Hey guys, I'm working on a program for viewing PDF files in Java and I need a system to upload essays in to an SQL database to be pulled by the Java.

I know some basic java but 0 php. A friend has helped me with this basic code and now it is 90% there I just need 1 change.

Right now the dropdown to select which essay(pdf file) submission has no effect. I would like it so that if you choose 'Deadline 1' it uploads the essay into the field "essay" if you choose 'Deadline 2' it uploads into essay2 and etc. Also it would be great if it would not allow the user to upload the essay if the field already contained any data. Thanks for any help.
Here is the code.


<html>
<head>
<title>Extended Essay Submission</title>
</head>


<body>



<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit('You must enter a username!');

}



if (!isset($_POST['password'])) {

exit('You must enter a password!');

}



if (!isset($_POST['type'])) {

exit('You must enter a submission type!');

}



if (!isset($_FILES['essay'])) {

exit('You must choose a file to upload!');

}



$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit('You must fill in every field on the form!');

}



if (!$link = mysql_connect('host', 'user', 'pass')) {

exit('Failed to connect to the database!');

}


if (!mysql_select_db('database', $link)) {

exit('Failed to select database!');

}



if (!$flink = fopen($_FILES['essay']['tmp_name'], 'rb')) {

exit('Failed to accept uploaded file!');

}



if (!$data = fread($flink, $_FILES['essay']['size'])) {

exit('Failed to read uploaded file!');

}


$data = addslashes($data);



$upload_sql = 'UPDATE essays SET essay="'.$data.'"';

$upload_sql .= ' WHERE username="'.$_POST['user'].'"';

$upload_sql .= ' AND password="'.$_POST['password'].'"';



if (!$upload_query = mysql_query($upload_sql, $link)

|| !mysql_affected_rows($link)) {

exit('File upload failed or already in database!');

}



echo '<h2>File upload success!</h2><hr />';

}

?>



<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" enctype="multipart/form-data">
Username: <input type="text" name="user" size="25" /><br />
Password: <input type="password" name="password" size="25" /><br /><br />



Submission type:
<select name="type" size="1">
<option value="1" selected="selected">Deadline 1</option>
<option value="2">Deadline 2</option>
<option value="3">Deadline 3</option>
<option value="4">Deadline 4</option>
<option value="5">Deadline 5</option>
</select>

<br /><br />

File: <input type="file" name="essay" /><br /><br />
<input type="submit" name="upload" value="Upload" />
</form>


</body>
</html>

I think the low response is because this would have been better placed in the web design and development forum. anyway, you'd have to change this line

$upload_sql = 'UPDATE essays SET essay="'.$data.'"';

so that it puts it into the field you want. for instance:

$upload_sql = 'UPDATE essays SET essay'.$_POST['type'].'="'.$data.'"';

so if someone selected "Deadline 1" then the statement 'UPDATE essays SET essay1="blah blah blah";'

and if they selected "Deadline 3" then the statement would end up looking like 'UPDATE essays SET essay3="blah blah blah";'

hopefully that's what you were looking for.

Thanks, works very well.

I put it in the software forum because I was in my java mode so I presumed software. You are correct it should have been in the web-dev forum. Any ideas about checking if the field is empty first?

Cheers again,

Wes

If you want to check if it's empty, you'll have to do another query to the database.

$test_sql = 'SELECT essay'.$_POST['type'].' FROM essays;';

if (empty(mysql_query($test_sql, $link)) {
$empty = TRUE;
} else {
$empty = FALSE;
}

Using my knowledge of Java syntax I'm trying to get that query in there and I'm getting parse errors:

Cheers,



<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit('You must enter a username!');

}



if (!isset($_POST['password'])) {

exit('You must enter a password!');

}



if (!isset($_POST['type'])) {

exit('You must enter a submission type!');

}



if (!isset($_FILES['essay'])) {

exit('You must choose a file to upload!');

}



$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit('You must fill in every field on the form!');

}



if (!$link = mysql_connect('host', 'user', 'password')) {

exit('Failed to connect to the database!');

}


if (!mysql_select_db('database', $link)) {

exit('Failed to select database!');

}



if (!$flink = fopen($_FILES['essay']['tmp_name'], 'rb')) {

exit('Failed to accept uploaded file!');

}



if (!$data = fread($flink, $_FILES['essay']['size'])) {

exit('Failed to read uploaded file!');

