I have created a script but it lacks the ability to post to a table I made in the DB. The field is file type is longblob not null
The file post's to the server np but just doesn't want to insert it into the sql. Can anyone have a look?
<?php require_once('../Connections/dbtestsite.php'); ?>
<?php
//uploads np
if (phpversion() > "4.0.6") {
$HTTP_POST_FILES = &$_FILES;
}
define("MAX_SIZE",30000000);
define("DESTINATION_FOLDER", "./uploaded");
define("no_error", "ok.php");
define("yes_error", "error.php");
$_accepted_extensions_ = "txt";
if(strlen($_accepted_extensions_) > 0){
$_accepted_extensions_ = @explode(",",$_accepted_extensions_);
} else {
$_accepted_extensions_ = array();
}
$_file_ = $HTTP_POST_FILES['file'];
if(is_uploaded_file($_file_['tmp_name']) && $HTTP_POST_FILES['file']['error'] == 0){
$errStr = "";
$_name_ = $_file_['name'];
$_type_ = $_file_['type'];
$_tmp_name_ = $_file_['tmp_name'];
$_size_ = $_file_['size'];
if($_size_ > MAX_SIZE && MAX_SIZE > 0){
$errStr = "zep";
}
$_ext_ = explode(".", $_name_);
$_ext_ = strtolower($_ext_[count($_ext_)-1]);
if(!in_array($_ext_, $_accepted_extensions_) && count($_accepted_extensions_) > 0){
$errStr = "ext";
}
if(!is_dir(DESTINATION_FOLDER) && is_writeable(DESTINATION_FOLDER)){
$errStr = "Dest Write";
}
if(empty($errStr)){
if(@copy($_tmp_name_,DESTINATION_FOLDER . "/" . $_name_)){
header("Location: " . no_error);
} else {
header("Location: " . yes_error);
}
} else {
header("Location: " . yes_error);
}
}
//start the insert here
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $HTTP_SERVER_VARS['PHP_SELF'];
if (isset($HTTP_SERVER_VARS['QUERY_STRING'])) {
$editFormAction .= "?" . $HTTP_SERVER_VARS['QUERY_STRING'];
}
if ((isset($HTTP_POST_VARS["MM_insert"])) && ($HTTP_POST_VARS["MM_insert"] == "form1")) {
$insertSQL = sprintf("INSERT INTO FILE (FILE) VALUES (%s)",
GetSQLValueString($HTTP_POST_VARS['file'], "text"));
mysql_select_db($database_dbtestsite, $dbtestsite);
$Result1 = mysql_query($insertSQL, $dbtestsite) or die(mysql_error());
}
?>
<form name="form1" enctype="multipart/form-data" method="POST" action="<?php echo $editFormAction; ?>">
<p>
<input type="file" name="file">
<input type="submit" name="Submit" value="Submit">
</p>
<input type="hidden" name="MM_insert" value="form1">
</form>
