I am trying to build an upload component that saves the file information to a MySQL DB table. My first issue is that each time a user uploads a file, two entries are added to the database.
My next issue is that I was to grab an uploaded file and display it as a link for the user to click on to view in a new tab. Right now, the upload saves the file's server directory path. When I go to click on the file, I get an error message saying the directory path could not be found.
My biggest issue is the link problem to view the uploads. Then, if someone also has a suggestion for the double entry problem, that would also be appreciated.
My Code:
HTML: File upload feature - Successfully uploads all variables twice...
<form id="sgFileUpload" action='sg_addupload.php' target='hiddenFrame' method="POST" enctype="multipart/form-data">
<fieldset id='uploadBtnField'>
<input type="hidden" name="MAX_FILE_SIZE" value="50000000"/>
<input type='hidden' name='sgRef' id='sgRef' value='<?php echo $sgref ?>'>
<input type='file' name='searchFile' id='searchFile' multiple>
<input type='submit' name='startUpload' id='startUpload' value='Upload'>
</fieldset>
</form> <!-- End Form Input -->
My PHP: File upload to DB
if(isset($_POST['sgRef'])) {
$sgref=$_POST['sgRef'];
}
$fileName = $_FILES['searchFile']['name'];
$fSize = $_FILES['searchFile']['size'];
$fType = $_FILES['searchFile']['type'];
$target = "../bms/uploads/";
$fileTarget = $target.$fileName;
$tempFileName = $_FILES["searchFile"]["tmp_name"];
//$docType = $_POST['docType'];
$result = move_uploaded_file($tempFileName,$fileTarget);
if ($result) {
//run DB Connection code...
//Writes the information to the database
$sql="INSERT sg_uploads(sgref,file,type,size,content,doctype) VALUES('$sgref','$fileName','$fType','$fSize','$fileTarget','Other')";
$conn->query($sql);
if($conn->query($sql)) {
echo 'Your file <html><b><i>'.$fileName.'</i></b></html> has been successfully uploaded!';
} else {
//Gives an error if its not
echo "Sorry, there was a problem uploading your file.";
}
//Free the result variables.
$sql->free();
$result->free();
//Close the Database connection.
$conn->close();
}//End If Statement.
PHP CODE: To display links from DB (PHP CODE FOR RETRIEVAL IS SUCCESSFUL)
<?php
while ($row = $result->fetch_array()) {
echo "<tbody>";
echo "<tr>";
echo "<td>" . "<a href=".$row['content']."' >".$row['file']."</a>". "</td>";
echo "<br/>";
echo "<br/>";
}//end while.
echo "</tr>";
echo "</tbody>";
$filename = $row[0];
echo "<p></p>";
?>
All help is appreciated! Thank you!
NOTE: the 'file' column in the database is a datatype of 'blob'.
As I stated in comments:
The duplicate entries are caused by
$conn->query($sql); if($conn->query($sql))where there were two instances of
query()being used.You can just use the conditional statement and omit
$conn->query($sql);.For the path issue, this was also stated in comments that the folder's path wasn't properly indexed.
Footnotes:
You're presently open to an SQL injection. Best you use a prepared statement.