Uploading image then setting image path in a database

[mhawkes]

Hi, I am new here so sorry if my post lacks coherency.

 

I am attempting to upload an image to a directory then take the path of that image and insert it in to a database.

I am making an upload form that adds an event to an sql database and wish to include an image when it is displayed on the site. Currently I have attempted to set a session using the name of the new event when you press upload, where it takes you to another page where you add the image. It checks the session and then uploads the image. The image is uploading fine however I can't get the path to post to the database.

session_start();
if (isset($_SESSION['Name'])){
$eventname = $_SESSION['Name'];
}

$file_upload="true";
$file_up_size=$_FILES['file_up'][size];
echo $_FILES[file_up][name];
if ($_FILES[file_up][size]>250000){$msg=$msg."Your uploaded file size is more than 250KB so please reduce the file size and then upload. Visit the help page to know how to reduce the file size.<BR>";
$file_upload="false";}

if (!($_FILES[file_up][type] =="image/jpeg" OR $_FILES[file_up][type] =="image/gif")){$msg=$msg."Your uploaded file must be of JPG or GIF. Other file types are not allowed<BR>";
$file_upload="false";}

$file_name=$_FILES[file_up][name];
$add="../upload/events/$file_name"; // the path with the file name where the file will be stored, upload is the directory name.
if($file_upload=="true"){

if(move_uploaded_file ($_FILES[file_up][tmp_name], $add)){
DATABASE CONNECTION WOULD GO HERE
      	
      	$query = "UPDATE Events SET image='$add' WHERE Name='$eventname'";
      	mysql_query($query) or die('Error, query failed');
      	echo "<br>File $file_name uploaded<br>";
  }
  
   mysql_close($con)
	else{echo "Failed to upload file Contact Site admin to fix the problem";
	}

}
else{echo $msg;}

unset($_SESSION['Name']);
session_destroy();

 

Any help would be greatly appreciated.

[andrewgauger]

Try a

$add=mysql_real_escape_string($add); 

before the update.

[mhawkes]

Thank you, I tried inserting that and I am still having the same problem.

The image is uploaded but I just get a blank screen and the path name hasn't been added to my database.

[litebearer]

1. try simply echoing out $add to see what value it contains.

 

2. We are PRESUMING that you are actually making the db connection and that the words "DATABASE CONNECTION WOULD GO HERE"  are simply for example here.

 

3. check brace location here "}

mysql_close($con)

else{

echo "Failed to upload file Contact Site admin to fix the problem";

}"

 

 

[mhawkes]

1. Having echo'd $add it comes ups with the path I wanted.

2. I just put "Database connec..." on here as to not put in my details.

3. I removed the } yet it made no difference to the result.

[litebearer]

Have you tried echoing out $eventname to check its value?

[mhawkes]

I just have and it echo'd nothing, I'm guessing that's the problem.

I need to use the information stored in that session to ensure that the image is inserted in to the same row of the table as the information placed in it on the page before. Is there any way around this?

[litebearer]

Show us the page where you set the session variable $_SESSION['Name']

 

[mhawkes]

It takes the information from a form and puts it through:

 

 mysql_select_db("mhawkes", $con);
   $errors = "";  
   if (!isset($_POST['Name']))  
     $errors .= "Please provide a name for the Event <br/>";  
   if (!isset($_POST['Date']))  
     $errors .= "Please provide a date. <br/>";
   if (!isset($_POST['Venue']))  
     $errors .= "Please provide a venue. <br/>";  
   if ($errors == "") {
     mysql_query("INSERT INTO Events(Name, Genre, Date, Venue, Price, Tickets, EventID, postcode) 
 			 VALUES( 
					 '".addslashes($_POST['Name'])."',
                         '".addslashes($_POST['Genre'])."', 
					 '".addslashes($_POST['Date'])."', 
                         '".addslashes($_POST['Venue'])."',  
					 '".addslashes($_POST['Price'])."',
					 '".addslashes($_POST['Tickets'])."',
					 '',
					 '".addslashes($_POST['postcode'])."'
                         )") 
					 or die(mysql_error());  
session_start();
$_SESSION['Name'] = $_POST['Name'];
     header("location:../eventpic.php");
  	} 
  else {  
      echo $errors."Registration Unsuccessful, Please try again.";  
  		} 

 

Setting the session at the bottom of the page.

[litebearer]

I presume you have started sessions at the top of that page and eventpic.php is the name of the first file you showed us.

 

if so then try echoing $_POST['Name'].

 

[mhawkes]

I echo'd it on the eventpic page and it showed the value I that I expected it to show.

i.e. the name posted from the form.

[litebearer]

PM me and we can try to isolate the problem

[andrewgauger]

Note: To use cookie-based sessions, session_start() must be called before outputing anything to the browser.

 

You might have to use non-cookie  based sessions if you don't start your page with session_start();

 

 

echo '<br /><a href="page2.php?' . SID . '">page 2</a>';

 

http://php.net/manual/en/function.session-start.php

[mhawkes]

How would I implement those in to a form? I.e. if I'm not using a href links to get between pages?

[andrewgauger]

echo "<form action=\"handler.php?" . SID . "\" method=\"POST\">";