Adding file upload to a database insert

Posted on 2007-07-29
Last Modified: 2013-12-12
I have an insert record form which inserts content into a title and content field of a table (as well as id). I would like to add an upload form which will
Upload a file into a folder called 'docs'
Add the file name into a filed called 'doc' in the above table

Here is my code, could someone please modify it to add the upload functionality?

Many thanks

<?php require_once('../Connections/hudsonwalker_conn.php'); ?>

function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
  $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;

  switch ($theType) {
    case "text":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    case "long":
    case "int":
      $theValue = ($theValue != "") ? intval($theValue) : "NULL";
    case "double":
      $theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
    case "date":
      $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
    case "defined":
      $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
  return $theValue;

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
  $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) {

  $insertSQL = sprintf("INSERT INTO jobs (content, title) VALUES (%s, %s)",
                       GetSQLValueString($_POST['content'], "text"),
                       GetSQLValueString($_POST['title'], "text"));

  mysql_select_db($database_hudsonwalker_conn, $hudsonwalker_conn);
  $Result1 = mysql_query($insertSQL, $hudsonwalker_conn) or die(mysql_error());
  $insertGoTo = "content.php";
  if (isset($_SERVER['QUERY_STRING'])) {
    $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
    $insertGoTo .= $_SERVER['QUERY_STRING'];
  header(sprintf("Location: %s", $insertGoTo));

?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">
<html xmlns="">
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1" />
<title>Add a Vacancy</title>
<link href="hwadmin.css" rel="stylesheet" type="text/css" />


<form method="post" name="form1" action="<?php echo $editFormAction; ?>">
  <table align="center">
    <tr valign="baseline">
      Insert job details
    <tr valign="baseline">
      <td><input type="text" name="title" value="Title" size="32"></td>
    <tr valign="baseline">
      <td><textarea name="content" cols="60" rows="50">Content</textarea>
    <tr valign="baseline">
      <td><input type="submit" value="Insert record"></td>
  <input type="hidden" name="MM_insert" value="form1">


Question by:cursive
    LVL 5

    Accepted Solution

    This should get you started:

    Author Comment

    Unfortunately I'm very low on time, as stated above,I would greatly appreciate someone modifying the above code.

    Thank you
    LVL 21

    Assisted Solution

    by:Julian Matz

    What you're trying to do is very simple, but for someone to rewrite your code would be extremely time consuming. I've created some custom functions for a real estate site which upload, resize and delete images. You could integrate them with your code as PHP functions and customize to suit your needs. You can get the code here:

    Also have a look at
    for references...........
    LVL 2

    Assisted Solution


    Please view this document:

    You can upload your all files to mysql as binary.
    LVL 5

    Expert Comment

    Really all you need to create is:
    <!-- file upload -->
    Choose a file to upload: <input name="uploadedfile" type="file" /><br />
    <input type="submit" value="Upload!" />
    <!-- file upload -->
    in the form

    Then check that the file was uploaded correctly:
    so make sure $_FILES['uploadedfile']['size'] > 0

    $data = file_get_contents($_FILES['uploadedfile']['tmp_name']);

    and insert this into your query (after escaping)
    After that:
    //Delete File

    For column content use BLOB data type. BLOB is a binary large object that can hold a variable amount of data. MySQL have four BLOB data types, they are :

        * TINYBLOB
        * BLOB
        * MEDIUMBLOB
        * LONGBLOB

    Since BLOB is limited to store up to 64 kilobytes of data use MEDIUMBLOB so you can store larger files ( up to 16 megabytes ).

    Just to add your GetSQLValueString function is quite flawed, you might want to have a look at mysql_real_escape_string.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    Suggested Solutions

    The Client Need Led Us to RSS I recently had an investment company ask me how they might notify their constituents about their newsworthy publications.  Probably you would think "Facebook" or "Twitter" but this is an interesting client.  Their cons…
    Author Note: Since this E-E article was originally written, years ago, formal testing has come into common use in the world of PHP.  PHPUnit ( and similar technologies have enjoyed wide adoption, making it possib…
    Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
    The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

    779 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now