0

I haven't coded in well over a year so please be gentle!

I have wrote a form that sends an e-mail to the admin, using a sendmail script, and uploads any images to a folder in a website and records the path into a database table. The sendmail script works and images are stored in the uploads folder of my website but the path isn't recorded and the insert query records the following error :

Query was: INSERT INTO englisharabicimages VALUES ('','uploads/milkshake.png'). Error:

I know I'm probably missing something very basic but it's been a long time since I dabbled with php. I can't figure out what I'm doing wrong.

<?php
//connect to database, check login credentials, declare message variables
include "connect.php";
error_reporting(E_ERROR);
require_once('sendmail.php');
$message = $_GET['message'];

//function to check for valid image formats
function upload($file_upload, $dir){
$url ='';  
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$file = finfo_file($finfo, $file_upload["tmp_name"]);

$allowedExts = array("gif", "jpeg", "jpg", "png", "pdf", "PDF", "doc", "DOC",     "docx", "DOCX", "JPG", "JPEG", "PNG", "GIF");
$temp = explode(".", $file_upload["name"]);
$extension = end($temp);
if ((($file == "image/gif")
|| ($file == "image/jpeg")
|| ($file == "image/jpg")
|| ($file == "image/pjpeg")
|| ($file == "image/x-png")
|| ($file == "image/png"))
|| ($file == "application/pdf")
|| ($file == "application/msword")
|| ($file == "application/vnd.openxmlformats-    officedocument.wordprocessingml.document")
&& ($file_upload["size"] < 7000000)
&& in_array($extension, $allowedExts))
{
if ($file_upload["error"] > 0){
$message = "An error occurred: " . $file_upload["error"] . "<br>";
}
else{
$path = $dir . $file_upload["name"];
move_uploaded_file($file_upload["tmp_name"],$path);
}
}
else
{
$message = "Wrong format";
}

return $path;
}

$projectdetailsErr = $emailErr = $dateErr = "";
$projectdetails = $email = $date = "";

function validate_input($data)
{
$data = trim($data);
$data = stripslashes($data);
$data = htmlspecialchars($data);
return $data;
}

if (isset($_POST['Submit']))
{
$has_errors = false;
if (!empty($_POST["projectdetails"])) {$projectdetails =     validate_input($_POST["projectdetails"]);}
if (!empty($_POST["email"])) {$email = validate_input($_POST["email"]);}
if (!empty($_POST["date"])) {$date = validate_input($_POST["date"]);}

if (!$has_errors)
{
$Link = mysql_connect($Host, $User, $Password);
$path = upload($dir);
if(!empty($_FILES) && is_array($_FILES)){
$path = upload($_FILES["image"], "uploads/");
}       
$Query = "INSERT INTO englisharabicimages VALUES     ('','".mysql_escape_string($path)."')";
} else {

die("Query was: $Query. Error: ".mysql_error($Link));
}

if($sql = mysql_db_query ($DBName, $Query, $Link)) {
$message = "Thank you for your enquiry.";
header("Location: index.php?message=".urlencode($message));
} else {
die("Query was: $Query. Error: ".mysql_error($Link));
}

}
?>
MBM
  • 127
  • 12
  • Please post the complete error message. Also, don't use `mysql_*` functions, they are deprecated as of PHP 5.5 and are removed altogether in PHP 7.0. Use [`mysqli`](http://php.net/manual/en/book.mysqli.php) or [`pdo`](http://php.net/manual/en/book.pdo.php) instead. [And this is why you shouldn't use `mysql_*` functions](http://stackoverflow.com/questions/12859942/why-shouldnt-i-use-mysql-functions-in-php). – Rajdeep Paul Jan 21 '17 at 09:48
  • Noted. Thanks. This is the full message : Query was: INSERT INTO englisharabicimages VALUES ('','uploads/milkshake.png'). Error: – MBM Jan 21 '17 at 09:57
  • May I know why you're inserting blank string `''` in the first column? Make sure it can take *that* value. – Rajdeep Paul Jan 21 '17 at 10:02
  • The first column is a primary key. I used the script previously, it worked, but this is a new database and a new connect script. – MBM Jan 21 '17 at 10:03
  • That's where the problem lies. You should not insert empty string in primary key column, By the definition, primary key uniquely identifies a particular row. So either make that column *auto increment* or put unique value for every row inserted. – Rajdeep Paul Jan 21 '17 at 10:08
  • It does auto increment. – MBM Jan 21 '17 at 10:09
  • 1. You didn't include any error message with your question, as I asked before. See, there's nothing after `... Error: `. 2. I'm suspecting the dot(`.`) after the query is causing this issue. Echo out the query to debug it further, do `echo $Query;` to see the actual query, and make sure it's correct. – Rajdeep Paul Jan 21 '17 at 10:20
  • echo $Query; doesn't return anything, there is no error message beyond what I posted. – MBM Jan 21 '17 at 20:24

0 Answers0