0

i have one problem with upload file +php+mysql+json+jquery post :( I dont't know make this :(. I Need your help for this, please.

I Have this code:

PHP CODE:

include ('conection.php');
$arr = json_decode($_POST['send'],true);
if ($_POST['send']>NULL){
mysql_query("INSERT INTO liciteiro.documentos(doc_id,doc_descricao,doc_url,doc_validade,fkclient_id) VALUES ('".$arr[0]['doc_id']."','".$arr[0]['doc_descricao']."','".$arr[0]['doc_url']."','".$arr[0]['doc_validade']."','".$arr[0]['fkclient_id']."')")or die(mysql_error());
}
else {
    die(mysql_error());
}

JQuery

$(function(){
    $("#send").click(function() {
    var json = $.parseJSON($("#json").val());
    var url2 = $("#url2").val();
            $.post(url2,{data:json},function(data){
        $('#status').html(data);
    });
    return false;
        });
        });

HTML

  <br />
  <br />
  <div id="geralform">
<div id="form1" class="send" onsubmit="return send();">
<div class="input-prepend input-append">
<span class="add-on"> URL:</span><input type="text" class="input-large"name="url2" id="url2" /></p>
</div>
<br />
<div class="input-prepend input-append"><span class="add-on">JSON:</span><textarea name="json" id="json" cols="45" rows="5" class="input-xlarge"></textarea><br />
<div class="input-prepend input-append" id="fileupload"><input name="file" id="file" type="file" class="input-xlarge"/></div>
<p><button type="submit" name="send" value="send" class="btn" id="send" />Send</button></div>
<p></p>
</div>
</div><br />

<hr />
<div class="input-prepend input-append"><span class="add-on">Retorno:</span>
<textarea name="status" id="status" class="input-xxlarge" cols="100" rows="4"></textarea>
</p>
</div>
</div>

I Have two problems i need register data in database and file upload text apper if i put in textfield URL this: include_documentos.php without this area don't apper.

Please help me.

I Need your help :(

Sorry my bad english, im from brazil, here don't have any good school of english :x.

user3033027
  • 13
  • 2
  • 6
  • You most likely have a SQLi in your PHP (mysql_* functions are now deprecated) ... It also doesn't appear as though you're working with all of the POST data, or sending the data with the correct field names. – Julio Dec 02 '13 at 19:46
  • Please, before you write **any** more SQL interfacing code, you must read up on [proper SQL escaping](http://bobby-tables.com/php) to avoid severe [SQL injection bugs](http://bobby-tables.com/). Also, `mysql_query` should not be used in new applications. It's a deprecated interface that's being removed from future versions of PHP. A modern replacement like [PDO is not hard to learn](http://net.tutsplus.com/tutorials/php/why-you-should-be-using-phps-pdo-for-database-access/). A guide like [PHP The Right Way](http://www.phptherightway.com/) will help you avoid making mistakes like this. – tadman Dec 02 '13 at 19:50
  • Louis thanks for attention, this system its ok, but its don't have upload files, i need this, function of upload files – user3033027 Dec 02 '13 at 19:51
  • tadman thanks for attention, I am using this function only for own testing on local server, but I need to learn it so that you can turn into pdo – user3033027 Dec 02 '13 at 19:53
  • You'll want to read the file being uploaded with the [FileReader API](https://developer.mozilla.org/en-US/docs/Web/API/FileReader), submit it to your server, then have your server compile the data into a document – Charlie Dec 02 '13 at 20:03
  • Charlie i can send files don't read, im send file to folder in server and register this in my database – user3033027 Dec 02 '13 at 20:08

2 Answers2

0

First of all your die(mysql_error()); in the else-block doesn't realy make sense because the if-condition has nothing to do with mysql.

Secondly you have to escape the variable parts in your sql-query, at least if its a publicly accessible project.

And to answer your question now,... you cannot send files via javascript only. You will need a HTML5-capable browser. This should help you: How can I upload files asynchronously?

Community
  • 1
  • 1
Markus Kottländer
  • 8,228
  • 4
  • 37
  • 61
  • My mysql_error is temporary, im test in other files this command, i have ctrl+c ctrl+v for this file, because this i use mysql_error :P – user3033027 Dec 02 '13 at 20:07
0

The best solution I've found so far would be the Jquery Form Plugin.

Hope this helps.

Rwd
  • 34,180
  • 6
  • 64
  • 78