fri3ndly Posted January 8, 2008 Share Posted January 8, 2008 Hi all. I have created a system and I am just working on making a page where the admin can upload files to a database. The verification messages are all working fine, but the file does not upload (I have never done a file upload in php so not sure what I have done is right). I want it to add the data to the database and store the file in a folder depending on the user that is selected. Please see the code below for this page. Hope you can help, thanks <form id="uploadform" name="uploadform" method="post" action="<?php echo $PHP_SELF; ?>"> <label>User name:<br/> <select name="FileUser" id="FileUser"> <option value="">Select a User...</option> <?php $query = mysql_query("SELECT * FROM login") or die(mysql_error()); while ($row = mysql_fetch_array($query)) { $username = $row['username']; $fullname = $row['fullname']; print "<option value=" . $username . ">" . $fullname . " (" . $username . ")</option>"; } ?> </select> </label> <br /><br /> <label> File (PDF):<br/> <input name="FileName" type="file" id="FileName" /> </label> <label><br /> <br /> <input type="submit" name="submit" value="Upload" /> </label> </form> <?php // Post variables and see if they are empty if (isset($_POST['submit'])){ $errors = false; $error = '<p>The following errors were detected</p><ul>'; if(isset($_POST['FileUser']) && trim($_POST['FileUser'])) { $FileUser = trim($_POST['FileUser']); } else { $errors = true; $error .= '<li>You did not select a user'; } if(isset($_POST['FileName']) && trim($_POST['FileName'])) { $FileName = trim($_POST['FileName']); } else { $errors = true; $error .= '<li>You did not select a PDF file to upload'; } // echo out the errors if there are any if($errors) { echo $error.'</ul><br/>'; } else{ // remove slashes for magic_quotes_gpc and injection attacks $FileUser = stripslashes($_REQUEST["FileUser"]); //$FileName = stripslashes($_REQUEST["FileName"]); // the following code is all on one line - insert into database variable $query = "INSERT INTO downloads (username, filename, dateadded, download ) VALUES ('".mysql_real_escape_string($FileUser)."', '".mysql_real_escape_string($FileName)."', '".mysql_real_escape_string(date("j M Y"))."', '". mysql_real_escape_string($DownloadLink)."' )"; if (mysql_query($query)) { // set upload save directory $upload_save_dir = '/Login_System2/downloads/$FileUser'; //check if upload save directory for this mime type exists, if not create it if(!file_exists($upload_save_dir)) { mkdir($upload_save_dir); } //set the upload save path $upload_save_path = $upload_save_dir."/".$upload_id; //attempt to save the file if (move_uploaded_file($_FILES['uploaded_file']['tmp_name'], $upload_save_path) === FALSE) { // attempt to save the upload //upload failed $error_msg = "<strong>ERROR</strong><br />Failed to upload the file, please try again.\n"; } //upload exists all ready } else { $upload_exists = $upload_exists[0]; $error_msg = "<strong>ERROR</strong><br /><strong>".$upload_exists['upload_orig_filename']."</strong> has already been uploaded to the website.<br />"; } } } ?> Quote Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/ Share on other sites More sharing options...
The Little Guy Posted January 8, 2008 Share Posted January 8, 2008 You will want to add enctype="multipart/form-data" to your form tag, it wont allow uploads with out it. Also have a look at this: http://us2.php.net/manual/en/features.file-upload.php Quote Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/#findComment-433629 Share on other sites More sharing options...
fri3ndly Posted January 9, 2008 Author Share Posted January 9, 2008 Hi, thanks for that The Little Guy OK I have read through that and changed my script. This is as it stands now: <form id="uploadform" enctype="multipart/form-data" name="uploadform" method="post" action="<?php echo $PHP_SELF; ?>"> <label>User name:<br/> <select name="FileUser" id="FileUser"> <option value="">Select a User...</option> <?php $query = mysql_query("SELECT * FROM login") or die(mysql_error()); while ($row = mysql_fetch_array($query)) { $username = $row['username']; $fullname = $row['fullname']; print "<option value=" . $username . ">" . $fullname . " (" . $username . ")</option>"; } ?> </select> </label> <br /><br /> <label> File (PDF):<br/> <!-- MAX_FILE_SIZE must precede the file input field --> <input type="hidden" name="MAX_FILE_SIZE" value="300000" /> <!-- Name of input element determines name in $_FILES array --> <input name="FileName" type="file" id="FileName" /> </label> <label><br /> <br /> <input type="submit" name="submit" value="Upload" /> </label> </form> <?php // Post variables and see if they are empty if (isset($_POST['submit'])){ $errors = false; $error = '<p>The following errors were detected</p><ul>'; if(isset($_POST['FileUser']) && trim($_POST['FileUser'])) { $FileUser = trim($_POST['FileUser']); } else { $errors = true; $error .= '<li>You did not select a user'; } /* if(isset($_POST['FileName']) && trim($_POST['FileName'])) { $FileName = trim($_POST['FileName']); } else { $errors = true; $error .= '<li>You did not select a PDF file to upload'; }*/ // echo out the errors if there are any if($errors) { echo $error.'</ul><br/>'; } else{ $uploaddir = 'http://localhost/Login_system2/downloads/$FileUser/'; $uploadfile = $uploaddir . basename($_FILES['name']); echo '<pre>'; if (move_uploaded_file($_FILES['$FileName']['tmp_name'], $uploadfile)) { echo "File is valid, and was successfully uploaded.\n"; } else { echo "Possible file upload attack!\n\n"; } echo 'Here is some more debugging info:'; print_r($_FILES); print "</pre>"; } } ?> However the file is not uploading to the new directory. Is this a localhost problem or an error in my script? Quote Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/#findComment-434397 Share on other sites More sharing options...
lovesmith Posted January 9, 2008 Share Posted January 9, 2008 use the class i have attached..an example is in the attachment. Try this one [attachment deleted by admin] Quote Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/#findComment-434405 Share on other sites More sharing options...
fri3ndly Posted January 9, 2008 Author Share Posted January 9, 2008 Wow, that looks handy! Thanks Quote Link to comment https://forums.phpfreaks.com/topic/85017-upload-file-to-user-folder-and-store-file-information-in-database/#findComment-434409 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.