Hi all,
I am working on an idea for my site but not sure how to go about part if it. The idea is that I have several image files each with a php script in, when I run this PHP script it gets a list of all the pictures in the folder and adds them into a database, but if the picture already exists in the database then it skips it. Does anyone have any ideas of how do do this?
Cheers

foreach(scandir('.') as $file)
if(!mysql_num_rows(mysql_query(sprintf('select filename from files where filename=\'%s\'', mysql_real_escape_string($file)))))
mysql_query(sprintf('insert into files (filename) values (\'%s\')', mysql_real_escape_string($file)));

Thanks for the quick reply Twey.
I am new to PHP and am still learning about it, so I am just trying to work out what each part of the code does, but I am stuck at two bits:


filename=\'%s\'
What does the %s mean?

And:

mysql_real_escape_string($file)
I have never heard of this command before.

If you dont mind please could you explain them?

What does the %s mean?"String:" it's replaced by sprintf() with the second argument.
I have never heard of this command before.The term is "function" -- it returns a value. It escapes the string so it's safe to use in MySQL queries to the current connection.

What does the %s mean?

%s is a placeholder for mysql_real_escape_string($file)
So, %s will be replaced with mysql_real_escape_string($file)


I have never heard of this command before.
To prevent MySQL injection.

Example:
Say I put in your URL ?page=DELETE database 'database';
Without mysql_real_escape_string($file), your database would be deleted.

Thanks to both of you. But I have one more question

Say I wanted to have a the file path put into the database as well would this work:


foreach(scandir('.') as $file)
if(!mysql_num_rows(mysql_query(sprintf('select filename from files where filename=\'%s\'', mysql_real_escape_string($file)))))
mysql_query(sprintf('insert into files (filename, path) values (\'%s\', 'pictures/thunbnails/%s') mysql_real_escape_string($file)));

?

Send the same value as the next parameter to sprintf() as well, and yes. There's not much point storing it if it's the same for each file, though.