Issue when trying to update clients info - php

I'm having an issue where when I go to upload or update a client, it will automatically take the clients profile off if you do not add an image to upload. But If I just want to update their website or motto, and click update, I don't want to have to try and search their image down again and upload it just to update a few items. Any Ideas on why it's doing this? Thank You In Advance.
Heres my code:
<?php
//Gets The Users info when editing it.
$stmt = $DB_con->prepare('SELECT * FROM sponsors WHERE id='.$id);
$stmt->execute();
if($stmt->rowCount() > 0)
{
$row=$stmt->fetch(PDO::FETCH_ASSOC);
extract($row);
}
?>
<div class="col-xs-12 col-sm-6 col-md-8">
<form method="post" class="form-horizontal" enctype="multipart/form-data">
<div class="form-group">
<label for="sponsor_name" class="col-sm-3 control-label">Sponsor Name:</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="sponsor_name" id="sponsor_name" value="<?php echo $name;?>">
</div>
</div>
<div class="form-group">
<label for="sponsor_phone" class="col-sm-3 control-label">Sponsor Phone Number:</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="sponsor_phone" id="sponsor_phone" value="<?php echo $phone;?>">
</div>
</div>
<div class="form-group">
<label for="sponsor_moto" class="col-sm-3 control-label">Sponsors Motto:</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="sponsor_motto" id="sponsor_motto" value="<?php echo $motto;?>">
</div>
</div>
<div class="form-group">
<label for="sponsors_website" class="col-sm-3 control-label">Sponsors Website:</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="sponsor_website" id="sponsor_website" value="<?php echo $website;?>">
</div>
</div>
<div class="form-group">
<label for="sponsor_on" class="col-sm-3 control-label">Sponsor on or off?:</label>
<div class="col-sm-9">
<input type="text" class="form-control" name="sponsor_on" id="sponsor_on" value="<?php echo $live;?>">
</div>
</div>
<div class="form-group">
<label for="image" class="col-sm-3 control-label"> Profile Picture </label>
<div class="col-sm-9">
<p><img id="image" src="../images/sponsors/<?php echo $row['logo'];?>" height="150" width="150" /></p>
<div class="col-sm-9">
<input class="input-group" type="file" name="user_image" accept="image/*" />
</div>
<br>
<br>
<div class="col-sm-offset-3 col-sm-9">
<button type="submit" name="btn_save_updates" class="btn btn-info waves-effect waves-light">Update Sponsor</button>
Delete Sponsor</button>
</div>
</div>
</div>
</form>
Heres my PHP code that will update the Database.
<?php
if(isset($_GET['edit_id']) && !empty($_GET['edit_id']))
{
$id = $_GET['edit_id'];
$stmt_edit = $DB_con->prepare('SELECT * FROM sponsors WHERE id =:uid');
$stmt_edit->execute(array(':uid'=>$id));
$edit_row = $stmt_edit->fetch(PDO::FETCH_ASSOC);
extract($edit_row);
}
else
{
header("Location: ../../login.php");
}
if(isset($_POST['btn_save_updates']))
{
$username = $_POST['user_name'];
$description = $_POST['description'];
$imgFile = $_FILES['user_image']['name'];
$tmp_dir = $_FILES['user_image']['tmp_name'];
$imgSize = $_FILES['user_image']['size'];
if($imgFile)
{
$upload_dir = '../images/sponsors/';
$imgExt = strtolower(pathinfo($imgFile,PATHINFO_EXTENSION));
$valid_extensions = array('jpeg', 'jpg', 'png', 'gif');
$userprofile = rand(1000,1000000).".".$imgExt;
if(in_array($imgExt, $valid_extensions))
{
if($imgSize < 5000000)
{
unlink($upload_dir.$edit_row['logo']);
move_uploaded_file($tmp_dir,$upload_dir.$userprofile);
}
else
{
$errMSG = "Sorry, Your File Is Too Large To Upload. It Should Be Less Than 5MB.";
}
}
else
{
$errMSG = "Sorry, only JPG, JPEG, PNG & GIF Extension Files Are Allowed.";
}
}
else
{
$userprofile = $edit_row['userprofile'];
}
if(!isset($errMSG))
{
$sponsorname = $_POST['sponsor_name'];
$motto = $_POST['sponsor_motto'];
$phone = $_POST['sponsor_phone'];
$website = $_POST['sponsor_website'];
$son = $_POST['sponsor_on'];
$stmt = $DB_con->prepare('UPDATE sponsors SET name=:sname, motto=:smotto, phone=:sphone,website=:swebsite,live=:son, logo=:upic WHERE id=:uid');
$stmt->bindParam(':sname',$sponsorname);
$stmt->bindParam(':smotto',$motto);
$stmt->bindParam(':sphone',$phone);
$stmt->bindParam(':swebsite',$website);
$stmt->bindParam(':son',$son);
$stmt->bindParam(':upic',$userprofile);
$stmt->bindParam(':uid',$id);
if($stmt->execute()){
?>
<script>
alert('Successfully Updated...');
window.location.href='managesponsors.php?action=sponsorupdated';
</script>
<?php
}
else{
$errMSG = "Sorry User Could Not Be Updated!";
}
}
}
?>

Related

How to update the image name in SQL table and store it in the directory?

