Html form and uploading things and stuff usign php

homer09001

i need a system for my site where i can upload files onto my server using a html form and i then want it to store the information i enterered about it into a databse but i then what to be able to call it up on to anouther page on my site including a link to download the file

thorpe

and which part are you stuck on?

bpat1434

That's fantastic. Better start coding.

When you run into trouble, let us know.

But here are some basics to help you get started:

Form Type should be multi-part/data
Grab uploaded files using $FILES[]
Grab posted information using $_POST[]
Use basic PHP functions to copy or move file to folder
Take destination folder & new name and concatenate into string
Use PHP mysql functions to connect to database
Use INSERT syntax to insert a new row
Use SELECT syntax to read data from a specific row in the database

~Brett

homer09001

I have no knowledge of php coding, although i am making my goal to learn as i am buying php & mysql for dumies of amazon waiting for my debit card to come from my new bank account.

There for i would amazingly gratefull if anyone could help me or can point me to a script that does everything i need

i can probly modify a php page i already have on my pc to the the displaying part thats not to hard i hope ive done it once before but its the main part of getting the form to upoad the file and getting it to write the address of the file uploaded that i havent the fogiest of how to do?

p.s. Bpat love the sig

homer09001

Heres a script i found on hotscripts it does the uploading part but how can i modify it to write th path to the file into the database and the rest of the information i want to enter e.g.
i want it to write the following to the database:

1) Name
2)Description
3)Download Link
4)Creator

<?php
/*
Author: 	Mohammed Ahmed(M@@king)
Version:	1.0
Date:		10.Oct.2004
----------------------------
Last Update:    16.Nov.2004
----------------------------
E-mail:		[email]m@maaking.com[/email]
MSN   :         [email]m@maaking.com[/email]
WWW   : 	[url]http://www.maaking.com[/url]


---Description -----------------------------------------------------
The Super Global Variable $_FILES is used in PHP 4.x.x.
$_FILES['upload']['size'] ==> Get the Size of the File in Bytes.
$_FILES['upload']['tmp_name'] ==> Returns the Temporary Name of the File.
$_FILES['upload']['name'] ==> Returns the Actual Name of the File.
$_FILES['upload']['type'] ==> Returns the Type of the File.

So if I uploaded the file 'test.doc', the $_FILES['upload']['name']
would be 'phptut.doc' and $_FILES['upload']['type'] would be 'application/msword'.
---------------------------------------------------------------------*/

//**********************************************************************//
//  $_FILES['filetoupload']  is the value of                            //
// file field from the form. <input type="file" name="filetoupload">    //
//**********************************************************************//

// this is the upload dir where files will go.
//Don't remove the /
//Chmod it (777)
$upload_dir = "files/";   //change to whatever you want.

         //51200 bytes = 50KB
$size_bytes = 51200; //File Size in bytes (change this value to fit your need)

$extlimit = "yes"; //Do you want to limit the extensions of files uploaded (yes/no)
$limitedext = array(".gif",".jpg",".png",".jpeg"); //Extensions you want files uploaded limited to. also you can use:  //array(".gif",".jpg",".jpeg",".png",".txt",".nfo",".doc",".rtf",".htm",".dmg",".zip",".rar",".gz",".exe");

      //check if the directory exists or not.
      if (!is_dir("$upload_dir")) {
     die ("The directory <b>($upload_dir)</b> doesn't exist");
      }
      //check if the directory is writable.
      if (!is_writeable("$upload_dir")){
         die ("The directory <b>($upload_dir)</b> is NOT writable, Please CHMOD (777)");
      }

  if($uploadform) // if you clicked the (Upload File) button. "If you submitted the form" then upload the file.
  {//begin of if($uploadform).


