); print "</pre>"; } } ?> However the file is not uploading to the new directory. Is this a localhost problem or an error in my script? Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/#findComment-434397 Share on other sites More sharing options...
lovesmith Posted January 9, 2008 Share Posted January 9, 2008 use the class i have attached..an example is in the attachment. Try this one [attachment deleted by admin] Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/#findComment-434405 Share on other sites More sharing options...
fri3ndly Posted January 9, 2008 Author Share Posted January 9, 2008 Wow, that looks handy! Thanks Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/#findComment-434409 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.