Member Avatar for jakx12

ok so what i want is the image path to be implemented in the database, but i dont understand how i can also include the speech marks for the image source. Heres my code:

<html>
<head>
<link rel=stylesheet type=text/css href=style.css>
<title>
Image Upload
</title>
</head>
<body>
<?php include("header.php"); ?>
<br>
<br>
<br>
<br>
<br>
<br>
<center>
<div class=indexboxlarge>
<?php
$target_path = "images/";
$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 
if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
echo "<h1>";      
 echo "The file ".  basename( $_FILES['uploadedfile']['name']). 
    " has been uploaded ";
echo "to gallery: ";
echo $_POST[gall];
echo "</h1>";   
echo "This page will refresh in 5 seconds to your gallery home";
include("dbcon.php");
SESSION_start();
$username = $_SESSION['username'];
dbcon();
$filename = basename( $_FILES['uploadedfile']['name']);
$path = '<img src="images/$filename"/>';

mysql_query("INSERT INTO gallery 
(username, gallery, name, tag, path) VALUES('$username', '$_POST[gall]', 'no', '$_POST[tag]', '$path' ) ") 
or die(mysql_error());  
header('Refresh: 5; url=galleryhome.php');

} else{
echo "<h1>";    
echo "There was an error uploading the file, please try again!";
echo "</h1>";   
echo "This page will refresh in 5 seconds to your gallery home";
header('Refresh: 5; url=galleryhome.php');

}

?>
</div>
</center>
</body>
</html>
  • 3 Contributors
  • 3 Replies
  • 77 Views
  • 6 Hours Discussion Span
  • Latest Post Latest Post by diafol

Recommended Answers

All 3 Replies

Member Avatar for somedude3488

what are speech marks? i have never heard of that.

Member Avatar for jakx12

the html tag for the path of the image requires speech marks ("). However in the mysql query there are speech marks i think thats the problem, but i dont know how to fix it.

Member Avatar for diafol

You don't store your quote marks in the db if you can help it. Once again you've buggered up your sql:

mysql_query("INSERT INTO gallery 
(username, gallery, name, tag, path) VALUES('$username', '$_POST[gall]', 'no', '$_POST[tag]', '$path' ) ")

You need to brace out or escape your variables!
You also need to quote your $_POST vars.

mysql_query("INSERT INTO gallery 
(username, gallery, name, tag, path) VALUES('{$username}', '{$_POST['gall']}', 'no', '{$_POST['tag']}', '{$path}' ) ")

Your output from DB will be (if your src data = $data['src'] for example):

echo "<img src=\"{$data['src']}\" .... />";
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.