Location: PHPKode > projects > PHP MySQL Address Book > addressbook/uploader/upload.processor.php
<?php  

// filename: upload.processor.php

// first let's set some variables

// make a note of the current working directory, relative to root.
$directory_self = ".";//str_replace(basename($_SERVER['PHP_SELF']), '', $_SERVER['PHP_SELF']);

// make a note of the directory that will recieve the uploaded files
$uploadsDirectory = "../uploads/";//$_SERVER['DOCUMENT_ROOT'] . $directory_self . 'uploaded_files/';

// make a note of the location of the upload form in case we need it
$uploadForm = "upload.form.php"; //'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.form.php';

// make a note of the location of the success page
//$uploadSuccess = 'http://' . $_SERVER['HTTP_HOST'] . $directory_self . 'upload.success.php';

// name of the fieldname used for the file in the HTML form
$fieldname = 'file';



// Now let's deal with the upload

// possible PHP upload errors
$errors = array(1 => 'php.ini max file size exceeded', 
                2 => 'html form max file size exceeded', 
                3 => 'file upload was only partial', 
                4 => 'no file was attached');

// check the upload form was actually submitted else print form
/*isset($_POST['submit'])
	or error('the upload form is neaded', $uploadForm);
*/
// check for standard uploading errors
($_FILES[$fieldname]['error'] == 0)
	or error($errors[$_FILES[$fieldname]['error']], $uploadForm."?ID=".$_GET['ID']);
	
// check that the file we are working on really was an HTTP upload
@is_uploaded_file($_FILES[$fieldname]['tmp_name'])
	or error('not an HTTP upload', $uploadForm);
	
// validation... since this is an image upload script we 
// should run a check to make sure the upload is an image
@getimagesize($_FILES[$fieldname]['tmp_name'])
	or error('Only image uploads are allowed', $uploadForm);
	
// make a unique filename for the uploaded file and check it is 
// not taken... if it is keep trying until we find a vacant one
$now = time();
$tmpo=str_replace(",","",$_FILES[$fieldname]['name']);
$tmpo=str_replace(" ","_",$tmpo);


$uploadFilename = $uploadsDirectory. $_GET['ID']."_".$_FILES[$fieldname]['name'];
/*
while(file_exists($uploadFilename = $uploadsDirectory. $_GET['ID']."_".$_FILES[$fieldname]['name']))
//while(file_exists($uploadFilename = $uploadsDirectory.$now.'-'.$_FILES[$fieldname]['name']))

{
	$now++;
}
*/
// now let's move the file to its final and allocate it with the new filename
$uploadFilename=str_replace(",","",$uploadFilename);
$uploadFilename=str_replace(" ","_",$uploadFilename);
if (file_exists($uploadFilename)) {
        echo "<h1><center> File>> ".$_FILES[$fieldname]['name']."</h1></center><br><center><h2>Already Exists,If you are sure its not duplicate,Rename it and try again </h2></center> <a href='upload.form.php?ID=".$_GET['ID']."&a=".$_GET['a']."'> Click Here To Go Back</a>";
	//	header("Refresh: 5; upload.form.php?ID=".$_GET['ID']."&a=".$_GET['a']);
		exit;
//		header('Location: upload.form.php?ID='.$IDD);
    } 
@move_uploaded_file($_FILES[$fieldname]['tmp_name'], $uploadFilename)
	or error('receiving directory insuffiecient permission', $uploadForm);
//	echo $_FILES[$fieldname]['name'];
// If you got this far, everything has worked and the file has been successfully saved.
// We are now going to redirect the client to the success page.
/// Starting SQL INSERT

if(! isset($_SESSION['sectors'])){
    session_start();
   // include("conf/conf.php");
//    $dbConf = new AAConf();
/*    $databaseURL = 'localhost';//$dbConf->get_databaseURL();
    $databaseUName = 'root';//$dbConf->get_databaseUName();
    $databasePWord = '';//$dbConf->get_databasePWord();
    $databaseName = 'addrnew';//$dbConf->get_databaseName();
  */
  
  include '../library/config.php';
//    $dbConf = new AAConf();
    $databaseURL =$dbhost;// 'localhost';//$dbConf->get_databaseURL();
    $databaseUName = $dbuser;//'root';//$dbConf->get_databaseUName();
    $databasePWord = $dbpass;//'';//$dbConf->get_databasePWord();
    $databaseName = $dbname;// 'addrnew';//$dbConf->get_databaseName();      
        //Set DB Info. in-session
  /*  $_SESSION['databaseURL']=$databaseURL; 
    $_SESSION['databaseUName']=$databaseUName; 
    $_SESSION['databasePWord']=$databasePWord; 
    $_SESSION['databaseName']=$databaseName;