}



$test_sql = 'SELECT essay'.$_POST['type'].' FROM essays';
if (empty(mysql_query($test_sql, $link)) {
$empty = TRUE;



$data = addslashes($data);



$upload_sql = 'UPDATE essays SET essay'.$_POST['type'].'="'.$data.'"';

$upload_sql .= ' WHERE username="'.$_POST['user'].'"';

$upload_sql .= ' AND password="'.$_POST['password'].'"';



if (!$upload_query = mysql_query($upload_sql, $link)

|| !mysql_affected_rows($link)) {

exit('File upload failed or already in database!');

}

} else {
$empty = FALSE;
echo '<h2>Essay already in DB</h2><hr />';
}

echo '<h2>File upload success!</h2><hr />';

}

?>

I'm getting the following error on that code:
Parse error: parse error, expecting `T_VARIABLE' or `'$'' in /Library/WebServer/Documents/dev/wes.php on line 86

Only thing jumping out at me (but it doesn't fix that error) is that you're short a closing parenthesis in this line:
if (empty(mysql_query($test_sql, $link)) {

I'm getting the same error and I can't see what I'm doing wrong.

try this:

<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit('You must enter a username!');

}



if (!isset($_POST['password'])) {

exit('You must enter a password!');

}



if (!isset($_POST['type'])) {

exit('You must enter a submission type!');

}



if (!isset($_FILES['essay'])) {

exit('You must choose a file to upload!');

}



$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit('You must fill in every field on the form!');

}



if (!$link = mysql_connect('host', 'user', 'password')) {

exit('Failed to connect to the database!');

}


if (!mysql_select_db('database', $link)) {

exit('Failed to select database!');

}



if (!$flink = fopen($_FILES['essay']['tmp_name'], 'rb')) {

exit('Failed to accept uploaded file!');

}



if (!$data = fread($flink, $_FILES['essay']['size'])) {

exit('Failed to read uploaded file!');

}



$test_sql = 'SELECT essay'.$_POST['type'].' FROM essays';
$test_query = mysql_query($test_sql, $link);
if (empty($test_query)) {

$data = addslashes($data);



$upload_sql = 'UPDATE essays SET essay'.$_POST['type'].'="'.$data.'"';

$upload_sql .= ' WHERE username="'.$_POST['user'].'"';

$upload_sql .= ' AND password="'.$_POST['password'].'"';



if (!$upload_query = mysql_query($upload_sql, $link)

|| !mysql_affected_rows($link)) {

exit('File upload failed or already in database!');

}

} else {
echo '<h2>Essay already in DB</h2><hr />';
}

echo '<h2>File upload success!</h2><hr />';

}

?>

Worked on it a bit more, now the query only selects the essay from the user name, before it selected all of them, bit of an oversight. Only problem now is that it ALWAYS says the database has the file when it does not. PM me and I'll send you the login details so you can check this on my server.


<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit('You must enter a username!');

}



if (!isset($_POST['password'])) {

exit('You must enter a password!');

}



if (!isset($_POST['type'])) {

exit('You must enter a submission type!');

}



if (!isset($_FILES['essay'])) {

exit('You must choose a file to upload!');

}



$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit('You must fill in every field on the form!');

}



if (!$link = mysql_connect('HOST', 'LOGIN', 'PASSWORD')) {

exit('Failed to connect to the database!');

}


if (!mysql_select_db('DATABASE', $link)) {

exit('Failed to select database!');

}



if (!$flink = fopen($_FILES['essay']['tmp_name'], 'rb')) {

exit('Failed to accept uploaded file!');

}



if (!$data = fread($flink, $_FILES['essay']['size'])) {

exit('Failed to read uploaded file!');

}



$test_sql = 'SELECT essay'.$_POST['type'].' FROM essays WHERE username ="'.$_POST['user'].'"';
$test_query = mysql_query($test_sql, $link);
if (empty($test_query)) {

$data = addslashes($data);



$upload_sql = 'UPDATE essays SET essay'.$_POST['type'].'="'.$data.'"';

$upload_sql .= ' WHERE username="'.$_POST['user'].'"';

$upload_sql .= ' AND password="'.$_POST['password'].'"';

echo '<h2>File upload success!</h2><hr />';

if (!$upload_query = mysql_query($upload_sql, $link)

|| !mysql_affected_rows($link)) {

exit('File upload failed or already in database!');

