I've tried to add image upload to an already working script that posts a subject and description. For some reason it's failing at the point where I'm using move_uploaded_file
The file name is successfully inserting into the database and the print_r statement is showing that the file is going into /tmp. I've tried to echo and print the $tempname and $folder but they seem to be blank and I don't know why. I'm guessing this is the problem.
My php.ini and httpd.conf and permissions are all good as another upload script written by someone else works fine.
if(isset($_POST['submit']))
{
$date = date('Y-m-d H:i:s');
$subject = $_POST['subject'];
$description = $_POST['description'];
$upload_dir = './image';
$filename = $_FILES["choosefile"]["name"];
$tempname = $_FILES["choosefile"]["temp_name"];
move_uploaded_file($tempname, "$upload_dir/$filename");
$insert = mysqli_query($db,"INSERT INTO xv.post (subject, description, creation_date, image) VALUES ('$subject', '$description', '$date', '$filename')");
if(!$insert)
{
echo mysqli_error();
}
else
{
print "<p>Here is some more debugging info:</p>";
print_r($_FILES);
echo $tempname . $folder;
}
}
It should be tmp_name instead of temp_name.
So changing to below should do the trick:
$upload_dir = './image';
$filename = $_FILES["choosefile"]["name"];
$tempname = $_FILES["choosefile"]["tmp_name"];
move_uploaded_file($tempname, "$upload_dir/$filename");
$insert = mysqli_query($db,"INSERT INTO xv.post (subject, description, creation_date, image) VALUES ('$subject', '$description', '$date', '$filename')");
please add a print_r to the $_FILES to see the content:
print_r($_FILES);
Provably there is another structure that you have to get.
Related
UPDATED
upload image to desired directory or say that how to go back to public_html...
first i want to go back three steps at public_html directory than i will go to ibank/login/nfs/uploads and upload image here
here is my code details
// IMAGE UPLOAD
$tmp_name = $_FILES["profile-picture"]["name"];
$path_array = wp_upload_dir(); // normal format start
$file_name = pathinfo($tmp_name ,PATHINFO_FILENAME).time().".".pathinfo($_FILES["profile-picture"]["name"] ,PATHINFO_EXTENSION);
//$test = $tmp_name . "///" .$file_name;
//die($test);
$imgtype = strtolower(pathinfo($tmp_name,PATHINFO_EXTENSION));
$targetpath = get_site_url().'/ibank/login/nfs/uploads/'.$file_name;
//UPLOADS_THEME_PATH."/documents/".$file_name;
move_uploaded_file($tmp_name, $targetpath );
I wanto go back to public_html and than go to my desired path
here is my path....
/ibank/login/nfs/uploads
ibank is in public_html directory not into wp folder
You can define database Like this:
$mydb = new wpdb('decentba_admin','Samsaghir#786','decentba_new','localhost');
$s1="INSERT INTO `register_request` (`name`, `dob`, `email`, `mobile`, `address`, `gender`, `id_type`, `password`, `acc_type`, `acc_branch`, `trans_pin`, `open_bal`, `profile_pictures`) VALUES ('$fullName', '$dob', '$email', '$mobnum', '$fullAddress', '$gender', '$idtype', '$pass', '$atype', '$bnkb', '$transpin', '$aob', '$fileNameDb')";
$insert = $mydb->query($s1);
if($insert){
echo 'success';}
else{
echo 'error in database';
}
I'm building a media and I want my users to
upload as many images as they like,But my problem
is how to save or move this image to a folder
called photo contain in folder called my_media,
my_media folder contain my php files such as
index.php and more,I can move this file to
my_media folder once upload,But i don't want
the file they for security purpose,please
someone should fix my code thanks.
this my code
require_once ('connect.php');
if (isset($_POST['Submit'])) {
$tmp_dir = "my_media/photo";
//it will move to my_media if assign my_media only to the variable $tmp_dir
//but don't work with $tmp_dir = "my_media/photo"
$tmp_name = $_FILES["image"]["tmp_name"];
$name = $_FILES["image"]["name"];
move_uploaded_file($tmp_name,$tmp_dir . basename($name));
//rename("my_media/photo","my_media/photo". basename($name));
$location=$name;
$fname=$_POST['first_name'];
$lname=$_POST['last_name'];
$sql = "INSERT INTO tbl_image (first_name, last_name, image_location)
VALUES ('$fname', '$lname', '$location')";
$res = mysqli_query($con,$sql);
//with this my the image name is inserted into my database but not into the foldermy_media/photo
header("Location:imgview.php");
}
require_once ('connect.php');
if (isset($_POST['submit'])) {
$tmp_dir = "/my_media/photo/";
$name = time().$_FILES["image"]["name"];
move_uploaded_file($_FILES["image"]["tmp_name"], $name);
$location=$name;
$fname=$_POST['first_name'];
$lname=$_POST['last_name'];
$sql = "INSERT INTO tbl_image (first_name, last_name, image_location)
VALUES ('$fname', '$lname', '$location')";
$res = mysqli_query($con,$sql);
header("Location:imgview.php");
}
First of all, lets remove all / and replace them with PHPs DIRECTORY_SEPARATOR.
$tmp_dir = "my_media". DIRECTORY_SEPARATOR . "photo" . DIRECTORY_SEPARATOR ;
And second, to make sure you have permissions to write to that folder, let PHP create the folder instead.
For this to work, first delete the folder you created.
if(!is_dir($tmp_dir)){
mkdir($tmp_dir);
move_uploaded_file($tmp_name,$tmp_dir . basename($name));
}else{
move_uploaded_file($tmp_name,$tmp_dir . basename($name));
}
And last but not the least, you are open to SQL injection. Use prepared statements instead. Example
<?php
include 'db.php';
//This is the directory where images will be saved
$target = "images/";
$target = $target . basename( $_FILES['photo']['name']);
//This gets all the other information from the form
$stnam = $_POST['stName'];
$stage = $_POST['stAge'];
$stdob = $_POST['stDob'];
$pic=($_FILES['photo']['name']);
mysqli_query("INSERT INTO test (name, age, dob, photo) VALUES ('$stnam', '$stage', '$stdob', 'pic')");
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target))
{
echo "The file ". basename( $_FILES['photo']['name']). " has been uploaded, and your information has been added to the directory";
}
else {
echo "Sorry, there was a problem uploading your file.";
}
?>
I have been trying to upload an image file into sql database using phpmyadmin I used this above code when I executed it the file goes into directory well but the data values are not being inserted into mysql. Can anyone help?
Changes
1) Put $ before pic in insert query.
2) And, keep insert query inside if(). Because, row will get inserted even though file is not moved to desired folder.
3) No connection variable is used in mysqli_query. It requires 2 arguments. [I assumed $conn as connection variable. Replace it according to your connection variable.] For more info, click mysqli_query
Updated Code
if(move_uploaded_file($_FILES['photo']['tmp_name'], $target)){
mysqli_query($conn, "INSERT INTO test (name, age, dob, photo) VALUES ('$stnam', '$stage', '$stdob', '$pic')");
echo "The file ". basename( $_FILES['photo']['name']). " has been uploaded, and your information has been added to the directory";
} else {
echo "Sorry, there was a problem uploading your file.";
}
Need help above code is saving image to a folder(photos) define in the above code. but the other data which is being post by a form is not being save to database...I am new to php and i found this code from a website www.jeasyui.com. so i try to modified it but fail..as usual.:(
if (!isset($_FILES['image']['tmp_name'])) {
echo "";
}else{
$file=$_FILES['image']['tmp_name'];
$image= addslashes(file_get_contents($_FILES['image']['tmp_name']));
$image_name= addslashes($_FILES['image']['name']);
move_uploaded_file($_FILES["image"]["tmp_name"],"photos/" . $_FILES["image"]["name"]);
$location="photos/" . $_FILES["image"]["name"];
$name = $_REQUEST['prname'];
$code = $_REQUEST['prcode'];
$type = $_REQUEST['prtype'];
$weight = $_REQUEST['prweight'];
$desc = $_REQUEST['prdesc'];
$machine = $_REQUEST['prmachinemodel'];
include 'conn.php';
$sql = "insert into canon (product_name,product_code,product_type, product_descp, product_weight, machine_model, location) values('$name','$code','$type','$desc',$weight','$machine','$location')";
$result = #mysql_query($sql);
if ($result){
echo json_encode(array('success'=>true));
} else {
echo json_encode(array('msg'=>'Some errors occured.'));
}}?>
Use POST or GET instead REQUEST first of all.
Then what happens if you do a var_dump of the $sql, than try to execute it in phpMyAdmin ?
If you copied the code, then make sure you have html inputs with these names:prname,prcode,prtype,prweight,prdesc,prmachinemodel
This baffles me. For some weird reason, move_uploaded_file() doesn't put the file into the directory, yet it returns a valid tmp_name and name. So in this case $file always = to false.
Anyway, can anyone point some problems with this code? It would be greatly appreciated.
<?php
include 'realtydevkit.php';
session_start();
$name = $_FILES['yourlogo']['name'];
$tmpname = $_FILES['yourlogo']['tmp_name'];
if ($name) {
$directory = $name;
$userid = $_SESSION['userid'];
$type = "logo";
$file = move_uploaded_file($tmpname, $directory);
if ($file == true) {
mysql_query("INSERT INTO usercontent
(`userid`, `type`, `url`) VALUES
('$userid', '$type', '$directory')");
echo 'Uploaded';
echo "<img src='".$directory."'/>";
} else {
echo 'There was an error moving the file.';
}
}
?>
You're not checking $_FILES['yourlogo']['error'], either.
Here is what you check with an uploaded file:
Check $_FILES['yourlogo']['error']. If it is UPLOAD_ERR_OK (0), then proceed.
Check is_uploaded_file($_FILES['yourlogo']['tmp_name']). If this fails, PHP doesn't know what went wrong, but it doesn't trust the file.
Assemble the destination path.
Use move_uploaded_file().
If move_uploaded_file() errors, then PHP can't write the file at the destination. This is usually an invalid path or it doesn't have permissions.
Note that $_FILES['yourlogo']['name'] is the name the file had on the uploader's PC. It shouldn't have any path information.
<?php
include 'realtydevkit.php';
session_start();
$name = $_FILES['yourlogo']['name'];
$tmpname = $_FILES['yourlogo']['tmp_name'];
if ($name) {
$directory = $name;
$userid = $_SESSION['userid'];
$type = "logo";
$file = move_uploaded_file($tmpname, "path of ur directore/".$directory);
if ($file == true) {
mysql_query("INSERT INTO usercontent
(`userid`, `type`, `url`) VALUES
('$userid', '$type', '$directory')");
echo 'Uploaded';
echo "<img src='".$directory."'/>";
}
else
{
echo 'There was an error moving the file.';
}
}
?>