Page 1 of 1

PHP UPLOAD and Text SQL at same time

Posted: Mon Jun 14, 2004 5:06 pm
by Cateyes
I need to be able to upload a file and also tell SQL what the name of the file is in text. I can get all the fields to work for the text and intger but am unable to get the text name of the file for SQL but the file uploads fine. Here is my test code.

Code: Select all

<?php require_once('Connections/conn_ruplaying.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") 
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
  $editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}

if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "form1")) {
  $insertSQL = sprintf("INSERT INTO covpics (Name, AGE, PICLINK) VALUES (%s, %s, %s)",
                       GetSQLValueString($HTTP_POST_VARS['Name'], "text"),
                       GetSQLValueString($HTTP_POST_VARS['AGE'], "int"),
                       GetSQLValueString($HTTP_POST_VARS['uploadFile'],"text")); mysql_select_db($database_conn_ruplaying, $conn_ruplaying); $Result1
= mysql_query($insertSQL, $conn_ruplaying) or die(mysql_error()); $insertGoTo
="uploadsuccess.htm"; if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) { $insertGoTo
.= (strpos($insertGoTo, '?')) ?"&":"?"; $insertGoTo .= $HTTP_SERVER_VARS['QUERY_STRING'];
} header(sprintf("Location: %s", $insertGoTo)); } mysql_select_db($database_conn_ruplaying,
$conn_ruplaying);
$query_Recordset1 ="SELECT * FROM covpics"; $Recordset1 = mysql_query($query_Recordset1,
$conn_ruplaying) or die(mysql_error()); $row_Recordset1 = mysql_fetch_assoc($Recordset1);
$totalRows_Recordset1 = mysql_num_rows($Recordset1);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>Untitled Document</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>

<body>
<form action="<?php echo $editFormAction; ?>" method="POST" enctype="multipart/form-data" name="form1">
<p>Name: 
    <input name="Name" type="text" id="Name" value="">
</p>
<p>AGE: 
  <input name="AGE" type="text" id="AGE" value="">
</p>
<p>
  <?
  // start of dynamic form
  $uploadNeed = "1"
  ?>
  Picture:
  <input name="uploadFile<? echo ?>" type="file" id="uploadFile<? echo ?>">
</p>
<p>
  <input name="uploadNeed" type="hidden" value="<? echo $uploadNeed;?>">
</p>
<p>
  <input type="hidden" name="MM_insert" value="form1">
  <input type="submit" name="Submit" value="Submit">
</p>
</form>
</body>
</html>
<?php
mysql_free_result($Recordset1);
?>
Any help would be appreciated.

feyd use

Code: Select all

tags next time.[/color]

Posted: Mon Jun 14, 2004 6:19 pm
by kettle_drum
$_FILES['uploadFile']['name']

Posted: Mon Jun 14, 2004 6:33 pm
by Cateyes
Not sure what I am suppose to do with that code extremly new at coding have to go buy a book to understand everything I am doing :)

Posted: Mon Jun 14, 2004 7:01 pm
by kettle_drum
Ok well the file you upload will be held in $_FILES['uploadFile'] as you called the form item uploadFile, this then holds several values which you can see if you do:

Code: Select all

print_r($_FILES['uploadFile']);
One of these values holds the original name of the file.

Posted: Mon Jun 14, 2004 7:28 pm
by Cateyes
Ok did what you suggested by selecting a file called bama1.gif and got this resulted when it printed.
Array ( [name] => bama1.gif [type] => image/gif [tmp_name] => C:\PHP\uploadtemp\php50.tmp [error] => 0 [size] => 327 )
so as you can see for it to goto the mysqL I use this command

Code: Select all

if ((isset($HTTP_POST_VARS&#1111;"MM_insert"])) && ($HTTP_POST_VARS&#1111;"MM_insert"] == "form1")) &#123; 
  $insertSQL = sprintf("INSERT INTO covpics (Name, AGE, PICLINK) VALUES (%s, %s, %s)", 
                       GetSQLValueString($HTTP_POST_VARS&#1111;'Name'], "text"), 
                       GetSQLValueString($HTTP_POST_VARS&#1111;'AGE'], "int"), 
                       GetSQLValueString($HTTP_POST_VARS&#1111;'uploadFile'],"text")); mysql_select_db($database_conn_ruplaying, $conn_ruplaying); $Result1
So instead of Uploadfile in the $HTTP_POST_VARS['uploadfile'],"text" I have tried name it didnt work not sure what variable I should put in there.

Posted: Mon Jun 14, 2004 7:38 pm
by feyd
GetSQLValueString($HTTP_POST_VARS['uploadFile'],"text")

to

GetSQLValueString(file_get_contents($_FILES['uploadFile']['tmp_name']),"text"));

Posted: Mon Jun 14, 2004 9:02 pm
by Cateyes
OK put that in but now this line #37
if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "form1")) {

responds with
Parse error: parse error, unexpected T_IF test.php on line 37