i need to do a data storage where by the data will be uploaded by the user..how can i do this?? how can i know that the data are inserted into the database?:confused:
Printable View
i need to do a data storage where by the data will be uploaded by the user..how can i do this?? how can i know that the data are inserted into the database?:confused:
Yes that can be done using PHP & MySQL without much trouble. You need to design database/table(s), and based on your requirement develop the PHP code that performs the database operation like insertion, view, updation (if needs) and deletion (If needs).
Through HTML forms you can accept values from the user and put them into proper table using PHP. If you want to check whether user has inserted the data, you can retrieve the records inserted by the use, if the user hasn't performed the insertion yet then it will return empty result from the database, so you can find that the insertion hasn't performed.
The PHP script depends upon your database/tables fully so without knowing your requirements fully it would be difficult to comment on that.
actually..what i mean is that..i want to make a page where by the user can upload their file such as pdf,mp3,document n etc into the system..how can i do that using php and mysql?
how could i know that the files are successfully uploaded into the database and it can be retrieve/view by the user??
Generally, if an upload it stopped, the upload won't be "finished" so it won't ever reach the processing page. However, sometimes it might be corrupted.
To check if a file exists, just use file_exists('filepath').
That won't verify it as valid, but just that it's there.
Not really sure about verifying. The only way I can think of doing so is with things like the GD library for images, where you can create an image (php variable) from a jpg, etc. That would/should verify if the image was uploaded correctly. If you could find similar features with the file formats you wish to use, that would help you verify that they are not corrupt.
Now, to correct a couple things--
1. When a file is uploaded YOU supply a path in the script. It goes to a specific directory with a specific filename, all controlled by php. You can set it as a constant, or set it as random, or base it on the user's file's name, or even allow the user to enter a path via a form (this might cause security problems, though). The path is just a string, and there are many ways to supply that to the move_uploaded_file() function.
2. DON'T store files in the database. Store them as files on the webserver, in an out of the way directory if you must. You can protect them with .htaccess if that's what you're worried about. Getting full sized files out of a database would take time and be a lot of work for your server... not worth it. Plus, the database would become huge.
3. Instead of storing the file directly in the database, store the path to the file. In a table, store the path, filename and description, etc. of the file, so that you can use mysql to retrieve the file, but not actually store it.
tq djr33 for the explanation..could you help me with the code..or..could you suggest any site that give the code..so that i can do a revision??
Well, what you are doing is pretty complex and there are security, functionality and system-based things that are specific to you.
I would suggest just looking at php.net:
http://php.net/manual/en/features.file-upload.php
sorry for the initial confusion from my side. djr33 is absolutely correct follow his posts for the solution.
i have done a research n found a code..i've alter the code. this is the code;
the code running successfully, i can upload mp3 file,but when i specified the file directory:Quote:
<html>
<head>
<title>Upload File To MySQL Database</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css">
<!--
.box {
font-family: Arial, Helvetica, sans-serif;
font-size: 12px;
border: 1px solid #000000;
}
-->
</style>
</head>
<body>
<?
// you can change this to any directory you want
// as long as php can write to it
$uploadDir = 'C:/webroot/upload/';
//$uploadDir = 'C:/file/';
if(isset($_POST['upload']))
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
// get the file extension first
$ext = substr(strrchr($fileName, "."), 1);
// generate the random file name
$randName = md5(rand() * time());
// and now we have the unique file name for the upload file
$filePath = $uploadDir . $randName . '.' . $ext;
// move the files to the specified directory
// if the upload directory is not writable or
// something else went wrong $result will be false
$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}
include 'connectdb.php';
//include 'library/opendb.php';
if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
$filePath = addslashes($filePath);
}
$query = "INSERT INTO upload2 (name, size, type, path ) ".
"VALUES ('$fileName', '$fileSize', '$fileType', '$filePath')";
mysql_query($query) or die('Error, query failed : ' . mysql_error());
// include 'library/closedb.php';
echo "<br>File uploaded<br>";
}
?>
<form action="" method="post" enctype="multipart/form-data" name="uploadform">
<table width="350" border="0" cellpadding="1" cellspacing="1" class="box">
<tr>
<td width="246"><input type="hidden" name="MAX_FILE_SIZE" value="2000000"><input name="userfile" type="file" class="box" id="userfile">
</td>
<td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td>
</tr>
</table>
</form>
</body>
</html>
$uploadDir = 'C:/webroot/file/upload/';
the result is "Error uploading file"...y?
well uploading usually means FROM your HDD to the web. The C: drive is on your computer, this should be the FROM not the TO.
However, if you want to do this, make sure your path is correct, c:\webroot\file\upload\ perhaps should be C:\Documents and Settings\username\Desktop\webroot\file\upload\ or something?
If you are uploading to the web server, it would be something like:Code:// move the files to the specified directory
// if the upload directory is not writable or
// something else went wrong $result will be false
$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}
/home/usr/public_html/file/upload/
I think I read somewhere that this script could cause a severe security problem
so...is there any idea to do this kind of code??:confused:Quote:
Originally Posted by mburt