-3

Good Day, i got a edit output codes here, Picture is not change but only getting the target_dir on database here is my code .. thanks in advance guys

here the code for the input 

<b>Select file to upload:</b></br></br>


   <img id="output"/ width="200" height="200" src="<?php echo $row['StdImage']; ?>">
   <input type="file" class="btn btn-primary"  name="stdimage" accept="image/*" onchange="loadFile(event)">

here is the code for the output, 

<?php include 'db.php'; 
$id= $_POST['id'];
if(isset($_POST['send'])){

$Stdid_one = htmlspecialchars($_POST['txtID']);
$Lname = htmlspecialchars($_POST['txtLname']);
$Fname = htmlspecialchars($_POST['txtFname']);
$Mname = htmlspecialchars($_POST['txtMname']);
$Track = htmlspecialchars($_POST['track_type']);
$track_id = htmlspecialchars($_POST['txttrackid']);
$YearLvl = htmlspecialchars($_POST['txtgrade']);
$Bday = htmlspecialchars($_POST['txtBday']);
$BirthPlace = htmlspecialchars($_POST['txtBplace']);
$MTongue = htmlspecialchars($_POST['txtMtongue']);
$IP = htmlspecialchars($_POST['txtIp']);
$Religion = htmlspecialchars($_POST['txtReligion']);
$Street = htmlspecialchars($_POST['txtStreet']);
$Barangay = htmlspecialchars($_POST['txtBrgy']);
$Munic = htmlspecialchars($_POST['txtMunic']);
$Province = htmlspecialchars($_POST['txtProv']);
$Gender = htmlspecialchars($_POST['rbgender']);
$Father = htmlspecialchars($_POST['txtfather']);
$Mother = htmlspecialchars($_POST['txtmother']);
$Guardian = htmlspecialchars($_POST['txtGuard']);
$GuardRelation = htmlspecialchars($_POST['txtGuardRelation']);
$Contact = htmlspecialchars($_POST['txtcontact']);
$Remarks = htmlspecialchars($_POST['txtRemarks']);
$formone= htmlspecialchars($_POST['chkfone']);
$envelope= htmlspecialchars($_POST['chkenvelope1']);
$onebyone= htmlspecialchars($_POST['chk1x1']);
$birth= htmlspecialchars($_POST['chkbirth']);
$twocopies= htmlspecialchars($_POST['chk2copies']);
$ncae= htmlspecialchars($_POST['chkncae']);
$goodmoral= htmlspecialchars($_POST['chkgoodmoral']);
$formtwo= htmlspecialchars($_POST['chkform137']);
$diploma= htmlspecialchars($_POST['chkdiploma']);
$bothpic= htmlspecialchars($_POST['chkbothpic']);
$except= htmlspecialchars($_POST['chkexcept']);

$target_dir = "StdImage/";
$file = basename($_FILES["stdimage"]["name"]);
$target_file = $target_dir . basename($_FILES["stdimage"]["name"]);
$uploadOk = 1;
$imageFileType = pathinfo($target_file,PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if(isset($_POST["submit"])) {
    $check = getimagesize($_FILES["stdimage"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }
}
// Check if file already exists
if (file_exists($target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}
// Check file size
if ($_FILES["stdimage"]["size"] > 500000000000) {
    echo "Sorry, your file is too large.";
    $uploadOk = 0;
}
// Allow certain file formats
if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
&& $imageFileType != "gif" ) {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file was not uploaded.";
// if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["stdimage"]["tmp_name"], $target_file)) {
        echo "The file ". basename( $_FILES["stdimage"]["name"]). " has been uploaded.";
    } else {
        echo "Sorry, there was an error uploading your file.";
    }
}

