0

I Have a problem with saving a photo. When i put

<form action="" method="post" enctype="multipart/form-data">

i saves the photo on the path but it doesnt saves it on the database. Althought the other values are saved (title,date, id etc). When i put

<meta http-equiv="Content-Type" content="text/html">
    <form action="" method="post" enctype="multipart/form-data">


the photo it is saved on the database but not on the path i choose i tried  enctype="plain/text" still the same

any help?
4
Contributors
7
Replies
24
Views
3 Years
Discussion Span
Last Post by diafol
0

leave enctype as m/f.

You don't show any php code or form markup for us to look at.

0

What are you trying to save to the database? the path string or the photo itself.

if you are saving the path, you need to post the upload processing code for us to review. If you are saving the photo into the database, you need to use blob in the database and base64 encode the image file.

0

Sorry for the delay i ddnt know that the activation email was going on ht junk folder. I didnt posted the php code because i dont think thats wrong. Here it is

<?php
include_once('includes.php');
$file_exts = array("jpg", "bmp", "jpeg", "gif", "png");
$upload_exts = end(explode(".", $_FILES["event_img"]["name"]));
if ((($_FILES["event_img"]["type"] == "image/gif")
|| ($_FILES["event_img"]["type"] == "image/jpeg")
|| ($_FILES["event_img"]["type"] == "image/png")
|| ($_FILES["event_img"]["type"] == "image/pjpeg"))
&& ($_FILES["event_img"]["size"] < 2000000)
&& in_array($upload_exts, $file_exts))

move_uploaded_file($_FILES["event_img"]["tmp_name"],
'c:\wamp\www\wall/uploads/photos/events/' . $_FILES["event_img"]["name"]);


if(isset($_POST['Events']))
{
$event_id=mysql_real_escape_string($event_id);
$uid=mysql_real_escape_string($uid);
$title = $_POST['event_title'];
$date = $_POST['datetimepicker'];
$venue= $_POST['venue_name'];
$name = $_POST['event_img'];
$query = mysql_query("INSERT INTO events (event_id, user_id, event_title, event_date, venue_name, event_img) VALUES ('$event_id', '$uid', '$title', '$date', '$venue', '$name')") or die(mysql_error());
}
?>
0

c:\wamp\www\wall/uploads/photos/events/

That strikes me as odd, you've got backward slashes and forward slashed mixed up.

Best just to go with forward slashes and with that it should be more OS compliant - either windows or unix.

1

You should escape ALL input ($_POST) variables if you use them in mysql queries. Alternatively use bound parameters with prepared statements in PDO or mysqli.

I'm a bit confused as to saving the path to DB.

$name = $_POST['event_img'];

Does not exist, does it? Wouldn't it be...

$name = 'uploads/photos/events/' . $_FILES['event_img']['name'];
Votes + Comments
yup
1

^^or just $_FILES['event_img']['name'];

Not good practice to save the path as well in case it might change sometime into the future.

Edited by iamthwee

0

That's true, the full path would have to change in all records if you did change the upload directory at some point.

This question has already been answered. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.