StackOverflow2013

Note that there are some explanatory texts on larger screens.

plurals

POAdding uploading to edit page
text
Body
copied!<p>I have been trying the whole week to get this too work but haven't had any luck thus far. I am building an employee system, being my first project I could really use your help.</p> <p>I have a database with a table called <code>ref_employees</code> with x amount of fields.</p> <p>I managed to get my hands on some source to edit the record and thought that my problem was solved. Although the source helped me to edit the records, the client needs more functionality by means of upload and storing functionality. I have edited the code accordingly but have 2 issues now. </p> <p>1) I had to add the upload form separate to the editing form because when the edits' update is clicked it clears the upload fields within the db even after adding echoing out the current values within the upload fields in the db.</p> <p>2) The uploads shows that it is uploading but is doesn't get saved in the specified directory. The permissions are set to 777, and the file names are not captured in the database in the relevant fields. I think it is because the upload function is in a separate page and not on the same page as the upload form. </p> <p>I need it to upload the file, store it in a directory and finally place the file name in the db where the warning fields are, but it needs to be captured under the record (employee) being edited.</p> <p>I am new to this and all help is appreciated.</p> <p>The edit page:</p> <pre><code> <?php include 'core/init.php'; protect_page(); include 'includes/overall/header.php'; error_reporting(1); ?> <?php /* EDIT.PHP Allows user to edit specific entry in database */ // creates the edit record form // since this form is used multiple times in this file, I have made it a function that is easily reusable function renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, $error) { ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>Edit Record</title> </head> <body> <div class="article"> <h1>Employee Details</h1> <?php // if there are any errors, display them if ($error != '') { echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>'; } ?> <form action="" method="post" enctype="multipart/form-data"> <input type="hidden" name="idnumber" value="<?php echo $idnumber; ?>"/> <div> <p>* Required</p> <p><strong>ID:</strong> <?php echo $idnumber; ?></p> <table cellpadding="5" cellspacing="5"> <tr> <td><strong>First Name: *</strong></td> <td><input type="text" name="firstname" value="<?php echo $firstname; ?>"/></td> </tr> <tr> <td><strong>Last Name: *</strong></td> <td> <input type="text" name="lastname" value="<?php echo $lastname; ?>"/></td> </tr> <tr> <td><strong>Department: *</strong> </td> <td> <input type="text" name="department" value="<?php echo $department; ?>"/></td> </tr> <tr> <td><strong>Manager/Superviser: *</strong></td> <td><input type="text" name="manager" value="<?php echo $manager; ?>"/></td> </tr> <tr> <td><strong>Start Date: *</strong></td> <td><input type="text" name="startdate" value="<?php echo $startdate; ?>"/></td> </tr> <tr> <td><input type="submit" name="submit" value="Submit" class="btn"></td> </tr> </table> </form> <tr> <td> <table cellpadding="5" cellspacing="0"> <form action="includes/add.php" method="post" enctype="multipart/form-data"> <input type="hidden" name="idnumber" value="<?php echo $idnumber; ?>"/> <th>Ad Warnings Documents</th> <tr> <td>Warning File 1</td> <td><input type="file" name="warning1" value="<?php echo $warning1;?>" /></td> </tr> <tr> <td>Warning File 2</td> <td><input type="file" name="warning2" value="<?php echo $warning2;?>" /></td> </tr> <tr> <td>Warning File 3</td> <td><input type="file" name="warning3" value="<?php echo $warning3;?>" /></td> </tr> <tr><td><input type="submit" name="submit" value="upload"></td></tr> </table> </td> <td></td> </tr> </table> </div> </body> </html> <?php } // check if the form has been submitted. If it has, process the form and save it to the database if (isset($_POST['submit'])) { // confirm that the 'id' value is a valid integer before getting the form data if (is_numeric($_POST['idnumber'])) { // get form data, making sure it is valid $idnumber = $_POST['idnumber']; $firstname = mysql_real_escape_string(htmlspecialchars($_POST['firstname'])); $lastname = mysql_real_escape_string(htmlspecialchars($_POST['lastname'])); $department = mysql_real_escape_string(htmlspecialchars($_POST['department'])); $manager = mysql_real_escape_string(htmlspecialchars($_POST['manager'])); $startdate = mysql_real_escape_string(htmlspecialchars($_POST['startdate'])); // check that firstname/lastname fields are both filled in if ($firstname == '' || $lastname == '') { // generate error message $error = 'ERROR: Please fill in all fields!'; //error, display form renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, $error); } else { // save the data to the database mysql_query("UPDATE ref_employees SET firstname='$firstname', lastname='$lastname', department='$department', manager='$manager', startdate='$startdate' WHERE idnumber='$idnumber'") or die(mysql_error()); // once saved, redirect back to the view page header("Location: employeelist.php"); } } else { // if the 'id' isn't valid, display an error echo 'Error!'; } } else // if the form hasn't been submitted, get the data from the db and display the form { // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0) if (isset($_GET['idnumber']) && is_numeric($_GET['idnumber']) && $_GET['idnumber'] > 0) { // query db $idnumber = $_GET['idnumber']; $result = mysql_query("SELECT * FROM ref_employees WHERE idnumber=$idnumber") or die(mysql_error()); $row = mysql_fetch_array($result); // check that the 'id' matches up with a row in the databse if($row) { // get data from db $firstname = $row['firstname']; $lastname = $row['lastname']; $department = $row['department']; $manager = $row['manager']; $startdate = $row['startdate']; $warning1 = $row['warning1']; $warning2 = $row['warning2']; $warning3 = $row['warning3']; // show form renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, ''); } else // if no match, display result { echo "No results!"; } } else // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error { echo 'Error!'; } } ?> <h1>Additional options</h1> </div> </code></pre> <p>The file upload source file add.php</p> <pre><code><?php include 'core/init.php'; protect_page(); include 'includes/overall/header.php'; error_reporting(1); ?> <?php //This is the directory where images will be saved $target = "files/empdocs"; $target1 = $target . basename( $_FILES['warning1']['name']); $target2 = $target . basename( $_FILES['warning2']['name']); $target3 = $target . basename( $_FILES['warning3']['name']); //This gets all the other information from the form $warning1=($_FILES['warning1']['name']); $warning2=($_FILES['warning2']['name']); $warning3=($_FILES['warning3']['name']); //Writes the information to the database mysql_query("INSERT INTO ref_employees VALUES ('$warning1', '$warning2', '$warning3')") ; //Writes the file to the server if (move_uploaded_file($_FILES['warning1']['tmp_name'], $target1) && move_uploaded_file($_FILES['warning2']['tmp_name'], $target2) && move_uploaded_file($_FILES['warning3']['tmp_name'], $target3)) { //Tells you if its all ok echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory"; } else { //Gives and error if its not echo "Sorry, there was a problem uploading your file."; } ?> </code></pre>

Querying!

Guidance

An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload