0

I'm currently trying to create a gallery upload page that allows users to select a album along with the album id being the value in the dropdown menu. On selecting their chosen album, the image is then uploaded and the data such as the image URL, ID, date and album added to a table. I've managed to get up to the stage of adding the album ID to my table although I'm having trouble with posting the value defined by the user in the dropdown menu.

I receive this error upon uploading an image:

Could not run query: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '[album]' at line 1

Any help would be much appreciated as MySQL isn't really an area I'm knowledgeable in, thanks :)!

My form : 

<form action="assets/includes/upload.php" method="post" enctype="multipart/form-data">
    <select name="album">
         <? uploadList(); ?>
    </select><br>
    <input type="file" name="file" id="file" style="margin-top:37px; margin-left: 3px;"><br>
    <input type="submit" name="submit" value="Submit" class="btn btn-primary" style="margin-left: 57px;">
</form>

The function carried out on the upload.php page: 

function imageUpload() {
$id = ('$_POST[album]'); /////////// Focus being on this section ///////////        
$con = mysql_connect("localhost","$username","$password");
mysql_select_db("$dbname", $con);
if (!$con)
  {
  die('Could not connect: ' . mysql_error());
  }
    $query2 = mysql_query("SELECT id,title,date FROM galleries WHERE id = $id");
    if (!$query2) {
        echo 'Could not run query: ' . mysql_error();
        exit;
    }
 $row = mysql_fetch_row($query2);
$allowedExts = array("jpg", "jpeg", "gif", "png");
$extension = end(explode(".", $_FILES["file"]["name"]));
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/pjpeg"))
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";

    if (file_exists("../../images/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      $file = $_FILES["file"]["name"];
      move_uploaded_file($_FILES["file"]["tmp_name"],
      "../../images/" . $_FILES["file"]["name"]);
      $sql="INSERT INTO images (url, gallery)
        VALUES
      ('$file','$id')";

if (!mysql_query($sql,$con))
  {
  die('Error: ' . mysql_error());
  }
      }
    }
  }
else
  {
  echo "Invalid file";
  }

}

Lion
  • 18,729
  • 22
  • 80
  • 110

1 Answers1

1

In the second line of your PHP you have $id = ('$_POST[album]');. What's happening here is just "filling" $id with the literal string '$_POST[album]'. You need to change it so it becomes:

$id = intval($_POST['album']);

Now you're reading the value of album from the global $_POST array.

Please note that your code is vulnerable to SQL Injection, please take the appropriate measures to mitigate it. I added intval() for you as a basic protection while you read more about the subject.

Community
  • 1
  • 1
Adi
  • 5,089
  • 6
  • 33
  • 47