1

I am Working on a simple project based software where user will add a project by uploading some files and details. So i used a form with 4 different named file input. User may upload any of them. Then i check all those 4 input in next page with 4 different if statement. But problem is its only work with last if statement. No error, No Log is showing and 4th File is uploading and data inserted into database as its described in 4th if statement.

I Check https://stackoverflow.com/questions/linked/2704314?sort=hot&page=1 for my relevant problem, i found most of question are referred to Multiple file upload in php But this is not helping in my case.I tried foreach loop for multiple upload, its work. But its not working in my case because i need to rename each uploaded file with last id from a specific table from Mysql and also input that name into Mysql database then.

Here is code i used in form :

    echo'<form method="post" action="?page=add3&id='.$last_id.'"  enctype="multipart/form-data"><div class="form-group">     
<label for="audio">Upload Audio Documents:</label> 
<input type="file" class="form-control" id="audio" name="audio">
<label for="video">Upload Video Documents:</label>
<input type="file" class="form-control" id="video" name="video">
<label for="promote">Upload Promotion Documents:</label> 
<input type="file" class="form-control" id="promote" name="promote">
<label for="sponser">Upload Sponser Documents:</label>
<input type="file" class="form-control" id="sponser" name="sponser">
</div><button type="submit" class="btn btn-primary">Submit</button> <br/><br/><br/>
</form>';

Here is code i used in add3 page:

 //////audio/////
if (($_FILES["audio"]["size"] > 0) && ($_FILES["audio"]["size"] < 10*MB))
    {if ($_FILES["audio"]["error"] > 0) {echo "Erro: " . $_FILES["audio"]["error"] . "<br>";} else {
    if (!file_exists("storage/document/" . $_FILES["audio"]["name"])) {            
    $sql = "SELECT id FROM document ORDER BY id DESC LIMIT 1";
    $result = $conn->query($sql);
    if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) 
     {
       $nid= $row["id"];
       $nid2 = $nid+1;
       $temp = explode(".", $_FILES["audio"]["name"]);
       $name = $_FILES["audio"]["name"];
       $newfilename = $nid2 . '.' . end($temp);
       move_uploaded_file($_FILES["audio"]["tmp_name"], "storage/document/" . $newfilename);          
       $sql = "INSERT INTO document (name, link, pid, cid) VALUES ('$name', '$newfilename', '$id', 1)";
       if ($conn->query($sql) === TRUE) { echo "<center><h2>Audio Documents successfully Uploaded.</h2>";   } 
       else { echo "Error: " . $sql . "<br>" . $conn->error; }
     }}}}}
//////audio end/////
//////video/////
if (($_FILES["video"]["size"] > 0) && ($_FILES["video"]["size"] < 10*MB))
    {if ($_FILES["video"]["error"] > 0) {echo "Erro: " . $_FILES["video"]["error"] . "<br>";} else {
    if (!file_exists("storage/document/" . $_FILES["video"]["name"])) {            
       $lid = $conn->insert_id;
       $nid = $lid+1;
       $temp = explode(".", $_FILES["video"]["name"]);
       $name = $_FILES["video"]["name"];
       $newfilename = $nid . '.' . end($temp);
       move_uploaded_file($_FILES["video"]["tmp_name"], "storage/document/" . $newfilename);          
       $sql = "INSERT INTO document (name, link, pid, cid) VALUES ('$name', '$newfilename', '$id', 2)";
       if ($conn->query($sql) === TRUE) { echo "<center><h2>video Documents successfully Uploaded.</h2>";   } 
       else { echo "Error: " . $sql . "<br>" . $conn->error; }
     }}}
//////video end/////
/////promote///////     
if (($_FILES["promote"]["size"] > 0) && ($_FILES["promote"]["size"] < 10*MB))
    {if ($_FILES["promote"]["error"] > 0) {echo "Erro: " . $_FILES["promote"]["error"] . "<br>";} else {
    if (!file_exists("storage/document/" . $_FILES["promote"]["name"])) {            
       $lid = $conn->insert_id;
       $nid = $lid+1;
       $temp = explode(".", $_FILES["promote"]["name"]);
       $name = $_FILES["promote"]["name"];
       $newfilename = $nid . '.' . end($temp);
       move_uploaded_file($_FILES["promote"]["tmp_name"], "storage/document/" . $newfilename);          
       $sql = "INSERT INTO document (name, link, pid, cid) VALUES ('$name', '$newfilename', '$id', 3)";
       if ($conn->query($sql) === TRUE) { echo "<center><h2>Promotion Documents successfully Uploaded.</h2>";   } 
       else { echo "Error: " . $sql . "<br>" . $conn->error; }
     }}}
//////promote end/////
/////sponser///////     
if (($_FILES["sponser"]["size"] > 0) && ($_FILES["sponser"]["size"] < 10*MB))
    {if ($_FILES["sponser"]["error"] > 0) {echo "Erro: " . $_FILES["sponser"]["error"] . "<br>";} else {
    if (!file_exists("storage/document/" . $_FILES["sponser"]["name"])) {            
       $lid = $conn->insert_id;
       $nid = $lid+1;
       $temp = explode(".", $_FILES["sponser"]["name"]);
       $name = $_FILES["sponser"]["name"];
       $newfilename = $nid . '.' . end($temp);
       move_uploaded_file($_FILES["sponser"]["tmp_name"], "storage/document/" . $newfilename);          
       $sql = "INSERT INTO document (name, link, pid, cid) VALUES ('$name', '$newfilename', '$id', 4)";
       if ($conn->query($sql) === TRUE) { echo "<center><h2>Sponser Documents successfully Uploaded.</h2>";   } 
       else { echo "Error: " . $sql . "<br>" . $conn->error; }
     }}}
//////sponser end/////