*/

    $connection = mysql_connect($databaseURL,$databaseUName,$databasePWord);
	if (!$connection)
  {
  die('Could not connect: ' . mysql_error());
  }
        // or die ("Error while connecting to localhost");
    $db = mysql_select_db($databaseName,$connection);
        //or die ("Error while connecting to database");
/*$sql="Select `imagename` from contacts WHERE id=".$_GET['ID'];
mysql_query("SET NAMES 'utf8'");
mysql_query('SET CHARACTER SET utf8'); 
if (!mysql_query($sql,$connection))
  {
  die('Error: ' . mysql_error());
  }
$result = mysql_query($sql);
$row = mysql_fetch_array($result, MYSQL_ASSOC);
if (trim($row['imagename'])!=="")
{
$imgname=trim($row['imagename']).",".trim($_GET['ID']."_".$tmpo);
}
else
{
$imgname=trim($_GET['ID']."_".$tmpo);
}


//   $sql="INSERT INTO tblautopsy (`Species`,`Reference Number`,`Stocklist No`,`AutopsyDate`,`Autopsy Report`,`Final Conclusion`) VALUES ('$_POST[stklstno]','$_POST[refno]','$_POST[stklstno]','$_POST[adate]','$_POST[areport]','$_POST[fconclusion]')";
 
$sql="UPDATE contacts SET `imagename`='". $imgname."' WHERE id=".$_GET['ID'];
*/
$sql="insert into  `tblimages` (`ID`,`imagename`,`imagedesc`) values ('".$_GET['ID']."','".$_GET['ID']."_".$tmpo."','".trim($_POST[imagedesc])."')";
mysql_query("SET NAMES 'utf8'");
mysql_query('SET CHARACTER SET utf8'); 
if (!mysql_query($sql,$connection))
  {
  die('Error: ' . mysql_error());
  }
//echo "1 record added";

 
//echo "<br>".$_GET['a']."<br>";

/*

  if ($_GET['a']=='0')
  {
			  if ($_POST[addrid]==0)
			  {
				$IDD=mysql_insert_id(); 
			  }
			  else
			  {
				$IDD=$_POST[addrid];
			  }
   mysql_close($connection);*/
/*   
//echo "<br>IDD = ".$IDD."wen a=".$_GET['a']."<br>";
//echo "1 record added don wen get is 0";*/

if ($_GET['a']=='d')
{
	header('Location: ../dtaildwabraaddressbook.php?ID='.$_GET['ID']);
}
else if ($_GET['a']=='s')
{
 	header('Location: ../wabraaddressbook.php?ID='.$_GET['ID']);
}
}
/// Ending of SQL Insert





//header('Location: ' . $uploadSuccess);

// make an error handler which will be used if the upload fails
function error($error, $location, $seconds = 5)
{
	header("Refresh: $seconds; URL=\"$location\"");
	echo '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN"'."\n".
	'"http://www.w3.org/TR/html4/strict.dtd">'."\n\n".
	'<html lang="en">'."\n".
	'	<head>'."\n".
	'		<meta http-equiv="content-type" content="text/html; charset=utf-8">'."\n\n".
	'		<link rel="stylesheet" type="text/css" href="stylesheet.css">'."\n\n".
	'	<title>Upload error</title>'."\n\n".
	'	</head>'."\n\n".
	'	<body>'."\n\n".
	'	<div id="Upload">'."\n\n".
	'		<h1>Upload failure</h1>'."\n\n".
	'		<p>An error has occured: '."\n\n".
	'		<span class="red">' . $error . '...</span>'."\n\n".
	'	 	The upload form is reloading</p>'."\n\n".
	'	 </div>'."\n\n".
	'</html>';
	exit;
} // end error handler

?>
Return current item: PHP MySQL Address Book