I wanted to update the image "name" to SQL and store the new image file in the directory, But I'm not able to find a good way to do it and my existing code is not working as well for the file upload.
.PHP file
<?PHP
$base_url = "https://example.com/"; // Current page path URL: https://example.com/settings#/edit-profile
$uniqueid = $_SESSION['uniqueid']; // Current user unique id.
// For Extension
function getExtension($str) {
$i = strrpos($str,".");
if (!$i) { return ""; }
$l = strlen($str) - $i;
$ext = substr($str,$i+1,$l);
return $ext;
}
?>
<?php
if(!empty($uniqueid))
{
$edituserid = $uniqueid;
$query_result=mysqli_query($con,"SELECT * FROM tbl_admin WHERE uniqueid='$edituserid'");
$numrows=mysqli_num_rows($query_result);
if(!$numrows)
{
$_SESSION['error'] = "Somthing went wrong!";
header('Location:'.$base_url.'settings#/edit-profile');
}
else
{
$Query = mysqli_query($con,"SELECT * FROM tbl_admin WHERE uniqueid='$edituserid'");
$editRow = mysqli_fetch_array($Query);
$edituserid = $editRow['uniqueid'];
$previousimage = $editRow['profile_image'];
}
}
?>
<?php
if(isset($_POST['update_user_info']))
{
$first_name = mysqli_real_escape_string($con,$_POST['first_name']);
$last_name = mysqli_real_escape_string($con,$_POST['last_name']);
$uniqueid1 = mysqli_real_escape_string($con,$_POST['uniqueid']);
// Image preparation
$profile_image = $_FILES['profile_image']['name'];
if($profile_image)
{
$profile_image_original = ($_FILES['profile_image']['name']);
$profile_image = ($uniqueid);
$profile_image_extension = getExtension($profile_image_original);
$extension = strtolower($profile_image_extension);
$dot = ".";
$profile_image_type = $_FILES['profile_image']['type'];
$profile_image_size = $_FILES['profile_image']['size'];
$image_file_name = "assets/user_images/".$profile_image.=$dot.=$extension;
move_uploaded_file($_FILES['profile_image']['tmp_name'], $image_file_name);
}
else
{
$profile_image = $previousimage;
}
if(!empty($_FILES['profile_image']['name']))
{
$sql2 = "UPDATE `tbl_admin` SET `first_name`='$first_name', `last_name`='$last_name', `uniqueid`='$uniqueid1', `profile_image`='$profile_image' WHERE uniqueid='$edituserid'";
}
else
{
$sql2 = "UPDATE `tbl_admin` SET `first_name`='$first_name', `last_name`='$last_name', `uniqueid`='$uniqueid1' WHERE uniqueid='$edituserid'";
}
//var_dump($sql); exit();
$result2 = mysqli_query($con, $sql2);
if($result2)
{
$_SESSION['success'] = "Update successful!";
header('Location:'.$base_url.'settings#/edit-profile');
} else {
$error="Something went wrong !";
}
$first_name = '';
$last_name = '';
$uniqueid1 = '';
}
?>
HTML form
<form method="POST" enctype="multipart/form-data">
<div class="row">
<div class="col-md-4 col-sm-12">
<div class="container">
<div class="avatar-upload">
<div class="avatar-edit">
<input type="file" id="imageUpload" name="profile_image" accept="image/*" />
<label for="imageUpload"></label>
</div>
<div class="avatar-preview">
</div>
</div>
</div>
</div>
<div class="form-group row">
<label for="staticEmail" class="col-sm-4 col-form-label">Email</label>
<div class="col-sm-8">
<input type="text" readonly class="form-control" id="staticEmail" value="<?php if(!empty($editRow)){ echo $editRow['email']; } ?>">
</div>
</div>
<div class="form-group row">
<label for="inputFirstName" class="col-sm-4 col-form-label">First Name</label>
<div class="col-sm-8">
<input type="text" class="form-control" id="inputFirstName" name="first_name" value="<?php if(!empty($editRow)){ echo $editRow['first_name']; } ?>">
</div>
</div>
<div class="form-group row">
<label for="inputLastName" class="col-sm-4 col-form-label">Last Name</label>
<div class="col-sm-8">
<input type="text" class="form-control" id="inputLastName" name="last_name" value="<?php if(!empty($editRow)){ echo $editRow['last_name']; } ?>">
</div>
</div>
<div class="form-group row">
<label for="inputSxID" class="col-sm-4 col-form-label">ID</label>
<div class="col-sm-8">
<input type="text" readonly class="form-control" id="inputSxID" name="uniqueid" value="<?php if(!empty($editRow)){ echo $editRow['uniqueid']; } ?>">
</div>
</div>
<button type="submit" class="btn btn-primary" name="update_user_info">Update</button>
</div>
</div>
</form>
It handles This table
id
first_name
last_name
email
profile_image
1
Joe
Dilon
abc#mail.com
abc.jpg
To // after success post update
id
first_name
last_name
email
profile_image
1
Changed
Changed
abc#mail.com
abc.jpg //No Response
And also there is no image file transfer into the targeted directory path. I'm not able to figure what's wrong or best way to do it correctly.

If the user adds 3 images, it will show error in PHP

I am trying to do that if the user only adds 2-3 images still it could send the image and image name to the Database. I tried and created ($sql4) for it but it shows an error that the file type is not supported, and I also checked that the file type it was the (png file). Please help me.
add_blog.php
<?php include 'header.php';
if (isset($_SESSION['user_data'])) {
// This will fetch the author id that is stored in index['0'].
$author_id = $_SESSION['user_data']['0'];
$sql = "SELECT * FROM categories";
$query = mysqli_query($config, $sql);
}
?>
<div class="container">
<h5 class="mb-2 text-gray-800">School</h5>
<div class="row">
<div class="col-xl-8 col-lg-6">
<div class="card">
<div class="card-header">
<h6 class="font-weight-bold text-primary mt-2">Add School</h6>
</div>
<div class="card-body">
<form action="" method="POST" enctype="multipart/form-data">
<div class="mb-3">
<input type="text" name="blog_title" placeholder="Title" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_tagline" placeholder="Tagline" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_rating" placeholder="Rating" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_projects" placeholder="Projects" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_events" placeholder="School Events" class="form-control">
</div>
<div class="mb-3">
<input type="number" name="school_mobile" placeholder="School Number" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_email" placeholder="School Email" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility" placeholder="Facilities your school have" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_2.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_2" placeholder="Facilities 2" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_3.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_3" placeholder="Facilities 3" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_4.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_4" placeholder="Facilities 4" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_5.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_5" placeholder="Facilities 5" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_6.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_6" placeholder="Facilities 6" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_7.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_7" placeholder="Facilities 7" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_8.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_8" placeholder="Facilities 8" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_activities.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_activities_heading_1" placeholder="School Activities Heading" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_activities_para_1" placeholder="School activities Paragraph" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_activities_2.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_activities_heading_2" placeholder="School activities Heading 2" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_activities_para_2" placeholder="School Activities Paragraph 2" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_activities_3.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_activities_heading_3" placeholder="School activities Heading 3" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_activities_para_3" placeholder="School activities Paragraph 3" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_mission.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_mission_heading" placeholder="School Mission Heading" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_mission_para" placeholder="School Mission Paragraph" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_vision.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_vision_heading" placeholder="School Vision Heading" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_vision_para" placeholder="School Vision Paragraph" class="form-control">
</div>
<div class="mb-3">
<label for="">About School Infomartion</label>
<textarea class="form-control" name="blog_body" id="blog" rows="2"></textarea>
</div>
<div class="mb-3">
<label for="">School Activities Infomartion</label>
<textarea class="form-control" name="school_activities" id="blog_1" rows="2"></textarea>
</div>
<div class="mb-3">
<label for="">If you have mission or vision please describe</label>
<textarea class="form-control" name="school_mission_vision" id="blog_2" rows="2"></textarea>
</div>
<div class="mb-3">
<input type="file" name="blog_image" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_2" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_3" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_4" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_5" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_6" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_7" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_8" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_social.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_instagram" placeholder="Instagram Link" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_social_2.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facebook" placeholder="Facebook Link" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_social_3.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_twitter" placeholder="Twitter Link" class="form-control">
</div>
<div class="mb-3">
<select class="form-control" name="category">
<option value="" name="category">Select Category</option>
<!-- $cats will fetch all all the data that is store in the categories. -->
<?php while ($cats = mysqli_fetch_assoc($query)) { ?>
<option value="<?= $cats['cat_id'] ?>">
<?= $cats['cat_name'] ?>
</option>
<?php } ?>
}
</select>
</div>
<div class="mb-3">
<input type="submit" name="add_blog" value="Add" class="btn btn-primary">
<a class="btn btn-secondary" href="index.php">Back</a>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<?php
include 'footer.php';
// If the user click on Add button then the user data should upload to the database.
if (isset($_POST['add_blog'])) {
$title = mysqli_real_escape_string($config, $_POST['blog_title']);
$tagline = mysqli_real_escape_string($config, $_POST['school_tagline']);
$rating = mysqli_real_escape_string($config, $_POST['school_rating']);
$projects = mysqli_real_escape_string($config, $_POST['school_projects']);
$events = mysqli_real_escape_string($config, $_POST['school_events']);
$mobile = mysqli_real_escape_string($config, $_POST['school_mobile']);
$email = mysqli_real_escape_string($config, $_POST['school_email']);
$activities = mysqli_real_escape_string($config, $_POST['school_activities']);
$missionVision = mysqli_real_escape_string($config, $_POST['school_mission_vision']);
$body = mysqli_real_escape_string($config, $_POST['blog_body']);
$icon = mysqli_real_escape_string($config, $_POST['icon_input']);
$facility_1 = mysqli_real_escape_string($config, $_POST['school_facility']);
$icon2 = mysqli_real_escape_string($config, $_POST['icon_input_2']);
$facility_2 = mysqli_real_escape_string($config, $_POST['school_facility_2']);
$icon3 = mysqli_real_escape_string($config, $_POST['icon_input_3']);
$facility_3 = mysqli_real_escape_string($config, $_POST['school_facility_3']);
$icon4 = mysqli_real_escape_string($config, $_POST['icon_input_4']);
$facility_4 = mysqli_real_escape_string($config, $_POST['school_facility_4']);
$icon5 = mysqli_real_escape_string($config, $_POST['icon_input_5']);
$facility_5 = mysqli_real_escape_string($config, $_POST['school_facility_5']);
$icon6 = mysqli_real_escape_string($config, $_POST['icon_input_6']);
$facility_6 = mysqli_real_escape_string($config, $_POST['school_facility_6']);
$icon7 = mysqli_real_escape_string($config, $_POST['icon_input_7']);
$facility_7 = mysqli_real_escape_string($config, $_POST['school_facility_7']);
$icon8 = mysqli_real_escape_string($config, $_POST['icon_input_8']);
$facility_8 = mysqli_real_escape_string($config, $_POST['school_facility_8']);
$icon_mission = mysqli_real_escape_string($config, $_POST['icons_mission']);
$mission_heading = mysqli_real_escape_string($config, $_POST['school_mission_heading']);
$mission_para = mysqli_real_escape_string($config, $_POST['school_mission_para']);
$icon_vision = mysqli_real_escape_string($config, $_POST['icons_vision']);
$vision_heading = mysqli_real_escape_string($config, $_POST['school_vision_heading']);
$vision_para = mysqli_real_escape_string($config, $_POST['school_vision_para']);
$icon_activities = mysqli_real_escape_string($config, $_POST['icons_activities']);
$activities_heading_1 = mysqli_real_escape_string($config, $_POST['school_activities_heading_1'])
;
$activities_para_1 = mysqli_real_escape_string($config, $_POST['school_activities_para_1']);
$icon_activities_2 = mysqli_real_escape_string($config, $_POST['icons_activities_2']);
$activities_heading_2 = mysqli_real_escape_string($config, $_POST['school_activities_heading_2']);
$activities_para_2 = mysqli_real_escape_string($config, $_POST['school_activities_para_2']);
$icon_activities_3 = mysqli_real_escape_string($config, $_POST['icons_activities_3']);
$activities_heading_3 = mysqli_real_escape_string($config, $_POST['school_activities_heading_3']);
$activities_para_3 = mysqli_real_escape_string($config, $_POST['school_activities_para_3']);
$filename = $_FILES['blog_image']['name'];
$tmp_name = $_FILES['blog_image']['tmp_name'];
$size = $_FILES['blog_image']['size'];
$filename1 = $_FILES['school_image']['name'];
$tmp_name1 = $_FILES['school_image']['tmp_name'];
$size1 = $_FILES['school_image']['size'];
$filename2 = $_FILES['school_image_2']['name'];
$tmp_name2 = $_FILES['school_image_2']['tmp_name'];
$size2 = $_FILES['school_image_2']['size'];
$filename3 = $_FILES['school_image_3']['name'];
$tmp_name3 = $_FILES['school_image_3']['tmp_name'];
$size3 = $_FILES['school_image_3']['size'];
$filename4 = $_FILES['school_image_4']['name'];
$tmp_name4 = $_FILES['school_image_4']['tmp_name'];
$size4 = $_FILES['school_image_4']['size'];
$filename5 = $_FILES['school_image_5']['name'];
$tmp_name5 = $_FILES['school_image_5']['tmp_name'];
$size5 = $_FILES['school_image_5']['size'];
$filename6 = $_FILES['school_image_6']['name'];
$tmp_name6 = $_FILES['school_image_6']['tmp_name'];
$size6 = $_FILES['school_image_6']['size'];
$filename7 = $_FILES['school_image_7']['name'];
$tmp_name7 = $_FILES['school_image_7']['tmp_name'];
$size7 = $_FILES['school_image_7']['size'];
$filename8 = $_FILES['school_image_8']['name'];
$tmp_name8 = $_FILES['school_image_8']['tmp_name'];
$size8 = $_FILES['school_image_8']['size'];
$social_icon = mysqli_real_escape_string($config, $_POST['icon_social']);
// This will make the connect to database and will post the data to the database.
$instagram = mysqli_real_escape_string($config, $_POST['school_instagram']);
// $filename variable will have the image and image name. $_FILES will upload the image to the database.
$social_icon_2 = mysqli_real_escape_string($config, $_POST['icon_social_2']);
// This will make the connect to database and will post the data to the database.
$facebook = mysqli_real_escape_string($config, $_POST['school_facebook']);
// $filename variable will have the image and image name. $_FILES will upload the image to the database.
$social_icon_3 = mysqli_real_escape_string($config, $_POST['icon_social_3']);
// This will make the connect to database and will post the data to the database.
$twitter = mysqli_real_escape_string($config, $_POST['school_twitter']);
// $image_ext variable will lower the extionsion letter for example if the extension is (PNG) it will be convert to lower case (png). So this variable will get the file name and the extension of the file.
$image_ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
$image_ext1 = strtolower(pathinfo($filename1, PATHINFO_EXTENSION));
$image_ext2 = strtolower(pathinfo($filename2, PATHINFO_EXTENSION));
$image_ext3 = strtolower(pathinfo($filename3, PATHINFO_EXTENSION));
$image_ext4 = strtolower(pathinfo($filename4, PATHINFO_EXTENSION));
$image_ext5 = strtolower(pathinfo($filename5, PATHINFO_EXTENSION));
$image_ext6 = strtolower(pathinfo($filename6, PATHINFO_EXTENSION));
$image_ext7 = strtolower(pathinfo($filename7, PATHINFO_EXTENSION));
$image_ext8 = strtolower(pathinfo($filename8, PATHINFO_EXTENSION));
// $allow_type varibale have the set the extension file type that are supported.
$allow_type = ['jpg', 'png', 'jpeg', 'webp', 'svg'];
// $destination varibale is set to upload the image to the given path folder "upload/". So it will send the particurlar file that is selected by the user.
$destination = "upload/" . $filename;
$destination1 = "upload/" . $filename1;
$destination2 = "upload/" . $filename2;
$destination3 = "upload/" . $filename3;
$destination4 = "upload/" . $filename4;
$destination5 = "upload/" . $filename5;
$destination6 = "upload/" . $filename6;
$destination7 = "upload/" . $filename7;
$destination8 = "upload/" . $filename8;
// This will make the connect to database and will post the data to the database.
$category = mysqli_real_escape_string($config, $_POST['category']);
if (!empty($filename)) {
if (!empty($filename1)) {
// In this (if statement) there is function called in_array that will ckeck the value in array that it exists or not. If the file extension matches then upload the file else show the error.
if (in_array($image_ext, $allow_type) && in_array($image_ext1, $allow_type) && in_array($image_ext2, $allow_type) && in_array($image_ext3, $allow_type) && in_array($image_ext4, $allow_type) && in_array($image_ext5, $allow_type) && in_array($image_ext6, $allow_type) && in_array($image_ext7, $allow_type) && in_array($image_ext8, $allow_type)) {
// If the file size is lesser then 5MB then upload the file else show error.
if ($size <= 5000000) {
// If the image validation checks pass then move it to this folder
move_uploaded_file($tmp_name, $destination);
move_uploaded_file($tmp_name1, $destination1);
move_uploaded_file($tmp_name2, $destination2);
move_uploaded_file($tmp_name3, $destination3);
move_uploaded_file($tmp_name4, $destination4);
move_uploaded_file($tmp_name5, $destination5);
move_uploaded_file($tmp_name6, $destination6);
move_uploaded_file($tmp_name7, $destination7);
move_uploaded_file($tmp_name8, $destination8);
// This wll insert all the input that is field by the user in the database blog section.
$sql2 = "INSERT INTO blog(blog_title, school_tagline, school_rating, school_projects, school_events, school_mobile, school_email, blog_body, icon_input, school_facility, icon_input_2, school_facility_2, icon_input_3, school_facility_3, icon_input_4, school_facility_4, icon_input_5, school_facility_5, icon_input_6, school_facility_6, icon_input_7, school_facility_7, icon_input_8, school_facility_8, icons_activities, school_activities_heading_1, school_activities_para_1, icons_activities_2, school_activities_heading_2, school_activities_para_2, icons_activities_3, school_activities_heading_3, school_activities_para_3, icons_mission, school_mission_heading, school_mission_para, icons_vision, school_vision_heading, school_vision_para, school_activities, school_mission_vision, blog_image, school_images, school_images_2, school_images_3, school_images_4, school_images_5, school_images_6, school_images_7, school_images_8, icon_social, school_instagram, icon_social_2, school_facebook, icon_social_3, school_twitter, category, author_id) VALUES('$title', '$tagline', '$rating', '$projects', '$events', '$mobile', '$email', '$body', '$icon', '$facility_1', '$icon2', '$facility_2', '$icon3', '$facility_3', '$icon4', '$facility_4', '$icon5', '$facility_5', '$icon6', '$facility_6', '$icon7', '$facility_7', '$icon8', '$facility_8', '$icon_activities', '$activities_heading_1', '$activities_para_1', '$icon_activities_2', '$activities_heading_2', '$activities_para_2', '$icon_activities_3', '$activities_heading_3', '$activities_para_3', '$icon_mission', '$mission_heading', '$mission_para', '$icon_vision', '$vision_heading', '$vision_para', '$activities', '$missionVision', '$filename', '$filename1', '$filename2', '$filename3', '$filename4', '$filename5', '$filename6', '$filename7', '$filename8', '$social_icon', '$social_icon_2', '$social_icon_3', '$instagram', '$facebook', '$twitter', '$category', '$author_id')";
$query2 = mysqli_query($config, $sql2);
if ($query2) {
$msg = ["Post Publish Successfully", "alert-success"];
$_SESSION['msg'] = $msg;
// If the post publish successfully then redirect to same page with success message.
header("location:add_blog.php");
} else {
$msg = ["Failed, Please try again", "alert-danger"];
$_SESSION['msg'] = $msg;
// If the post it not able to post then redirect to same page with error message.
header("location:add_blog.php");
}
} else {
$msg = ["Image file size should not be greater then 5MB", "alert-danger"];
$_SESSION['msg'] = $msg;
// If the file size is bigger then 5MB then redirect to same page with error message.
header("location:add_blog.php");
}
} else {
$msg = ["Image file type is not allowed (only jpg, jpeg, png, webp, svg)", "alert-danger"];
$_SESSION['msg'] = $msg;
// If the file extension is not supported then redirect to same page with error message.
header("location:add_blog.php");
}
} else {
$sql3 = "INSERT INTO blog(blog_title, school_tagline, school_rating, school_projects, school_events, school_mobile, school_email, blog_body, icon_input, school_facility, icon_input_2, school_facility_2, icon_input_3, school_facility_3, icon_input_4, school_facility_4, icon_input_5, school_facility_5, icon_input_6, school_facility_6, icon_input_7, school_facility_7, icon_input_8, school_facility_8, icons_activities, school_activities_heading_1, school_activities_para_1, icons_activities_2, school_activities_heading_2, school_activities_para_2, icons_activities_3, school_activities_heading_3, school_activities_para_3, icons_mission, school_mission_heading, school_mission_para, icons_vision, school_vision_heading, school_vision_para, school_activities, school_mission_vision, icon_social, school_instagram, icon_social_2, school_facebook, icon_social_3, school_twitter, category, author_id) VALUES('$title', '$tagline', '$rating', '$projects', '$events', '$mobile', '$email', '$body', '$icon', '$facility_1', '$icon2', '$facility_2', '$icon3', '$facility_3', '$icon4', '$facility_4', '$icon5', '$facility_5', '$icon6', '$facility_6', '$icon7', '$facility_7', '$icon8', '$facility_8', '$icon_activities', '$activities_heading_1', '$activities_para_1', '$icon_activities_2', '$activities_heading_2', '$activities_para_2', '$icon_activities_3', '$activities_heading_3', '$activities_para_3', '$icon_mission', '$mission_heading', '$mission_para', '$icon_vision', '$vision_heading', '$vision_para', '$activities', '$missionVision', '$social_icon', '$social_icon_2', '$social_icon_3', '$instagram', '$facebook', '$twitter', '$category', '$author_id')";
$query3 = mysqli_query($config, $sql3);
if ($query3) {
$msg = ["Post Publish Successfully", "alert-success"];
$_SESSION['msg'] = $msg;
// If the post publish successfully then redirect to same page with success message.
header("location:add_blog.php");
} else {
$msg = ["Failed, Please try again", "alert-danger"];
$_SESSION['msg'] = $msg;
// If the post it not able to post then redirect to same page with error message.
header("location:add_blog.php");
}
}
} else{
$sql4 = "INSERT INTO blog(blog_title, school_tagline, school_rating, school_projects, school_events, school_mobile, school_email, blog_body, icon_input, school_facility, icon_input_2, school_facility_2, icon_input_3, school_facility_3, icon_input_4, school_facility_4, icon_input_5, school_facility_5, icon_input_6, school_facility_6, icon_input_7, school_facility_7, icon_input_8, school_facility_8, icons_activities, school_activities_heading_1, school_activities_para_1, icons_activities_2, school_activities_heading_2, school_activities_para_2, icons_activities_3, school_activities_heading_3, school_activities_para_3, icons_mission, school_mission_heading, school_mission_para, icons_vision, school_vision_heading, school_vision_para, school_activities, school_mission_vision, blog_image, school_images, icon_social, school_instagram, icon_social_2, school_facebook, icon_social_3, school_twitter, category, author_id) VALUES('$title', '$tagline', '$rating', '$projects', '$events', '$mobile', '$email', '$body', '$icon', '$facility_1', '$icon2', '$facility_2', '$icon3', '$facility_3', '$icon4', '$facility_4', '$icon5', '$facility_5', '$icon6', '$facility_6', '$icon7', '$facility_7', '$icon8', '$facility_8', '$icon_activities', '$activities_heading_1', '$activities_para_1', '$icon_activities_2', '$activities_heading_2', '$activities_para_2', '$icon_activities_3', '$activities_heading_3', '$activities_para_3', '$icon_mission', '$mission_heading', '$mission_para', '$icon_vision', '$vision_heading', '$vision_para', '$activities', '$missionVision', '$filename', '$filename1', '$social_icon', '$social_icon_2', '$social_icon_3', '$instagram', '$facebook', '$twitter', '$category', '$author_id')";
$query4 = mysqli_query($config, $sql4);
// $sql3 = "INSERT INTO images(school_image) VALUES('$filename1')";
// $query3 = mysqli_query($config, $sql3);
if ($query4) {
$msg = ["Post Publish Successfully", "alert-success"];
$_SESSION['msg'] = $msg;
// If the post publish successfully then redirect to same page with success message.
header("location:add_blog.php");
} else {
$msg = ["Failed, Please try again", "alert-danger"];
$_SESSION['msg'] = $msg;
header("location:add_blog.php");
}
}
}
?>
Output Screenshot Error

