[RESOLVED] Inserting the values of an array into a database

Mechaworx

Insert the values of an array into a database

I have created a form which allows through the use of javascript a user to add up to three file input fields into a form to upload images. Here is the form's code structure:


 <form action="Scripts/processreports2.php" method="post" enctype="multipart/form-data" name="report_form" target="uploader" class="reportfrm">
<fieldset>
        <legend>Upload your images</legend>
        <ol id="add_images">
          <li>
        	<input type="file" class="input" name="files[]" />
          </li>
	  <li>
        	<input type="file" class="input" name="files[]" />
          </li>
	  <li>
        	<input type="file" class="input" name="files[]" />
          </li>
        </ol>
        <input type="button" name="addFile"  id="addFile" value="Add Another Image" onclick="window.addFile(this);"/>
</fieldset>
        <p>* indicates a required field.</p>
        <input name="submit" type="submit" id="submit" value="Send Info!" />


</form>

Through php the three input fields are fed into a php array that checks to make sure that the uploaded files are images and not some other type of application file. The uploading porition of this script works.

Now I am trying to get the values of the input fields ie; the ['file']['name'] and the ['file']['tmp_name'] and insert them into a database. With the below code I have only managed to get the word "array" to be inserted into the database and not the actual names of the files themselves.

Below is the code so far:


#connect to the database
	mysql_connect("localhost", "root", "");
	mysql_select_db("masscic");

//Upload Handler to check image type
function is_image($file) {

$file_types = array('jpeg', 'gif'); //acceptable file types

if ($img = getimagesize($file)){

	//echo '<pre>';
	//print_r($img); //will return an array of information for testing

	if(in_array(str_replace('image/', '', $img['mime']), $file_types))
	return $img;
}
return false;
}
	//form submission handling
	if(isset($_POST['submit'])) {

//file variables

$fname = $_FILES['files']['name'];
$ftype = $_FILES['files']['type'];
$fsize = $_FILES['files']['size'];
$tname = $_FILES['files']['tmp_name'];
$newDir = '../uploads/'; //relative to where this script file resides

for ($i = count($fname) -1; $i >=0; $i--) {
	if ($_FILES['files']['error'][$i] =='UPLOAD ERR OK' || $_FILES['files']['error'][$i] ==0) 

	{	

		if(is_image($tname[$i]))
		{
			move_uploaded_file($tname[$i], ($newDir.time().$fname[$i])); 
			echo '<li><span class="success">'.$fname[$i].' -- image has been accepted<br></span></li>';

		}else 
			echo '<li><span class="error">'.$fname[$i].' -- is not an accepted file type<br></span></li>';
	}
}
}
			$sqlInsert = mysql_query("INSERT INTO files (file_names) VALUES('$fname')") or die (mysql_error());

I think I need to loop through the array using a for loop but I am uncertain as to how to go about writing it and where to insert it into my code.

As always, thanks for any help.
Gerry

bradgrafelman

Do a [man]print_r/man on $_FILES to examine its structure when multiple files are submitted. In addition, you should read over this manual page: [man]features.file-upload.multiple[/man]

Normally I just use a [man]for/man loop to check $_FILES['file']['error'][$i] for each file upload and handle the upload accordingly.

Mechaworx

HI Bradgrafelman,

I read that page you suggested on multiple file uploads but I couldn't glean much information from it on how to insert into a database from an array. I did the print_r() on $_FILES and it returned the array I suspected on a sample upload:


Array
(
    [files] => Array
        (
            [name] => Array
                (
                    [0] => fb_profile.jpg
                    [1] => DSC_0002a.jpg
                )

        [type] => Array
            (
                [0] => image/jpeg
                [1] => image/jpeg
            )

        [tmp_name] => Array
            (
                [0] => C:\wamp\tmp\php33AA.tmp
                [1] => C:\wamp\tmp\php33AB.tmp
            )

        [error] => Array
            (
                [0] => 0
                [1] => 0
            )

        [size] => Array
            (
                [0] => 68499
                [1] => 602602
            )

    )

)

Can you provide additional information on how to construct the for loop for targeting the name and tmp_name portions of the array?

Thanks
Gerry

Mechaworx

Ok,

I managed to figure out how to get this to insert the file names into the database and upload the files without problem. My next step is to try to figure out how to get the multiple files inserted into the database as one record. For instance, if the user uploads three files, I want all the files to go into the files column in the database as one record and not three. Here is my code up to this point:


//Upload Handler to check image types
function is_image($file) {

$file_types = array('jpeg', 'gif', 'bmp'); //acceptable file types

if ($img = getimagesize($file)){

	//echo '<pre>';
	//print_r($_FILES); //prints files array for testing
	//print_r($img); //prints $img variable for testing

	if(in_array(str_replace('image/', '', $img['mime']), $file_types))
	return $img;
}
return false;
}
	//form submission handling
	if(isset($_POST['submit'])) {

//file variables

$fname = $_FILES['files']['name'];
$ftype = $_FILES['files']['type'];
$fsize = $_FILES['files']['size'];
$tname = $_FILES['files']['tmp_name'];
$ferror = $_FILES['files']['error'];
$newDir = '../uploads/'; //relative to where this script file resides

