View Full Version : Capturing image name from html form and uploading image file to folder on server.

02-04-2007, 11:48 PM
Hey everybody,

I have a problem, Im working on some backend coding and I've run into a problem. I have an html form that adds properties to a database. Everything works fine except that i can't figure out how to get an image uploaded to a folder on the server plus add the file name to the database, so i that i can use that file name later to dynamically pull that image into the website. Any help would be great. Also as a side note I'm using dreamweaver to develop this. any help would be greatly appreciated.

Thanks in advance

02-05-2007, 03:21 AM
Dreamweaver can't handle this sort of thing; it's too simplistic. Even a DW extension for image uploads can't do what you want. All the information for each uploaded image is contained in the $_FILES[] array. After the file has uploaded, you want to do an INSERT query to your db.table using $_FILES['userfile']['name']. Of course 'userfile' is the input field name and the value returned from ['name'] in the associative array will be the original name from the user's computer.

Ref: http://au.php.net/manual/en/features.file-upload.php#features.file-upload.post-method

02-05-2007, 07:57 PM
Thanks for the info meth

i will take a look at this, if i run into any problems or don't grasp it, would it be alright to ask you again?

02-05-2007, 09:51 PM
I have a php front end that lets people upload a file to a blob field in my database, as well as the name type etc....
You will have to modify it to upload to a folder on your webserver but the filename being stored into the database shoudl be similar.

$date = $_POST['date'];
$nickname = $_POST['nickname'];
$email = $_POST['email'];
$phnum = $_POST['phnum'];
$firstname = $_POST['firstname'];
$lastname = $_POST['lastname'];
$fishtype = $_POST['fishtype'];
$fishlength = $_POST['fishlength'];
$fishtypetr = $_POST['fishtype'];
$fileName = $_FILES['picture']['name'];
$tmpName = $_FILES['picture']['tmp_name'];
$fileSize = $_FILES['picture']['size'];
$fileType = $_FILES['picture']['type'];

//echo "TESTING";
$fp = fopen($tmpName, 'r');
echo $fp;
$content = fread($fp, $fileSize);
$content = addslashes($content);
//echo 'Name= ' . $fileName;
//echo 'TmpName = ' . $tmpName;
//echo 'Size = ' . $fileSize;
//echo 'Type= ' . $fileType;

$sql = "INSERT INTO 2007ice (date, nickname,email, phnum,
firstname, lastname, fishtype,
fishlength, filename,
filesize, filetype, bin_data)
VALUES ('$date', '$nickname', '$email','$phnum',
'$firstname', '$lastname', '$fishtypetr',
'$fishlength', '$fileName', '$fileSize',
'$fileType', '$content')";

echo "Thank You, your fish has been submitted!!!<br />\n";
// echo "query error!<br />\n";
// echo "The query you attempted to run is:<br />\n";
// echo $sql."<br />\n";
// echo "The error text provided by MySql is:<br />\n";
// $id= mysql_insert_id();
echo "<p>This file has the following Database ID: <b>$id</b>";

02-06-2007, 01:16 AM

Thanks for the code snippet, i will try that out also.

02-07-2007, 06:19 AM
I was able to insert the name of the file into the database, but im not able to upload that image to a folder. I can get the image upload to work if i put the image upload script in its own php file, but if i add it to the current script that i have for the insert record it wont upload the image. im not sure if im adding it to the current code correctly. any help would be great. below is my code. The image upload code is twards the bottom. Thanks in advance.

if (!isset($_SESSION)) {
$MM_authorizedUsers = "";
$MM_donotCheckaccess = "true";

// *** Restrict Access To Page: Grant or deny access to this page
function isAuthorized($strUsers, $strGroups, $UserName, $UserGroup) {
// For security, start by assuming the visitor is NOT authorized.
$isValid = False;

// When a visitor has logged into this site, the Session variable MM_Username set equal to their username.
// Therefore, we know that a user is NOT logged in if that Session variable is blank.
if (!empty($UserName)) {
// Besides being logged in, you may restrict access to only certain users based on an ID established when they login.
// Parse the strings into arrays.
$arrUsers = Explode(",", $strUsers);
$arrGroups = Explode(",", $strGroups);
if (in_array($UserName, $arrUsers)) {
$isValid = true;
// Or, you may restrict access to only certain users based on their username.
if (in_array($UserGroup, $arrGroups)) {
$isValid = true;
if (($strUsers == "") && true) {
$isValid = true;
return $isValid;

$MM_restrictGoTo = "adminlogin.php";
if (!((isset($_SESSION['MM_Username'])) && (isAuthorized("",$MM_authorizedUsers, $_SESSION['MM_Username'], $_SESSION['MM_UserGroup'])))) {
$MM_qsChar = "?";
$MM_referrer = $_SERVER['PHP_SELF'];
if (strpos($MM_restrictGoTo, "?")) $MM_qsChar = "&";
if (isset($QUERY_STRING) && strlen($QUERY_STRING) > 0)
$MM_referrer .= "?" . $QUERY_STRING;
$MM_restrictGoTo = $MM_restrictGoTo. $MM_qsChar . "accesscheck=" . urlencode($MM_referrer);
header("Location: ". $MM_restrictGoTo);
if (!function_exists("GetSQLValueString")) {
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
$theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue;

$theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue);

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
return $theValue;

$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING'])) {
$editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);

if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "newproperty")) {
$insertSQL = sprintf("INSERT INTO newcondos (City, Location, Bedrooms, Bathrooms, PrprtyDesc, PrprtyImage, PrprtyType) VALUES (%s, %s, %s, %s, %s, %s, %s)",
GetSQLValueString($_POST['city'], "text"),
GetSQLValueString($_POST['address'], "text"),
GetSQLValueString($_POST['bed'], "text"),
GetSQLValueString($_POST['bath'], "text"),
GetSQLValueString($_POST['description'], "text"),
GetSQLValueString($_POST['userfile'], "text"),
GetSQLValueString($_POST['type'], "text"));

mysql_select_db($database_ConnCondo, $ConnCondo);
$Result1 = mysql_query($insertSQL, $ConnCondo) or die(mysql_error());

$insertGoTo = "adminpage.php";
if (isset($_SERVER['QUERY_STRING'])) {
$insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
header(sprintf("Location: %s", $insertGoTo));
define ("MAX_SIZE","100");

function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;



if ($image)
$filename = stripslashes($_FILES['userfile']['name']);
$extension = getExtension($filename);
$extension = strtolower($extension);
not upload the file,

if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif"))
echo '<h1>Unknown extension!</h1>';
if ($size > MAX_SIZE*1024)
echo '<h1>You have exceeded the size limit!</h1>';



$copied = copy($_FILES['userfile']['tmp_name'], $newname);
if (!$copied)
echo '<h1>Copy unsuccessfull!</h1>';

if(isset($_POST['Submit']) && !$errors)
echo "<h1>File Uploaded Successfully! Try again!</h1>";