hi I have this contact forms http://www.xwdakan.com/CC/ but i will people can send a file with a text som this upload a file thnks
First you will need to look into $_FILES[] and then you need to make sure you do security checks with the filetype etc im not giving you the answer as you will learn more if you do it on your own Here is an example of an upload system that i created for a friend <?php //Connection here or include connection file (ill just do a fast connect here) mysql_connect('localhost','root','') or die('Oops, No connection to DB'); mysql_select_db('uploads') or die('Oops, Cant find the mysql DB'); //define upload table define('UPLOAD_TABLE','uploads'); /* **** The mysql table creation code CREATE TABLE `uploads`.`uploads` ( `id` INT NOT NULL AUTO_INCREMENT PRIMARY KEY , `name` VARCHAR( 255 ) NOT NULL , `ext` VARCHAR( 16 ) NOT NULL , `location` VARCHAR( 1024 ) NOT NULL , `date` INT( 16 ) NOT NULL ) ENGINE = MYISAM ; */ //Files define('THIS_FILENAME','upload.php'); define('ROOT_DIR',str_replace(THIS_FILENAME,'',__FILE__)); define('UPLOAD_DIR',ROOT_DIR . 'uploads/');// must end with slash but not start with one //Other define('MAX_SIZE',round(500000*1024)); $Allowed = array('jpg','mpg','txt','doc','dll','png','exe','rar','zip'); // etc $errors = array(); //Start the upload if is sent if(isset($_FILES) && isset($_FILES['file']['name'])){ //Now set some VARS with some typecasting (int|string) $FileName = (string)$_FILES['file']['name']; $FileType = (string)$_FILES['file']['type']; $FileLocation = (string)$_FILES['file']['tmp_name']; $FileSize = (int)$_FILES['file']['size']; $FileError = (int)$_FILES['file']['error']; $FileExt = (string)end(explode(".", $FileName)); //So now we can check to see if the file is a valid extention if(in_array($FileExt,$Allowed)){ if($FileSize < MAX_SIZE){ if($FileError == 0){ //no error //Here we move the file to the new location if(is_dir(UPLOAD_DIR)){ $FileNewLocation = UPLOAD_DIR . $FileName; if(move_uploaded_file($FileLocation,$FileNewLocation)){ $sqlLayout = "INSERT INTO %s VALUES(NULL,'%s','%s','%s',%d)"; $Query = sprintf($sqlLayout, UPLOAD_TABLE, mysql_real_escape_string($FileName), mysql_real_escape_string($FileExt), mysql_real_escape_string($FileNewLocation), time()); if(mysql_query($Query)){ $ok = 'Fle uploaded successfull'; }else{ $errors[] = 'File uploaded but database error (File will be deleted)'; @unlink($FileNewLocation); } }else{ $errors[] = 'Could not move file from tmp to new location'; } }else{ $errors[] = 'Internale server error (Upload dir not available)'; } }else{ $errors[] = 'There was an internal server error, Please try later'; } }else{ $errors[] = 'File is too large'; } }else{ $errors[] = 'File is not a valid format ('.$FileExt.')'; } } ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Untitled Document</title> </head> <body> <?=(count($errors) > 0) ? implode("<br />",$errors) : NULL?> <?=(isset($ok)) ? $ok : NULL?> <form enctype="multipart/form-data" action="" method="post"> <input type="hidden" name="MAX_FILE_SIZE" value="<?=MAX_SIZE?>" /> <input type="file" name="file" id="upload_box" /> <input type="submit" value="Upload!" /> </form> </body> </html> <?php //Some Example functions function LatestTen(){ $q = mysql_query('SELECT * FROM uploads ORDER BY id DESC LIMIT 10'); $ret = array(); while($row = mysql_fetch_assoc($q)){$ret[] = $row;} return (count($ret) > 0) ? $ret : array(); } $i=1; foreach(LatestTen() as $Download){ $Layout = '<div><strong>%d</strong> - <span><a href="download.php?id=%d">%s</a></span> @ (%s)</div>'; echo sprintf($Layout, $i++, $Download['id'], htmlentities($Download['name']), date("d-m-Y",$Download['date'])); } ?> PHP: