image update cannot takeplace - php

I am trying to upload image to the database by update query using php file upload where database already contain a file Here is my code, problem is I doesnot get the new file.
if (isset($_POST["events"]) && isset($_POST["description"]))
{
$id = $_POST["id"];
$title = $_POST["events"];
$_POST["description"] = trim($_POST["description"]);
$description = $_POST["description"];
if(isset($_POST['images']) && !empty($_POST['images']))
{
$filetmp = $_FILES["images"]["tmp_name"];
$filename = $_FILES["images"]["name"];
$filetype = $_FILES["images"]["type"];
$filepath = "photo2/".$filename;
move_uploaded_file($filetmp,$filepath);
}
else
{
$filepath = $_POST['old_image_path'];
}
$update1 = update_query($title,$description,$filepath,$id);
if($update1)
{
header("location:hotel1_galery_event.php?msg=Update Sucess");
}
}
HTML Code Preview
<form action="hotel1_galery_eventedit.php" method="post" class="col-sm-4" enctype="multipart/form-data">
<input type="hidden" name="id" value="<?php echo $val->event_id;?>">
<div class="form-group has-info">
<label class="control-label" for="inputSuccess">Event title</label>
<input type="text" class="form-control" name="events" value="">
</div>
<div class="form-group has-info">
<label class="control-label" >Event Description</label>
<textarea name="description" class="form-control text-left" rows="3">
</textarea>
</div>
<div class="form-group has-info">
<label>Event Related images</label>
<input type="hidden" name="old_image_path" value="<?php echo $val->image_path?>">
<input type="file" name="images" value="something">
</div>
<button type="submit" class="btn btn-primary">
<span>UPDATE</span>
</button>
</form>


input type='file' POST you file in $_FILES
SO instead of this
if(isset($_POST['images']) && !empty($_POST['images']))
You have to check your condition as
if (!empty($_FILES['images']['name'])) {
$filetmp = $_FILES["images"]["tmp_name"];
$filename = $_FILES["images"]["name"];
$filetype = $_FILES["images"]["type"];
$filepath = "photo2/" . $filename;
move_uploaded_file($filetmp, $filepath);
}

