Upload and update

Brusca

Hi all,
I have a simple upload form.

///######################## upload.php ######

<form enctype="multipart/form-data" method="post" action="process.php?tsk=<?php echo $tsk; ?>">
<p><strong>File to Upload:</strong><br>
<input type="file" name="img1" size="30"></p>
<P><input type="submit" name="submit" value="Upload File"></p>
</form>

//#####################################

Which loads up a process page.

//################## process.php ###########

<?php
if (is_uploaded_file($FILES['img1']['tmp_name']))
{
$filename = $FILES['img1']['tmp_name'];
print "$filename was uploaded successfuly";
$realname = $FILES['img1']['name'];
$fnme = $realname;
copy($FILES['img1']['tmp_name'], "/Inetpub/wwwroot/tasks/images/" . $realname);
$flctn = "/Inetpub/wwwroot/tasks/images/";
$fid = $tsk;
}
else
{
echo "Possible file upload attack: filename" .
$_FILES['img1']['name'] . ".";
}

//####################################

The upload works great. But I need to pass the three variables created in the above code to a table "files" in the database.

$fnme
$fid
$flctn

Any ideas on how to incorporate an insertion method into the code above??

Cheers

cgraz

How about

<?php 
if (is_uploaded_file($_FILES['img1']['tmp_name'])) 
{ 
$filename = $_FILES['img1']['tmp_name']; 
print "$filename was uploaded successfuly"; 
$realname = $_FILES['img1']['name']; 
$fnme = $realname; 
copy($_FILES['img1']['tmp_name'], "/Inetpub/wwwroot/_tasks/images/" . $realname); 
$flctn = "/Inetpub/wwwroot/_tasks/images/"; 
$fid = $tsk; 

// assuming your field names are fnme, fid, and flctn (in the first set of parenthesis)
$query = mysql_query("INSERT INTO files (fnme, fid, flctn) VALUES('$fnme', '$fid', '$flctn')") or die(mysql_error());
} 
else 
{ 
echo "Possible file upload attack: filename" . 
$_FILES['img1']['name'] . "."; 
} 

?>

Cgraz