Forums
This topic is locked
İnsert record and file upload
Posted 20 May 2007 12:30:00
1
has voted
20 May 2007 12:30:00 mestan atalay posted:
hi all.I'm from turkey.I Know a little english.let me ask immediately <img src=../images/fwzone/forum/icon_smile.gif border=0 align=middle>
site/odev.php from the page.I am sending the form.and sending links site/odev.php? is becoming.And the page isn't found.but ,the record is built to the database.and file is being sent.I could not find the problem.
odev.php code this:
<?php
// ---------------------------------------------
// Pure PHP Upload version 1.1
// -------------------------------------------
if (phpversion() > "4.0.6" {
$HTTP_POST_FILES = &$_FILES;
}
define("MAX_SIZE",0);
define("DESTINATION_FOLDER", "./odevler"
define("no_error", ""
define("yes_error", ""
$_accepted_extensions_ = "";
if(strlen($_accepted_extensions_) > 0){
$_accepted_extensions_ = @explode(",",$_accepted_extensions_);
} else {
$_accepted_extensions_ = array();
}
/* modify */
if(!empty($HTTP_POST_FILES['filem'])){
if(is_uploaded_file($HTTP_POST_FILES['filem']['tmp_name']) && $HTTP_POST_FILES['filem']['error'] == 0){
$_file_ = $HTTP_POST_FILES['filem'];
$errStr = "";
$_name_ = $_file_['name'];
$_type_ = $_file_['type'];
$_tmp_name_ = $_file_['tmp_name'];
$_size_ = $_file_['size'];
if($_size_ > MAX_SIZE && MAX_SIZE > 0){
$errStr = "File troppo pesante";
}
$_ext_ = explode(".", $_name_);
$_ext_ = strtolower($_ext_[count($_ext_)-1]);
if(!in_array($_ext_, $_accepted_extensions_) && count($_accepted_extensions_) > 0){
$errStr = "Estensione non valida";
}
if(!is_dir(DESTINATION_FOLDER) && is_writeable(DESTINATION_FOLDER)){
$errStr = "Cartella di destinazione non valida";
}
if(empty($errStr)){
if(@copy($_tmp_name_,DESTINATION_FOLDER . "/" . $_name_)){
header("Location: " . no_error);
} else {
header("Location: " . yes_error);
}
} else {
header("Location: " . yes_error);
}
}
}
?>
<?php require_once('Connections/asd.php'); ?>
<?php
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = ""
{
$theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType) {
case "text":
$theValue = ($theValue != "" ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "" ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "" ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "" ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "" ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1") {
$insertSQL = sprintf("INSERT INTO kpro_odev (numara, adisaoyadi, dosya) VALUES (%s, %s)",
GetSQLValueString($_POST['textfield'], "text",
GetSQLValueString($_POST['textfield2'], "text",
GetSQLValueString($_name_, "text");
mysql_select_db($database_asd, $asd);
$Result1 = mysql_query($insertSQL, $asd) or die(mysql_error());
$insertGoTo = "okey.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
?>
</head>
<body>
<form action="<?php echo $editFormAction; ?>" method="POST" enctype="multipart/form-data" name="form1" target="_blank">
<p>
<input type="text" name="textfield">
</p>
<p>
<input type="text" name="textfield2">
</p>
<p>
<input name="filem" type="file" id="filem">
</p>
<p>
<input type="submit" name="Submit" value="Submit">
</p>
<input type="hidden" name="MM_insert" value="form1">
</form>
</body>
</html>