添加上传到编辑页面

时间:2013-10-11 08:29:06

标签: php mysql

我整整一周都在试着让这个太过分了,但到目前为止还没有任何运气。我正在建立一个员工系统,作为我的第一个项目,我可以真正使用你的帮助。

我有一个数据库,其中包含一个名为ref_employees的表,其中包含x个字段。

我设法抓住了一些来源编辑记录并认为我的问题已经解决了。虽然源帮助我编辑记录,但客户端需要通过上传和存储功能来实现更多功能。我已相应地编辑了代码但现在有2个问题。

1)我必须将上传表单分别添加到编辑表单中,因为当单击编辑的更新时,即使添加了回显db中上载字段中的当前值,它也会清除数据库中的上载字段。 / p>

2)上传显示正在上传但未保存在指定目录中。权限设置为777,文件名未在相关字段的数据库中捕获。我认为这是因为上传功能在一个单独的页面中,而不是与上传表单在同一页面上。

我需要它来上传文件,将其存储在目录中,最后将文件名放在警告字段所在的数据库中,但需要在正在编辑的记录(员工)下捕获。

我是新手,所有的帮助都表示赞赏。

编辑页面:

    <?php
include 'core/init.php';
protect_page();
include 'includes/overall/header.php';
error_reporting(1);
?>
<?php
/* 
 EDIT.PHP
 Allows user to edit specific entry in database
*/

 // creates the edit record form
 // since this form is used multiple times in this file, I have made it a function that is easily reusable
 function renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, $error)
 {
 ?>
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
 <html>
 <head>
 <title>Edit Record</title>
 </head>
 <body>

<div class="article">
 <h1>Employee Details</h1>
 <?php 
 // if there are any errors, display them
 if ($error != '')
 {
 echo '<div style="padding:4px; border:1px solid red; color:red;">'.$error.'</div>';
 }
 ?> 

 <form action="" method="post" enctype="multipart/form-data">
 <input type="hidden" name="idnumber" value="<?php echo $idnumber; ?>"/>

 <div>
 <p>* Required</p>
 <p><strong>ID:</strong> <?php echo $idnumber; ?></p>
 <table cellpadding="5" cellspacing="5">
 <tr>
 <td><strong>First Name: *</strong></td>
 <td><input type="text" name="firstname" value="<?php echo $firstname; ?>"/></td>
 </tr>
  <tr>
 <td><strong>Last Name: *</strong></td>
 <td> <input type="text" name="lastname" value="<?php echo $lastname; ?>"/></td>
 </tr>
  <tr>
 <td><strong>Department: *</strong> </td>
 <td> <input type="text" name="department" value="<?php echo $department; ?>"/></td>
 </tr>
  <tr>
 <td><strong>Manager/Superviser:  *</strong></td>
 <td><input type="text" name="manager" value="<?php echo $manager; ?>"/></td>
 </tr>
  <tr>
 <td><strong>Start Date:  *</strong></td>
 <td><input type="text" name="startdate" value="<?php echo $startdate; ?>"/></td>
 </tr>
 <tr>
 <td><input type="submit" name="submit" value="Submit" class="btn"></td>
 </tr>

 </table>
  </form> 
 <tr>
 <td>
 <table cellpadding="5" cellspacing="0">
 <form action="includes/add.php" method="post" enctype="multipart/form-data">
 <input type="hidden" name="idnumber" value="<?php echo $idnumber; ?>"/>
 <th>Ad Warnings Documents</th>
 <tr>
 <td>Warning File 1</td>
 <td><input type="file" name="warning1" value="<?php echo $warning1;?>" /></td>

 </tr>
  <tr>
 <td>Warning File 2</td>
 <td><input type="file" name="warning2" value="<?php echo $warning2;?>" /></td>

 </tr>
  <tr>
 <td>Warning File 3</td>
 <td><input type="file" name="warning3" value="<?php echo $warning3;?>" /></td>
 </tr>

  <tr><td><input type="submit" name="submit" value="upload"></td></tr>
 </table>
 </td>
 <td></td>
 </tr>
 </table>

