0

This is my code and I want to upload images along with other info like email password etc. but it is not working.

<?php
$target_dir = "uploads/";
include("include/connect.php");
$target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
        $name = $_POST['name'];
        $email = $_POST['email'];
        $password = $_POST['password'];
        $repassword = $_POST['repassword'];
        $sql="INSERT INTO student ('name', 'email',    'password','repassword','pic')
        VALUES ('name' , 'email' ,'password' ,'repassword' ,'pic')";

        $res=mysqli_query($con,$sql);
        var_dump($res);

    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    } 
}
?>

This is my code and it is not working.

Edit

From a comment by OP

<form action="upload.php" enctype="multipart/form-data" id="insert" method="post" name="insert">
    USERNAME:<input name="name" type="text" value=""><br>
    EMAIL-ID:<input name="email" type="text" value=""><br>
    PASSWORD:<input name="password" type="password" value=""><br>
    RE-PASSWORD:<input name="repassword" type="password" value=""><br>
    <br>
    <input id="fileToUpload" name="fileToUpload" type="file"><br>
    <input name="hdn" type="hidden" value="hdn"><br>
    <input name="submit" type="submit" value="submit"><br>
</form>
Community
  • 1
  • 1
Uthman
  • 1
  • 1

2 Answers2

0

Your query is incorrect on 2 points;

  • You're quoting column names
  • You're using static values (incorrect because in this scenario, your values should be dynamic)

Quoting column names

The following will result in a query error - thus your query will not execute and a record will be inserted into the database.

INSERT INTO student ('name', 'email','password','repassword','pic')

If you want to quote your column names, use a backtick (`).

INSERT INTO student (`name`, `email`,`password`,`repassword`,`pic`)

Static values

You're inserting static values. Use your variables.

$sql="INSERT INTO student (`name`, `email`,    `password`,`repassword`,`pic`)
        VALUES ('{$name}' , '{$email}' ,'{$password}' ,'{$repassword}' ,'{$pic}')";

NOTE: This is very insecure, and you should be;

Community
  • 1
  • 1
ʰᵈˑ
  • 11,279
  • 3
  • 26
  • 49
  • Thank you and i tried all that but still the result is futile – Uthman Apr 14 '15 at 11:52
  • Okay, please see: http://stackoverflow.com/questions/29624107/how-to-upload-image-in-same-form-with-other-features-to-database/29624613?noredirect=1#comment47391824_29624107 – ʰᵈˑ Apr 14 '15 at 11:53
-1

check below function if there is any error in your query.

mysqli_error($con);

Use below code to upload a file.

if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {<br/>
        echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has <br/>been uploaded.";
    } else {<br/>
        echo "Sorry, there was an error uploading your file.";<br/>
    }
ʰᵈˑ
  • 11,279
  • 3
  • 26
  • 49
ajit
  • 86
  • 6