0

I have been inserting the file path in to data base but it s giving a mysql syantax error can any pne fix it

<?php
include 'db.php';
if($_SERVER['REQUEST_METHOD']=='POST')
{
    if(isset($_FILES['photo'])&& is_uploaded_file($_FILES['photo']['tmp_name'])
            && $_FILES['photo']['error']==UPLOAD_ERR_OK)
    {
        if($_FILES['photo']['type']=='image/jpeg') 
        {
            $tmp_img = $_FILES['photo']['tmp_name'];
            $path = "d:/xampp/htdocs/upload/images/" .$_FILES['photo']['name'];
            move_uploaded_file($_FILES['photo']['tmp_name'], $path);
            $imgname=$_FILES['photo']['name'];
            $q="Insert INTO image (name,imgpath) VALUES($imgname,$path)";
            mysql_query($q) or die(mysql_error());
        }
        else 
        {
            echo "Uploaded file was not a JPG image.";
        }
    }   
    else 
    {
         echo "No file Uploaded";
    }
}
?>
5
Contributors
25
Replies
57
Views
4 Years
Discussion Span
Last Post by Webville312
Featured Replies
0

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':/xampp/htdocs/upload/images/graphics.JPEG)' at line 1

0

now i i have put the quotes file name saved successfully but still image path is not saved in db

0

Wwhy not use this code instead?

  $target_path = "d:/xampp/htdocs/upload/images/";
    $target_path = $target_path . basename( $_FILES['photo']['name']); 

And then when inserting to the database, you can use;

"insert into photos (id,image_name,image) values ('$id','$_FILES[photo]','".$target_path."')";

That should work ...

Edited by Webville312: added some codes

0

You are missing closing quotes on this line;

Actually, no it doesn't need quotes here if it ends with a variable. The quotes just close the string.

0

that creates the error "Webville" look again i have been concatenating both strings

0

Sorry, my bad; My first post was offside, but I edited it with a line of code that actually works for me ...

Once again sorry ...

0

i have just chk the $path by echo and showing the without an error but problm is that its not getting
in to the database

0

I had suggested a code fragment that actually works for me, and it is;

$target_path = "d:/xampp/htdocs/upload/images/";
    $target_path = $target_path . basename( $_FILES['photo']['name']); 

And the insert is;

"insert into photos (id,image_name,image) values ('$id','$_FILES[photo]','".$target_path."')";
0
$path = "d:/xampp/htdocs/upload/images/" .$_FILES['photo']['name'];

you have an extra space there, before the .$files

$path = "d:/xampp/htdocs/upload/images/".$_FILES['photo']['name'];

might do it. Mysql's funny about things like that.

0

this is not working :(

So does this mean that you are getting an error still? Or is there no error and it just is not inserting the file path into the db?

Can you post your current code again after the changes you have made?

0
<?php 
include "db.php";
$target_path = "images/";

$target_path = $target_path . basename( $_FILES['file']['name']); 

if(move_uploaded_file($_FILES['file']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['file']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
$q ="Insert Into image(name,imgpath) VALUES ('".$_FILES['file']['name']."','".$target_path."')";

mysql_query($q) or die(mysql_error());


?>
0

i dnt get error by using this script the only thing is that file path aint saving in to the db

0

Hmm, what are the rest of the columns in your SQL table "image"? Can you just show us the table structure?

0

i have just created the db with name upload with three attributes imgid, ,name,imgpath

0

The name of the table is "upload" or is that the name of the database?

Try this:

<?php 
include "db.php";

$target_path = "images/";
$img_name = mysql_real_escape_string($_FILES['file']['name']);

if(move_uploaded_file($_FILES['file']['tmp_name'], $target_path.$img_name)) {

    // Moved this here. Would there be a reason to put it into the database if the file upload failed?
    $q = "INSERT INTO upload (imgid,name,imgpath) VALUES ('','$img_name','". $target_path.$img_name ."')";
    $result = mysql_query($q) or die (mysql_error());
    echo "The file $img_name has been uploaded";

}else{
    echo "There was an error uploading the file, please try again!";
}
?>

Just change the name of the table in the SQL if it really is just "image".

Edited by pixelsoul

0

i had put type int with img path attibute thats why it was not saving in database

1

Personally I would use

$name=$files['file']['name'];

$q ="Insert Into image(name,imgpath) VALUES ('$name','$target_path')";

Edited by TonyG_cyprus

0

Yes, there are a lot of different/better ways to do this operation. I don't like using just $name because it is very general to me and could be the name of anything when I have a lot of code in one file that does more than just deal with an image. Of course, at the end of the day I would probably have written a function or class (which I have) and just call that.

@kiLLer.zoh_1 Make sure you take your script further and put in error checking, and file upload restrictions if you are planning on having this public facing for anyone to use. As it is right now, someone/anyone could bring your entire website down with being able to access this.

0

and do you have a folder named "images" ???

And why are you concatenating the imagename with the target path in this line?;

  $q = "INSERT INTO upload (imgid,name,imgpath) VALUES ('','$img_name','". $target_path.$img_name ."')";

You only need the target path ONLY ...

Edited by Webville312: Made some corrections

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.