Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- ...
- </head>
- <body>
- <form id="upload" action="./upload.php" method="POST" enctype="multipart/form-data">
- <input type="file" name="file">
- <input type="submit" value="Upload">
- </form>
- </body>
- </html>
- <? php
- if(isset($_POST['upload']) && $_FILES['file']['size'] > 0)
- {
- $file_name = $_FILES['file']['name'];
- $file_size = $_FILES['file']['size'];
- $file_tmp = $_FILES['file']['tmp_name'];
- $file_type = $_FILES['file']['type'];
- $parser = fopen($file_tmp, 'r');
- $content = fread($parser, filesize($file_tmp));
- $content = addslashes($content);
- fclose($parser);
- if(!get_magic_quotes_gpc())
- {
- $file_name = addcslashes($file_name);
- }
- $user = "root";
- $host = "localhost";
- $pass = "";
- $db = "filemeup";
- try
- {
- $conn = new PDO("mysql:host=$host;dbname=$db;", $user, $pass);
- }
- catch(PDOException $e)
- {
- echo "Error: ".$e->getMessage();
- exit;
- }
- $conn->query("SET NAMES utf8");
- $query="INSERT INTO files (name, size, type, content)"."VALUES (:name, :size, :type, :content) ";
- $stmt = $this->conn->prepare($query);
- $stmt->bindParam(':name', $file_name);
- $stmt->bindParam(':size', $file_size);
- $stmt->bindParam(':type', $file_type);
- $stmt->bindParam(':content', $content);
- $stmt->execute();
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement