convert and concat 2 dissimilar variables into one string

Question

Writing a file upload page, where a user uploads a zip file, which works swimmingly, but now I need to add that info into a database, and am having trouble with the way I must show the file name. Which is: project number a hyphen uploaded file name hyphen users name LIKE "1234-fileName-UserName"

The query :

$query= "INSERT INTO cases (case_id, user_id, first_name, last_name, CONCAT(first_name, last_name) AS doctor, name, description, filename, upload_date, upload_time, status) VALUES ('$new_id', '$cur_user', '$cur_first', '$cur_last', 'doctor', '$case_name', '', CONCAT($case_id, $_FILES['the_file']['name'], $_SESSION['last_name']) AS newfilename, CURDATE(), CURTIME(), '0')";

I have tried to implode outside the query, append using '.='. This query runs only after the file uploaded to the server.

Answer 1

I think you're confusing how you would concat() two mysql columns and just concatenating a string in PHP.

Try this:

$query= "INSERT INTO cases (case_id, user_id, first_name, last_name, doctor, name, description, filename, upload_date, upload_time, status) VALUES ('$new_id', '$cur_user', '$cur_first', '$cur_last', '{$cur_first} {$cur_last}', '$case_name', '', '{$case_id}-{$_FILES['the_file']['name']}-{$_SESSION['last_name']}, CURDATE(), CURTIME(), '0')";

And make sure you're validating any of these strings you're receiving from users, lest you open yourself to an SQL Injection attack.

Answer 2

Build your filename outside your query..

$filename = $case_id.'-'.$_FILES['the_file']['name'].'-'$_SESSION['last_name'];

Then use this in your insert query..