Forums

Dear All,
I feel as though I am getting closer to my objective but the reality is that I am probably getting further away. I have created a custom form (code below), and added some php to the on submit before sending (again, code below). I also believe that I have the various form elements configured correctly i.e. email results-yes, form tag attachment-enctype... form method-post etc etc etc. When I test the form it appears to work correctly (see debug dump below) and all the 'posted' values are what I would expect. The problem is none of those values are getting saved to the database table, which leads me to the insert query - I just can't see the wood for the trees and having circumnavigated the planet at least 4 times I am now in despair.

TIA & Best Regards

Form Code

<table width="100%" border="0" cellspacing="0" cellpadding="0">
  <tr>
    <th colspan="3" scope="col">Annaveigh Delivery Note Upload Area</th>
  </tr>
  <tr>
    <td> </td>
    <td> </td>
    <td> </td>
  </tr>
  <tr>
    <td>Customer Name</td>
    <td>Reference ID</td>
    <td>Delivery Date</td>
  </tr>
  <tr>
    <td><input type="text" name="custname" id="custname" tabindex="10" /></td>
    <td><input type="text" name="delrefno" id="delrefno" tabindex="20" /></td>
  </tr>
  <tr>
    <td> </td>
    <td> </td>
    <td> </td>
  </tr>
  <tr>
    <td>Delivery Note No.</td>
    <td> </td>
    <td>File Upload</td>
  </tr>
  <tr>
    <td><input type="text" name="delnoteno" id="delnoteno" tabindex="40" /></td>
    <td> </td>
    <td><input type="file" name="uploaded_file" id="uploaded_file" tabindex="60" /></td>
  </tr>
  <tr>
    <td> </td>
    <td> </td>
    <td> </td>
  </tr>
  <tr>
    <td> </td>
    <td> </td>
    <td> </td>
  </tr>
  <tr>
    <td><input type="submit" name="submit" id="submit" value="Upload File" tabindex="70" /></td>
    <td><input type="reset" name="cancel" id="cancel" value="Cancel" /></td>
    <td> </td>
  </tr>
</table>

On Submit...

<?php
// Check if a file has been uploaded
if(isset($_FILES['uploaded_file'])) {
    // Make sure the file was sent without errors
    if($_FILES['uploaded_file']['error'] == 0) {
        // Connect to the database
        $dbLink = new mysqli('localhost', 'root', 'root', 'odt_db');
        if(mysqli_connect_errno()) {
            die("MySQL connection failed: ". mysqli_connect_error());
        }
 
        // Gather all required data
        $name = $dbLink->real_escape_string($_FILES['uploaded_file']['name']);
        $mime = $dbLink->real_escape_string($_FILES['uploaded_file']['type']);
        $data = $dbLink->real_escape_string(file_get_contents($_FILES  ['uploaded_file']['tmp_name']));
        $size = intval($_FILES['uploaded_file']['size']);
		$custname = $_POST['custname'];
		$delnoteno = $_POST['delnoteno'];
		$delrefno = $_POST['delrefno'];
 
        // Create the SQL query
        $query = '
            INSERT INTO `Annaveigh` (
                `filename`, `filemimetype`, `filesize`, `filedata`, `filecreated`, `custname`, `delnoteno`, `delrefno`)
            VALUES (
                '$name', '$mime', $size, '$data', NOW(), '$custname', '$delnoteno', '$delrefno'
            )';
 
        // Execute the query
        $result = $dbLink->query($query);
 
        // Check if it was successfull
        if($result) {
            echo '';
        }
        else {
            echo 'Error! Failed to insert the file'
               . "<pre>{$dbLink->error}</pre>";
        }
    }
    else {
        echo 'An error accured while the file was being uploaded. '
           . 'Error code: '. intval($_FILES['uploaded_file']['error']);
    }
 
    // Close the mysql connection
    $dbLink->close();
}
else {
    echo 'Error! A file was not sent!';
}
?>

Debug...
[attachment=0]Screen shot 2010-12-10 at 10.10.38.png[/attachment]

Update:
Ok, now I have managed to get the data into the table (schoolboy error - enable data storage=yes). But I still have the problem with inserting the raw data to the data field. When I look at the table it shows me that the filename is untitled.txt, the mime type is text/plain and the file size is 0. Compare that with the debug...[attachment=0]Screen shot 2010-12-10 at 10.45.05.png[/attachment] Which clearly shows that the file is a pdf, it has a size larger than 0 and the file name is PDF_002.pdf. Why are the other data fields getting the correct data sent to them yet the file contents etc are not? I really need this to work such that the file details, especially the 'contents' are saved to the database and not in a directory folder.

TIA & Best Regards

Chris

Chris,

I have no more idea about gettign this working than you have.

I notice that you may have a stray space after $_FILES in this line

$data = $dbLink->real_escape_string(file_get_contents($_FILES  ['uploaded_file']['tmp_name']));

That might cause a problem.

Bob

Hi Chris,
You've got a syntax error in your code as you define your SQL-query. When joining several strings into one, you have to use the string concatenator operator (.), and if you'd like to include ' into a string enclosed by ', you'll have to escape it using \.

Personally, I prefer using sprintf to separate the query-string from the inserted data (closest thing you'll get to a Prepared Statement in php).

//Define the query template...
$query = 'INSERT INTO `Annaveigh` (
  `filename`, `filemimetype`, `filesize`, `fieldata`, `fielcreated`, `custname`, `delnoteno`, `delrefno`
) VALUES (
  "%s", "%s", "%s", "%s", "%s", "%s", "%s", "%s"
)';

//insert the various values... Assuming you've already passed the data through mysql_real_escape.
$pst = sprintf($query,
  $name,
  $mime,
  $size,
  $data,
  'NOW()',
  $custname,
  $delnoteno,
  $delrefno
);

$result = $dbLink->query($query);

/Fredrik

Edit: Forgot to enclose the string values in the query with "", guess I've gotten too used with JDatabase->quote();
Could use \' instead of " though..