Related

If the user adds 3 images, it will show error in PHP

I am trying to do that if the user only adds 2-3 images still it could send the image and image name to the Database. I tried and created ($sql4) for it but it shows an error that the file type is not supported, and I also checked that the file type it was the (png file). Please help me.
add_blog.php
<?php include 'header.php';
if (isset($_SESSION['user_data'])) {
// This will fetch the author id that is stored in index['0'].
$author_id = $_SESSION['user_data']['0'];
$sql = "SELECT * FROM categories";
$query = mysqli_query($config, $sql);
}
?>
<div class="container">
<h5 class="mb-2 text-gray-800">School</h5>
<div class="row">
<div class="col-xl-8 col-lg-6">
<div class="card">
<div class="card-header">
<h6 class="font-weight-bold text-primary mt-2">Add School</h6>
</div>
<div class="card-body">
<form action="" method="POST" enctype="multipart/form-data">
<div class="mb-3">
<input type="text" name="blog_title" placeholder="Title" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_tagline" placeholder="Tagline" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_rating" placeholder="Rating" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_projects" placeholder="Projects" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_events" placeholder="School Events" class="form-control">
</div>
<div class="mb-3">
<input type="number" name="school_mobile" placeholder="School Number" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_email" placeholder="School Email" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility" placeholder="Facilities your school have" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_2.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_2" placeholder="Facilities 2" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_3.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_3" placeholder="Facilities 3" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_4.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_4" placeholder="Facilities 4" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_5.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_5" placeholder="Facilities 5" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_6.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_6" placeholder="Facilities 6" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_7.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_7" placeholder="Facilities 7" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_8.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facility_8" placeholder="Facilities 8" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_activities.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_activities_heading_1" placeholder="School Activities Heading" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_activities_para_1" placeholder="School activities Paragraph" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_activities_2.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_activities_heading_2" placeholder="School activities Heading 2" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_activities_para_2" placeholder="School Activities Paragraph 2" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_activities_3.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_activities_heading_3" placeholder="School activities Heading 3" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_activities_para_3" placeholder="School activities Paragraph 3" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_mission.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_mission_heading" placeholder="School Mission Heading" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_mission_para" placeholder="School Mission Paragraph" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_vision.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_vision_heading" placeholder="School Vision Heading" class="form-control">
</div>
<div class="mb-3">
<input type="text" name="school_vision_para" placeholder="School Vision Paragraph" class="form-control">
</div>
<div class="mb-3">
<label for="">About School Infomartion</label>
<textarea class="form-control" name="blog_body" id="blog" rows="2"></textarea>
</div>
<div class="mb-3">
<label for="">School Activities Infomartion</label>
<textarea class="form-control" name="school_activities" id="blog_1" rows="2"></textarea>
</div>
<div class="mb-3">
<label for="">If you have mission or vision please describe</label>
<textarea class="form-control" name="school_mission_vision" id="blog_2" rows="2"></textarea>
</div>
<div class="mb-3">
<input type="file" name="blog_image" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_2" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_3" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_4" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_5" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_6" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_7" class="form-control">
</div>
<div class="mb-3">
<input type="file" name="school_image_8" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_social.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_instagram" placeholder="Instagram Link" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_social_2.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_facebook" placeholder="Facebook Link" class="form-control">
</div>
