- The Real Viking
- Medlem ●
- Karlstad
- 2009-02-15 21:02
Jag har ett litet problem med följande php kod. Jag har ett formulär där man kan ladda upp filer. Koden ser helt OK ut. Felmeddelandet lyder:
Citat:
Stored in: Error, query failed: 1064 - You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'group, date_uploaded, year, uploader) VALUES ('Styrelseprotokoll_2008-05-28.doc'' at line 1
Kanske någon klok person kan se något fel i nedanstående kod och hjälpa mig:
<div id="main">
<?php
if (isset($_POST['upload']) && $_FILES['userfile']['size'] > 0) {
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$title = $_POST['title'];
$date = $_POST['date'];
$year = substr($date, 0, 4);
$category = $_POST['category'];
$group = $_POST['group'];
$upload_date = date("Y-m-d");
$uploader = $_COOKIE['user_name'];
$test = NULL;
if ($test) {
$fp = fopen($fileName, 'r');
$content = fread($fp, filesize($fileName));
$content = addslashes($content);
} else {
$fp = fopen($tmpName, 'r');
$content = fread($fp, filesize($tmpName));
$content = addslashes($content);
}
fclose($fp);
if ($_FILES["userfile"]["error"] > 0) {
echo "Error: " . $_FILES["file"]["error"] . "<br />";
} else {
echo "--------------<br />";
echo "Upload: " . $_FILES["userfile"]["name"] . "<br />";
echo "Type: " . $_FILES["userfile"]["type"] . "<br />";
echo "Size: " . ($_FILES["userfile"]["size"] / 1024) . " Kb<br />";
echo "Stored in: " . $_FILES["userfile"]["tmp_name"]<br />;
}
if (!get_magic_quotes_gpc()) {
$fileName = addslashes($fileName);
}
include 'DataStorage/library/config.php';
include 'DataStorage/library/opendb.php';
$query = "INSERT INTO fileStorage (name, size, type, content, title, date_created, category, group, date_uploaded, year, uploader) VALUES ('$fileName', '$fileSize', '$fileType', '$content', '$title', '$date', '$category', '$group', '$upload_date', '$year', '$uploader')";
$id = mysql_insert_id();
mysql_query($query) or die ('Error, query failed: ' . mysql_errno() . " - " . mysql_error());
include 'DataStorage/library/closedb.php';
}
?>
<h1>Ladda upp filer</h1>
<form method="post" enctype="multipart/form-data">
<table width="350" border="1" cellpadding="2" cellspacing="0" class="box">
<tr>
<td width="246">
<input type="hidden" name="MAX_FILE_SIZE" value="2000000">
<input name="userfile" type="file" id="userfile"><br />
Titel:
<input name="title" type="text" id="title" alt="Dokumentets titel"><br />
Datum:
<input name="date" type="text" id="date" alt="När händelsen ägde rum"><br />
Kategori:
<select name="category">
<option name="protocols">Protokoll</option>
<option name="reports">Rapporter</option>
<option name="letters">Brev</option>
<option name="collations">Kallelser</option>
<option name="applications">Ansökan</option>
<option name="schedule">Schema</option>
</select><br />
Grupp:
<select name="group">
<option name="Styrelsen">Styrelsen</option>
<option name="Fastigheter">Fastigheter</option>
<option name="Mark">Mark</option>
<option name="Skog">Skog</option>
</select><br />
</td>
<td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td>
</tr>
</table>
</form>
</div>config.php innehåller följande kod:
<?php // This is an example of config.php $dbhost = 'localhost'; $dbuser = 'xxxxxxxxx'; $dbpass = 'yyyyyyyyyy'; $dbname = 'zzzzzzzzz'; ?>
opendb.php innehåller följande kod:
<?php
// This is an example opendb.php
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if (!$conn) {
die('Could not connect: [' . mysql_errno() . '] ' . mysql_error());
}
mysql_select_db('my_db', $conn);
?>closedb.php innehåller följande kod:
<?php // an example of closedb.php // it does nothing but closing // a mysql database connection mysql_close($conn); ?>
Senast redigerat 2009-02-16 18:13
