Hi I'm a rookie at mysql with PHP and would like some help.
I have a file upload script that upload files to a specific directory, but I want to store my file name as the ID field since its auto_increment in the database
My current code is as follow
<?php
####################################################################
# File Upload Form 1.1
####################################################################
#
####################################################################
####################################################################
# SETTINGS START
####################################################################
define('DESTINATION_FOLDER','/www/zubrag/tmp/');
define('MAX_FILE_SIZE', 0);
define('SUCCESS_URL','http://www.example.com/upload-success.html');
$exts = array();
define('RENAME_FILE', true);
define('APPEND_STRING', '');
define('DO_LOG', true);
define('DB_HOST','localhost');
define('DB_DATABASE','mydb');
define('DB_USERNAME','myusername');
define('DB_PASSWORD','password-here');
####################################################################
### END OF SETTINGS. DO NOT CHANGE BELOW
####################################################################
@set_time_limit(172800);
function showUploadForm($message='') {
$max_file_size_tag = '';
if (MAX_FILE_SIZE > 0) {
$max_file_size_tag = "<input name='MAX_FILE_SIZE' value='".(MAX_FILE_SIZE*1024)."' type='hidden' >\n";
}
include ('file-upload.html');
}
$errors = array();
$message = '';
$ini_maxsize = ini_get('upload_max_filesize');
if (!is_numeric($ini_maxsize)) {
if (strpos($ini_maxsize, 'M') !== false)
$ini_maxsize = intval($ini_maxsize)*1024*1024;
elseif (strpos($ini_maxsize, 'K') !== false)
$ini_maxsize = intval($ini_maxsize)*1024;
elseif (strpos($ini_maxsize, 'G') !== false)
$ini_maxsize = intval($ini_maxsize)*1024*1024*1024;
}
if ($ini_maxsize < MAX_FILE_SIZE*1024) {
$errors[] = "Alert! Maximum upload file size in php.ini (upload_max_filesize) is less than script's MAX_FILE_SIZE";
}
if (!isset($_POST['submit'])) {
showUploadForm(join('',$errors));
}
else {
while(true) {
if (!@file_exists(DESTINATION_FOLDER)) {
$errors[] = "Destination folder does not exist or no permissions to see it.";
break;
}
$error_code = $_FILES['filename']['error'];
if ($error_code != UPLOAD_ERR_OK) {
switch($error_code) {
case UPLOAD_ERR_INI_SIZE:
$errors[] = "File is too big (1).";
break;
case UPLOAD_ERR_FORM_SIZE:
$errors[] = "File is too big (2).";
break;
case UPLOAD_ERR_PARTIAL:
$errors[] = "Could not upload file (1).";
break;
case UPLOAD_ERR_NO_FILE:
$errors[] = "Could not upload file (2).";
break;
case UPLOAD_ERR_NO_TMP_DIR:
$errors[] = "Could not upload file (3).";
break;
case UPLOAD_ERR_CANT_WRITE:
$errors[] = "Could not upload file (4).";
break;
case 8:
$errors[] = "Could not upload file (5).";
break;
}
break;
}
$filename = @basename($_FILES['filename']['name']);
$tmp_filename = $_FILES['filename']['tmp_name'];
$file_ext = @strtolower(@strrchr($filename,"."));
if (@strpos($file_ext,'.') === false) {
$errors[] = "Suspicious file name or could not determine file extension.";
break;
}
$file_ext = @substr($file_ext, 1);
if (count($exts)) {
if (!@in_array($file_ext, $exts)) {
$errors[] = "Files of this type are not allowed for upload.";
break;
}
}
$dest_filename = $filename;
if (RENAME_FILE) {
$dest_filename = md5(uniqid(rand(), true)) . '.' . $file_ext;
}
$dest_filename = $dest_filename . APPEND_STRING;
$filesize = intval($_FILES["filename"]["size"]);
if (MAX_FILE_SIZE > 0 && MAX_FILE_SIZE*1024 < $filesize) {
$errors[] = "File is too big (3).";
break;
}
if (!@move_uploaded_file($tmp_filename , DESTINATION_FOLDER . $dest_filename)) {
$errors[] = "Could not upload file (6).";
break;
}
if (DO_LOG) {
$link = @mysql_connect(DB_HOST, DB_USERNAME, DB_PASSWORD);
if (!$link) {
$errors[] = "Could not connect to mysql.";
break;
}
$res = @mysql_select_db(DB_DATABASE, $link);
if (!$res) {
$errors[] = "Could not select database.";
break;
}
$m_ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']);
$m_size = $filesize;
$m_fname = mysql_real_escape_string($dest_filename);
$sql = "insert into _uploads_log (log_filename,log_size,log_ip) values ('$m_fname','$m_size','$m_ip')";
$res = @mysql_query($sql);
if (!$res) {
$errors[] = "Could not run query.";
break;
}
@mysql_free_result($res);
@mysql_close($link);
}
header('Location: ' . SUCCESS_URL);
die();
break;
}
$message = join('',$errors);
showUploadForm($message);
}
?>
I know I should change the lines
$dest_filename = $filename;
if (RENAME_FILE) {
$dest_filename = md5(uniqid(rand(), true)) . '.' . $file_ext;
and
if (!@move_uploaded_file($tmp_filename , DESTINATION_FOLDER . $dest_filename)) {
$errors[] = "Could not upload file (6).";
break;
Im not sure how to implement the changes to select from database and to implement it into here