}

} else {
echo '<h2>Essay already in database see the Academic Dean to rectify the problem </h2>';
}



}

Ok, I think I figured out what I did wrong. I always end up with 3 or 4 errors whenever I code a page, heh. Change the test_sql section to be like this:

$test_sql = 'SELECT essay'.$_POST['type'].' FROM essays WHERE username ="'.$_POST['user'].'"';
$test_query = mysql_query($test_sql, $link);
$test_result = mysql_result($result, 0);
if (empty($test_result)) {

That still isn't working for me. It now allows me to upload anything I want even if a previous essay is there. I've left the login/password in there so you can test it on this DB. Feel free to play with it.

<html>
<head>
<title>Extended Essay Submission</title>
</head>


<body>

<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit('You must enter a username!');

}



if (!isset($_POST['password'])) {

exit('You must enter a password!');

}



if (!isset($_POST['type'])) {

exit('You must enter a submission type!');

}



if (!isset($_FILES['essay'])) {

exit('You must choose a file to upload!');

}



$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit('You must fill in every field on the form!');

}



if (!$link = mysql_connect('yo-momma.net', 'jelliott_wes', 'wesleyssql')) {

exit('Failed to connect to the database!');

}


if (!mysql_select_db('jelliott_wes', $link)) {

exit('Failed to select database!');

}



if (!$flink = fopen($_FILES['essay']['tmp_name'], 'rb')) {

exit('Failed to accept uploaded file!');

}



if (!$data = fread($flink, $_FILES['essay']['size'])) {

exit('Failed to read uploaded file!');

}



$test_sql = 'SELECT essay'.$_POST['type'].' FROM essays WHERE username ="'.$_POST['user'].'"';
$test_query = mysql_query($test_sql, $link);
$test_result = mysql_result($result, 0);
if (empty($test_result)) {

$data = addslashes($data);



$upload_sql = 'UPDATE essays SET essay'.$_POST['type'].'="'.$data.'"';

$upload_sql .= ' WHERE username="'.$_POST['user'].'"';

$upload_sql .= ' AND password="'.$_POST['password'].'"';

echo '<h2>File upload success!</h2><hr />';

if (!$upload_query = mysql_query($upload_sql, $link)

|| !mysql_affected_rows($link)) {

exit('File upload failed or already in database!');

}

} else {
echo '<h2>Essay already in database see the Academic Dean to rectify the problem </h2>';
}



}

?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" enctype="multipart/form-data">
Username: <input type="text" name="user" size="25" /><br />
Password: <input type="password" name="password" size="25" /><br /><br />



Submission type:
<select name="type" size="1">
<option value="1" selected="selected">Deadline 1</option>
<option value="2">Deadline 2</option>
<option value="3">Deadline 3</option>
<option value="4">Deadline 4</option>
<option value="5">Deadline 5</option>
</select>

<br /><br />

File: <input type="file" name="essay" /><br /><br />
<input type="submit" name="upload" value="Upload" />
</form>


</body>
</html>

alright, one more shot. now it gives an error if the username or password are incorrect as well. (also i took out the actual database connection settings, so be sure to change them)

<html>
<head>
<title>Extended Essay Submission</title>
</head>


<body>

<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit('You must enter a username!');

}



if (!isset($_POST['password'])) {

exit('You must enter a password!');

}



if (!isset($_POST['type'])) {

exit('You must enter a submission type!');

}



if (!isset($_FILES['essay'])) {

exit('You must choose a file to upload!');

}



$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit('You must fill in every field on the form!');

}



if (!$link = mysql_connect('host', 'user', 'pass')) {

exit('Failed to connect to the database!');

}


if (!mysql_select_db('database', $link)) {

exit('Failed to select database!');

}



if (!$flink = fopen($_FILES['essay']['tmp_name'], 'rb')) {

exit('Failed to accept uploaded file!');

}



if (!$data = fread($flink, $_FILES['essay']['size'])) {

exit('Failed to read uploaded file!');

}



$test_sql = 'SELECT essay'.$_POST['type'].' FROM essays WHERE username ="'.$_POST['user'].'" AND password="'.$_POST['password'].'"';
$test_query = mysql_query($test_sql, $link);
if (mysql_num_rows($test_query) > 0) {
$test_result = mysql_result($test_query, 0);
if (empty($test_result)) {

