Hi guys

I am very new to php and am trying to create a small content management site. Hopefully I will have posted this correctly, sorry If I have missed anything out.

I have a self referencing form, which allows me to enter a file name and browse to a file I wish to upload to my website. The aim is for the uploaded files to go into my images folder on the web server. The directory for the images folder on my server is /public_html/iit/images. I am using an include file in the code where I have a defined upload path set to "define('MM_UPLOADPATH', 'images/');"

The code I have is meant to move the file from the temp folder and put it in the images folder. However when I try and upload a file, I get my own message of 'Please enter all of the information to upload your file'. So I know the file is not being written to the database and the file is not being moved to the images folder.

I wasn't sure if I needed to define the uploadpath as "define('MM_UPLOADPATH', 'public_html/iit/images/');" but this didn't work. My db consists of one table, and in the context fo this issue it uses the fields file_name and file. I have copied the code below. If anyone can see where I am going wrong and what is stopping the files from being uploaded I could realy do with some help. Also if anyone has any suggestions for best practice and how I should do this better I am eager for suggestions.

Thanks for any help and time give,




  // Define application constants
  define('MM_UPLOADPATH', 'public_html/iit/images/');
  define('MM_MAXFILESIZE', 8388608);      //8 mb
  define('MM_MAXIMGWIDTH', 120);        // 120 pixels
  define('MM_MAXIMGHEIGHT', 120);       // 120 pixels




  // If the session vars aren't set, try to set them with a cookie
  if (!isset($_SESSION['user_id'])) {
    if (isset($_COOKIE['user_id']) && isset($_COOKIE['username'])) {
      $_SESSION['user_id'] = $_COOKIE['user_id'];
      $_SESSION['username'] = $_COOKIE['username'];
//add the page header 
	//enter the page title of this particular page in here 
	$pagetitle = 'Upload Media';

 echo '<div id="toplinks">';
  // Generate the navigation menu
  if (isset($_SESSION['username'])) {
    //echo '<a href="index.php">Home</a><br />';
	echo '<ul>';
	echo '<li><a href="profileview.php">View Profile</a></li>';
    echo '<li><a href="profileedit.php">Edit Profile</a></li>';
	echo '<li><a href="upload.php">Upload Media</a></li>';
    echo '<li><a href="logout.php">Log Out (' . $_SESSION['username'] . ')</a></li>';
	echo '</ul>';
  else {
	echo '<ul>';
    echo '<li><a href="login.php">Log In</a></li>';
    echo '<li><a href="register.php">Register</a></li>';
	echo '</ul>';
  echo '</div>';
<div id= uploadForm>
if (isset($_POST['submit'])) {
    // take data from the POST
    $file_name = $_POST['file_name'];
    $file = $_FILES['file']['file_name'];
    if (!empty($file_name) && !empty($file)) {
      if ((($file == 'image/gif') || ($file == 'image/jpeg') || ($file == 'image/png') || ($file == 'image/mp4'))
        && ($file > 0) && ($file <= MM==MM_MAXFILESIZE)) {
        if ($_FILES['file']['error'] == 0) {
          // Move the file to the target upload folder
          $target = MM_UPLOADPATH . $file;
          if (move_uploaded_file($_FILES['file'] ['tmp_name'], $target)) {

            // insert data to the database
            $query = "INSERT INTO users VALUES ('$file_name', '$file')";
            mysqli_query($dbc, $query);

            // confirm upload 
            echo '<p>You have uploaded your file. </p>';
            echo '<p><strong>File Name:</strong> ' . $file_name . '<br />';
            echo '<strong>File:</strong> ' . $file . '<br />';
            echo '<img src="' . GW_UPLOADPATH . $file . '" alt="media" /></p>';
            echo '<p><a href="index.php">&lt;&lt; Home</a></p>';

            // Clear data from the form
            $file_name = "";
            $file = "";
          else {
            echo '<p class="error">Sorry, there was a problem uploading your file.</p>';
      else {
        echo '<p class="error">The file must be a GIF, JPEG, PNG or MP4 file type no greater than ' . (MM_MAXFILESIZE / 8388608) . ' MB in size.</p>';

      // Try to delete the temporary file
    else {
      echo '<p class="error">Please enter all of the information to upload your file.</p>';

 <form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>">
     <label for="name">Name:</label>
     <input type="text" id="file_name" name="file_name" value="<?php if (!empty($file_name)) echo $file_name; ?>"/><br />
     <label for="file">Media File:</label>
     <input type="file" id="file" name="file" />
    <br />
    <input type="submit" value="Upload" name="submit" />
  <p> Filetypes: jpg, png, gif and mp4 <br />
  	  Max File Size: 8mb</p>
//add the footer to the bottom of the page


Two problems I see.

First, you need to add enctype="multipart/form-data" to your form. Required for all forms that do file uploads.

Second, $_FILES['file']['file_name'] should be $_FILES['file']['name'] , and the mime and size checks need to be done against their respective fields in the $_FILES['file'] array, rather then against the $file variables, as it is now ;-]


<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data">