          //check if no file selected.
          if (!is_uploaded_file($_FILES['filetoupload']['tmp_name']))
          {
                 echo "Error: Please select a file to upload!. <br>Â»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
                 exit(); //exit the script and don't do anything else.
          }

          //Get the Size of the File
          $size = $_FILES['filetoupload']['size'];
          //Make sure that file size is correct
          if ($size > $size_bytes)
          {
                $kb = $size_bytes / 1024;
                echo "File Too Large. File must be <b>$kb</b> KB. <br>Â»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
                exit();
          }

          //check file extension
          $ext = strrchr($_FILES['filetoupload'][name],'.');
          if (($extlimit == "yes") && (!in_array($ext,$limitedext))) {
                echo("Wrong file extension. ");
                exit();
          }

          // $filename will hold the value of the file name submetted from the form.
          $filename =  $_FILES['filetoupload']['name'];
          // Check if file is Already EXISTS.
          if(file_exists($upload_dir.$filename)){
                echo "Oops! The file named <b>$filename </b>already exists. <br>Â»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
                exit();
          }

          //Move the File to the Directory of your choice
          //move_uploaded_file('filename','destination') Moves afile to a new location.
          if (move_uploaded_file($_FILES['filetoupload']['tmp_name'],$upload_dir.$filename)) {

              //tell the user that the file has been uploaded and make him alink.
              echo "File (<a href=$upload_dir$filename>$filename</a>) uploaded! <br>Â»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
              exit();

          }
              // print error if there was a problem moving file.
              else
          {
              //Print error msg.
              echo "There was a problem moving your file. <br>Â»<a href=\"$_SERVER[PHP_SELF]\">back</a>";
              exit();
          }



  }//end of if($uploadform).

#---------------------------------------------------------------------------------#
// If the form has not been submitted, display it!
else
  {//begin of else

  ?>
  <br>
  <h3>::Browse a File to Upload:</h3>
  <i>- Allowed Extensions:</i>

    <b>
  	<?
    // print the file extensions
    for($i=0;$i<count($limitedext);$i++)
{
	if (($i<>count($limitedext)-1))$commas=", ";else $commas="";
	list($key,$value)=each($limitedext);
	echo $value.$commas;
}
?>
</b>

  <br>
  <i>- Max File Size</i> = <b><?echo $size_bytes / 1024; ?> KB </b>
  <br>
  <form method="post" enctype="multipart/form-data" action="<?php echo $PHP_SELF ?>">
  <br>
  <input type="file" name="filetoupload"><br>
  <input type="hidden" name="MAX_FILE_SIZE" value="<?echo $size_bytes; ?>">
  <br>
  <input type="Submit" name="uploadform" value="Upload File">
  </form>

  <?

  }//end of else

/*______________________________________________________________________________*/
//   Here is the most interesting part.
//    it views the directory contents.....i'll disscuss next version. (ver 2.0)
echo "<br><br><hr><br><b>Current Uploaded Files:</b><br>";
?>
<table border="1" bordercolor="#C0C0C0" cellspacing="1">
	<tr>
		<td bgcolor="#F4F4F4">File Name</td>
		<td bgcolor="#F4F4F4">File Size</td>
	</tr>

<?

$rep=opendir($upload_dir);
while ($file = readdir($rep)) {
	if($file != '..' && $file !='.' && $file !=''){
		if (!is_dir($file)){

                    // print the file name and then make a link.
                    echo "<tr><td> <a href=\"$upload_dir$file\" target=_blank>$file</a> </td>";

                    #------------begin of file size.
	                //print the file size.
	                $file_size = filesize($upload_dir."".$file);

	        if ($file_size >= 1048576)
	        {
		$show_filesize = number_format(($file_size / 1048576),2) . " MB";
	        }
	        elseif ($file_size >= 1024)
	        {
		$show_filesize = number_format(($file_size / 1024),2) . " KB";
	        }
	        elseif ($file_size >= 0)
	        {
		$show_filesize = $file_size . " bytes";
	        }
	        else
	        {
		$show_filesize = "0 bytes";
	        }

	        echo "<td> $show_filesize </td></tr>";
                    #------------end of file size.