<div class="mb-3">
<?php include 'icons_social_3.php'; ?>
</div>
<div class="mb-3">
<input type="text" name="school_twitter" placeholder="Twitter Link" class="form-control">
</div>
<div class="mb-3">
<select class="form-control" name="category">
<option value="" name="category">Select Category</option>
<!-- $cats will fetch all all the data that is store in the categories. -->
<?php while ($cats = mysqli_fetch_assoc($query)) { ?>
<option value="<?= $cats['cat_id'] ?>">
<?= $cats['cat_name'] ?>
</option>
<?php } ?>
}
</select>
</div>
<div class="mb-3">
<input type="submit" name="add_blog" value="Add" class="btn btn-primary">
<a class="btn btn-secondary" href="index.php">Back</a>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
<?php
include 'footer.php';
// If the user click on Add button then the user data should upload to the database.
if (isset($_POST['add_blog'])) {
$title = mysqli_real_escape_string($config, $_POST['blog_title']);
$tagline = mysqli_real_escape_string($config, $_POST['school_tagline']);
$rating = mysqli_real_escape_string($config, $_POST['school_rating']);
$projects = mysqli_real_escape_string($config, $_POST['school_projects']);
$events = mysqli_real_escape_string($config, $_POST['school_events']);
$mobile = mysqli_real_escape_string($config, $_POST['school_mobile']);
$email = mysqli_real_escape_string($config, $_POST['school_email']);
$activities = mysqli_real_escape_string($config, $_POST['school_activities']);
$missionVision = mysqli_real_escape_string($config, $_POST['school_mission_vision']);
$body = mysqli_real_escape_string($config, $_POST['blog_body']);
$icon = mysqli_real_escape_string($config, $_POST['icon_input']);
$facility_1 = mysqli_real_escape_string($config, $_POST['school_facility']);
$icon2 = mysqli_real_escape_string($config, $_POST['icon_input_2']);
$facility_2 = mysqli_real_escape_string($config, $_POST['school_facility_2']);
$icon3 = mysqli_real_escape_string($config, $_POST['icon_input_3']);
$facility_3 = mysqli_real_escape_string($config, $_POST['school_facility_3']);
$icon4 = mysqli_real_escape_string($config, $_POST['icon_input_4']);
$facility_4 = mysqli_real_escape_string($config, $_POST['school_facility_4']);
$icon5 = mysqli_real_escape_string($config, $_POST['icon_input_5']);
$facility_5 = mysqli_real_escape_string($config, $_POST['school_facility_5']);
$icon6 = mysqli_real_escape_string($config, $_POST['icon_input_6']);
$facility_6 = mysqli_real_escape_string($config, $_POST['school_facility_6']);
$icon7 = mysqli_real_escape_string($config, $_POST['icon_input_7']);
$facility_7 = mysqli_real_escape_string($config, $_POST['school_facility_7']);
$icon8 = mysqli_real_escape_string($config, $_POST['icon_input_8']);
$facility_8 = mysqli_real_escape_string($config, $_POST['school_facility_8']);
$icon_mission = mysqli_real_escape_string($config, $_POST['icons_mission']);
$mission_heading = mysqli_real_escape_string($config, $_POST['school_mission_heading']);
$mission_para = mysqli_real_escape_string($config, $_POST['school_mission_para']);
$icon_vision = mysqli_real_escape_string($config, $_POST['icons_vision']);
$vision_heading = mysqli_real_escape_string($config, $_POST['school_vision_heading']);
$vision_para = mysqli_real_escape_string($config, $_POST['school_vision_para']);
$icon_activities = mysqli_real_escape_string($config, $_POST['icons_activities']);
$activities_heading_1 = mysqli_real_escape_string($config, $_POST['school_activities_heading_1'])
;
$activities_para_1 = mysqli_real_escape_string($config, $_POST['school_activities_para_1']);
$icon_activities_2 = mysqli_real_escape_string($config, $_POST['icons_activities_2']);
$activities_heading_2 = mysqli_real_escape_string($config, $_POST['school_activities_heading_2']);
$activities_para_2 = mysqli_real_escape_string($config, $_POST['school_activities_para_2']);
$icon_activities_3 = mysqli_real_escape_string($config, $_POST['icons_activities_3']);
$activities_heading_3 = mysqli_real_escape_string($config, $_POST['school_activities_heading_3']);
$activities_para_3 = mysqli_real_escape_string($config, $_POST['school_activities_para_3']);
$filename = $_FILES['blog_image']['name'];
$tmp_name = $_FILES['blog_image']['tmp_name'];
$size = $_FILES['blog_image']['size'];
$filename1 = $_FILES['school_image']['name'];
$tmp_name1 = $_FILES['school_image']['tmp_name'];
$size1 = $_FILES['school_image']['size'];
$filename2 = $_FILES['school_image_2']['name'];
$tmp_name2 = $_FILES['school_image_2']['tmp_name'];
$size2 = $_FILES['school_image_2']['size'];
$filename3 = $_FILES['school_image_3']['name'];
$tmp_name3 = $_FILES['school_image_3']['tmp_name'];
$size3 = $_FILES['school_image_3']['size'];
$filename4 = $_FILES['school_image_4']['name'];
$tmp_name4 = $_FILES['school_image_4']['tmp_name'];
$size4 = $_FILES['school_image_4']['size'];
$filename5 = $_FILES['school_image_5']['name'];
$tmp_name5 = $_FILES['school_image_5']['tmp_name'];
$size5 = $_FILES['school_image_5']['size'];
$filename6 = $_FILES['school_image_6']['name'];
$tmp_name6 = $_FILES['school_image_6']['tmp_name'];
$size6 = $_FILES['school_image_6']['size'];
$filename7 = $_FILES['school_image_7']['name'];
$tmp_name7 = $_FILES['school_image_7']['tmp_name'];
$size7 = $_FILES['school_image_7']['size'];
$filename8 = $_FILES['school_image_8']['name'];
$tmp_name8 = $_FILES['school_image_8']['tmp_name'];
$size8 = $_FILES['school_image_8']['size'];
$social_icon = mysqli_real_escape_string($config, $_POST['icon_social']);
