I am trying to allow users to upload a profile image for my site. The file upload part works fine (although there is nothing deterring them form uploading a non-image file). However I can't get it to update the "profile" row in the mysql database. I think it has something to do with the $_SESSION['user_id'] but I'm not sure. Any ideas why it wont update the row?
<?php
if(isset($_POST['submit'])){
$temp = explode(".",$_FILES["file"]["name"]);
$newfilename = ('ProfileImage') . rand(1,99999) . '.' .end($temp);
move_uploaded_file($_FILES['file']['tmp_name'],"images/profile/" . $newfilename);
$con = mysqli_connect("localhost","root","","testsite");
$q = mysqli_query($con,"UPDATE user SET profile = '".$newfilename."' WHERE username = '".$_SESSION['user_id']."'");
}
?>
<form action="" method="post" enctype="multipart/form-data" name="">
<input type="file" name="file" required>
<input type="submit" name="submit" value="Update Image">
</form>
Just in case you need to see this, this is the "functions.php" page where $_SESSION['user_id'] is defined:
<?php
@session_start();
function loggedin(){
if(isset($_SESSION['user_id']) && !empty($_SESSION['user_id'])){
return true;
} else {
return false;
}
}
function getuser($id, $field){
$query = mysql_query("SELECT $field FROM user WHERE UserID='$id'");
$run = mysql_fetch_array($query);
return $run[$field];
}
?>