            }
}
}
closedir($rep);
clearstatcache();

?>
</table>
<p align=right>
<br>Script by: <a href=http://www.maaking.com>maaking.com</a>
</p>

bpat1434

Well, that script is kind of deprecated. By that I mean you can't reference POSTed variables by using $variable. You have to explicitly reference them as: $_POST['name_value'].

Here is a script that should help you:

<?php

// Let's define some constants:
$allowed_ext = array('.gif', '.jpg', '.jpeg', '.png', '.bmp', '.tif', 
					 '.htm', '.html', '.txt', '.doc', '.rtf', '.pdf');
// Feel free to add what extensions you need
$limit_ext = TRUE;
$max_size = 1024 * 1024 * 5; // 5 MB max upload. Bytes * KB * MB
							// Suggested that you change it!!
$up_dir = $_SERVER['DOCUMENT_ROOT'].'/FOLDER/'; // Change to your needs, 
												// KEEP TRAILING SLASH!!
$up_link = 'http://'.$_SERVER['HTTP_HOST'].'/FOLDER/'; // Same as above

$db_host = 'localhost'; // Database host (normally localhost);
$db_user = 'root'; // User to connect as
$db_pass = 'password'; // Password for user
$db_table = 'database'; // Database to use
$table = 'tablename'; // Table to use

//---------------------------------------------------------------------\\

if(!is_uploaded_file($_FILES['file']['tmp_name']))
{
	// File not uploaded, show default form!!
	$show = 1;
}
elseif(is_uploaded_file($_FILES['file']['tmp_name']))
{
	// File is there, now we'll work with it
	$show = 2;
}
else
{
	// Possible hack attempt, who knows.
	// If it doesn't fit the first two, it defaults here
	$show = 1;
}

/*
Now we're going to switch the $show variable.  If it's equivalent to 1,
we want to show the upload form.  If it's equivalent to 2, we want to 
work with the uploaded file.
*/

switch($show)
{
	case 1:
		// We just want to show a form here.  Simple and quick.
		?>
		<html>
		<head>
		<title>Your Page Title</title>
		</head>
		<body>
		<p style="float: left;">
		<form action="" method="post" enctype="multipart/form-data" style="float: left;">
			Your Name: <input type="text" name="creator"><br>
			Description: <input type="text" name="descrip"><br><br>
			File Name: <input type="text" name="name"> * Don't include the extension!!<br>
			File to Upload: <input type="file" name="file" size="35"><br>
			<input type="submit" value="Upload the File">
		</form>
		</p>
		</body>
		</html>
		<?php
		break;

case 2:
	$tmpname = $_FILES['file']['tmp_name'];
	$creator = $_POST['creator'];
	$descrip = $_POST['descrip'];
	$ext = strrchr($tmpname,'.');
	$new_name = $_POST['name'].$ext;
	$download = $up_link.$new_name;

	if(($limit_ext === TRUE) && (!in_array($ext, $allowed_ext)))
	{
		echo 'That is not an allowed extension!!';
		exit();
	}

	if(file_exists($up_dir.$new_name))
	{
		echo "File ($new_name) already exists in $up_dir.";
		exit();
	}
	else
	{
		if(move_uploaded_file($tmpname, $up_dir.$new_name))
		{
			$query = "INSERT INTO `$table` (Name, Description, Download, Creator) 
					VALUES ('$name', '$descrip', '$download', '$creator')";
			$result = @mysql_query($result);
			if(!$result)
			{
				echo 'Query Error!!<br>'.mysql_errno().'<br>'.mysql_error();
				exit();
			}
			else
			{
				echo 'Inserted into database!!';
				echo '<br><a href="'.$download.'">Download Now</a>';
			}
		}
		else
		{
			echo 'Error moving file.  Sorry.';
			exit();
		}
	}					
	break;
}

?>

That should start you on your way.

~Brett