You are here: Re: Help with file upload « PHP Language « IT news, forums, messages
Re: Help with file upload

Posted by up2trouble on 07/25/07 01:10

This is what I use. It is simple and I don't know if it is secure,
but it works.

<?PHP
if(isset($_POST['upload_file']))
{
$uploaddir = "./documents/";
$user = $_POST['user'];
$name = $_POST['name'];
$category = $_POST['category'];
$type = $_POST['type'];

$file_name = $_FILES['uploadedfile']['name'];
$file_tmp_name = $_FILES['uploadedfile']['tmp_name'];
$file_name = stripslashes($file_name);
$file_name = preg_replace("#[ ]#","_",$file_name);
$file_name = preg_replace('#[^()\.\-,\w]#','_',$file_name);
$file_name = preg_replace('#(_)+#','_',$file_name);

if (move_uploaded_file($file_tmp_name, $uploaddir.$file_name))
{
echo "<CENTER><FONT SIZE='+1'>File was successfully uploaded.</FONT></
CENTER>";
}
$sql5 = "INSERT INTO $db_table5 (user, name, category, type) VALUES
('$user','$name', '$category', '$type')";
mysql_query ($sql5) or die(mysql_error());
}
?>
<DIV ID="wrapper">
<DIV ID="header">
<?PHP include("includes/header.txt")?>
</DIV>
<DIV ID="subheader">
<?PHP include("includes/navigation.txt")?>
</DIV>
<DIV ID="content">
<H2>Download Document</H2>
<?PHP
$sql = "SELECT * FROM $db_table5 ORDER BY category ASC";
$result = mysql_query ($sql, $connect) or die ('Query failed:
' .mysql_error());
echo "<TABLE CELLSPACING='5' CELLPADDING='2' BORDER='1'>";
echo "<TR><TD CLASS='title'>Category</TD><TD CLASS='title'>Document</
TD><TD CLASS='title'>Type</TD></TR>";
while ($row = mysql_fetch_array($result))
{
$category = $row['category'];
$sql2 = "SELECT * FROM $db_table6 WHERE id = '$category'";
$result2 = mysql_query($sql2)OR die ('I crashed because: ' .
mysql_error());
while ($row2 = mysql_fetch_array($result2))
{
$name2 = $row2['name'];
}
$name = $row['name'];
$url = $row['url'];
$type = $row['type'];
echo "<TR><TD>$name2</TD><TD><A CLASS='mnav' HREF='http://
bainbridge.stagingspace.net/documents/$url' ALT='$name' TARGET='_top'>
$name</A></TD><TD>$type</TD></TR>";
}
echo "</TABLE>";
?>
<BR>
<H2>Upload Document</H2>
<FORM ACTION="documents.php" METHOD="post" ENCTYPE="multipart/form-
data">
<TABLE CELLSPACING="2" CELLPADDING="2" BORDER="0">
<TR>
<TD CLASS='title'>Posted By:</TD>
<TD><INPUT TYPE="text" NAME="user" SIZE="35" MAXLENGTH="25"></TD>
</TR>
<TR>
<TD CLASS='title'>File Name:</TD>
<TD><INPUT TYPE="text" NAME="name" SIZE="35" MAXLENGTH="50"></TD>
</TR>
<TR>
<TD CLASS='title'>Category:</TD>
<TD>
<SELECT NAME='category'>
<OPTION VALUE='0' SELECTED>--- Select Category ---</OPTION>
<?PHP
$sql = "SELECT * FROM $db_table6 ORDER BY name";
$result = mysql_query ($sql, $connect) or die ('Query failed:
' .mysql_error());
while ($row = mysql_fetch_array ($result))
{
$id = $row["id"];
$name = $row["name"];
echo "<OPTION VALUE='$id'>$name</OPTION>";
}
?>
</SELECT>
</TD>
</TR>
<TR>
<TD CLASS='title'>Type:</TD>
<TD>
<SELECT NAME="type" SIZE="1">
<OPTION VALUE='0' SELECTED>--- Select Type ---</OPTION>
<OPTION VALUE="pdf">pdf</OPTION>
<OPTION VALUE="doc">doc</OPTION>
</SELECT>
</TD>
</TR>
<TR>
<TD CLASS='title'>File:</TD>
<TD>
<INPUT TYPE="file" NAME="uploadedfile" SIZE="35">
</TD>
</TR>
<TR>
<TD COLSPAN="2">
<BR>
<INPUT TYPE="submit" NAME="upload_file" VALUE="Upload Document">
</TD>
</TR>
</TABLE>
</DIV>

 

Navigation:

[Reply to this message]
Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация