need help uploading images to database

[davids_media]

I want users to be allowed to upload images to a table in a database but I cannot seem to find a suitable way to implementing using the code I already have, here is the code below;

 

<?php

error_reporting(E_ALL ^ E_NOTICE);
ini_set("display_errors", 1);

require_once ('./includes/config.inc.php');

require_once (MYSQL);

$add_cat_errors = array();

if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
if (!empty($_POST['product']))
{
	$prod = mysqli_real_escape_string($dbc, strip_tags($_POST['product']));
}
else
{
$add_cat_errors['product'] = 'Please enter a Product Name!';
}

if (filter_var($_POST['prod_descr']))
{
$prod_descr = mysqli_real_escape_string($dbc, strip_tags($_POST['prod_descr']));
}
else
{
$add_cat_errors['prod_descr'] = 'Please enter a Product Description!';
}

// Check for a category:
if (filter_var($_POST['cat'], FILTER_VALIDATE_INT, array('min_range' => 1))) {
	$catID = $_POST['cat'];
} else { // No category selected.
	$add_page_errors['cat'] = 'Please select a category!';
}

if (filter_var($_POST['price']))
{
$price = mysqli_real_escape_string($dbc, strip_tags($_POST['price']));
}
else
{
$add_cat_errors['price'] = 'Please enter a Product Description!';
}

if (filter_var($_POST['stock']))
{
$stock = mysqli_real_escape_string($dbc, strip_tags($_POST['stock']));
}
else
{
$add_cat_errors['stock'] = 'Please enter a Product Description!';
}

if (empty($add_cat_errors))
{
$query = "INSERT INTO product (product, prod_descr, catID, price, image, stock) VALUES ('$prod', '$prod_descr', '$catID', '$price', '$image', '$stock')";
$r = mysqli_query ($dbc, $query);
if (mysqli_affected_rows($dbc) == 1)
{
	echo '<p>Record Successfully Added!!!!!</p>';
	$_POST = array();
}
else
{
	trigger_error('OH NOOOOO!!!!');
}
}
}

require_once ('./includes/form_functions.inc.php');
?>

<form action="add_product.php" method="post">
Product Name: <?php create_form_input('product', 'text', $add_cat_errors);?>
Product Description: <?php create_form_input ('prod_descr', 'text', $add_cat_errors);?>
Category: <select name="cat"<?php if (array_key_exists('cat', $add_cat_errors))?>>
<option>Select a Category</option>
<?php $q = "SELECT catID, cat FROM category ORDER BY cat ASC";
$r = mysqli_query($dbc, $q); while ($row = mysqli_fetch_array($r, MYSQLI_NUM))
{
echo "<option value=\"$row[0]\"";
if (isset($_POST['cat']) && ($_POST['cat'] == $row[0]))
echo 'selected="selected"';
echo ">$row[1]</option>\n";
}
?>
Price: <?php create_form_input('price', 'text', $add_cat_errors);?>
Upload an Image: <?php if(array_key_exists('image', $add_cat_errors))
{
echo '<input type="file" name="image" />';
} ?>
Stock: <?php create_form_input('stock', 'text', $add_cat_errors);?>

<input type="submit" name="submit_button" value="ADD RECORD" />
</form>

 

Everything else writes perfectly but I have been trying ways to create a file upload and write successfully to the database. The 'image' field has a data type of 'varchar'.

 

I apologise immensely for the long winded explanation but if anyone could help me please that would be much appreciated.

[El Chupacodra]

Or you could just upload the image to the server and save the link in your database.

You could even make two at once so you have a fullsize folder and a thumbnail folder (or both versions in the same folder).

[davids_media]

thats kind of what I am already doing (or at least wanting to do), hence the reason why I went down the path of using varchar as a field type, the files are already stored in directories and I just want to write the entire directory e.g. ('thumbs/thumb1.jpg')

[xyph]

I don't see an attempt to upload the file at all in that snippet. Are you completely lost as to where to start?

 

http://php.net/manual/en/features.file-upload.php

http://php.about.com/od/advancedphp/ss/php_file_upload.htm