I am trying to create a simple file upload system using PHP and MySQL. I have created a database with two tables in, structure below:
File Table
+---+------------------+--------------+
| # | Name | Type |
+---+------------------+--------------+
| 1 | file_id | int |
| 2 | file_name | varchar |
| 3 | file_size | int |
| 4 | file_type | varchar |
| 5 | folder | int |Foreign Key to folders.folder_id
| 6 | user_Id | int |
| 7 | upload_time | timestamp |
| 8 | modify_time | timestamp |
+---+------------------+--------------+
Folders Table
+---+------------------+--------------+
| # | Name | Type |
+---+------------------+--------------+
| 1 | folder_id | int |
| 2 | name | varchar |
| 3 | subfolder | int |
+---+------------------+--------------+
Files Query
SELECT *
FROM files
JOIN folders
ON folders.folder_id = files.folder
ORDER BY folders.subfolder ASC,
folders.folder_id ASC
Folders Query
SELECT * FROM folders
The tables both echoed into a HTML table. To do this, I have two query runs happening separately, one which echoes the folders and displays them on the table, and the other echoes the files and lists them below the list of folders.
Rather than listing all the folders and then all the files I want the files to be listed below their relevant folders.
This is how my table is currently displayed:
Table Heading
-------------
folder
folder2
folder3
file1
file2
file3
file4
This is how I want it to be:
Table Heading
-------------
folder
file1
file2
folder2
file3
folder3
file4
Prepared statements are designed to be executed multiple times in a loop, this is a good example of where to use one:
<?php
// prepare the statement for use later
$folderId = 0;
$stmt = $connectionUploads->prepare("SELECT * FROM files WHERE folder = ?");
$stmt->bind_param("i", $folderId);
$queryGetFolders = "SELECT * FROM folders";
$resultGetFolders = mysqli_query($connectionUploads, $queryGetFolders);
if ($resultGetFolders->num_rows != 0) {
// loop through the folder list
while ($rowFolders = $resultGetFolders->fetch_assoc()) {
$folderName = ucwords($rowFolders['name']);
echo "<h1>$folderName</h1>";
// put the new value in $folderId
$folderId = $rowFolders['folder_id'];
// execute the query
$stmt->execute();
$resultGetFiles = $stmt->get_result();
if ($resultGetFiles->num_rows == 0) {
echo "<p>No files</p>";
else {
// loop through the results as normal
while ($rowFiles = $resultGetFiles->fetch_assoc()) {
echo "<p>$rowFiles[file_name]</p>";
}
}
}
}
Note there are no inherent security concerns with using "plain" database queries. The problems arise when you're adding user-supplied inputs to the query string. Then prepared statements are a must. In addition to reducing overhead when querying in a loop (as above) they also sanitize user input automatically.
You can try creating two php functions to call the various database tables, for instance
function fetch($query){
while($row = $query->fetch_array(MYSQLI_ASSOC)){
$result[] = $row;
}
return $result;
}
function getArray($a, $b, $c, $d){
$array = mysqli_fetch_array(mysqli_query($a, "SELECT * FROM $b WHERE $c = '$d' ORDER BY $c DESC LIMIT 1"));
return $array;
}
then use foreach
iterator to get the associative array
for each file, then using the folder
column you can be able to get the array for each folder where the files are found.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.