//foreach ($_FILES['files']['name'] as $i => $fname) {
//for ($i = count($fname) -1; $i >=0; $i--) {

for($i = 0; $i < count($fname); $i++) {

    //echo 'File name ' . $fname[$i] . ' has size ' . $fsize[$i];
	if ($ferror[$i] =='UPLOAD ERR OK' || $ferror[$i] ==0) 
	{	
		if(is_image($tname[$i]))
		{
//append the tmp_name($tname) to the file name ($fname) and upload to the server
			move_uploaded_file($tname[$i], ($newDir.time().$fname[$i])); 
			echo '<li><span class="success">'.$fname[$i].' -- image has been accepted<br></span></li>';

		}else 
			echo '<li><span class="error">'.$fname[$i].' -- is not an accepted file type<br></span></li>';
	}

		$sqlInsert = mysql_query("INSERT INTO files (file_names) VALUES('$fname[$i]')") or die (mysql_error());
}
}

I think I need to figure out how to get the $fname[$i] part of the array as one variable. Am I on the right track?

Thanks

dagon

sounds like the wrong approach each db cell should contain a single discrete piece of information

a better db structure would be

id user_id file_name

then each file would be one row

Mechaworx

Hi Dagon,

Thanks for your reply. I am actually collecting other data information through a form and I do have a database table with id username and file names etc. It's just that I wanted to avoid clogging up the forums with extraneous code and to focus only on this problem so I created a "testing" table.

Is there a way to get the data from an array into one database table column/cell?

I've been working on this problem since Monday and could really use some help.

Thanks
Gerry

dagon

Mechaworx;10975652 wrote:
Hi Dagon,

Is there a way to get the data from an array into one database table column/cell?

serialize, implode, loop and concatenate, im not sure the best option for you.

Mechaworx

Hi Dagon,

Thanks for your reply. I actually got this to work by using implode. Here's my code in its entirety now.


#connect to the database
	mysql_connect("localhost", "root", "m3gatr0n");
	mysql_select_db("masscic");

#initialize the variables for the form if users want to post a sighting
$name ='';
$email ='';
$website ='';
$fname ='';
$ftype ='';
$fsize ='';
$tname ='';
$scid ='';
$state ='';
$county ='';
$stown ='';
$street ='';
$sdate ='';
$stemp ='';
$stime ='';
$lat ='';
$lon ='';
$comments ='';
$regExp ='';
$errorMsg ='';

#grab the form data
$curnum = 0; //will itemize the number of errors we have
$name = $_POST['name'];
$email = $_POST['email'];
$website = $_POST['website'];
$scid = $_POST['category'];
$state = $_POST['state'];
$county = $_POST['county'];
$stown = $_POST['town'];
$street = $_POST['street'];
$sdate = $_POST['sighting_date'];
$stemp = $_POST['temp'];
$stime = $_POST['time'];
$lat = $_POST['latitude'];
$lon = $_POST['longitude'];
$comments = $_POST['description'];

#do some injection cleaning
$name = stripslashes($name);
$email = stripslashes($email);
$website = stripslashes($website);
$state = stripslashes($state);
$county = stripslashes($county);
$stown = stripslashes($stown);
$street = stripslashes($street);
$sdate = stripslashes($sdate);
$stemp = stripslashes($stemp);
$stime = stripslashes($stime);
$lat = stripslashes($lat);
$lon = stripslashes($lon);
$comments = stripslashes($comments);

$name = strip_tags($name);
$email = strip_tags($email);
$website = strip_tags($website);
$state = strip_tags($state);
$county = strip_tags($county);
$stown = strip_tags($stown);
$street = strip_tags($street);
$sdate = strip_tags($sdate);
$stemp = strip_tags($stemp);
$stime = strip_tags($stime);
$lat = strip_tags($lat);
$lon = strip_tags($lon);
$comments = strip_tags($comments);

#verify properly formatted email address
//$regExp = '/^[^0-9][A-z0-9_]+([.][A-z0-9_]+)*[@][A-z0-9_]+([.][A-z0-9_]+)*[.][A-z]{2,4}$/';
$regExp = '/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$/';

#check for errors    
 if (strlen($name) < 2) {
 	 $curnum ++;
     $errorMsg['name'] = '<li><span class="error">'.$curnum.'. Your name is required</span></li>';
	}
 if (!preg_match($regExp, $email)) {
 	 $curnum ++;
 	 $errorMsg['email'] = '<li><span class="error">'.$curnum.'. Please enter a valid email address</span></li>';
 	}
 if (strlen ($scid) < 1) {
 	$curnum ++;
	$errorMsg['category'] = '<li><span class="error">'.$curnum.'. Please choose a sighting type</span></li>';
	}
 if (strlen ($state) < 1) {
 	$curnum ++;
	$errorMsg['state'] = '<li><span class="error">'.$curnum.'. Please choose a state</span></li>';
	}
 if (strlen ($stown) < 1) {
 	$curnum ++;
	$errorMsg['town'] = '<li><span class="error">'.$curnum.'. We definately need the town</span></li>';
	}
 if (strlen ($street) < 1) {
 	$curnum ++;
	$errorMsg['street'] = '<li><span class="error">'.$curnum.'. Please specify the street or location name</span></li>';
	}
 if (!$sdate)  {
 	$curnum ++;
	$errorMsg['sighting_date'] = '<li><span class="error">'.$curnum.'. Need a sighting date</span></li>';
	}