Problem with showing image from the database

I need a help regarding my source code on uploading and displaying the profile picture of my users on their profile.
The upload went smooth, but the display is not. The display of the user's picture is only shown in picture icon and not the real picture. Like this:
the file where the picture is stored is here
and here is my source code
edit-profile.php
<div class="author">
<a href="#">
<img class="avatar border-gray" src="../uploads/candidate/<?php echo $row['photo']; ?>" alt="..."/>
<h4 class="title"><?php echo $_SESSION['name']; ?><br /> </h4>
</a>
</div>
EDIT:
I'll provide the full source code for both userindex.php and edit-profile.php here so maybe any of you can point me where I do wrong.
userindex.php
<div class="content">
<div class="container-fluid">
<div class="row">
<div class="col-md-8">
<div class="card">
<div class="header">
<h4 class="title">Edit Profile</h4>
</div>
<div class="content">
<form action="update-profile.php" method="post" enctype="multipart/form-data">
<?php
//Sql to get logged in user details.
$sql = "SELECT * FROM users WHERE id_user='$_SESSION[id_user]'";
$result = $conn->query($sql);
//If user exists then show his details.
if($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
?>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="user_name" type="text" id="user_name"> Full Name</label>
<input name="user_name" class="form-control" type="text" maxlength="100" value="<?php echo $row['user_name'] ?>" required=""/>
</div>
</div>
</div>
<!-- section 1-->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="ic_no" type="text" id="ic_no" maxlength="12">NRIC</label>
<input name="ic_no"type="text" class="form-control" value="<?php echo $row['ic_no'] ?>" readonly>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="nationality" type="text" id="nationality">Nationality</label>
<input name="nationality" class="form-control" type="text" id="nationality" value="<?php echo $row['nationality'] ?>"/>
</div>
</div>
</div>
<!--first section -->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="gender" type="text" id="gender">Gender</label>
<input name="gender" class="form-control" type="text" id="gender" value="<?php echo $row['gender'] ?>"/>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="race" type="text" id="race">Race</label>
<input type="text" class="form-control" name="race" id="race" value="<?php echo $row['race'] ?>"/>
</div>
</div>
</div>
<!-- second section -->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="contactno" type="text" id="contact_no">Contact No</label>
<input name="contactno" class="form-control" type="text" id="contact_no" value="<?php echo $row['contactno'] ?>">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="email" type="text" id="email">Email</label>
<input type="text" class="form-control" type="text" id="email" value="<?php echo $row['email'] ?>" readonly>
</div>
</div>
</div>
<!--other add -->
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="address" type="text" id="address">Current Address</label>
<textarea id="address" name="address" class="form-control" rows="5" placeholder="Address"><?php echo $row['address']; ?></textarea>
</div>
</div>
</div>
<!-- third section -->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="highest_qualification" type="text" id="highest_qualification">Highest Qualification</label>
<input name="highest_qualification" class="form-control" type="text" maxlength="100" value="<?php echo $row['highest_qualification'] ?>"/>
</div>
</div>
</div>
<!--another section -->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="university" type="text" id="university">University</label>
<input name="university" class="form-control" type="text" maxlength="100" value="<?php echo $row['university'] ?>"/>
</div>
</div>
</div>
<!--another section -->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="major" type="text" id="major">Major</label>
<input name="major" class="form-control" type="text" maxlength="100" value="<?php echo $row['major'] ?>"/>
</div>
</div>
</div>
<!-- another section-->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="current_position" type="text" id="current_position">Current Position</label>
<input type="text" class="form-control" name="current_position" value="<?php echo $row['current_position'] ?>"/>
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="position_appled" type="text" id="position_applied">Position Applied</label>
<input type="text" class="form-control" name="position_applied" value="<?php echo $row['position_applied'] ?>">
</div>
</div>
</div>
<!--another section -->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="current_monthly_salary" type="text" id="current_monthly_salary">Current Monthly Salary</label>
<input type="text" class="form-control" name="current_position" value="<?php echo $row['current_monthly_salary'] ?>">
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="expected_monthly_salary" type="text" id="expected_monthly_salary">Expected Monthly Salary</label>
<input type="text" class="form-control" name="position_applied" value="<?php echo $row['expected_monthly_salary'] ?>">
</div>
</div>
</div>
<!--another section -->
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label for="prefered_working_location" type="text" id="prefered_working_location">Prefered Working Location</label>
<input name="prefered_working_location" class="form-control" type="text" maxlength="100" value="<?php echo $row['prefered_working_location'] ?>" />
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label for="avaibility" type="text" id="avaibility">Avaibility</label>
<select name = "avaibility" class="form-control " type="text" id="avaibility" value="<?php echo $row['avaibility'] ?>">
<option value="">-- select one --</option>
<option value="Immediately">Immediately</option>
<option value="One Month">One Month</option>
<option value="Two Month">Two Month</option>
<option value="Three Month">Three Month</option>
</select>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="language" type="text" id="language">Language Proficiency</label><br />
&nbsp&nbsp&nbsp<p>Proficiency level 0-poor; 10-excellent</p>
<table border="2" bordercolor="gray" align="center">
<tr>
<td>
<label for="malay" type="text" id="malay" placeholder="Malay" style="color:black; width:200px"><b>Malay</b></label><br />
</td>
<td>
<input name="malay" type="text" class="form-control" maxlength="100" style="width: 200px" value="<?php echo $row['malay'] ?>"/>
</td>
</tr>
<tr>
<td>
<label for="english" type="text" id="english" placeholder="English" style="color:black; width:200px"><b>English</b></label><br />
</td>
<td>
