The form is like so:
<form method ="post" action="/~bj253/PROJECT/PRJuploadfile.php" enctype="multipart/form-data">
<table><tr><td>Select a .wav file to upload</td><td><input type="file" name="userfile"></td></tr>
<tr><td><input type="submit" value="Upload"></td></tr></table></form>
and then PRJuploadfile.php goes like this:
Code: Select all
<?php
Temporary name: <?php echo $_FILE['userfile']['tmp_name'] ?><br />
Original name: <?php echo $_FILE['userfile']['name'] ?><br />
Size: <?php echo $_FILE['userfile']['size'] ?> bytes<br />
Type: <?php echo $_FILE['userfile']['type'] ?>
<?
//include to check if user is logged in (malicous users may try to type in url to skip login)
include 'secrets.php';
//include details for logging onto mysql database
include 'blah.php';
//include error function
include 'blah.php';
error_reporting(E_ALL);
//an error string
$errorstring="";
//check the file to see if there it is compatible
if ( !ereg( ".wav", $_FILES['userfile']['type']) ) {
$errorstring.="\n<br>This is not a valid file type";
}else if ($_FILES['userfile']['size'] > 300000 ) {
$errorstring.="\n<br>Sorry file too large";
} else if ( !($connection=mysql_connect($host, $user, $passwd)) ) {
$errorstring.="\n <br>Error connecting to database";
} else if ( !(mysql_select_db($dbName,$connection)) ) {
$errorstring.="\n <br>Error selecting database";
} else if ( !($handle = fopen ($_FILES['userfile']['tmp_name'], "r")) ) {
$errorstring.="\n<br>Error opening temp file";
} else if ( !($mp3 = fread ($handle, filesize($_FILES['userfile']['tmp_name']))) ) {
$errorstring.="\n<BR>Error reading temp file";
}
else{
$ext = explode('.', $_FILES['userfile']['name']);
$userfile = $_SESSION["user_id"] . '.' . $ext[count($ext)-1];
fclose ($handle);
// $mp3 = mysql_escape_string($mp3);
$query = "INSERT INTO TEMP(user_id, track_id, temp_userfile, temp_binary) VALUES ('" . $_SESSION["user_id"] . "','" . $_SESSION["track_id"] . "','" . $userfile . "','" . $mp3 . "')";
print $query;
if ( !(mysql_query($query,$connection)) ) {
$errorstring .="\n <br> Error writing wav to database";
} else {
$errorstring .="\n <br>wav successfully copied to database";
}
print $errorstring;
}
?>Any help would be helpful.
James