// This will make the connect to database and will post the data to the database.
$instagram = mysqli_real_escape_string($config, $_POST['school_instagram']);
// $filename variable will have the image and image name. $_FILES will upload the image to the database.
$social_icon_2 = mysqli_real_escape_string($config, $_POST['icon_social_2']);
// This will make the connect to database and will post the data to the database.
$facebook = mysqli_real_escape_string($config, $_POST['school_facebook']);
// $filename variable will have the image and image name. $_FILES will upload the image to the database.
$social_icon_3 = mysqli_real_escape_string($config, $_POST['icon_social_3']);
// This will make the connect to database and will post the data to the database.
$twitter = mysqli_real_escape_string($config, $_POST['school_twitter']);
// $image_ext variable will lower the extionsion letter for example if the extension is (PNG) it will be convert to lower case (png). So this variable will get the file name and the extension of the file.
$image_ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
$image_ext1 = strtolower(pathinfo($filename1, PATHINFO_EXTENSION));
$image_ext2 = strtolower(pathinfo($filename2, PATHINFO_EXTENSION));
$image_ext3 = strtolower(pathinfo($filename3, PATHINFO_EXTENSION));
$image_ext4 = strtolower(pathinfo($filename4, PATHINFO_EXTENSION));
$image_ext5 = strtolower(pathinfo($filename5, PATHINFO_EXTENSION));
$image_ext6 = strtolower(pathinfo($filename6, PATHINFO_EXTENSION));
$image_ext7 = strtolower(pathinfo($filename7, PATHINFO_EXTENSION));
$image_ext8 = strtolower(pathinfo($filename8, PATHINFO_EXTENSION));
// $allow_type varibale have the set the extension file type that are supported.
$allow_type = ['jpg', 'png', 'jpeg', 'webp', 'svg'];
// $destination varibale is set to upload the image to the given path folder "upload/". So it will send the particurlar file that is selected by the user.
$destination = "upload/" . $filename;
$destination1 = "upload/" . $filename1;
$destination2 = "upload/" . $filename2;
$destination3 = "upload/" . $filename3;
$destination4 = "upload/" . $filename4;
$destination5 = "upload/" . $filename5;
$destination6 = "upload/" . $filename6;
$destination7 = "upload/" . $filename7;
$destination8 = "upload/" . $filename8;
// This will make the connect to database and will post the data to the database.
$category = mysqli_real_escape_string($config, $_POST['category']);
if (!empty($filename)) {
if (!empty($filename1)) {
// In this (if statement) there is function called in_array that will ckeck the value in array that it exists or not. If the file extension matches then upload the file else show the error.
if (in_array($image_ext, $allow_type) && in_array($image_ext1, $allow_type) && in_array($image_ext2, $allow_type) && in_array($image_ext3, $allow_type) && in_array($image_ext4, $allow_type) && in_array($image_ext5, $allow_type) && in_array($image_ext6, $allow_type) && in_array($image_ext7, $allow_type) && in_array($image_ext8, $allow_type)) {
// If the file size is lesser then 5MB then upload the file else show error.
if ($size <= 5000000) {
// If the image validation checks pass then move it to this folder
move_uploaded_file($tmp_name, $destination);
move_uploaded_file($tmp_name1, $destination1);
move_uploaded_file($tmp_name2, $destination2);
move_uploaded_file($tmp_name3, $destination3);
move_uploaded_file($tmp_name4, $destination4);
move_uploaded_file($tmp_name5, $destination5);
move_uploaded_file($tmp_name6, $destination6);
move_uploaded_file($tmp_name7, $destination7);
move_uploaded_file($tmp_name8, $destination8);
// This wll insert all the input that is field by the user in the database blog section.
$sql2 = "INSERT INTO blog(blog_title, school_tagline, school_rating, school_projects, school_events, school_mobile, school_email, blog_body, icon_input, school_facility, icon_input_2, school_facility_2, icon_input_3, school_facility_3, icon_input_4, school_facility_4, icon_input_5, school_facility_5, icon_input_6, school_facility_6, icon_input_7, school_facility_7, icon_input_8, school_facility_8, icons_activities, school_activities_heading_1, school_activities_para_1, icons_activities_2, school_activities_heading_2, school_activities_para_2, icons_activities_3, school_activities_heading_3, school_activities_para_3, icons_mission, school_mission_heading, school_mission_para, icons_vision, school_vision_heading, school_vision_para, school_activities, school_mission_vision, blog_image, school_images, school_images_2, school_images_3, school_images_4, school_images_5, school_images_6, school_images_7, school_images_8, icon_social, school_instagram, icon_social_2, school_facebook, icon_social_3, school_twitter, category, author_id) VALUES('$title', '$tagline', '$rating', '$projects', '$events', '$mobile', '$email', '$body', '$icon', '$facility_1', '$icon2', '$facility_2', '$icon3', '$facility_3', '$icon4', '$facility_4', '$icon5', '$facility_5', '$icon6', '$facility_6', '$icon7', '$facility_7', '$icon8', '$facility_8', '$icon_activities', '$activities_heading_1', '$activities_para_1', '$icon_activities_2', '$activities_heading_2', '$activities_para_2', '$icon_activities_3', '$activities_heading_3', '$activities_para_3', '$icon_mission', '$mission_heading', '$mission_para', '$icon_vision', '$vision_heading', '$vision_para', '$activities', '$missionVision', '$filename', '$filename1', '$filename2', '$filename3', '$filename4', '$filename5', '$filename6', '$filename7', '$filename8', '$social_icon', '$social_icon_2', '$social_icon_3', '$instagram', '$facebook', '$twitter', '$category', '$author_id')";