<input name="english" type="text" class="form-control" maxlength="100" style="width: 200px" value="<?php echo $row['english'] ?>"/>
</td>
</tr>
<tr>
<td>
<label for="mandarin" type="text" id="mandarin" placeholder="Mandarin" style="color:black; width:200px"><b>Mandarin</b></label><br />
</td>
<td>
<input name="mandarin" type="text" class="form-control" maxlength="100" style="width: 200px" value="<?php echo $row['mandarin'] ?>"/>
</td>
</tr>
<tr>
<td>
<label for="other" type="text" id="other" placeholder="Other" style="color:black; width:200px"><b>Others</b></label><br />
</td>
<td>
<input name="other" type="text" class="form-control" maxlength="100" style="width: 200px" value="<?php echo $row['other'] ?>"/>
</td>
</tr>
</table>
</div>
</div>
</div>
<div class="row">
<div class="col-md-12">
<div class="form-group">
<label for="aboutme" type="text" id="aboutme"><b>About Me</b></label><br />
<p>Summarize your employement history (Not more than 100 words)</p>
<textarea class="form-control" rows="6" id="aboutme" name="aboutme" maxlength="400" style="width: 560px"value="<?php echo $row['aboutme'] ?>"></textarea>
</div>
</div>
</div>
<div class="row">
<div class="col-md-6">
<div class="form-group">
<label style="color:black;">Latest passport photo</label>
<input class="btn btn-danger" type="file" name="image" id="profile-img" /><br>
<img src="../uploads/candidate/<?php echo $row['photo']; ?>" id="profile-img-tag" width="200px" />
</div>
</div>
<div class="col-md-6">
<div class="form-group">
<label style="color:black;">File format PDF and doc only!</label>
<input type="file" name="resume" class="btn btn-danger" />
</div>
</div>
</div>
<button type="submit" class="btn btn-info btn-fill pull-right">Update Profile</button>
<div class="clearfix"></div>
<?php
}
}
?>
</form>
<?php if(isset($_SESSION['uploadError'])) { ?>
<div class="row">
<div class="col-md-12 text-center">
<?php echo $_SESSION['uploadError']; ?>
</div>
</div>
<?php } ?>
</div>
</div>
</div>
<!--second part of picture and resume -->
<div class="col-md-4">
<div class="card card-user">
<div class="image">
<img src="https://ununsplash.imgix.net/photo-1431578500526-4d9613015464?fit=crop&fm=jpg&h=300&q=75&w=400" alt="..."/>
</div>
<div class="content">
<div class="author">
<a href="#">
<img class="avatar border-gray" src="../uploads/candidate/<?php echo $row['photo']; ?>" alt="..."/>
<h4 class="title"><?php echo $_SESSION['name']; ?><br /> </h4>
</a>
</div>
</div>
<hr>
<div class="text-center">
<button href="#" class="btn btn-simple"><i class="fa fa-facebook-square"></i></button>
<button href="#" class="btn btn-simple"><i class="fa fa-twitter"></i></button>
<button href="#" class="btn btn-simple"><i class="fa fa-google-plus-square"></i></button>
</div>
</div>
</div>
</div>
</div>
and this is update-profile.php
<?php
//To Handle Session Variables on This Page
session_start();
if(empty($_SESSION['id_user'])) {
header("Location: ../index.php");
exit();
}
//Including Database Connection From db.php file to avoid rewriting in all files
require_once("../db.php");
//if user Actually clicked update profile button
if(isset($_POST)) {
//Escape Special Characters
if(isset($_POST)) {
$user_name = mysqli_real_escape_string($conn, $_POST['user_name']);
$ic_no = mysqli_real_escape_string($conn, $_POST['ic_no']);
$nationality = mysqli_real_escape_string($conn, $_POST['nationality']);
$gender = mysqli_real_escape_string($conn, $_POST['gender']);
$race = mysqli_real_escape_string($conn, $_POST['race']);
$ic_no = mysqli_real_escape_string($conn, $_POST['ic_no']);
$contactno = mysqli_real_escape_string($conn, $_POST['contactno']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$address = mysqli_real_escape_string($conn, $_POST['address']);
$highest_qualification = mysqli_real_escape_string($conn, $_POST['highest_qualification']);
$university = mysqli_real_escape_string($conn, $_POST['university']);
$major = mysqli_real_escape_string($conn, $_POST['major']);
$current_position = mysqli_real_escape_string($conn, $_POST['current_position']);
$position_applied = mysqli_real_escape_string($conn, $_POST['position_applied']);
$current_monthly_salary = mysqli_real_escape_string($conn, $_POST['current_monthly_salary']);
$expected_monthly_salary = mysqli_real_escape_string($conn, $_POST['expected_monthly_salary']);
$prefered_working_location = mysqli_real_escape_string($conn, $_POST['prefered_working_location']);
$avaibility = mysqli_real_escape_string($conn, $_POST['avaibility']);
$malay = mysqli_real_escape_string($conn, $_POST['malay']);
$english = mysqli_real_escape_string($conn, $_POST['english']);
$mandarin = mysqli_real_escape_string($conn, $_POST['mandarin']);
$other = mysqli_real_escape_string($conn, $_POST['other']);
$aboutme = mysqli_real_escape_string($conn, $_POST['aboutme']);
$uploadOk = true;
if(isset($_FILES)) {
$folder_dir = "../uploads/resume/";
$base = basename($_FILES['resume']['name']);
$resumeFileType = pathinfo($base, PATHINFO_EXTENSION);
$file = uniqid() . "." . $resumeFileType;
$filename = $folder_dir .$file;
if(file_exists($_FILES['resume']['tmp_name'])) {
if($resumeFileType == "pdf") {
if($_FILES['resume']['size'] < 500000) { // File size is less than 5MB
move_uploaded_file($_FILES["resume"]["tmp_name"], $filename);
} else {
$_SESSION['uploadError'] = "Wrong Size. Max Size Allowed : 5MB";
header("Location: edit-profile.php");
exit();
}
} else {
$_SESSION['uploadError'] = "Wrong Format. Only PDF Allowed";
header("Location: edit-profile.php");
exit();
}
}
} else {
$uploadOk = false;
}
//Update User Details Query
$sql= "UPDATE users set user_name='$user_name', ic_no='$ic_no', gender='$gender', nationality='$nationality', race='$race', email='$email', contactno='$contactno', highest_qualification='$$highest_qualification',
university='$university', major='$major', current_position='$current_position', position_applied='$position_applied', current_monthly_salary='$current_monthly_salary',
expected_monthly_salary='$expected_monthly_salary', prefered_working_location='$prefered_working_location', avaibility='$avaibility', malay='$malay', english='$english',
mandarin='$mandarin', other='$other', photo='$file', resume='$file', aboutme='$aboutme'";
if($uploadOk == true) {
$sql .= ", resume='$file'";
}
$sql .= " WHERE id_user='$_SESSION[id_user]'";
if($conn->query($sql) === TRUE) {
$_SESSION['user_name'] = $user_name;
//If data Updated successfully then redirect to dashboard
header("Location: index.php");
exit();
} else {
echo "Error ". $sql . "<br>" . $conn->error;
}
//Close database connection. Not compulsory but good practice.
$conn->close();
} else {
//redirect them back to dashboard page if they didn't click update button
header("Location: edit-profile.php");
exit();
}};

