Form Explained - PHP

In this article we will be discussing how to handle the files that a project needs. We will also be looking at how to upload files using standard PHP functions. This article is the sixth part of a seven-part tutorial that explains how to build a project management application. Be sure to check out the other articles in the series.

TABLE OF CONTENTS:

By: David Web

Poor Best

Rating:

/ 1

July 07, 2008

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

PHP then checks to see if the form is submitted:

if(isset($_POST['submit'])){

Then the form variables are checked and escaped for use in the insert query:

//check vars

if(!$_FILES['userfile']['name']) {

$err = true;

$msg .= "<BR>Please upload a file.";

}

$fname=mysql_escape_string($_FILES['userfile']['name']);

$p_pid=mysql_escape_string($_POST['p_pid']);

Then the form values are inserted into the files table:

//insert

if(!$err){

$insert = "INSERT INTO files SET filename = '".$fname."',";

$insert .= "p_id= '".$p_pid."'";

if(!mysql_query($insert)){

echo mysql_error();

}else{

The next line stores the record id of the newly inserted record, and then a message is set in the $msg variable:

$newid=mysql_insert_id();

$msg= "Data inserted.".$p_pid."<br>";

}

}//err check

The code then checks to see if the $new_id variable value is greater then zero. If it is, the file upload process is started. The assumption is that, if the $new_id variable value is less then one, then the insert query was not successful and therefore the upload process will not be started:

//upload file

if($new_id > 0){

$uploadpath = "p_files/";

$filename = trim(addslashes($_FILES['userfile']['name']));

if(move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadpath . $filename)) {

$msg .= "File uploaded.".$filename."";

}else{

$msg .= "File not uploaded.";

}

The $_FILES['userfile']['name'] variable is the special variable that is designed for file uploads (think of it as the file equivalent of $_POST). The $_FILE array has five elements, of which tmp_name is one. It refers to the temporary name of the file on the server. If you look closely at the upload code above you will see that I've used it there as well. The move_uploaded_file() function is also used in the code. This function, as the name suggests, does the work of moving the file from one place to another.

There are only two things that I think are worth pointing out in the HTML form below. First, if you look at the opening form element, you will notice that an additional attribute has been added. It is called:

enctype="multipart/form-data"

The above merely informs the browser to expects different types of data from the form. This piece of code needs to be there whenever you are going to upload a file. Second, the actual form field needs to be of type 'file.' This has the effect of creating a "browse" button when the form is shown. Both of these pieces of code are highlighted below:

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">

<head>

<title>Untitled Document</title>

</head>

<body>

<tr>

<td width="39%">Logged in: <? echo $_SESSION['name'];?> | <a href="logout.php">Logout</a></td>

</tr>

<tr>

<td colspan="3" bgcolor="#6699CC" class="headertxt">Project Management Software </td>

</tr>

<tr>

<tr>

</tr>

<tr>

<td colspan="2"><?php if(isset($msg)){

echo $msg;

}?> </td>

</tr>

<tr>

</label></td>

</tr>

<tr>

</label></td>

</tr>

</table>

</form>

</td>

</tr>

<tr>

<td colspan="3"><a href="main.php">View Project List</a> | <a href="admin/login.php">Administrators Corner </a></td>

</tr>

<tr>

</tr>

</table>

</body>

</html>

Be sure to come back next week for the conclusion to this article series!