I Have a problem with saving a photo. When i put

<form action="" method="post" enctype="multipart/form-data">

i saves the photo on the path but it doesnt saves it on the database. Althought the other values are saved (title,date, id etc). When i put

<meta http-equiv="Content-Type" content="text/html">
    <form action="" method="post" enctype="multipart/form-data">

the photo it is saved on the database but not on the path i choose i tried  enctype="plain/text" still the same

any help?
Member Avatar


leave enctype as m/f.

You don't show any php code or form markup for us to look at.

What are you trying to save to the database? the path string or the photo itself.

if you are saving the path, you need to post the upload processing code for us to review. If you are saving the photo into the database, you need to use blob in the database and base64 encode the image file.

Sorry for the delay i ddnt know that the activation email was going on ht junk folder. I didnt posted the php code because i dont think thats wrong. Here it is

$file_exts = array("jpg", "bmp", "jpeg", "gif", "png");
$upload_exts = end(explode(".", $_FILES["event_img"]["name"]));
if ((($_FILES["event_img"]["type"] == "image/gif")
|| ($_FILES["event_img"]["type"] == "image/jpeg")
|| ($_FILES["event_img"]["type"] == "image/png")
|| ($_FILES["event_img"]["type"] == "image/pjpeg"))
&& ($_FILES["event_img"]["size"] < 2000000)
&& in_array($upload_exts, $file_exts))

'c:\wamp\www\wall/uploads/photos/events/' . $_FILES["event_img"]["name"]);

$title = $_POST['event_title'];
$date = $_POST['datetimepicker'];
$venue= $_POST['venue_name'];
$name = $_POST['event_img'];
$query = mysql_query("INSERT INTO events (event_id, user_id, event_title, event_date, venue_name, event_img) VALUES ('$event_id', '$uid', '$title', '$date', '$venue', '$name')") or die(mysql_error());


That strikes me as odd, you've got backward slashes and forward slashed mixed up.

Best just to go with forward slashes and with that it should be more OS compliant - either windows or unix.

Member Avatar


You should escape ALL input ($_POST) variables if you use them in mysql queries. Alternatively use bound parameters with prepared statements in PDO or mysqli.

I'm a bit confused as to saving the path to DB.

$name = $_POST['event_img'];

Does not exist, does it? Wouldn't it be...

$name = 'uploads/photos/events/' . $_FILES['event_img']['name'];
commented: yup +14

^^or just $_FILES['event_img']['name'];

Not good practice to save the path as well in case it might change sometime into the future.

Member Avatar


That's true, the full path would have to change in all records if you did change the upload directory at some point.