Check your update-profile.php
There's confusion happened there because you put the same 'file name' for both your file type for image and resume. You should do it like this instead
<?php
//To Handle Session Variables on This Page
session_start();
if(empty($_SESSION['id_user'])) {
header("Location: ../index.php");
exit();
}
//Including Database Connection From db.php file to avoid rewriting in all files
require_once("../db.php");
//if user Actually clicked update profile button
if(isset($_POST)) {
//Escape Special Characters
if(isset($_POST)) {
$user_name = mysqli_real_escape_string($conn, $_POST['user_name']);
$ic_no = mysqli_real_escape_string($conn, $_POST['ic_no']);
$nationality = mysqli_real_escape_string($conn, $_POST['nationality']);
$gender = mysqli_real_escape_string($conn, $_POST['gender']);
$race = mysqli_real_escape_string($conn, $_POST['race']);
$ic_no = mysqli_real_escape_string($conn, $_POST['ic_no']);
$contactno = mysqli_real_escape_string($conn, $_POST['contactno']);
$email = mysqli_real_escape_string($conn, $_POST['email']);
$address = mysqli_real_escape_string($conn, $_POST['address']);
$highest_qualification = mysqli_real_escape_string($conn, $_POST['highest_qualification']);
$university = mysqli_real_escape_string($conn, $_POST['university']);
$major = mysqli_real_escape_string($conn, $_POST['major']);
$current_position = mysqli_real_escape_string($conn, $_POST['current_position']);
$position_applied = mysqli_real_escape_string($conn, $_POST['position_applied']);
$current_monthly_salary = mysqli_real_escape_string($conn, $_POST['current_monthly_salary']);
$expected_monthly_salary = mysqli_real_escape_string($conn, $_POST['expected_monthly_salary']);
$prefered_working_location = mysqli_real_escape_string($conn, $_POST['prefered_working_location']);
$avaibility = mysqli_real_escape_string($conn, $_POST['avaibility']);
$malay = mysqli_real_escape_string($conn, $_POST['malay']);
$english = mysqli_real_escape_string($conn, $_POST['english']);
$mandarin = mysqli_real_escape_string($conn, $_POST['mandarin']);
$other = mysqli_real_escape_string($conn, $_POST['other']);
$aboutme = mysqli_real_escape_string($conn, $_POST['aboutme']);
$uploadOk = true;
if(isset($_FILES)) {
$folder_dir = "../uploads/resume/";
$base = basename($_FILES['resume']['name']);
$resumeFileType = pathinfo($base, PATHINFO_EXTENSION);
//notice that I changed your file name from $file to $file1
$file1 = uniqid() . "." . $resumeFileType;
$filename = $folder_dir .$file1;
if(file_exists($_FILES['resume']['tmp_name'])) {
if($resumeFileType == "pdf") {
if($_FILES['resume']['size'] < 500000) { // File size is less than 5MB
move_uploaded_file($_FILES["resume"]["tmp_name"], $filename);
} else {
$_SESSION['uploadError'] = "Wrong Size. Max Size Allowed : 5MB";
header("Location: edit-profile.php");
exit();
}
} else {
$_SESSION['uploadError'] = "Wrong Format. Only PDF Allowed";
header("Location: edit-profile.php");
exit();
}
}
} else {
$uploadOk = false;
}
//image update edit
if(is_uploaded_file ( $_FILES['image']['tmp_name'] )) {
$folder_dir = "../uploads/logo/";
$base = basename($_FILES['image']['name']);
$imageFileType = pathinfo($base, PATHINFO_EXTENSION);
$file = uniqid() . "." . $imageFileType;
$filename = $folder_dir .$file;
if(file_exists($_FILES['image']['tmp_name'])) {
if($imageFileType == "jpg" || $imageFileType == "png") {
if($_FILES['image']['size'] < 500000) { // File size is less than 5MB
//If all above condition are met then copy file from server temp location to uploads folder.
move_uploaded_file($_FILES["image"]["tmp_name"], $filename);
} else {
$_SESSION['uploadError'] = "Wrong Size. Max Size Allowed : 5MB";
header("Location: edit-profile.php");
exit();
}
} else {
$_SESSION['uploadError'] = "Wrong Format. Only jpg & png Allowed";
header("Location: edit-profile.php");
exit();
}
}
} else {
$uploadOk = false;
}
//Update User Details Query
$sql= "UPDATE users set user_name='$user_name', ic_no='$ic_no', gender='$gender', nationality='$nationality', race='$race', email='$email', contactno='$contactno', highest_qualification='$$highest_qualification',
university='$university', major='$major', current_position='$current_position', position_applied='$position_applied', current_monthly_salary='$current_monthly_salary',
expected_monthly_salary='$expected_monthly_salary', prefered_working_location='$prefered_working_location', avaibility='$avaibility', malay='$malay', english='$english',
mandarin='$mandarin', other='$other', logo='$file', resume='$file1', aboutme='$aboutme'";
if($uploadOk == true) {
$sql .= ", resume='$file'";
}
$sql .= " WHERE id_user='$_SESSION[id_user]'";
if($conn->query($sql) === TRUE) {
$_SESSION['user_name'] = $user_name;
//If data Updated successfully then redirect to dashboard
header("Location: edit-profile.php");
exit();
} else {
echo "Error ". $sql . "<br>" . $conn->error;
}
//Close database connection. Not compulsory but good practice.
$conn->close();
} else {
//redirect them back to dashboard page if they didn't click update button
header("Location: edit-profile.php");
exit();
}};
I have tried your previous code, that cause the image to be stored as pdf and that's why when you call for the image to be displayed, it's appears as broken image icon instead. I hope this can help you well and good luck!

