I'm having a form where users can add some information and also have the option to add images and PDF files. I only want to execute the insert query when there is a file selected. When there are no files selected the query shouldn't be executed. I did read the $_FILES Error Messages documentation, read this question and answer and I tried multiple if-statements like:
if($_FILES["files"]["size"] > 0) {
}
if($_FILES["files"]["size"] != 0) {
}
if($_FILES["files"]["error"] != 4) {
}
But when I use for example (if files error is not 4, which means there is no file uploaded):
if($_FILES["files"]["error"] != 4) {
//execute insert query
}
it doesn't execute the query. When I am using other if-statements it inserts an empty query. I am doing something wrong but I don't know what. I have to check if the size of the file is bigger than 0 or check if there is no file uploaded (error 4). But nothing seems to work. Can someone explain to me what I'm doing wrong? This is my whole code:
Form:
<form action="php/maak-sectie.php" method="post" id="sectieForm" class="form-horizontal" enctype="multipart/form-data">
<div class="row">
<div class="form-group col-md-4">
<select name="pagina_id" id="pagina_id" class="form-control form-control-lg">
<option value="pagina_id" disabled selected>Pagina</option>
<?php
$sql = "SELECT naam FROM pagina_id";
$result = mysqli_query($db, $sql);
while ( $row=mysqli_fetch_assoc($result)) {
echo "<option value ='" . $row['naam'] . "'>".$row['naam']."</option>";
}
?>
</select>
</div>
<div class="form-group col-md-4">
<input type="text" class="form-control form-control-lg" id="opdrachtnaam" name="opdrachtnaam" placeholder="Naam opdracht">
</div>
<div class="form-group col-md-4">
<select name="sprint" id="sprint" class="form-control form-control-lg">
<option value="sprint" disabled selected>Sprint</option>
<option value="1">1</option>
<option value="2">2</option>
<option value="3">3</option>
<option value="4">4</option>
<option value="5">5</option>
</select>
</div>
</div>
<div class="row">
<div class="form-group col-md-6">
<input type="text" class="form-control form-control-lg" id="title" name="title" placeholder="Titel">
</div>
<div class="form-group col-md-6">
<input type="text" class="form-control form-control-lg" id="sub_title" name="sub-title" placeholder="Sub titel">
</div>
</div>
<div class="row">
<div class="form-group col-md-12">
<textarea class="form-control form-control-lg" rows="5" id="body" name="body" placeholder="Tekst"></textarea>
</div>
</div>
<div class="row">
<div class="form-group col-md-6">
<label for="images">Afbeelding(en)</label>
<input type="file" class="form-control-file" accept="image/*" name="images[]" multiple="multiple" id="images">
</div>
<div class="form-group col-md-6">
<label for="files">Bewijslast</label>
<input type="file" class="form-control-file" accept="application/pdf" name="files[]" multiple="multiple" id="files">
</div>
</div>
<button type="submit" class="btn btn-dark" name="maak-sectie">Opslaan</button>
</form>
PHP file:
<?php
require 'database-connection.php';
if (isset($_POST["maak-sectie"])) {
$pagina_id = mysqli_real_escape_string($db, $_POST['pagina_id']);
$opdrachtnaam = mysqli_real_escape_string($db, $_POST['opdrachtnaam']);
$sprint = mysqli_real_escape_string($db, $_POST['sprint']);
$sectie_id = md5($opdrachtnaam);
$titel = mysqli_real_escape_string($db, $_POST['title']);
$sub_title = mysqli_real_escape_string($db, $_POST['sub-title']);
$body = mysqli_real_escape_string($db, $_POST['body']);
if($_FILES["files"]["error"] != 4) {
foreach ($_FILES['files']['tmp_name'] as $key => $tmp_name ){
$file_name = $key.$_FILES['files']['name'][$key];
$file_size = $_FILES['files']['size'][$key];
$file_tmp = $_FILES['files']['tmp_name'][$key];
$file_type= $_FILES['files']['type'][$key];
$file_dir = "uploads/".$file_name;
$final_file_dir = "php/uploads/".$file_name;
$sql= "INSERT INTO files (pagina_id, sectie_id, file_name, file_path, file_type) VALUES ('$pagina_id', '$sectie_id', '$file_name', '$final_file_dir', '$file_type')";
mysqli_query($db, $sql);
move_uploaded_file($file_tmp, $file_dir);
}
}
if($_FILES["images"]["error"] != 4) {
foreach ($_FILES['images']['tmp_name'] as $keys => $tmp_names) {
$img_name = $keys.$_FILES['images']['name'][$keys];
$img_size = $_FILES['images']['size'][$keys];
$img_tmp = $_FILES['images']['tmp_name'][$keys];
$img_type= $_FILES['images']['type'][$keys];
$img_dir = "uploads/".$img_name;
$img_file_dir = "php/uploads/".$img_name;
$sql2 = "INSERT INTO files (pagina_id, sectie_id, file_name, file_path, file_type) VALUES ('$pagina_id', '$sectie_id', '$img_name', '$img_file_dir', '$img_type')";
mysqli_query($db, $sql2);
move_uploaded_file($img_tmp, $img_dir);
}
}
$sql = "INSERT INTO sectie (sectie_id, pagina_id, sprint, titel, sub_titel, body, opdrachtnaam) VALUES ('$sectie_id', '$pagina_id', '$sprint', '$titel', '$sub_title', '$body', '$opdrachtnaam')";
mysqli_query($db, $sql);
header('Location: ' . $_SERVER['HTTP_REFERER']);
}
?>
