The best way to do this is to allow the user to upload a file, store the file on the server and then the store teh name of the file in the database.
Page 1 (The Form):
This is the form page that is required to upload a file.
<FORM name="form1" ENCTYPE="multipart/form-data" ACTION="add_query.php" method="post">
<INPUT NAME="userfile" TYPE="file"><INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="2097152">
- Value for this input (userfile) is the maximum file size that the user can upload.
Page 2 (Proccessing the Script)
Steps in Processing:
1: Check to see if user uploaded a file
2: Check to see if a file with same name exists on the server, if so rename it until the name is different
3: You can check for size to make sure the user uploaded a file that is within the size specified but I have not done that here
3: Insert the name of the file into a database
//IF THERE IS NO FILE, $userfile will be = to "none"
if($userfile=="none") {
// either send user back to previous screen or give the name as no file...
$userfile_name="No File";
}
else {
/***********FILE UPLOAD*********/
//Copy file to new location to save it
//if anoter file with same name exists, append a 0,1,2...etc until its different
$dirToStore="./attachments/";
if(file_exists($dirToStore.$userfile_name)) {
$i=0;
$newfile_name=sprintf("%s%s", $i, $userfile_name);
while( file_exists ($dirToStore.$newfile_name ) ) {
$i++;
$newfile_name=sprintf("%s%s",$i,$userfile_name);
}
$userfile_name=$newfile_name;
} //end copy if
if(!copy($userfile,$dirToStore.$userfile_name)) {
print "SERVER ERROR, file failed to send";
} //end file exist if
} // end else
$sql="insert into TABLE(attachFieldName) values ('$userfile_name')";
$result=mysql_query($sql);
Page 3 (Displaying the attachment)
Display a link to the file, THe file name is stored in the database and the file itself is on the server under the $dirToStore variable listed in Page 2
<a href="<? echo "attachments/" . $row["attachFieldName"]?>"><? echo $row["attachFieldName"]?></a>