$data = addslashes($data);



$upload_sql = 'UPDATE essays SET essay'.$_POST['type'].'="'.$data.'"';

$upload_sql .= ' WHERE username="'.$_POST['user'].'"';

$upload_sql .= ' AND password="'.$_POST['password'].'"';

echo '<h2>File upload success!</h2><hr />';

if (!$upload_query = mysql_query($upload_sql, $link)

|| !mysql_affected_rows($link)) {

exit('File upload failed or already in database!');

}

} else {
echo '<h2>Essay already in database see the Academic Dean to rectify the problem </h2>';
}
} else {
echo '<h2>You entered an incorrect username or password</h2>';
}


}

?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" enctype="multipart/form-data">
Username: <input type="text" name="user" size="25" /><br />
Password: <input type="password" name="password" size="25" /><br /><br />



Submission type:
<select name="type" size="1">
<option value="1" selected="selected">Deadline 1</option>
<option value="2">Deadline 2</option>
<option value="3">Deadline 3</option>
<option value="4">Deadline 4</option>
<option value="5">Deadline 5</option>
</select>

<br /><br />

File: <input type="file" name="essay" /><br /><br />
<input type="submit" name="upload" value="Upload" />
</form>


</body>
</html>

Thanks! That works very well.

Now that the student can submit their essays and using the java I have written the advisor and dean can read their essays. They will then be left comments and will need to login to the website to view these comments.

There are 5 fields I will need to pull:

advisorcomments: Plain text.
deancomments: Plain text.
time, progress, length, all booleans.

Advisor/dean comments can be shown as plaintext as so can dean comments.

IE, if time = true, display "Your essay was on time", progress, "Your essay showed sufficient progress".

Cheers! Here is my attempt so far.


<html>
<head>
<title>Extended Essay Submission</title>
</head>


<body>

<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit('You must enter a username!');

}



if (!isset($_POST['password'])) {

exit('You must enter a password!');

}



if (!isset($_POST['type'])) {

exit('You must enter a submission type!');

}




$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit('You must fill in every field on the form!');

}



if (!$link = mysql_connect('yo-momma.net', 'jelliott_wes', 'wesleyssql')) {

exit('Failed to connect to the database!');

}


if (!mysql_select_db('jelliott_wes', $link)) {

exit('Failed to select database!');

}



$test_sql = 'SELECT advisorcomments'.$_POST['type'].', deancomments'.$_POST['type'].', length'.$_POST['type'].', time'.$_POST['type'].' AND progress'.$_POST['type'].' FROM essays WHERE username ="'.$_POST['user'].'" AND password="'.$_POST['password'].'"';
$test_query = mysql_query($test_sql, $link);
if (mysql_num_rows($test_query) > 0) {
$test_result = mysql_result($test_query, 0);
if (empty($test_result)) {
echo '<h2>Incorrect Password</h2>';
}

} else {
[DISPLAY ADVISORCOMMENTS AND DEANCOMMENTS HERE as well as the booleans.]
}
} else {
echo '<h2>You entered an incorrect username or password</h2>';
}


}

?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" enctype="multipart/form-data">
Username: <input type="text" name="user" size="25" /><br />
Password: <input type="password" name="password" size="25" /><br /><br />



Submission type:
<select name="type" size="1">
<option value="1" selected="selected">Deadline 1</option>
<option value="2">Deadline 2</option>
<option value="3">Deadline 3</option>
<option value="4">Deadline 4</option>
<option value="5">Deadline 5</option>
</select>

<br /><br />
</form>


</body>
</html>

You'll want to use mysql_fetch_array($test_query) instead of mysql_result($test_query), as this time you're selecting multiple items from the database. You can then do an extract($test_result); to be able to use the variables from that array.

or this code would list all the items inside the array:

foreach($test_result as $key => $var) {
echo $key.": ".$var."<br>";
}

This is why I like my java IDE it can help me with these silly errors.


