How to create a video upload and playback file using php and msql

Question

I have the following code that allows me to upload a file to a database but I have cannot get that file to playback on my html page:

<!DOCTYPE html>
<html>
<head>


<link href="site.css" rel="stylesheet">
<title>A</title>

<meta http-equiv="content-type" content="text-html; charset=utf-8">
</head>
<body style="background-color:black">

<?php

define('DB_Name', 'gaufensr_abs3x');
define('DB_User', 'gaufensr_owner');
define('DB_Password', 'Mlee@0407');
define('DB_Host', 'localhost');

$link = mysql_connect(DB_Host, DB_User, DB_Password);

if (!$link) {
      die('could not connect:' . mysql_error());

}

$db_selected = mysql_select_db(DB_Name, $link);

if (!@db_selected) {
    die('can\t use' . DB_Name. ': ' . mysql_error());

}

echo 'CONNECTED SUCCESSFULLY';

$value = $_Post['submit'];

$sql = "INSERT INTO videos (video_name) VALUES ('$value')";

if (!mysql_query($sql)) {
     die('ERROR: ' .mysql_error());

}

mysql_close();

?>

<?php

if (isset($_GET['id']))
{
      $id = $_GET['id'];
      $query = mysql_query("SELECT * FROM 'videos' WHERE id='$id'");
       while($row = mysql_fetch_assoc($query))
       {
             $id = $row['id'];
         $video_name = $row['video_name'];      
       }

    echo "You are watching " .$video_name. "<br />";
    echo "<embed src='$id' width='560' height='315'></embed>";

}

else
{

   echo "Error!";

}

?>


</body>
</html>

When i upload a file I get the following error:CONNECTED SUCCESSFULLY Error! I am just learning php and mysql; Any help would be great. Thanks in advance you guys.

why wasn't this question closed; is it still open and why? – Funk Forty Niner May 05 '15 at 01:18 — Funk Forty Niner, May 05 '15 at 01:18

score 1 · Answer 1 · edited May 23 '17 at 12:14

Firstly, you're using the incorrect identifiers for your table, being regular single quotes.

FROM 'videos'

Those should be ticks or none at all.

FROM `videos`

Having used or die(mysql_error()) to mysql_query() would have signaled the syntax error.

Sidenote: Your present code is open to SQL injection. Use mysqli with prepared statements, or PDO with prepared statements, they're much safer.

Then this $_Post that should be in uppercase $_POST is a superglobal.

http://php.net/manual/en/language.variables.superglobals.php

Plus, you are closing your DB connection too early with mysql_close(); where you have it placed now.

Place it after your queries, at the end of your code. That could have adverse effects.

Your conditional statement if (isset($_GET['id'])){...} could also play a part in all this.

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// rest of your code

Sidenote: Error reporting should only be done in staging, and never production.

How to create a video upload and playback file using php and msql

1 Answers1