Adding file upload to a database insert

I have an insert record form which inserts content into a title and content field of a table (as well as id). I would like to add an upload form which will
Upload a file into a folder called 'docs'
Add the file name into a filed called 'doc' in the above table

Here is my code, could someone please modify it to add the upload functionality?

Many thanks

<?php require_once('../Connections/hudsonwalker_conn.php'); ?>
<?php

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;    
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
      break;
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
      break;
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
      break;
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
      break;
  }
  return $theValue;
}

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {

  $insertSQL = sprintf("INSERT INTO jobs (content, title) VALUES (%s, %s)",
                       GetSQLValueString($_POST['content'], "text"),
                       GetSQLValueString($_POST['title'], "text"));


  mysql_select_db($database_hudsonwalker_conn, $hudsonwalker_conn);
 
  $Result1 = mysql_query($insertSQL, $hudsonwalker_conn) or die(mysql_error());
  $insertGoTo = "content.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  }
  header(sprintf("Location: %s", $insertGoTo));
}

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Add a Vacancy</title>
<link href="hwadmin.css" rel="stylesheet" type="text/css" />
</head>

<body>

<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
  <table align="center">
    <tr valign="baseline">
   
      <td>
      Insert job details
      </td>
    </tr>
    <tr valign="baseline">
   
      <td><input type="text" name="title" value="Title" size="32"></td>
    </tr>
    <tr valign="baseline">
     
      <td><textarea name="content" cols="60" rows="50">Content</textarea>
      </td>
    </tr>
    <tr valign="baseline">
   
      <td><input type="submit" value="Insert record"></td>
    </tr>
  </table>
  <input type="hidden" name="MM_insert" value="form1">
</form>
 

</body>
</html>

cursiveAsked:
Who is Participating?
 
mnb93Connect With a Mentor Commented:
This should get you started:
http://www.tizag.com/phpT/fileupload.php
0
 
cursiveAuthor Commented:
Unfortunately I'm very low on time, as stated above,I would greatly appreciate someone modifying the above code.

Thank you
0
 
Julian MatzConnect With a Mentor Joint ChairpersonCommented:
Hi!

What you're trying to do is very simple, but for someone to rewrite your code would be extremely time consuming. I've created some custom functions for a real estate site which upload, resize and delete images. You could integrate them with your code as PHP functions and customize to suit your needs. You can get the code here:

http://www.netlink.ie/temp/upload_functions.phps

Also have a look at
http://www.php.net/manual/en/features.file-upload.php
for references...........
0
 
bahadirkocaogluConnect With a Mentor Commented:
Hi,

Please view this document:

http://www.codewalkers.com/c/a/Miscellaneous-Code/upload-image-to-database-sql/

You can upload your all files to mysql as binary.
0
 
mnb93Commented:
Really all you need to create is:
<!-- file upload -->
Choose a file to upload: <input name="uploadedfile" type="file" /><br />
<input type="submit" value="Upload!" />
<!-- file upload -->
in the form

Then check that the file was uploaded correctly:
so make sure $_FILES['uploadedfile']['size'] > 0

then
$data = file_get_contents($_FILES['uploadedfile']['tmp_name']);

and insert this into your query (after escaping)
After that:
//Delete File
unlink($file);

For column content use BLOB data type. BLOB is a binary large object that can hold a variable amount of data. MySQL have four BLOB data types, they are :

    * TINYBLOB
    * BLOB
    * MEDIUMBLOB
    * LONGBLOB

Since BLOB is limited to store up to 64 kilobytes of data use MEDIUMBLOB so you can store larger files ( up to 16 megabytes ).

Just to add your GetSQLValueString function is quite flawed, you might want to have a look at mysql_real_escape_string.

Cheers.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.