Try this code
<img src="uploads/candidate/.'<?php echo row['photo']; ?>'"/>

You need to make sure the $row value actually got value.
try this and see if you got any result:
die(var_dump("../uploads/candidate/".$row['photo'] ));
You will get the path the code is refering to, if that doesn't give a result check your query again ( check if the row got value )

You can do this introducing an external php file e.g get.php, then request the photo from this get.php.
See sample of both files below.
display.php file
<?php
$id = row['id'];
<img class="avatar" src=get.php?id=$id alt="profile photo" />
?>
get.php file
<?php
// make connections with database here
$id = $_REQUEST['id'];
$image = ("SELECT * FROM table WHERE id = '$id'");
$image = $image->fetch_assoc();
$image = $image['photo'];
echo $image;
?>

You have problem in your $_SESSION array userindex.php file. You have missed the quites ' for session key
$sql = "SELECT * FROM users WHERE id_user='$_SESSION[id_user]'";
So assign it to a variable first and then put that variable inside sql query
$id_user = $_SESSION['id_user'];// single quotes for session key
$sql = "SELECT * FROM users WHERE id_user='$id_user'";
Note:
Your code is open to sql injections. Try use PDO or prepared statements

I want to add multiple images into MySQL database

I'm working on this feature in my project where I want to add three(3) images along side other details into my database row and I want this images to be in separate columns in one row.... So far below is my code. the code is not working yet... The images and texts are not uploading to the database....
Please help me out guys. What am I doing wrong. Thanks.
Below is my code sample:
//THE PHP SECTION//
<?php
session_start();
include 'includes/config.php';
if (isset($_POST['post']) && isset($_POST['itemtype'])) {
$title = mysqli_real_escape_string($link, $_POST['title']);
$itemtype = mysqli_real_escape_string($link, $_POST['itemtype']);
$description = mysqli_real_escape_string($link, $_POST['description']);
$image1 = $_FILES['image1']['name'];
$image1_tmp_name = $_FILES['image1']['tmp_name'];
$image2 = $_FILES['image2']['name'];
$image2_tmp_name = $_FILES['image2']['tmp_name'];
$image3 = $_FILES['image3']['name'];
$image3_tmp_name = $_FILES['image3']['tmp_name'];
$price = mysqli_real_escape_string($link, $_POST['price']);
$category = mysqli_real_escape_string($link, $_POST['category']);
$name = mysqli_real_escape_string($link, $_POST['name']);
//image file directory
$target1 = 'images/user_ads/'.basename($image1);
$target2 = 'images/user_ads/'.basename($image2);
$target3 = 'images/user_ads/'.basename($image3);
if (move_uploaded_file($_FILES['image1_tmp_name'], $target1)) {
}
if (move_uploaded_file($_FILES['image2_tmp_name'], $target2)) {
}
if (move_uploaded_file($_FILES['image3_tmp_name'], $target3)) {
}
//insert into ost database
$insert = "INSERT INTO products(Title,Product_Type,Description,Image1,Image2,Image3,Price,Category,Name,PostedDate)VALUES('$title','$itemtype','$description','$target1','$target2','$target3','$price','$category','$name',NOW())";
$insertKwary = mysqli_query($link, $insert);
if ($insertKwary) {
$msg = "<div class='alert alert-danger alert-success'>Product Submitted</div>";
}else{
$msg = "<div class='alert alert-danger alert-success'>Product Not Submitted...Try again</div>";
}
}
?>
//THE HTML SECTION//
<div class="col-md-8 col-md-offset-2">
<?php if(isset($msg)) { echo $msg; } ?>
<form action="" method="POST" enctype="multipart/form-data" class="postAdForm" id="postAdForm">
<div class="form-group">
<label for="Ad_title">Item Title</label>
<input type="text" name="title" class="form-control title" id="title" required=""/>
</div>
<div class="form-group">
<label for="itemtype">Item Type</label>
<select class="form-control" name="itemtype" id="itemtype">
<option>Sale</option>
<option>Request</option>
</select>
</div>
<div class="form-group">
<label for="description">Item Description</label>
<textarea name="description" class="form-control description" id="description" rows="7" required=""></textarea>
</div>
<div class="form-group">
<label for="price">First Image</label>
<input type="file" name="image1" class="form-control image1" id="image1" required="" />
</div>
<div class="form-group">
<label for="price">Second Image</label>
<input type="file" name="image2" class="form-control image2" id="image2" required="" />
</div>
<div class="form-group">
<label for="price">Third Image</label>
<input type="file" name="image3" class="form-control image3" id="image3" required="" />
</div>
<div class="form-group">
<label for="price">Price</label>
<input type="text" name="price" class="form-control price" id="price" required="" />
</div>
<div class="form-group">
<label for="category">Item Category</label>
<select class="form-control" name="category" id="category">
<option>Sale</option>
<option>Request</option>
</select>
</div>
<div class="form-group">
<label for="price">Name</label>
<input type="text" name="name" class="form-control name" id="name" required="" readonly="" />
</div>
<div class="form-group">
<input type="submit" name="post" class="btn btn-post post" id="post" value="POST AD" />
</div>
</form>
</div>
I've also attached an image of the error i'm getting..
image of web page showing thee errors i get..error gotten

The error is due to these lines:
if (move_uploaded_file($_FILES['image1_tmp_name'], $target1)) {
}
if (move_uploaded_file($_FILES['image2_tmp_name'], $target2)) {
}
if (move_uploaded_file($_FILES['image3_tmp_name'], $target3)) {
}
You're setting $image1_tmp_name, not $_FILES['image1_tmp_name'].
Try this:
if (move_uploaded_file($image1_tmp_name, $target1)) {
}
if (move_uploaded_file($image2_tmp_name, $target2)) {
}
if (move_uploaded_file($image3_tmp_name, $target3)) {
}
Edit: Using mysqli_error() to print the error helped solve additional issues (Mentioned in comments)

How to update image in codeigniter?

I created image upload which works fine but I also want it to be updated. When I add a need image it updates correctly but I if don't want to change the image and leave it as it is, then my current image can't be retrieve.i want to update my factory_name(field name) only sometimes. when i update image it updated successfully,but when i update factory_name only the existing image is missing. Please help me how to do this?
this my view file
<form action="<?php echo base_url('login/insert_factory/'.$id); ?>" method="POST" enctype="multipart/form-data">
<?php
$id =$this->uri->segment(3);
if($id == "")
{
?>
<div class="form-group">
<label class="form-label" for="field-1">Factory Name</label>
<!--span class="desc">e.g. "Beautiful Mind"</span-->
<div class="controls">
<input type="text" name="factory_name" class="form-control" >
</div>
</div>
<?php
}
else
{ ?>
<div class="form-group">
<label class="form-label" for="field-1">Factory Name</label>
<!--span class="desc">e.g. "Beautiful Mind"</span-->
<div class="controls">
<input type="text" name="factory_name" value="<?php echo $result->factory_name; ?>" class="form-control" >
</div>
</div>
<?php } ?>
<?php
if($id == "")
{
?>
<div class="form-group">
<label class="form-label" for="field-1">Upload Logo</label>
<!--span class="desc">e.g. "Beautiful Mind"</span-->
<div class="controls">
<input type="file" name="upload_logo" />
</div>
</div>
<?php
}
else
{ ?>
<div class="form-group">
<label class="form-label" for="field-1">Upload Logo</label>
<!--span class="desc">e.g. "Beautiful Mind"</span-->
<div class="controls">
<input type="file" name="upload_logo" value="<?php echo $result->factory_logo; ?>" />
</div>
</div>
<?php } ?>
<?php
if($id == "")
{
?>
<div class="form-group">
<div class="controls">
<input type="submit" class="btn btn-primary" value="submit" />
</div>
</div>
<?php
}
else
{ ?>
<div class="form-group">
<div class="controls">
<input type="submit" class="btn btn-primary" value="Update" />
</div>
</div>
<?php } ?>
</form>
this my controller code:
public function insert_factory()
{
$id =$this->uri->segment(3);
if($id == "")
{
if(isset($_FILES['upload_logo'])){
$errors= array();
$file_name = $_FILES['upload_logo']['name'];
$file_tmp =$_FILES['upload_logo']['tmp_name'];
if(empty($errors)==true){
move_uploaded_file($file_tmp,"assets/uploads/".$file_name);
// echo "Success";
}else{
print_r($errors);
}
$fields = array(
'factory_name' => $this->input->post('factory_name',True),
'factory_logo' => $file_name
);
$result = $this->login_model->insert_factory($fields);
if($result){
$this->session->set_flashdata('success_msg',' Factory Created Successfully!');
redirect('login/view_factory');
}else{
$this->session->set_flashdata('error_msg','Factory Cannot Created.!');
redirect('login/create_factory');
}
}
}else{
if(isset($_FILES['upload_logo'])){
$errors= array();
$file_name = $_FILES['upload_logo']['name'];
$file_tmp =$_FILES['upload_logo']['tmp_name'];
if(empty($errors)==true){
move_uploaded_file($file_tmp,"assets/uploads/".$file_name);
// echo "Success";
}else{
print_r($errors);
}
$fields = array(
'factory_name' => $this->input->post('factory_name',True),
'factory_logo' => $file_name
);
$this->db->where('factory_id', $id);
$this->db->update('create_factory', $fields);
if($this->db->affected_rows()>0)
{
$this->session->set_flashdata('success_msg',' Factory Updated Successfully!');
}else{
$this->session->set_flashdata('error_msg','Factory Cannot Updated.!');
redirect('login/create_factory');
}
redirect(base_url('login/view_factory'));
}
}
}
And this my model file:
public function insert_factory($fields)
{
$this->db->insert('create_factory',$fields);
return ($this->db->affected_rows() != 1) ? false : true;
}

In your controller, in both if and else blocks, please modify your existing code in order to not update empty image when image is not provided and only factory name is provided.
This code in both if and else blocks:
$fields = array(
'factory_name' => $this->input->post('factory_name',True),
'factory_logo' => $file_name
);
Needs to be change to:
$fields['factory_name'] = $this->input->post('factory_name', True);
if (!empty($file_name)) {
$fields['factory_logo'] = $file_name;
}

Categories