For loop only inserts one filename

Question

for($i = 0; $i < $uploadsNeeded; $i++){ 

 $file_name = $_FILES['uploadFile'. $i]['name']; 
 $file_name = stripslashes($file_name); 
 $file_name = str_replace("'","",$file_name);
 $uploaddir = "media/files/".$_FILES['uploadFile'. $i]['name']; 
 $copy = move_uploaded_file($_FILES['uploadFile'. $i]['tmp_name'], $uploaddir); 
 if($copy){ 
      $res = db_res("INSERT INTO `atest` SET `filename`='$file_name', `article`='$ArticleUri'");
  } 
}

For some reason thing only uploading one of the selected files and inserting only one filename in the database. If there a better way to go through this loop to catch all of them?

php no0b

Answer 1

There are 3 comments above, including mine: basically they are all saying the same thing. You haven't provided enough information for us to help you diagnose the problem. So I'd recommend taking a first step to debugging:

Check the values of your variables

You can do this with either print_r for variables like $_FILES (to see what files your server is getting info on) and simple echo statements to check what directory files are being saved to. Try adding a echo $uploaddir; after you define the variable to make sure its what you expect.

Also, check the $uploadsNeeded varible; you don't show how or where you're defining it, if its not the number you expect, that could be your problem right there.

Answer 2

From the little information you gave us, my guess is that your problem lies within the following code:

$_FILES['uploadFile' . $i]

Try this instead and see if it works:

$filesUploaded = Upload('uploadFile', './media/files/');

foreach ($filesUploaded as $fileUploaded)
{
    $res = db_res("INSERT INTO `atest` SET `filename` = '" . $fileUploaded . "', `article` = '$ArticleUri';");
}

Here is the Upload() function you're gonna need:

function Upload($source, $destination)
{
    $result = array();

    if (array_key_exists($source, $_FILES) === true)
    {
        if (is_array($_FILES[$source]['error']) === true)
        {
            foreach ($_FILES[$source]['error'] as $key => $value)
            {
                if ($value == UPLOAD_ERR_OK)
                {
                    $filename = str_replace("'", '', stripslashes(basename($_FILES[$source]['name'][$key])));

                    if (move_uploaded_file($_FILES[$source]['tmp_name'][$key], $destination . $filename) === true)
                    {
                        $result[] = $destination . $filename;
                    }
                }
            }
        }

        else
        {
            $filename = str_replace("'", '', stripslashes(basename($_FILES[$source]['name'])));

            if (move_uploaded_file($_FILES[$source]['tmp_name'], $destination . $filename) === true)
            {
                $result[] = $destination . $filename;
            }
        }
    }

    return $result;
}

Printing the $_FILES array would be very useful for us to find possible bugs in your code:

echo '<pre>';
print_r($_FILES);
echo '</pre>';

---

PS: Don't forget your SQL query is vulnerable to SQL Injections!