<?php
session_start();
require "database.php";
$db = new database();
$operation = $_REQUEST['action'];
$file = uniqid() . " - " . $_FILES['document']['name'];
$result = move_uploaded_file(
$_FILES['document']['tmp_name'],
"uploads/" . $file );
switch ($operation)
{
case 'Add':
$name = $_REQUEST['name'];
$image = "uploads/" . $file;
$result = $db->insert($name,$image);
break;
case 'update':
$id = $_SESSION['user_id'];
$name = $_REQUEST['name'];
$image = "uploads/" . $file;
$result = $db->update($id,$name,$image);
break;
case 'delete':
$result = $db->delete($_REQUEST['id']);
break;
default:
echo "invalid request";
break;
}
header("Location:display.php");
?>
Asked
Active
Viewed 116 times
-2
Rajdeep Paul
- 16,887
- 3
- 18
- 37
Abhishek Pansuriya
- 13
- 3
-
2Please update your question and explain what issue you are facing, your current vs. expected result etc. – Rajdeep Paul Jul 29 '18 at 20:52
-
@Rajdeep Paul name and image update successfully, but when i am only name edit and not edit image then image blanck on table... – Abhishek Pansuriya Jul 30 '18 at 21:46
-
public function update($id,$name,$image) { $query = "UPDATE `customers` SET name='$name', image ='$image' WHERE id=$id"; return mysqli_query($this->connect,$query); } – Abhishek Pansuriya Jul 30 '18 at 21:47
-
@AbhishekPansuriya I've given an answer below. Hopefully that will resolve your issue. – Rajdeep Paul Jul 31 '18 at 01:44
-
@Rajdeep Paul, tahnk u , my query is solved – Abhishek Pansuriya Jul 31 '18 at 09:02
-
@AbhishekPansuriya You have been given two answers below, accept one of the answers to close the question. And if you have solved on your own then write an answer an accept it, otherwise this question will be floating around as *open* question. [How to accept answer on Stack Overflow?](https://meta.stackexchange.com/a/5235) – Rajdeep Paul Aug 03 '18 at 08:57
1 Answers
0
Use is_uploaded_file() function to check whether a file is uploaded with the form or not. So accordingly, change your code in the following way,
...
$operation = $_REQUEST['action'];
$file = null;
if(is_uploaded_file($_FILES['document']['tmp_name'])){
$file = uniqid() . " - " . $_FILES['document']['name'];
$result = move_uploaded_file($_FILES['document']['tmp_name'], "uploads/" . $file );
}
switch($operation){
case 'Add':
$name = $_REQUEST['name'];
$image = ($file == null) ? null : "uploads/" . $file;
$result = $db->insert($name,$image);
break;
case 'update':
$id = $_SESSION['user_id'];
$name = $_REQUEST['name'];
$image = ($file == null) ? null : "uploads/" . $file;
$result = $db->update($id,$name,$image);
break;
case 'delete':
...
}
...
And your update method would be like this,
public function update($id, $name, $image) {
$query = "UPDATE customers SET name='$name'";
if($image != null){
$query .= ", image ='$image'";
}
$query .= " WHERE id=$id";
return mysqli_query($this->connect,$query);
}
Sidenote: Learn about prepared statement because right now your query is susceptible to SQL injection attack. Also see how you can prevent SQL injection in PHP.
Rajdeep Paul
- 16,887
- 3
- 18
- 37