 </div>


 </body>
 </html> 

 <?php
 }




 // check if the form has been submitted. If it has, process the form and save it to the database
 if (isset($_POST['submit']))
 { 
 // confirm that the 'id' value is a valid integer before getting the form data
 if (is_numeric($_POST['idnumber']))
 {
 // get form data, making sure it is valid
 $idnumber = $_POST['idnumber'];
 $firstname = mysql_real_escape_string(htmlspecialchars($_POST['firstname']));
 $lastname = mysql_real_escape_string(htmlspecialchars($_POST['lastname']));
  $department = mysql_real_escape_string(htmlspecialchars($_POST['department']));
   $manager = mysql_real_escape_string(htmlspecialchars($_POST['manager']));
    $startdate = mysql_real_escape_string(htmlspecialchars($_POST['startdate']));

 // check that firstname/lastname fields are both filled in
 if ($firstname == '' || $lastname == '')
 {
 // generate error message
 $error = 'ERROR: Please fill in all fields!';

 //error, display form
 renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, $error);
 }
 else
 {
 // save the data to the database
 mysql_query("UPDATE ref_employees SET firstname='$firstname', lastname='$lastname', department='$department', manager='$manager',  startdate='$startdate' WHERE idnumber='$idnumber'")
 or die(mysql_error()); 

 // once saved, redirect back to the view page
 header("Location: employeelist.php"); 
 }
 }
 else
 {
 // if the 'id' isn't valid, display an error
 echo 'Error!';
 }
 }
 else
 // if the form hasn't been submitted, get the data from the db and display the form
 {

 // get the 'id' value from the URL (if it exists), making sure that it is valid (checing that it is numeric/larger than 0)
 if (isset($_GET['idnumber']) && is_numeric($_GET['idnumber']) && $_GET['idnumber'] > 0)
 {
 // query db
 $idnumber = $_GET['idnumber'];
 $result = mysql_query("SELECT * FROM ref_employees WHERE idnumber=$idnumber")
 or die(mysql_error()); 
 $row = mysql_fetch_array($result);

 // check that the 'id' matches up with a row in the databse
 if($row)
 {

 // get data from db
 $firstname = $row['firstname'];
 $lastname = $row['lastname'];
 $department = $row['department'];
 $manager = $row['manager'];
 $startdate = $row['startdate'];
 $warning1 = $row['warning1'];
 $warning2 = $row['warning2'];
 $warning3 = $row['warning3'];

 // show form
 renderForm($idnumber, $firstname, $lastname, $department, $manager, $startdate, '');
 }
 else
 // if no match, display result
 {
 echo "No results!";
 }
 }
 else
 // if the 'id' in the URL isn't valid, or if there is no 'id' value, display an error
 {
 echo 'Error!';
 }
 }
?>
<h1>Additional options</h1>

</div>

文件上传源文件add.php

<?php
include 'core/init.php';
protect_page();
include 'includes/overall/header.php';
error_reporting(1);
?>

 <?php 
  //This is the directory where images will be saved 
$target = "files/empdocs"; 
$target1 = $target . basename( $_FILES['warning1']['name']); 
$target2 = $target . basename( $_FILES['warning2']['name']);
$target3 = $target . basename( $_FILES['warning3']['name']);

 //This gets all the other information from the form 

 $warning1=($_FILES['warning1']['name']); 
 $warning2=($_FILES['warning2']['name']);
 $warning3=($_FILES['warning3']['name']); 


  //Writes the information to the database 
 mysql_query("INSERT INTO ref_employees VALUES ('$warning1', '$warning2', '$warning3')") ;
  //Writes the file to the server 
if (move_uploaded_file($_FILES['warning1']['tmp_name'], $target1)
&& move_uploaded_file($_FILES['warning2']['tmp_name'], $target2)
&& move_uploaded_file($_FILES['warning3']['tmp_name'], $target3)) {

 //Tells you if its all ok 
 echo "The file ". basename( $_FILES['uploadedfile']['name']). " has been uploaded, and your information has been added to the directory"; 
 } 
 else { 

 //Gives and error if its not 
 echo "Sorry, there was a problem uploading your file."; 
 } 
 ?>

0 个答案:

没有答案