I expect the output of 4 valid input file to be 4 successful message, but the actual output is only the last one.

Shaju
  • 192
  • 1
  • 13
  • 1
    As your last one does seem to work, I would start by making sure the files are there. I suggest you add in a `print_r($_FILES);` on top to see what files are found by PHP from your upload and what errors they might contain. If the files are there, rule out your if/else. You might want to add temporary `echo` statements for that, where all your `}}}` are ending. Let me know what you find in there! – ArendE Jul 14 '19 at 00:30
  • There must be dozens of tutorials on this kind of thing out there; I can't help feeling that some will be more elegant (and more secure) than this – Strawberry Jul 14 '19 at 05:25
  • @Dharman I know that very well. i will secure my codes once i build the app completely. Thanks for Consideration. – Shaju Jul 14 '19 at 14:38
  • @Strawberry I searched google, webmaster forum,stackoverflow for 3days continuously before ask here.Because i dont want to get down vote. But unfortunately i didn't find exact code idea for my requirement. Perhaps there might be some tutorials which is similar to my requirement. – Shaju Jul 14 '19 at 14:43
  • Why would you want to do it twice? If this code is broken because of SQL injection, the fix is to rewrite it. If you do it earlier then less work for you. It might even help you solve your problem. Remember that SQL injection is a bug, and your current SQL is broken. – Dharman Jul 14 '19 at 15:02
  • @Dharman I am Here is facing actually file proccesing problem not SQL much.So SQL injection is not headache here. You should read my question again to understand the situation. – Shaju Jul 14 '19 at 15:07
  • @ArendE Your Print Idea Help me Little Bit. While i print all files, i found all files are processed succesfully, but you can see in my logic that files should be more then 0 in size. so when i tried 3 blank txt file to upload,its only successful for the file more then 0 in size. So when i tried to upload files with more then 0 bytes, its showing my code are OK. see `$_FILES["audio"]["size"] > 0` – Shaju Jul 14 '19 at 15:46

0 Answers0