$query2 = mysqli_query($config, $sql2);
if ($query2) {
$msg = ["Post Publish Successfully", "alert-success"];
$_SESSION['msg'] = $msg;
// If the post publish successfully then redirect to same page with success message.
header("location:add_blog.php");
} else {
$msg = ["Failed, Please try again", "alert-danger"];
$_SESSION['msg'] = $msg;
// If the post it not able to post then redirect to same page with error message.
header("location:add_blog.php");
}
} else {
$msg = ["Image file size should not be greater then 5MB", "alert-danger"];
$_SESSION['msg'] = $msg;
// If the file size is bigger then 5MB then redirect to same page with error message.
header("location:add_blog.php");
}
} else {
$msg = ["Image file type is not allowed (only jpg, jpeg, png, webp, svg)", "alert-danger"];
$_SESSION['msg'] = $msg;
// If the file extension is not supported then redirect to same page with error message.
header("location:add_blog.php");
}
} else {
$sql3 = "INSERT INTO blog(blog_title, school_tagline, school_rating, school_projects, school_events, school_mobile, school_email, blog_body, icon_input, school_facility, icon_input_2, school_facility_2, icon_input_3, school_facility_3, icon_input_4, school_facility_4, icon_input_5, school_facility_5, icon_input_6, school_facility_6, icon_input_7, school_facility_7, icon_input_8, school_facility_8, icons_activities, school_activities_heading_1, school_activities_para_1, icons_activities_2, school_activities_heading_2, school_activities_para_2, icons_activities_3, school_activities_heading_3, school_activities_para_3, icons_mission, school_mission_heading, school_mission_para, icons_vision, school_vision_heading, school_vision_para, school_activities, school_mission_vision, icon_social, school_instagram, icon_social_2, school_facebook, icon_social_3, school_twitter, category, author_id) VALUES('$title', '$tagline', '$rating', '$projects', '$events', '$mobile', '$email', '$body', '$icon', '$facility_1', '$icon2', '$facility_2', '$icon3', '$facility_3', '$icon4', '$facility_4', '$icon5', '$facility_5', '$icon6', '$facility_6', '$icon7', '$facility_7', '$icon8', '$facility_8', '$icon_activities', '$activities_heading_1', '$activities_para_1', '$icon_activities_2', '$activities_heading_2', '$activities_para_2', '$icon_activities_3', '$activities_heading_3', '$activities_para_3', '$icon_mission', '$mission_heading', '$mission_para', '$icon_vision', '$vision_heading', '$vision_para', '$activities', '$missionVision', '$social_icon', '$social_icon_2', '$social_icon_3', '$instagram', '$facebook', '$twitter', '$category', '$author_id')";
$query3 = mysqli_query($config, $sql3);
if ($query3) {
$msg = ["Post Publish Successfully", "alert-success"];
$_SESSION['msg'] = $msg;
// If the post publish successfully then redirect to same page with success message.
header("location:add_blog.php");
} else {
$msg = ["Failed, Please try again", "alert-danger"];
$_SESSION['msg'] = $msg;
// If the post it not able to post then redirect to same page with error message.
header("location:add_blog.php");
}
}
} else{
$sql4 = "INSERT INTO blog(blog_title, school_tagline, school_rating, school_projects, school_events, school_mobile, school_email, blog_body, icon_input, school_facility, icon_input_2, school_facility_2, icon_input_3, school_facility_3, icon_input_4, school_facility_4, icon_input_5, school_facility_5, icon_input_6, school_facility_6, icon_input_7, school_facility_7, icon_input_8, school_facility_8, icons_activities, school_activities_heading_1, school_activities_para_1, icons_activities_2, school_activities_heading_2, school_activities_para_2, icons_activities_3, school_activities_heading_3, school_activities_para_3, icons_mission, school_mission_heading, school_mission_para, icons_vision, school_vision_heading, school_vision_para, school_activities, school_mission_vision, blog_image, school_images, icon_social, school_instagram, icon_social_2, school_facebook, icon_social_3, school_twitter, category, author_id) VALUES('$title', '$tagline', '$rating', '$projects', '$events', '$mobile', '$email', '$body', '$icon', '$facility_1', '$icon2', '$facility_2', '$icon3', '$facility_3', '$icon4', '$facility_4', '$icon5', '$facility_5', '$icon6', '$facility_6', '$icon7', '$facility_7', '$icon8', '$facility_8', '$icon_activities', '$activities_heading_1', '$activities_para_1', '$icon_activities_2', '$activities_heading_2', '$activities_para_2', '$icon_activities_3', '$activities_heading_3', '$activities_para_3', '$icon_mission', '$mission_heading', '$mission_para', '$icon_vision', '$vision_heading', '$vision_para', '$activities', '$missionVision', '$filename', '$filename1', '$social_icon', '$social_icon_2', '$social_icon_3', '$instagram', '$facebook', '$twitter', '$category', '$author_id')";
$query4 = mysqli_query($config, $sql4);
// $sql3 = "INSERT INTO images(school_image) VALUES('$filename1')";
// $query3 = mysqli_query($config, $sql3);
if ($query4) {
$msg = ["Post Publish Successfully", "alert-success"];
$_SESSION['msg'] = $msg;
// If the post publish successfully then redirect to same page with success message.
header("location:add_blog.php");
} else {
$msg = ["Failed, Please try again", "alert-danger"];
$_SESSION['msg'] = $msg;
header("location:add_blog.php");
}
}
}
?>
Output Screenshot Error

