This question already has an answer here:
I am creating a forum that allows users to upload an image through an HTML form, which is then saved to a specific folder using PHP. Then I plan to use an SQL query to add a row to a table and include the filepath of an image selected, so that I can display it on another page.
I am fairly new to PHP and mySQL, and as such I have been using Google for a lot of my answers. However, I haven't been able to find anyone else who has encountered this issue and I haven't found any other SQL queries in my forum that encounter similar issues. Also, I haven't received any errors from my code.
<?php
include("../../../dbconn.php");
$cid = 1;
$scid = 1;
$topic_title = $_POST['topic-title'];
$content = $_POST['topic-content'];
$target_dir = "Saved Images/";
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
$check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
if($check !== false) {
echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 500000) {
echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.</br>";
// if everything is ok, try to upload file
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded.";
mysqli_query($con, "INSERT INTO Artists_Looking_For_Writers (`category_id`, `subcategory_id`, `title`, `content`, `date_posted`, `imgName1`) VALUES ('".$cid."', '".$scid."', '".$topic_title."', '".$content."', NOW(), '".$_FILES['fileToUpload']['name']."');");
} else {
echo "Sorry, there was an error uploading your file.";
}
}
?>
This should create a row in my table that contains a category id, subcategory id, title, content, date posted, and the name of my image. Instead, nothing is added to the table. This only happens when I include the imgName1 column in my SQL query. If I remove that and the command to get the name of the uploaded file then it runs perfectly.
</div>
