PHP how to keep the already uploaded file in the edit form.



Hi, I have uploaded a file in my database below row named 'file_name'. Now when I open my edit form in view mode, the file name does not show (is empty) and when I save the form, the file_name goes blank from the database. I want to save the file in edit form so each time I save the form, the already uploaded file should show in database. I know that value cannot be used for files for security reasons and I also know how to just echo the name of file, but I need to keep the already uploaded file in edit form.

This is my code in edit form in view mode:

<div class="form-group">
     <label for="example-text"><?php echo get_phrase('Browse File');?></label>
     <input type="file" name="file_name" id = "file_name" class="form-control-file"/><span name="old" id = "old"><?php echo $row['file_name'];?></span>

This is my code in model:

$page_data['file_name'] = $_FILES["file_name"]["name"];
$oldfile = $_POST['old'];
$file = $_FILES["file_name"]["name"];
  if($file != "") {
     move_uploaded_file($_FILES["file_name"]["tmp_name"], "uploads/parents_image/" . $_FILES["file_name"]["name"]); 
   } else {
     $file = $oldfile;
     $page_data['file_name'] = $this->input->post('file_name');

Any advice would be very helpful. Many thanks.


  • Capture.PNG
    20.4 KB · Views: 1,908
Your post doesn't make a lot of sense to me, you must remember that we don't have access to your computer and cannot see what you are doing or know how you have got to where you are.

It looks to me that you are talking about image files? and these are uploaded to your server.

I don't see any database calls?

Does your <form> tag include enctype='multipart/form-data'?

I'd suggest that you start with simpler ambitions when learning something new like this as it can get quite confusing. Start with just being able to upload an image, move to a folder and return a page which shows the image, then once this is working add bits.

The security concerns with images is that a user could upload an executable file and just put that filename into a browser to execute it. So the adage
Never trust user input.

is the one to follow, always. You'll need to do a bit of reading to find out what suits your purposes, make sure it makes sense as there is a lot of rubbish; I change the size and quality of an image which I think works, many sites advocate just checking for certain attributes and various other snake oil solutions - the trouble is that they can be faked very easily, so as I say do what makes sense.
While I don't "edit" the file on my edit page, I simply just display the current one. If I did want to have where a user could change the picture I would do somelike this

<img class="blogBox" src="<?php echo (isset($replaceFile) ) ?  $replaceFile : $cms->thumb_path; ?>" alt="Picture for Journal Entry">

Of course I didn't test it out, plus you would have to add the following to the edit form:

<input id="imgBtn" class="menuExit" type="file" name="file">
again not tested out.

Here is my edit form for a website I am doing:
                <form id="dataEntry" action="process.php" method="post" enctype="multipart/form-data">
                    <img class="blogBox" src="<?= $cms->thumb_path; ?>" alt="Picture for Journal Entry">
                    <fieldset id="mainEntry">
                        <legend>Edit Text</legend>

                        <input type="hidden" name="id" value="<?= $cms->id ?>">
                        <input type="hidden" name="action" value="update">
                        <input type="hidden" name="image_path" value="<?= $cms->image_path ?>">
                        <input type="hidden" name="page_name" value="<?= $cms->page_name; ?>">
                        <input type="hidden" name="user_id" value="<?= $cms->user_id; ?>">
                        <input type="hidden" name="insert_image" value="">
                        <select class="select-css" name="rating">
                            <option value="<?= $cms->rating ?>"><?= $cms->rating; ?> Star(s)</option>
                            <option value="0">No Star</option>
                            <option value="1">One Star</option>
                            <option value="2">Two Stars</option>
                            <option value="3">Three Stars</option>
                            <option value="4">Four Stars</option>
                            <option value="5">Five Stars</option>
                        <select class="select-css" name="category">
                            <option value="<?= $cms->category; ?>"><?= $cms->category; ?></option>
                            <option value="wildlife">Wildlife</option>
                            <option value="lego">LEGO</option>
                            <option value="portraits-landscapes">Portraits / Landscapes</option>
                            <option value="other">Other</option>
                        <label class="inputLabel" for="heading">Heading</label>
                        <input id="heading" type="text" name="heading" value="<?= $cms->heading; ?>" tabindex="1" required autofocus>
                        <label class="textareaLabel" for="content">Content</label>
                        <textarea id="content" name="content" tabindex="2"><?= $cms->content; ?></textarea>
                        <input type="submit" name="submit" value="enter">
Hi Strider, can I ask why you have so much information in hidden fields rather than use sessions?