Uploading image dont have an extension

I created a form and am trying to upload image to directory and add the path in database. Hence, i submit the form only the image filename gets submitted without file extension name and also it wont be uploaded in the directory.
Below is my php code
if(isset($_POST['addcourse'])) {
$uploadDirectory = "images/";
if (!isset($_FILES['passport']) || !is_uploaded_file($_FILES['passport']['tmp_name'])) {
$passport_data = $_FILES['passport']['tmp_name']; //file input
// $passport_name = $_FILES['passport']['name']; //unique id for random filename
$passport_size = $_FILES['passport']['size'];
$unique_name = uniqid();
$extension = pathinfo($_FILES['passport']['name'], PATHINFO_EXTENSION);
// $target_file = $uploadDirectory.basename($_FILES['passport']['name']);
$target_file = $uploadDirectory . basename($unique_name . "." . $extension);
$passport_name = $unique_name . "." . $extension;
move_uploaded_file($passport_data, $target_file);
$name = mysqli_escape_string($myConn, $_POST["name"]);
$code = mysqli_escape_string($myConn, $_POST["code"]);
$course_req = mysqli_escape_string($myConn, $_POST["course_req"]);
$course_des = mysqli_escape_string($myConn, $_POST["course_des"]);
$sql = "INSERT INTO courses (name,code,course_req,course_des,passport)
VALUES ('$name','$code','$course_req','$course_des','$passport_name')";
if (mysqli_query($myConn, $sql)) { ?>
<script type="text/javascript">
alert("New Course Created Successfully");
window.location = "addcourse";
</script>
<?php } else {
echo "Error: " . $sql . ":-" . mysqli_error($myConn);
}
mysqli_close($myConn);
}
}
?>
Below is the form i created
<form class="form-horizontal" action="insert" method="post" role="form" enctype="multipart/form-data">
<div class="form-group row">
<label class="control-label col-sm-3 align-self-center">Course Name:</label>
<div class="col-sm-9">
<input type="text" name="name" class="form-control" id="course" placeholder="Enter Course Name">
</div>
</div>
<div class="form-group row">
<label class="control-label col-sm-3 align-self-center">Course Code:</label>
<div class="col-sm-9">
<input type="text" name="code" class="form-control" id="code" placeholder="Enter Course Code">
</div>
</div>
<div class="form-group row">
<label class="control-label col-sm-3 align-self-center">Course Requirements:</label>
<div class="col-sm-9">
<textarea type="text" name="course_req" class="form-control" id="course_req" rows="3"></textarea>
</div>
</div>
<div class="form-group row">
<label class="control-label col-sm-3 align-self-center">Course Description:</label>
<div class="col-sm-9">
<textarea type="text" name="course_des" class="form-control" id="course_des" rows="3"></textarea>
</div>
</div>
<div class="form-group row">
<label class="control-label col-sm-3 align-self-center">Featured Image:</label>
<div class="col-sm-9">
<input type="file" id="myfile" name="myfile"> </div>
</div>
<div class="form-group">
<!-- <input type="submit" name="addcourse" class="btn btn-primary" Value="addcourse">
--> <button type="submit" name="addcourse" class="btn btn-primary">Submit</button>
<button type="submit" class="btn bg-danger">Cancel</button>
</div>
</form>
Attached image is how the database looks like after submission
I have checked the file naming and i expect the generated temp file name to be stored in passport field of table, then moved it the target folder.

My basic example (upload and read a file) is like that :
<?php
if (isset($_FILES['the_key']['error']) && $_FILES['the_key']['error'] == UPLOAD_ERR_OK)
{
if (is_uploaded_file($_FILES['the_key']['tmp_name']))
{
$extension = strrpos($_FILES['the_key']['name'], '.'); // locate the last dot
if ($extension !== false)
{
$extension = substr($_FILES['the_key']['name'], 1 + $extension);
// if needed add here a custom extension validation instead of ctype_alnum
$extension = ctype_alnum($extension) ? '.' . strtolower($extension) : '.unknown';
}
else
$extension = '.no-extension';
$filename = sha1(mt_rand()) . $extension ; // get a name
move_uploaded_file($_FILES['the_key']['tmp_name'], $filename); // take the file
readfile($filename); // read
unlink($filename); // delete
exit;
}
}
?>
<form method=post enctype="multipart/form-data">
<input type=file name=the_key>
<input type=submit>

I want to add multiple images into MySQL database

I'm working on this feature in my project where I want to add three(3) images along side other details into my database row and I want this images to be in separate columns in one row.... So far below is my code. the code is not working yet... The images and texts are not uploading to the database....
Please help me out guys. What am I doing wrong. Thanks.
Below is my code sample:
//THE PHP SECTION//
<?php
session_start();
include 'includes/config.php';
if (isset($_POST['post']) && isset($_POST['itemtype'])) {
$title = mysqli_real_escape_string($link, $_POST['title']);
$itemtype = mysqli_real_escape_string($link, $_POST['itemtype']);
$description = mysqli_real_escape_string($link, $_POST['description']);
$image1 = $_FILES['image1']['name'];
$image1_tmp_name = $_FILES['image1']['tmp_name'];
$image2 = $_FILES['image2']['name'];
$image2_tmp_name = $_FILES['image2']['tmp_name'];
$image3 = $_FILES['image3']['name'];
$image3_tmp_name = $_FILES['image3']['tmp_name'];
$price = mysqli_real_escape_string($link, $_POST['price']);
$category = mysqli_real_escape_string($link, $_POST['category']);
$name = mysqli_real_escape_string($link, $_POST['name']);
//image file directory
$target1 = 'images/user_ads/'.basename($image1);
$target2 = 'images/user_ads/'.basename($image2);
$target3 = 'images/user_ads/'.basename($image3);
if (move_uploaded_file($_FILES['image1_tmp_name'], $target1)) {
}
if (move_uploaded_file($_FILES['image2_tmp_name'], $target2)) {
}
if (move_uploaded_file($_FILES['image3_tmp_name'], $target3)) {
}
//insert into ost database
$insert = "INSERT INTO products(Title,Product_Type,Description,Image1,Image2,Image3,Price,Category,Name,PostedDate)VALUES('$title','$itemtype','$description','$target1','$target2','$target3','$price','$category','$name',NOW())";
$insertKwary = mysqli_query($link, $insert);
if ($insertKwary) {
$msg = "<div class='alert alert-danger alert-success'>Product Submitted</div>";
}else{
$msg = "<div class='alert alert-danger alert-success'>Product Not Submitted...Try again</div>";
}
}
?>
//THE HTML SECTION//
<div class="col-md-8 col-md-offset-2">
<?php if(isset($msg)) { echo $msg; } ?>
<form action="" method="POST" enctype="multipart/form-data" class="postAdForm" id="postAdForm">
<div class="form-group">
<label for="Ad_title">Item Title</label>
<input type="text" name="title" class="form-control title" id="title" required=""/>
</div>
<div class="form-group">
<label for="itemtype">Item Type</label>
<select class="form-control" name="itemtype" id="itemtype">
<option>Sale</option>
<option>Request</option>
</select>
</div>
<div class="form-group">
<label for="description">Item Description</label>
<textarea name="description" class="form-control description" id="description" rows="7" required=""></textarea>
</div>
<div class="form-group">
<label for="price">First Image</label>
<input type="file" name="image1" class="form-control image1" id="image1" required="" />
</div>
<div class="form-group">
<label for="price">Second Image</label>
<input type="file" name="image2" class="form-control image2" id="image2" required="" />
</div>
<div class="form-group">
<label for="price">Third Image</label>
<input type="file" name="image3" class="form-control image3" id="image3" required="" />
</div>
<div class="form-group">
<label for="price">Price</label>
<input type="text" name="price" class="form-control price" id="price" required="" />
</div>
<div class="form-group">
<label for="category">Item Category</label>
<select class="form-control" name="category" id="category">
<option>Sale</option>
<option>Request</option>
</select>
</div>
<div class="form-group">
<label for="price">Name</label>
<input type="text" name="name" class="form-control name" id="name" required="" readonly="" />
</div>
<div class="form-group">
<input type="submit" name="post" class="btn btn-post post" id="post" value="POST AD" />
</div>
</form>
</div>
I've also attached an image of the error i'm getting..
image of web page showing thee errors i get..error gotten

