not insert into particular field and parrticular name

Question

i want to insert picture in particular name but there is no insert and some facing error

my table like this

how can insert pic in front of particular name

config.php file is

<?php
session_start();

$db = new mysqli('localhost','root','','dharmesh'); 
?>

and code is here :

<?php
include_once('config.php');
if(isset($_POST['family_member_btn'])) {

            $family_member = $_POST['family_member'];

}
if(isset($_POST["submit4"])) {
    for($i=0;$i<$_POST['num'];$i++) {

        $insert = $db->query("INSERT into `multiple_insert` (`f_name`,`m_name`,`l_name`,`birth_date`) values ('".$_POST['f_name'][$i]."','".$_POST['m_name'][$i]."','".$_POST['l_name'][$i]."','".$_POST['b_date'][$i]."')");

        if($insert) {
            echo "<script>alert('insert successfully');</script>";
        } else {
            echo "<script>alert('!!!insert unsuccessfully');</script>";

        }
    }
}

if(isset($_POST["upload"])) {
    for($i=0; $i<$_POST['img'];$i++) {

        $imag = $_FILES['f_name_pic']['name'][$i];
        $tmp = $_FILES['f_name_pic']['tmp_name'][$i];
        $dir = "images/".$imag;
        move_uploaded_file($tmp,$dir);

        $query = $db->query("UPDATE `multiple_insert` SET `picture`='$dir' WHERE f_name='".$_POST['f_name'][$i]."' where user_id='1'");
    }
}
?>




<html>
<head>
<title>
</title>
</head>
<body>
<form method="post" action="">
<?php

$select  = $db->query("SELECT * from multiple_insert where user_id='1'");
while($select_f_name = $select->fetch_assoc()){
    echo "<input type='hidden' value='1' name='img' />";
    echo "<p style='background-color:red;color:yellow;width:5%;'>".$select_f_name['f_name']."</p>";
    echo "<span><input type='file' name='f_name_pic[]' /></span><br><br>";

}
echo "<button name='upload'>Uplaod</button><br><br>";
?>      


        <label><font size="2">HOW MANY MEMBER IN YOUR FAMILY ?</font></label><br><br>
        <input type="text" name="family_member" class="form-control" />
        <button type="submit" name="family_member_btn" class="btn btn-lg btn-info"  /><span>SUBMIT</span></button><br><br>

        <?php
            for($i=1;$i<=$family_member;$i++) {

        ?>
        <input type="hidden" value="<?php echo $family_member;?>" name="num" />
        <label><b><?php echo "RECORED # &nbsp;".$i;?></b></label><br>
        <label><font size="2">First Name</font></label>
        <input type="text" name="f_name[]" class="form-control"   /><br>
        <label><font size="2">Middle Name</font></label>
        <input type="text" name="m_name[]" class="form-control"  ><br>
        <label><font size="2">Last name</font></label>
        <input type="text" name="l_name[]" class="form-control"  /><br>

        <label><font size="2">birthdate</font></label>
        <input id="datepicker3" class="form-control" name="b_date[]" type="text" />

        <hr style="border:solid 2px rgba(0,0,0,0.2);">
        <?php } ?>  
<button class="btn btn-info  btn-cons from-left  pull-right" type="submit" name="submit4">
<span>SUBMIT</span>
</button>       
</form>
</body>
</html>

how can i done this please send me updated code for this...

i want to add picture in front of particular name like in front of dharmesh.....and user_id is 1 but not in jignesh only in dharmesh — Dharmesh, Jun 28 '17 at 13:32
Your script is at risk of [SQL Injection Attack](http://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) Have a look at what happened to [Little Bobby Tables](http://bobby-tables.com/) Even [if you are escaping inputs, its not safe!](http://stackoverflow.com/questions/5741187/sql-injection-that-gets-around-mysql-real-escape-string) Use [prepared parameterized statements](http://php.net/manual/en/mysqli.quickstart.prepared-statements.php) — RiggsFolly, Jun 28 '17 at 13:33
What do you mean by _"add picture in front of particular name"_? Are you talking about inserting it in the `picture` column in your database? If so, why not just add it to your query, like you have done with the rest of the fields? After you've updated your code to use Prepared Statements, of course. — M. Eriksson, Jun 28 '17 at 13:35
Please read [What topics can I ask about](http://stackoverflow.com/help/on-topic) and [How to ask a good question](http://stackoverflow.com/help/how-to-ask) and [the perfect question](http://codeblog.jonskeet.uk/2010/08/29/writing-the-perfect-question/) and how to create a [Minimal, Complete and Verifiable Example](http://stackoverflow.com/help/mcve) — RiggsFolly, Jun 28 '17 at 13:36
@MagnusEriksson -- well, than that is a different story... from what I read he wanted to add picture **in front of particular name** — Rushikumar, Jun 28 '17 at 13:36
retrieve LAST_INSERT_ID from the insert query. Use that id in your UPDATE query. and move the part processing the image to the location where you put your succes message: it makes no sense processing the image should the insert fail — Ivo P, Jun 28 '17 at 13:37
@Rushikumar When I read this question, I have _no clue_ what the OP actually means, that's why I'm asking... — M. Eriksson, Jun 28 '17 at 13:38
@MagnusEriksson --- Agreed... not clear **AT ALL** in many places... — Rushikumar, Jun 28 '17 at 13:39

score -1 · Answer 1 · answered Jun 28 '17 at 13:35

-1

You cannot do that! The interface you are looking at, is phpMyAdmin---unless you are willing to hack the core code (HIGHLY NOT RECOMMENDED TO MODIFY CORE CODE OF ANY PROJECT!).

answered Jun 28 '17 at 13:35

Rushikumar

1,774
5
18
28

care to explain why the down vote? From what I read he wanted to add picture in front of particular name – Rushikumar Jun 28 '17 at 13:37
So you actually _can_ do that, then? Otherwise, you wouldn't need to recommend anyone _not_ to do it. (I'm not the downvoter). – M. Eriksson Jun 28 '17 at 13:37
Sure... it would look hideous --- AND require modifying phpMyAdmin's core code – Rushikumar Jun 28 '17 at 13:38
1

Sure, your first statement in your answer is still wrong, though. ;-) If that actually was the question, in the first place. I'm guessing that's partially why you got a downvote. It's hard to give a proper answer to a question that hasn't been properly defined. That's what comments are for. – M. Eriksson Jun 28 '17 at 13:40

not insert into particular field and parrticular name

1 Answers1