0
<script type="text/javascript">
    $('#t').on('click','#btns',function() {
        var id = $(this).attr('data-id');
        var image = $(this).attr('data-image');

        $('#dats').val(id);
        $('#Mimage').val(image);
    });
    $(document).ready(function() {
        $.ajax({
            type: "POST",
            url: "query1.php",
            success: function(data) {
                var parsed = $.parseJSON(data);
                $.each(parsed, function(i,parsed) {
                    $('#t').append('<tr><td>'+parsed.id+'</td><td id="edi"><img src="upload/'+parsed.image+'" height = "50px" width = "50px"></td><td>'+'<button class="button info" name="btn" data-toggle="modal" data-target="#Mpn" id="btns" data-id="'+parsed.id+'" data-image="'+parsed.image+'">Edit</button>'+'<button class="button info1" name="btn" data-toggle="modal" data-target="#Mpd" id="btns"  data-id="'+parsed.id+'"  data-image="'+parsed.image+'">Delete</button>'+'</td></tr>');
                });
            }
        });
        $('body').on('click','#update',function(e) {
            alert("hi");
            var id = $('#dats').val();
            alert(id);
            var images = $('#Limage').val();
            alert(images);
            $.ajax({
                type:"POST",
                url:"upd.php",
                data:{mode:'upd',id:id,images:images},
                success:function(data){
                    alert(data);
                    alert("successfully updated");
                }
            });
        });
    });
</script>
<!Doctype html>
<html>
    <head>
        <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
        <script src = "https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js"></script>
        <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js"></script>
    </head>
    <body>
        <div class="modal fade" id="Mpn" tabindex="-1" role="dialog" aria-labelledby="edit-modal-label">
            <div class="modal-dialog" role="document">
                <div class="modal-content">
                    <form class="form-horizontal" id="edit-form">
                        <input type="hidden" id="dats" name="id" >
                        <div class="modal-header">
                            <button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
                            <h4 align="center" class="modal-title" id="edit-modal-label" >Save Changes</h4>
                        </div>
                        <div class="modal-body">
                            <div class="form-group" enctype="multipart/form-data">
                                <label for="username" class="col-sm-2 control-label">Image</label>
                                <div class="col-sm-10">
                                    <input type="text" class="form-control" id="Mimage" name="image" />
                                    </br>
                                   <input type="file" class="form-control" id="Limage" name="image"  placeholder=""required>
                                </div>
                            </div>
                            <div class="modal-footer">
                                <button type="button" class="btn btn-default" data-dismiss="modal">Close</button>
                                <button type="submit" class="btn btn-primary"  name="update"  id="update">Update</button>
                            </div>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </body>
</html>

<?php
    if(($_POST['mode'])=='upd') {
        $id = $_POST['id'];
        echo $id;
        $images = $_POST['images'];
        echo $images;

        $query = mysqli_query($con,"UPDATE image SET image = '$images' WHERE id = '".$_POST["id"]."'");
        <img class="img-responsive" src= "upload/3.jpg" alt="image" id="Mimage" name="image" />
        if($query == true) {
            echo "File Uploaded";
        }
    }
?>

Context: This code is to update the image in the database.This is not working properly when i uploading the image the image enters into the database but as C:fakepathimg.jpg.It is not entering into the actual folder.If it is get rid of fake path the image will be updated.The image displays as fakepath.If the path is correct i think the the image will be updated.

Aseider
  • 5,875
  • 1
  • 14
  • 25
Amal
  • 13
  • 4
  • 1
    Your code is vulnerable to [**SQL injection**](https://en.wikipedia.org/wiki/SQL_injection) attacks. You should use prepared statements with bound parameters, via either the [**mysqli**](https://secure.php.net/manual/en/mysqli.prepare.php) or [**PDO**](https://secure.php.net/manual/en/pdo.prepared-statements.php) drivers. [**This post**](https://stackoverflow.com/questions/60174/how-can-i-prevent-sql-injection-in-php) has some good examples. – Alex Howansky Nov 25 '17 at 16:41
  • What does your `upd.php` look like as well as `query1.php`? – JeanPaul98 Nov 25 '17 at 18:57

0 Answers0