The error is due to these lines:
if (move_uploaded_file($_FILES['image1_tmp_name'], $target1)) {
}
if (move_uploaded_file($_FILES['image2_tmp_name'], $target2)) {
}
if (move_uploaded_file($_FILES['image3_tmp_name'], $target3)) {
}
You're setting $image1_tmp_name, not $_FILES['image1_tmp_name'].
Try this:
if (move_uploaded_file($image1_tmp_name, $target1)) {
}
if (move_uploaded_file($image2_tmp_name, $target2)) {
}
if (move_uploaded_file($image3_tmp_name, $target3)) {
}
Edit: Using mysqli_error() to print the error helped solve additional issues (Mentioned in comments)

Post is not Updating

I am currently trying to make a type blog site and I'm having trouble uploading the post in the edition of a post already created .
I'm currently using the Bootstrap and do not know if this will influence my code or not but the php error is in the lines of the form table.
<?php
include("includes/connect.php");
if (isset($_GET['edit'])) {
$edit_id = $_GET['edit'];
$edit_query = "select * from posts where post_id='$edit_id'";
$run_edit = mysql_query($edit_query);
while ($edit_row=mysql_fetch_array($run_edit)) {
$post_id = $edit_row['post_id'];
$post_title = $edit_row['post_title'];
$post_author = $edit_row['post_author'];
$post_keywords = $edit_row['post_keywords'];
$post_image = $edit_row['post_image'];
$post_content = $edit_row['post_content'];
}
}
?>
<div class="col-md-10" id="content-area">
<div class="container">
<div class="row">
<h2>Edit Post</h2>
<form method="post" action="edit_post.php?edit_form=<?php echo $edit_id ?>" enctype="multipart/form-data">
<fieldset class="form-group">
<label for="title">Title</label>
<input type="text" name="title" class="form-control" id="title" placeholder="title" value="<?php echo $post_title; ?>">
</fieldset>
<fieldset class="form-group">
<label for="author">Author</label>
<input type="text" name="author" class="form-control" id="author" placeholder="author" value="<?php echo $post_author; ?>">
</fieldset>
<fieldset class="form-group">
<label for="keywords">Keywords</label>
<input type="text" name="keywords" class="form-control" id="keywords" placeholder="keywords" value="<?php echo $post_keywords; ?>">
</fieldset>
<fieldset class="form-group">
<label for="image">Image</label>
<input type="file" name="image" class="form-control" id="image" placeholder="image">
<img src="../images/<?php echo $post_image; ?>" width="100" height="100">
</fieldset>
<fieldset class="form-group">
<label for="content">Content</label>
<textarea name="content" cols="20" rows="20" class="form-control" id="content" placeholder="content"><?php echo $post_content; ?></textarea>
</fieldset>
<input class="btn btn-primary" type="submit" name="submit" value="Update Post"></input>
</form>
</div>
</div>
</div>
</body>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script src="../js/bootstrap.min.js"></script>
</html>
<?php
if (isset($_POST['update'])) {
$update_id = $_GET['edit_form'];
$post_title1 = $_POST['title'];
$post_date1 = date('m-d-y');
$post_author1 = $_POST['author'];
$post_keywords1 = $_POST['keywords'];
$post_content1 = $_POST['content'];
$post_image1 = $_FILES['image']['name'];
$image_tmp = $_FILES['image']['tmp_name'];
if($post_title1=='' or $post_author1=='' or $post_keywords1=='' or $post_content1=='' or $post_image1=='') {
echo "<script>alert('Preencha todos os campos')</script>";
exit();
}
else {
move_uploaded_file($image_tmp, "../images/$post_image1");
$update_query = "update posts set post_title='$post_title1',post_date='$post_date1',post_author='$post_author1',post_image='$post_image1',post_keywords='$post_keywords1',post_content='$post_content1' where post_id='update_id'";
if (mysql_query($update_query)) {
echo "<script>alert('O seu post foi atualizado')</script>";
echo "<script>window.open('view_posts.php','_self')</script>";
}
}
}
?>

