$_POST?

[Zoofu]

if(isset($_POST['Submit']) && !$errors)
{
echo "<h1>Video uploaded!</h1>";

$sel3=mysql_query("SELECT * FROM `users` WHERE `id`=".$_SESSION['uid']."") OR die(mysql_error());
$rowt3=mysql_fetch_array($sel3);
    	$reply = $_POST['reply'];
            $sql4 = "INSERT INTO `videos` (`path`,`uid`,`vidname`) VALUES ('videos/".$image_name."','".$row['id']."','".$reply."')";
            $res4 = mysql_query($sql4) or die(mysql_error());

}

?>



<!--next comes the form, you must set the enctype to "multipart/frm-data" and use an input type "file" -->
<form name="newad" method="post" enctype="multipart/form-data" action="">
<table>
<tr><td class=\"forum_header\" ><input type="file" name="image"></td></tr>
<tr><td class=\"forum_header\" ><input type="text" name=\"reply\"></td></tr>
<tr><td class=\"forum_header\" ><input name="Submit" type="submit" value="Upload video"></td></tr>
</table>
</form>

 

For some reason, it puts the path and uid into the respective fields, bur $reply won't go into vidname?

[PFMaBiSmAd]

The \ escape characters in -

 

name=\"reply\"

 

cause the POST index name to literally contain the double-quote characters. Why are those \ escape characters in there? You don't have them on any of the other name="..." attributes that do work.

[hamza]

$sql4 = "INSERT INTO `videos` (`path`,`uid`,`vidname`)

VALUES ('videos".$image_name."','".$row['id']."','".$reply."')";

 

 

 

  \" .  .\"        -- this is how you can use php variable in between with double quotations

  \'.  .\'          -- with single quotation 

 

wrong;

VALUES ('videos".$image_name."',

 

 

you can concat string with this variable.

$videos = videos . $image_name;

 

and follow the syntax shown above

correct;

VALUES (\" .  $videos  .\"  ,