-
Hi There,
I'm counting on ya'll for this one! I could probably figure it out if I really got into it, but I don't have much time I'm afraid.
Here's a simple form used to enter data into an SQL database and copy and uploaded file onto the virtual site:
Code:
<br>
<b><a href="urlupload.php3">Upload a URL to a File</a></b>
<br><hr><br>
<form action="upload2.php3" method="post" enctype="multipart/form-data">
<br>Upload a File: <input type="file" name="uploadfile"><br>
File Name: <input type="text" name="uploadname"> -
<select name="uploadformat">
<option selected value="txt">TXT</option>
<option value="doc">DOC</option>
<option value="pdf">PDF</option>
<option value="rtf">RTF</option>
</select><br>
<b>Description: </b><br>
<textarea name="description" rows="5" cols="25" wrap></textarea><br>
<input type="submit" name="uploadsubmit" value="Upload"></form>
Here's the file that form points to...
Code:
<?php
if (copy($uploadfile, "../files/$uploadname.$uploadformat")) {
include("../connect.inc");
$sql = "INSERT INTO files SET " .
"uploadname='$uploadname', " .
"uploadformat='$uploadformat', " .
"description='$description'";
if (mysql_query($sql)) {
echo("<br>");
} else {
echo("<P>Error adding submitted entry: " .
mysql_error() . "</P>");
}
echo("File successfully uploaded<p><b>" .
"<a href=\"../files\"></a></b>");
}
else {
echo("There was a problem with the file...<p><center><b>" .
"<a href=\"upload.php\">Try It Again!</a></b></center>");
}
unlink($uploadfile);
?>
The code sucessfully copies the file, but produces this SQL error:
Error adding submitted entry: parse error near 'SET uploadname='Auto', uploadformat='txt', description='TEST'' at line 1
I notice the two single quotes at the end there, but don't see where they're coming from.
Any help would be highly appreciated. Like I said: I'm sorry if I'm dumping on you guys. I know I can figure this out, but am in a major rush.
Thanks so much! :)
-
I doubt its the problem but try adding a space before and after the = sign also
you know on an uploaed file you have access to three vars automatically one is
$uploadfile_name //which is the name of the file
$uploadfile_type //which is the type of file
$uploadfile_size //which is the size.
It seems to me you are causing a lot of extra work for yourslef and the user. I suspect you were tryingt o echo $uploadfile and you were getting the name assigned by tyhe system and that is why you are having the userf ill out extra inforamtion
-
I don't understand the part about the file uploading, but I am sure that the lack of space around the equals signs cannot be the problem - I've used that format the whole time I've done any kind of work with PHP/SQL...
-
you have a file field in your form named uploadfile
when you submit your form php assigns a temp name to it and stores it in a temp location.
At the same time there are three new variables available to you.
Since we used the name uploadfile in our form then
$uploadfile_name would be the actual name of the file something like someimage.gif
$uploadfile_type would be image/gif
$uploadfile_size would be the size of the file.
So you can copy the file like so
copy($uploadfile, "../files/".$uploadfile_name)
I have never had much luck with using the whole SET in the INSERT query but thats me and others have said that it works great. I always just use INSERT into tablename VALUES ('', '', '');
-
Hi,
I would first make sure that you have the correct table name (case sensitive), and column names.
I looked over the code several times and I didn't notice any errors, but it is probably there somewhere.
Chris Roane
-
Oh, I see. Good point. Thanks for the efficiency lesson (tons of ways to do things, and I rarely find the best one. :D).
Anyone have any idea on what's up with the error message?
-
I don't know if it can be a problem with table/column names, since it called the problem a "Parse Error" - to me that implies an invalid character, but I don't see one! :(
-
So why not just change your query a bit to read
$sql = sprintf("INSERT into files set uploadname = '%s', description = '%s'", $uploadfile_name, $description);
then print $sql like so to see where the error exactly is
print $sql;
instead of
$sql = "INSERT INTO files SET " .
"uploadname='$uploadname', " .
"uploadformat='$uploadformat', " .
"description='$description'";
-
Yeah, your right, Chris....but I didn't see any errors so I thought that could be a reason. Probably isn't that because it would have said "Table Name "whatever" couldn't be found".
Chris Roane