First of all, you should prevent SQL Injection.
Change this line:
$edit_id = $_GET['edit'];
To this:
$edit_id = (int)$_GET['edit'];
This way, php will always assume that the variable is an int.
The same on update code:
$update_id = $_GET['edit_form'];
To:
$update_id = (int)$_GET['edit_form'];
And then, you forgot to put $ inside SQL query, on update_id variable to run as a PHP variable:
$update_query = (...) where post_id='$update_id'";

storing images to folder in php without seperate upload button

i am newbie in php kindly pardon me if i am silly .
I have a form which on submit updates the changes in the form .
Now i added a image upload field with field type as file . my question is i don't want it to be uploaded by clicking upload button separately, instead i want to use the same old submit button which i use for form update . i tried several ways but failed . also i want to save only in the name admin and it should allow only .jpg extension
My form page code is as follows
<?php
if(isset($_POST['update'])) {
$info = pathinfo($_FILES['imagefile']['name']);
$ext = $info['extension']; // get the extension of the file
$newname = "admin.".$ext;
$target = WEB_URL .'img/'.$newname;
move_uploaded_file( $_FILES['imagefile']['tmp_name'], $target);
$name_a = $_POST['name'];
$email_a = $_POST['email'];
$pass_a = $_POST['password'];
$sql = "UPDATE admin SET a_name = '$name_a', a_email = '$email_a', password = '$pass_a' where aid='$update_id' ";
$retval = mysql_query($sql,$link);
if(! $retval ) {
die('Could not update data: ' . mysql_error());
}
// echo "Updated data successfully\n";
}
$result = mysql_query("SELECT * FROM admin where aid='$update_id' ",$link);
while($row = mysql_fetch_array($result)){
$name = $row['a_name'];
$email = $row['a_email'];
$password = $row['password'];
}
mysql_close($link);
?>
<div class="box box-widget widget-user-2">
<div class="widget-user-header bg-yellow">
<div class="widget-user-image">
<?php echo '<img src="' . $img . '" class="img-circle" alt="User Image">'; ?>
</div>
<!-- /.widget-user-image -->
<h3 class="widget-user-username"><?php echo "$name"; ?></h3>
<h5 class="widget-user-desc"><?php echo "$role"; ?></h5>
</div>
<div class="box-footer no-padding">
<form role="form" method = "post" action = "<?php echo $_SERVER['PHP_SELF']; ?>">
<div class="box-body">
<div class="form-group">
<label for="exampleInputName1">Name</label>
<input type="text" class="form-control" id="exampleInputName1" name="name" value="<?php echo $name; ?>">
</div>
<div class="form-group">
<label for="exampleInputEmail1">Email address</label>
<input type="email" class="form-control" id="exampleInputEmail1" name="email" value="<?php echo $email; ?>">
</div>
<div class="form-group">
<label for="exampleInputPassword1">Password</label>
<input type="password" class="form-control" id="exampleInputPassword1" name="password" value="<?php echo $password; ?>">
</div>
<div class="form-group">
<label for="exampleInputFile">Profile picture</label><br/>
<img id="preview" src="<?php echo $img; ?>" /><br/><br/>
<input type="file" onchange="readURL(this);" id="exampleInputFile" name="imagefile">
</div>
</div>
<!-- /.box-body -->
<div class="box-footer">
<button type="submit" name="update" id="update" class="btn btn-primary">Submit</button>
</div>
</form>
</div>
</div>
<!-- /.widget-user -->
The lines which i tried and failed to achieve my requirement is as follows . which is also there in the above code .
$info = pathinfo($_FILES['imagefile']['name']);
$ext = $info['extension']; // get the extension of the file
$newname = "admin.".$ext;
$target = WEB_URL .'img/'.$newname;
move_uploaded_file( $_FILES['imagefile']['tmp_name'], $target);

You forgot to write enctype="multipart/form-data" into your <form> without this attribute you can not upload any image.
You should change :
<form role="form" method = "post" action = "<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data">

Categories