加载Blueimp jQuery File Upload时的表单数据

Question

It seems that I have looked everywhere and tried everything and I can not get this to work, any help would be much appreciated! I am using Blueimp's jQuery File Upload. I have changed the UploadHandler.php in the following ways to make this upload work with multiple records and places within my system. I am using PHP and MySQL.

Added to handle_file_upload function so that the file path, file name, file type, file size, the record type, and the "job number" is uploaded to a table I created in MySQL for each different file.

$file->upload_to_db = $this->add_file($job_num, $recordtype, $file_path, $filename, $type, $file_size);

This job number is sent to the page (with the file upload) as a get variable as well as a hidden form field to send to the Handler when adding a file. The add_file function I added is as follows:

function add_file($job_num, $recordtype, $filepath, $filename, $filetype, $filesize)
{
    $filepath = addslashes($filepath);
    $insert_query = $this->query("INSERT INTO fileupload (job_num, recordtype, file_path, file_name, file_type, file_size) VALUES ('".$job_num."','".$recordtype."','".$filepath."','".$filename."','".$filetype."','".$filesize."')");
    return $insert_query;
}

The query function:

protected function query($query) {
    $database = $this->options['database'];
    $host = $this->options['host'];
    $username = $this->options['username']; 
    $password = $this->options['password'];
    $Link = mysql_connect($host, $username, $password);
    if (!$Link){
        die( mysql_error() );
    }
    $db_selected = mysql_select_db($database);
    if (!$db_selected){
        die( mysql_error() );
    }
    $result = mysql_query($query);
    mysql_close($Link);
    return $result;
}

I have a function for the delete as well. Now, this all works fine. Every file I add is saved and the path is stored in the database. From here I had to find a way to only show the files uploaded for that record instead of showing all files for every record. I modified the get function:

public function get($print_response = true) {
      if ($print_response && isset($_GET['download'])) {
        return $this->download();
    }
    $uploads = $this->query_db();
    return $this->generate_response($uploads, $print_response);
}

The query_db function:

public function query_db() {
    $uploads_array = array();
    // error_log("Job Num: ".$this->job_num."\n\n",3,"error_log.txt");
    $select_result = $this->query("SELECT * FROM fileupload WHERE job_num=423424");
    while($query_results = mysql_fetch_object($select_result))
    {   
        $file = new stdClass();
        $file->id = $query_results->id;
        $file->name = $query_results->file_name;
        $file->size = $query_results->file_size;
        $file->type = $query_results->file_type;
        $file->url = "filepath_to_url/".$query_results->file_name;
        $file->thumbnail_url = "filepath_to_thumbnail/".$query_results->file_name;
        $file->delete_url = "";
        $file->delete_type = "DELETE";
        array_push($uploads_array,$file);
    }
    return $uploads_array;
}

Where the filepath is correct on my system. This, again, works just fine. But as you can see from the query in the query_db function I have the job_num hard coded. I need a way to get this when the first page is loaded. I have looked for a way to do this and nothing has worked. When I submit/add other files I can use the $_REQUEST['job_num'] to get it, but not when the page is loaded. I am not very familiar with OOP PHP so some of this is new to me.

Answer 1

Based on your comments, you would probably want to add a job_number property to your class. You could then set this value in your class when you call add_file() like this

function add_file($job_num, $recordtype, $filepath, $filename, $filetype, $filesize)
{
    $this->job_number = $job_num;
    $filepath = addslashes($filepath);
    $insert_query = $this->query("INSERT INTO fileupload (job_num, recordtype, file_path, file_name, file_type, file_size) VALUES ('".$job_num."','".$recordtype."','".$filepath."','".$filename."','".$filetype."','".$filesize."')");
    return $insert_query;
}

You could then reference this job number in your query_db() method like this:

public function query_db() {
    $uploads_array = array();
    // error_log("Job Num: ".$this->job_num."\n\n",3,"error_log.txt");
    $select_result = $this->query("SELECT * FROM fileupload WHERE job_num=" . $this->job_number);
    while($query_results = mysql_fetch_object($select_result))
    {   
        $file = new stdClass();
        $file->id = $query_results->id;
        $file->name = $query_results->file_name;
        $file->size = $query_results->file_size;
        $file->type = $query_results->file_type;
        $file->url = "filepath_to_url/".$query_results->file_name;
        $file->thumbnail_url = "filepath_to_thumbnail/".$query_results->file_name;
        $file->delete_url = "";
        $file->delete_type = "DELETE";
        array_push($uploads_array,$file);
    }
    return $uploads_array;
}

Note I did not take data sanitation into account in my code samples. You would need to do that as well to prevent against SQL injection. In reality, you should really look at using the mysqli_* functions as the mysql_* are deprecated. You should also probably pass the database connection into you class you you have it available to all areas of the class (like the add_file method where it would be nice to escape the job number before setting it in the object).

Answer 2

Maybe this can be helpful

protected function get_file_objects() {

    $user_id = $this->options['session_id'];
    $files = $this->query("SELECT yourname FROM yourname WHERE yourname='$user_id'");
    $files_array=array();
    while($row = mysql_fetch_assoc($files)){
        array_push($files_array,$row['yourname']);
    }
    return array_values( array_filter( array_map(
        array($this, 'get_file_object'),
        $files_array
    ) ) );
}