hoponhiggo Posted August 20, 2011 Share Posted August 20, 2011 Hi guys Im trying to create a form which allows me to insert records into my database, and upload an image, the name of which will be stored in the database. I have the following code which inserts all the data into the db, except the image name and the image isnt uploaded either <?php require_once('../Connections/pwnedbookv4.php'); ?> <?php if (!function_exists("GetSQLValueString")) { function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "") { if (PHP_VERSION < 6) { $theValue = get_magic_quotes_gpc() ? stripslashes($theValue) : $theValue; } $theValue = function_exists("mysql_real_escape_string") ? mysql_real_escape_string($theValue) : mysql_escape_string($theValue); switch ($theType) { case "text": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "long": case "int": $theValue = ($theValue != "") ? intval($theValue) : "NULL"; break; case "double": $theValue = ($theValue != "") ? doubleval($theValue) : "NULL"; break; case "date": $theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL"; break; case "defined": $theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue; break; } return $theValue; } } $editFormAction = $_SERVER['PHP_SELF']; if (isset($_SERVER['QUERY_STRING'])) { $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']); } if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "form1")) { $insertSQL = sprintf("INSERT INTO Games (gametitle, info, genre, releasedate, format) VALUES (%s, %s, %s, %s, %s)", GetSQLValueString($_POST['gametitle'], "text"), GetSQLValueString($_POST['info'], "text"), GetSQLValueString($_POST['genre'], "text"), GetSQLValueString($_POST['releasedate'], "date"), GetSQLValueString($_POST['format'], "text")); mysql_select_db($database_pwnedbookv4, $pwnedbookv4); $Result1 = mysql_query($insertSQL, $pwnedbookv4) or die(mysql_error()); } ?> <form action="<?php echo $editFormAction; ?>" method="post" enctype="multipart/form-data" name="form1" id="form1"> <table align="center"> <tr valign="baseline"> <td nowrap="nowrap" align="right">Gametitle:</td> <td><input name="gametitle" type="text" value="" size="50" maxlength="50" /></td> </tr> <tr valign="baseline"> <?php //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","100"); //This function reads the extension of the file. It is used to determine if the file is an image by checking the extension. function getExtension($str) { $i = strrpos($str,"."); if (!$i) { return ""; } $l = strlen($str) - $i; $ext = substr($str,$i+1,$l); return $ext; } //This variable is used as a flag. The value is initialized with 0 (meaning no error found) //and it will be changed to 1 if an errro occures. //If the error occures the file will not be uploaded. $errors=0; //checks if the form has been submitted if(isset($_POST['Submit'])) { if($_POST['Submit'] == ""){ // submit empty die ("you must include a picture"); } //reads the name of the file the user submitted for uploading $image=$_FILES['image']['name']; //if it is not empty if ($image) { //get the original name of the file from the clients machine $filename = stripslashes($_FILES['image']['name']); //get the extension of the file in a lower case format $extension = getExtension($filename); $extension = strtolower($extension); //if it is not a known extension, we will suppose it is an error and will not upload the file, //otherwise we will do more tests if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) { //print error message echo '<h1>Unknown extension!</h1>'; $errors=1; } else { //get the size of the image in bytes //$_FILES['image']['tmp_name'] is the temporary filename of the file //in which the uploaded file was stored on the server $size=filesize($_FILES['image']['tmp_name']); //compare the size with the maxim size we defined and print error if bigger if ($size > MAX_SIZE*1024) { echo '<h1>You have exceeded the size limit!</h1>'; $errors=1; } //we will give an unique name, for example the time in unix time format $image_name=time().'.'.$extension; //the new name will be containing the full path where will be stored (images folder) $newname="coverart/".$image_name; //Writes the information to the database mysql_query("UPDATE Games SET cover = '$image_name' WHERE gametitle= '$gametitle'"); //we verify if the image has been uploaded, and print error instead $copied = copy($_FILES['image']['tmp_name'], $newname); if (!$copied) { echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; }}}} ?> <td nowrap="nowrap" align="right">Cover:</td> <td><input type="file" name="image"></td></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right">Info:</td> <td><input name="info" type="text" value="" size="50" /></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right">Genre:</td> <td><input type="text" name="genre" value="" size="50" /></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right">Releasedate:</td> <td><input type="text" name="releasedate" value="" size="50" /></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right">Format:</td> <td><input type="text" name="format" value="" size="50" /></td> </tr> <tr valign="baseline"> <td nowrap="nowrap" align="right"> </td> <td><input type="submit" value="Submit" /></td> </tr> </table> <input type="hidden" name="MM_insert" value="form1" /> </form> Can anybody see what im missing? Link to comment https://forums.phpfreaks.com/topic/245277-image-not-uploading/ Share on other sites More sharing options...
MarPlo Posted August 21, 2011 Share Posted August 21, 2011 Hy, To save the uploaded file on the server, instead of: copy($_FILES['image']['tmp_name'], $newname) Use: move_uploaded_file($_FILES['image']['tmp_name'], $newname) About adding the link in database, Perhaps the condition from the Where clause in mysql_query isn't match Link to comment https://forums.phpfreaks.com/topic/245277-image-not-uploading/#findComment-1260143 Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.