<html>
<head>
<title>Extended Essay Submission</title>
</head>


<body>

<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit('You must enter a username!');

}



if (!isset($_POST['password'])) {

exit('You must enter a password!');

}



if (!isset($_POST['type'])) {

exit('You must enter a submission type!');

}




$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit('You must fill in every field on the form!');

}



if (!$link = mysql_connect('yo-momma.net', 'jelliott_wes', 'wesleyssql')) {

exit('Failed to connect to the database!');

}


if (!mysql_select_db('jelliott_wes', $link)) {

exit('Failed to select database!');

}


$test_sql = 'SELECT advisorcomments'.$_POST['type'].', deancomments'.$_POST['type'].', length'.$_POST['type'].', time'.$_POST['type'].' AND progress'.$_POST['type'].' FROM essays WHERE username ="'.$_POST['user'].'" AND password="'.$_POST['password'].'"';
$test_result = mysql_fetch_array($test_sql)
if (mysql_num_rows($test_query) > 0) {
foreach($test_result as $key => $var) {
echo $key.": ".$var."<br>";
}
}
} else {
echo '<h2>You entered an incorrect username or password</h2>';
}


}

?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="POST" enctype="multipart/form-data">
Username: <input type="text" name="user" size="25" /><br />
Password: <input type="password" name="password" size="25" /><br /><br />



Submission type:
<select name="type" size="1">
<option value="1" selected="selected">Deadline 1</option>
<option value="2">Deadline 2</option>
<option value="3">Deadline 3</option>
<option value="4">Deadline 4</option>
<option value="5">Deadline 5</option>
</select>

<br /><br />
</form>


</body>
</html>

Okay, I saw how UGLY my database was with essay1, essay2, essay3 etc so I changed the schema totally. There are now 4 tables


Duedates (no concern for now)
Advisors (disregard for this PHP)
Students (contains: last/first name, password, topic, student_id)
Essays (contains: data in binary, student_id (to link to other DB), deadline number, date submitted)

This is what I need the PHP to do:

Query DB, select student_id from students where username = [username from field] AND password = md5[password]

If this returns null, Bad pw message.

If not, take student_id and:

insert into essays set essay = [binary], datesubmitted = [current server date GMT], deadline = [deadline from dropdown].

Ideas?

A couple questions...

Why update instead of insert on the PDF submission? Are there placeholders set up, or do you want the DB to get fleshed out as people submit their PDFs?

Also, don't forget to "update ... where student_id=[student_id]" or "insert ... [student_id]".

A couple questions...

Why update instead of insert on the PDF submission? Are there placeholders set up, or do you want the DB to get fleshed out as people submit their PDFs?

Also, don't forget to "update ... where student_id=[student_id]" or "insert ... [student_id]".

You are correct, I mean insert*.

Thanks for pointing that out.

Rower or anybody...?

Sorry, thought you were just asking if your idea would work - didn't know you needed code examples.

Are you getting hung up on any one part of it, or the whole thing? From everything we've worked on in this thread, you should be able to piece something together.

Sorry, thought you were just asking if your idea would work - didn't know you needed code examples.

Are you getting hung up on any one part of it, or the whole thing? From everything we've worked on in this thread, you should be able to piece something together.


My problems:
1. Carrying over the student_id from one query to the next.2. Getting current date in the form YYYY-MM-DD.
3. I thought about letting a user re-submit an essay and I thought this would be okay as long as no comments have been left so ideally if the advisor or dean comment fields were not null it would not allow a re-submission.

Cheers,

Wes

one thing is php has an excellent manual online. just go to php.net and you can type in for instance the word "date" and you'll see how to do #2. As for #1 I'd suggest setting up a system where the user logs in, and then they can choose the function of what to do. You can just set the student_id in a session cookie (again go to php.net and search for session). #3 like Rower said should be able to be figured out from the php already listed on this page.

hope this helps.

Thanks, but I'll be leaving PHP for a while, I can't spend the time learning it for such a simple purpose. :mad:

Edit: Fixed.

BBEdit and Dreamweaver do code coloring which helps with catching mismatched quotes and getting predefined functions right.

I went over your code and found that your quotes were all over the place. In my experience, using double-quotes for inserting a string into a variable or in echo statements seems to work best. You can also just state the variables in those strings - no need to concatenate. You also had a duplicate if statement at the end that cause it to choke in an odd way.

