Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 897
  • Last Modified:

Adding file upload to a database insert

I have an insert record form which inserts content into a title and content field of a table (as well as id). I would like to add an upload form which will
Upload a file into a folder called 'docs'
Add the file name into a filed called 'doc' in the above table

Here is my code, could someone please modify it to add the upload functionality?

Many thanks

<?php require_once('../Connections/hudsonwalker_conn.php'); ?>
<?php

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {

  $insertSQL = sprintf("INSERT INTO jobs (content, title) VALUES (%s, %s)",
                       GetSQLValueString($_POST['content'], "text"),
                       GetSQLValueString($_POST['title'], "text"));


  mysql_select_db($database_hudsonwalker_conn, $hudsonwalker_conn);
 
  $Result1 = mysql_query($insertSQL, $hudsonwalker_conn) or die(mysql_error());
  $insertGoTo = "content.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Add a Vacancy</title>
<link href="hwadmin.css" rel="stylesheet" type="text/css" />
</head>

<body>

<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
  <table align="center">
    <tr valign="baseline">
   
      <td>
      Insert job details
      </td>
    </tr>
    <tr valign="baseline">
   
      <td><input type="text" name="title" value="Title" size="32"></td>
    </tr>
    <tr valign="baseline">
     
      <td><textarea name="content" cols="60" rows="50">Content</textarea>
      </td>
    </tr>
    <tr valign="baseline">
   
      <td><input type="submit" value="Insert record"></td>
    </tr>
  </table>
  <input type="hidden" name="MM_insert" value="form1">
</form>
 

</body>
</html>

0
cursive
Asked:
cursive
3 Solutions
 
mnb93Commented:
This should get you started:
http://www.tizag.com/phpT/fileupload.php
0
 
cursiveAuthor Commented:
Unfortunately I'm very low on time, as stated above,I would greatly appreciate someone modifying the above code.

Thank you
0
 
Julian MatzCommented:
Hi!

What you're trying to do is very simple, but for someone to rewrite your code would be extremely time consuming. I've created some custom functions for a real estate site which upload, resize and delete images. You could integrate them with your code as PHP functions and customize to suit your needs. You can get the code here:

http://www.netlink.ie/temp/upload_functions.phps

Also have a look at
http://www.php.net/manual/en/features.file-upload.php
for references...........
0
 
bahadirkocaogluCommented:
Hi,

Please view this document:

http://www.codewalkers.com/c/a/Miscellaneous-Code/upload-image-to-database-sql/

You can upload your all files to mysql as binary.
0
 
mnb93Commented:
Really all you need to create is:
<!-- file upload -->
Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Upload!" />
<!-- file upload -->
in the form

Then check that the file was uploaded correctly:
so make sure $_FILES['uploadedfile']['size'] > 0

then
$data = file_get_contents($_FILES['uploadedfile']['tmp_name']);

and insert this into your query (after escaping)
After that:
//Delete File
unlink($file);

For column content use BLOB data type. BLOB is a binary large object that can hold a variable amount of data. MySQL have four BLOB data types, they are :

    * TINYBLOB
    * BLOB
    * MEDIUMBLOB
    * LONGBLOB

Since BLOB is limited to store up to 64 kilobytes of data use MEDIUMBLOB so you can store larger files ( up to 16 megabytes ).

Just to add your GetSQLValueString function is quite flawed, you might want to have a look at mysql_real_escape_string.

Cheers.
0

Featured Post

Upgrade your Question Security!

Add Premium security features to your question to ensure its privacy or anonymity. Learn more about your ability to control Question Security today.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now