$name = mysql_real_escape_string($name);
$email = mysql_real_escape_string($email);
$website = mysql_real_escape_string($website);
$state = mysql_real_escape_string($state);
$county = mysql_real_escape_string($county);
$stown = mysql_real_escape_string($stown);
$street = mysql_real_escape_string($street);
$sdate = mysql_real_escape_string($sdate);
$stemp = mysql_real_escape_string($stemp);
$stime = mysql_real_escape_string($stime);
$lat = mysql_real_escape_string($lat);
$lon = mysql_real_escape_string($lon);
$comments = mysql_real_escape_string($comments);	 

//Upload Handler
function is_image($file) {

$file_types = array('jpeg', 'gif', 'bmp', 'png'); //acceptable file types

if ($img = getimagesize($file)){

	//echo '<pre>';
	//print_r($img); will return an array of information for testing
	//print_r($_FILES); will return an array of information for testing

	if(in_array(str_replace('image/', '', $img['mime']), $file_types))
	return $img;
}
return false;
}
	//upload files portion of form submission handling
	//variables

$fname = $_FILES['files']['name'];
$ftype = $_FILES['files']['type'];
$fsize = $_FILES['files']['size'];
$tname = $_FILES['files']['tmp_name'];
$ferror = $_FILES['files']['error'];

if(isset($_POST['submit'])) {

$newDir = '../uploads/'; //relative to where this script file resides

for($i = 0; $i < count($fname); $i++) {
//echo 'File name ' . $fname[$i] . ' has size ' . $fsize[$i]; used for testing
//for ($i = count($fname) -1; $i >=0; $i--) {
	if ($ferror[$i] =='UPLOAD ERR OK' || $ferror[$i] ==0) 
	{	
		if(is_image($tname[$i]))
		{
		move_uploaded_file($tname[$i], ($newDir.time().$fname[$i])); 
			echo '<li><span class="success">'.$fname[$i].' -- image has been accepted<br></span></li>';

		}else 
			echo '<li><span class="error">'.$fname[$i].' -- is not an accepted file type<br></span></li>';		
	}

	//*****************This Line of code fixed my problem********************//
	if (is_array($fname))
	$files = implode(', ',$fname);

}
}
	#done with error checking now perform the insert
	if (!$errorMsg) {
		$sqlInsert = mysql_query("INSERT INTO usersightings
											(entry_date,
											scid, 
											name, 
											email, 
											website, 
											files,
											state, 
											county, 
											town, 
											street, 
											sighting_date,
											temp,
											time, 
											lat, 
											lng, 
											description) 
									VALUES( now(), 
										   '$scid',
										   '$name',
										   '$email',
										   '$website',
										   '$files', 
										   '$state', 
										   '$county', 
										   '$stown',
										   '$street', 
										   '$sdate',
										   '$stemp', 
										   '$stime',
										   '$lat',
										   '$lon',
										   '$comments')") or die (mysql_error());

	echo '<li class="success"> Congratulations, ' . $name . '. Your data was posted successfully! You will receive an email shortly </li>';	
}
else {

	$response = (isset($errorMsg['name'])) ? "<li>" . $errorMsg['name'] . "</li> \n" : null;
	$response .= (isset($errorMsg['email'])) ? "<li>" . $errorMsg['email'] . "</li> \n" : null;
	$response .= (isset($errorMsg['category'])) ? "<li>" . $errorMsg['category'] . "</li>" : null;
	$response .= (isset($errorMsg['state'])) ? "<li>" . $errorMsg['state'] . "</li>" : null;
	$response .= (isset($errorMsg['town'])) ? "<li>" . $errorMsg['town'] . "</li>" : null;
	$response .= (isset($errorMsg['street'])) ? "<li>" . $errorMsg['street'] . "</li>" : null;
	$response .= (isset($errorMsg['sighting_date'])) ? "<li>" . $errorMsg['sighting_date'] . "</li>" : null;
	echo $response;
} # end if there was an error posting

My next problem is trying to sort out if the user leaves an empty input form field with type="file" attribute I want it to throw an error but I can't seem to do it for $FILES only $POST variables. Any suggestions?

Thanks
Gerry

dagon

Mechaworx;10975667 wrote:
My next problem is trying to sort out if the user leaves an empty input form field with type="file" attribute I want it to throw an error but I can't seem to do it for $FILES only $POST variables. Any suggestions?

look at the $_FILES array when no file is present, compared to populated

Mechaworx

Hi Dagon,

Thanks for steering me in the right direction. I came up with this for an empty files types input field.


//if there is an empty input field

if ($fsize[$i] === 0 || empty($tname[$i])) 
    		echo '<li><span class="error"> No file was selected.</span></li>';
		{