Here you go:
<html>
<head>
<title>Extended Essay Submission</title>
</head>


<body>

<?php

if (isset($_POST['upload'])) {

if (!isset($_POST['user'])) {

exit("You must enter a username!");

}


if (!isset($_POST['password'])) {

exit("You must enter a password!");

}


if (!isset($_POST['type'])) {

exit("You must enter a submission type!");

}


if (!isset($_FILES['essay'])) {

exit("You must choose a file to upload!");

}


$_POST['user'] = addslashes(trim($_POST['user']));

$_POST['type'] = intval(trim($_POST['type']));

$_POST['password'] = md5($_POST['password']);



if (!strlen($_POST['user']) || $_POST['type'] < 1) {

exit("You must fill in every field on the form!");

}


if (!$link = mysql_connect('yo-momma.net', 'jelliott_wes', 'wesleyssql')) {

exit("Failed to connect to the database!");

}


if (!mysql_select_db('jelliott_wes', $link)) {

exit("Failed to select database!");

}


if (!$flink = fopen($_FILES['essay']['tmp_name'], 'rb')) {

exit("Failed to accept uploaded file!");

}


if (!$data = fread($flink, $_FILES['essay']['size'])) {

exit("Failed to read uploaded file!");

}
$test_sql = "SELECT deancomment, advisorcomment FROM essays WHERE username='$_POST[user]' AND deadline ='$_POST[type]'";
$test_query = mysql_query($test_sql, $link);
if (mysql_num_rows($test_query) > 0) {
$test_result = mysql_result($test_query, 0);
if (empty($test_result)) {
$test_sql = "SELECT student_id FROM students WHERE username='$_POST[user]' AND password='$_POST[password]'";
$test_query = mysql_query($test_sql, $link);
$student_id = mysql_result($result, 0);

$data = addslashes($data);

$upload_sql = "INSERT into essays (essay, datesubmitted, deadline, student_id) values ('$data', date('Y-m-d'), '$_POST[type]', '$student_id')";

echo "<h2>File upload success!</h2><hr />";

if (!$upload_query = mysql_query($upload_sql, $link) || !mysql_affected_rows($link)) {
exit("File upload failed or already in database!");
}

} else {
echo "<h2>Essay already in database and comments have been left. </h2>";
}
} else {
echo "<h2>You entered an incorrect username or password</h2>";
}

}
?>
<form action="<?php echo "$_SERVER[PHP_SELF]"; ?>" method="POST" enctype="multipart/form-data">
Username: <input type="text" name="user" size="25" /><br />
Password: <input type="password" name="password" size="25" /><br /><br />

Submission type:
<select name="type" size="1">
<option value="1" selected="selected">Deadline 1</option>
<option value="2">Deadline 2</option>
<option value="3">Deadline 3</option>
<option value="4">Deadline 4</option>
<option value="5">Deadline 5</option>
</select>

<br /><br />

File: <input type="file" name="essay" /><br /><br />
<input type="submit" name="upload" value="Upload" />
</form>

</body>
</html>

Edit: Nevermind, then. :p

Edit: Nevermind, then. :p

Sorry :(

I'm only having one little trouble, the code all works apart from this:

$upload_sql = "INSERT into essays (essay, datesubmitted, deadline, student_id) values ('".$data."', ".date("Y-m-d").", ".$_POST['type'].", ".$student_id.")";

In the DB once the essay is uploaded the date is 0000-00-00.

Hmm...

Personally, I'd put the date function into a variable and then put it into the insert, like so:

$insertdate = date("Y-m-d");
$upload_sql = "INSERT into essays (essay, datesubmitted, deadline, student_id) values ('$data', '$insertdate', '$_POST[type]', '$student_id')";


PS. Try not concatenating - it makes things much simpler to read.

Works, thanks! :)

I'll start looking at the comments side again, but it looks like it should be easier.

Sorry :(

I'm only having one little trouble, the code all works apart from this:

$upload_sql = "INSERT into essays (essay, datesubmitted, deadline, student_id) values ('".$data."', ".date("Y-m-d").", ".$_POST['type'].", ".$student_id.")";

In the DB once the essay is uploaded the date is 0000-00-00.

Hmm...

If you are just inserting the date of the script execution you can use mysql inbuilt date function like this:

$upload_sql = "INSERT into essays (essay, datesubmitted, deadline, student_id) values ('".$data."', now(), ".$_POST['type'].", ".$student_id.")";

Edit: This only works if you declare the datatype for that column as date or datetime. mysql also has a range of date functions for you to choose from. Well, there pros and cons.