$sql2 ="UPDATE tblstdpro SET StdImage='$target_file', Lname='$Lname', Fname='$Fname', Mname='$Mname', Track='$Track', track_id='$track_id', YearLvl='$YearLvl', Bday='$Bday', Birthplace='$BirthPlace', MTongue='$MTongue', IP='$IP', Religion='$Religion', Street='$Street', Barangay='$Barangay', Munic='$Munic', Province='$Province', Gender='$Gender', Father='$Father', Mother='$Mother', GuardianName='$Guardian', GuardRelation='$GuardRelation', Contact='$Contact', Remarks='$Remarks', form138='$formone', envelope1='$envelope', 1x1picture='$onebyone', psa='$birth', 2x2picture='$twocopies', ncae='$ncae', goodmoral='$goodmoral', form137='$formtwo', diploma='$diploma', bothpicture='$bothpic', alloriginal='$except' WHERE StdID ='$Stdid_one'";

$db->query($sql2);

header('location: StudentDatabase.php');

}
?>

it updates all except the picture , earlier it says files already exist. but in adding new data it uploads but in edit it just get the target_dir

Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
Byron Mataya
  • 3
  • 3
  • What is not getting updated? Is it the database or the file itself? – Cemal Feb 25 '18 at 19:22
  • you should move `$sql2 ="UPDATE tblstdpro SET StdImage='$target_file', Lname='$Lname', Fname='$Fname', Mname='$Mname', Track='$Track', track_id='$track_id', YearLvl='$YearLvl', Bday='$Bday', Birthplace='$BirthPlace', MTongue='$MTongue', IP='$IP', Religion='$Religion', Street='$Street', Barangay='$Barangay', Munic=..'"; $db->query($sql2);` to up, inside brackets of `move_uploaded_file(..` – Cemal Feb 25 '18 at 19:28
  • The upload is not updating in database but the picture goes to the folder , and database only.get the target_directory – Byron Mataya Feb 26 '18 at 01:52
  • I meanthe file uploaded it doesnt go to the folder of the directory and in database it never write the name of the image – Byron Mataya Feb 26 '18 at 02:20
  • what's the status of *this* question? Someone posted an answer below but you either didn't accept it or commented under it. @ByronMataya – Funk Forty Niner Mar 06 '18 at 13:03

1 Answers1

0

There were couple of errors, and redundant function calls, but your main problems were executing the query regardless of the outcome of upload, and setting relative paths where absolute paths were needed. below is a fixed version of your code, some parts skipped. Also I strongly advise you to use prepared statements to avoid sql injection

$dir = dirname(__FILE__) . '/';
$target_dir =  'StdImage/';
$file = basename($_FILES["stdimage"]["name"]);
$target_file = $target_dir . $file;
$uploadOk = 1;
$imageFileType = $_FILES["stdimage"]["type"];

//....

// Check if file already exists
if (file_exists($dir.$target_file)) {
    echo "Sorry, file already exists.";
    $uploadOk = 0;
}

//..

$allowed_mime_types = array('image/jpeg', 'image/jpg', 'image/png', 'image/gif');

// Allow certain file formats
if (!in_array($imageFileType, $allowed_mime_types)) {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
}



// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
    echo "Sorry, your file was not uploaded.";
    // if everything is ok, try to upload file
} else {
    if (move_uploaded_file($_FILES["stdimage"]["tmp_name"], $target_file)) {
        echo "The file " . $file . " has been uploaded.";
        $sql2 = "UPDATE tblstdpro SET StdImage='$target_file', Lname='$Lname', Fname='$Fname', Mname='$Mname', Track='$Track', track_id='$track_id', YearLvl='$YearLvl', Bday='$Bday', Birthplace='$BirthPlace', MTongue='$MTongue', IP='$IP', Religion='$Religion', Street='$Street', Barangay='$Barangay', Munic='$Munic', Province='$Province', Gender='$Gender', Father='$Father', Mother='$Mother', GuardianName='$Guardian', GuardRelation='$GuardRelation', Contact='$Contact', Remarks='$Remarks', form138='$formone', envelope1='$envelope', 1x1picture='$onebyone', psa='$birth', 2x2picture='$twocopies', ncae='$ncae', goodmoral='$goodmoral', form137='$formtwo', diploma='$diploma', bothpicture='$bothpic', alloriginal='$except' WHERE StdID ='$Stdid_one'";

        $db->query($sql2);
    } else {
        echo "Sorry, there was an error uploading your file.";
    }
}
Cemal
  • 1,469
  • 1
  • 12
  • 19