PHP errors Unknown column 'Array' in 'field list' and Warning: mysql_query() expects parameter 1 to be string?

Question

I am creating a social network and want users to upload their profile pictures to mysql database, and have been trying for days but I always get these errors:

"Warning: mysql_query() expects parameter 1 to be string, resource given in /home/gowemtoc/public_html/uploadpic.php on line 25" and "Unknown column 'Array' in 'field list'" please tell me whats wrong I've been trying for days and can't find whats wrong :/ here is my code

<?php
session_start();
if(isset($_SESSION['myusername'])){
$showusername=$_SESSION['myusername'];}
$showcap = strtolower($showusername);
$mysql_host ="localhost";
$mysql_database="database";
$mysql_user="gowemto_me";
$mysql_password="password";
$usercheck=$_GET['user'];
$link=mysql_connect("$mysql_host","$mysql_user","$mysql_password","mysql_database");
mysql_connect("$mysql_host","$mysql_user","$mysql_password")or die("cannot connect");
mysql_select_db("$mysql_database")or die("cannot select DB");
$result = mysql_query("SELECT * FROM Registered WHERE myusername = '$usercheck'");
if($result === FALSE) {
die(mysql_error());
}
$image = $_FILES['myprofilepicture'];

print_r ($image);

$query=mysql_query("UPDATE Registered set myprofilepicture=$image where    myusername='$showusername'");


if (!$result = mysql_query($link, $query)){die('Error occured' .mysql_error($link));}

$id = (int) mysqli_insert_id($link);
exit;

?>

score 0 · Answer 1 · answered Jul 25 '13 at 01:12

Don't you supposed to have this:

mysql_query("SELECT * FROM Registered WHERE myusername = '{$usercheck}'")
// missing curly brackets

instead of

mysql_query("SELECT * FROM Registered WHERE myusername = '$usercheck'") ?

And same goes for other mysql_query() formats.

score 0 · Answer 2 · edited May 23 '17 at 11:57

There's a list of errors here.

 $image = $_FILES['myprofilepicture'];

This will just assign an array to your $image variable. It will not give you a filename as expected. You need ['tmp_name'] at least, but ought to move it elsewhere first. See http://www.php.net/manual/en/features.file-upload.post-method.php

Your query also lacks quotes around the interpolated string:

 $query=mysql_query("UPDATE Registered set myprofilepicture=$image where    myusername='$showusername'");

Such your query will become set myprofilepicture=Array at best. But you need myprofilepicture='/tmp/Whatever'.

And lastly, you are invoking mysql_query() twice. Either you assign the SQL command only to your $query variable:

 $query = "UPDATE Registered ...";

Or remove the second mysql_query in the if.

And then you can't mix in mysqli_insert_id, when you used mysql_ functions before.

Don't forget to apply mysql_real_escape_string() on all interpolated strings, if you want to keep using this dated database interface.

PHP errors Unknown column 'Array' in 'field list' and Warning: mysql_query() expects parameter 1 to be string?

2 Answers2