There's lots of good advice in the help centre - notably How to create a Minimal, Complete, and Verifiable example.
As it stands there is no error checking in your code (which should be required for production use, never mind development). That the script ends with a redirect makes it rather hard to report detailed events for debugging (but these can be written to log files).
ini_set('error_reporting', E_ALL);
I am guessing this is the mysqli extension you are using here - if a query or connection fails, it does not trigger an eror in PHP, you need to poll mysqli_error() and/or check the return value from the operation.
The SELECT/UPDATE/INSERT is very inefficient - a better approach would be to
- use REPLACE if you always want to override the existing data,
- OR, if you want to be a bit more selective
- attempt the insert then handle duplicate key conflicts when they arise
- or use a trigger to multiplex the insert/update behaviour.
Depending on how the CSV is constructed you will get an error for the last line in the file - you might want to check 4<=count($line)
before attempting to access the record.
Your code is vulnerable to SQL Injection.