Home arrow PHP arrow Page 3 - Handling Files for a Project Management Application

The add_file script - PHP

In this article we will be discussing how to handle the files that a project needs. We will also be looking at how to upload files using standard PHP functions. This article is the sixth part of a seven-part tutorial that explains how to build a project management application. Be sure to check out the other articles in the series.

TABLE OF CONTENTS:
  1. Handling Files for a Project Management Application
  2. Script Explained
  3. The add_file script
  4. Form Explained
By: David Web
Rating: starstarstarstarstar / 1
July 07, 2008

print this article
SEARCH DEV SHED

TOOLS YOU CAN USE

advertisement


The next script that we will be looking at is the add_file script. It is responsible for adding files to a project. The page consists of a form that provides a file field. This is a special field that is specifically designed for uploading files. The form also has one additional attribute, as you will see in the HTML section of the page. Below is a screen shot of the form and also the code that built the script:



And the code for the page:


<?php

include "dbcon.php";

include "functions.php";




if(isset($_GET['pid'])){


//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}

//otherwise clean the received value for query use

$cpid = mysql_escape_string($_GET['pid']);

$getname = "SELECT title FROM projects WHERE pid = '".$cpid."'";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error();

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}


}//end pid check


if(isset($_POST['submit'])){

//check vars

if(!$_FILES['userfile']['name']) {

$err = true;

$msg .= "<BR>Please upload a image file.";

}

$fname=mysql_escape_string($_FILES['userfile']['name']);

$p_pid=mysql_escape_string($_POST['p_pid']);


//insert

if(!$err){

$insert = "INSERT INTO files SET filename = '".$fname."',";

$insert .= "p_id= '".$p_pid."'";

if(!mysql_query($insert)){

echo mysql_error();

}else{

$newid=mysql_insert_id();

$msg= "Data inserted.".$p_pid."<br>";

}

}//err check




//upload file

if($new_id > 0){

$uploadpath = "p_files/";

$filename = trim(addslashes($_FILES['userfile']['name']));

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadpath . $filename)) {

$msg .= "File uploaded.".$filename."";

 

}else{

$msg .= "File not uploaded.";

 

}

}


}

?>


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<html xmlns="http://www.w3.org/1999/xhtml"><!-- InstanceBegin template="/Templates/PM_Main.dwt.php" codeOutsideHTMLIsLocked="false" -->

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />

<!-- InstanceBeginEditable name="doctitle" -->

<title>Untitled Document</title>

<!-- InstanceEndEditable -->

<!-- InstanceBeginEditable name="head" -->

<!-- InstanceEndEditable -->

<link href="Templates/main.css" rel="stylesheet" type="text/css" />

</head>


<body>

<table width="100%" border="0">

<tr>

<td width="33%">&nbsp;</td>

<td width="28%">&nbsp;</td>

<td width="39%">Logged in: <!-- InstanceBeginEditable name="login" --><? echo $_SESSION['name'];?> | <a href="logout.php">Logout</a><!-- InstanceEndEditable --></td>

</tr>

<tr>

<td colspan="3" bgcolor="#6699CC" class="headertxt">Project Management Software </td>

</tr>

<tr>

<td colspan="3"><!-- InstanceBeginEditable name="main" -->

<form id="form1" name="form1" method="post" action="add_file.php" enctype="multipart/form-data">

<table width="100%" border="0">

<tr>

<td colspan="2" class="loginheader"><?php echo $title;?></td>

</tr>

<tr>

<td colspan="2"><?php if(isset($msg)){

echo $msg;

}?> </td>

</tr>

<tr>

<td width="10%">File Name </td>

<td width="90%"><label>

<input name="userfile" type="file" id="userfile" />

<input type="hidden" name="p_pid" value="<?php echo $_GET['pid'];?>"/>

</label></td>

</tr>

<tr>

<td>&nbsp;</td>

<td><label>

<input type="submit" name="submit" value="Upload File" />

</label></td>

</tr>

</table>

</form>

<!-- InstanceEndEditable --></td>

</tr>

<tr>

<td colspan="3"><!-- InstanceBeginEditable name="nav" --><a href="main.php">View Project List</a> | <a href="admin/login.php">Administrators Corner </a><!-- InstanceEndEditable --></td>

</tr>

<tr>

<td align="right" class="cright" colspan="3">copyright &copy; 2007 PM </td>

</tr>

</table>

</body>

<!-- InstanceEnd --></html>



The code does a couple of familiar things. First it makes the usual checks to make sure that we don't crash the application, then it retrieves the project name and stores it in a variable called $title:

<?php

include "dbcon.php";

include "functions.php";




if(isset($_GET['pid'])){


//clean pid

if(!is_numeric($_GET['pid'])){

//the value received is not numeric. redirect the user to login

header("location:login.php");

}

//otherwise clean the received value for query use

$cpid = mysql_escape_string($_GET['pid']);

$getname = "SELECT title FROM projects WHERE pid = '".$cpid."'";

$g_result = mysql_query($getname);

if(!$g_result){

echo mysql_error();

}else{

$rowname = mysql_fetch_assoc($g_result);

$title = $row['title'];

}


}//end pid check



 
 
>>> More PHP Articles          >>> More By David Web
 

blog comments powered by Disqus
escort Bursa Bursa escort Antalya eskort
   

PHP ARTICLES

- Hackers Compromise PHP Sites to Launch Attac...
- Red Hat, Zend Form OpenShift PaaS Alliance
- PHP IDE News
- BCD, Zend Extend PHP Partnership
- PHP FAQ Highlight
- PHP Creator Didn't Set Out to Create a Langu...
- PHP Trends Revealed in Zend Study
- PHP: Best Methods for Running Scheduled Jobs
- PHP Array Functions: array_change_key_case
- PHP array_combine Function
- PHP array_chunk Function
- PHP Closures as View Helpers: Lazy-Loading F...
- Using PHP Closures as View Helpers
- PHP File and Operating System Program Execut...
- PHP: Effects of Wrapping Code in Class Const...

Developer Shed Affiliates

 


Dev Shed Tutorial Topics: