How to upload multiple images into PHP Mysql

Question

//for image upload
function uploadImage(){
    if((!empty($_FILES["uploaded_file"])) && ($_FILES['uploaded_file']['error'] == 0)) {
        $filename = basename($_FILES['uploaded_file']['name']);
        $ext = substr($filename, strrpos($filename, '.') + 1);
        if(($ext == "jpg" && $_FILES["uploaded_file"]["type"] == 'image/jpeg') || ($ext == "png" && $_FILES["uploaded_file"]["type"] == 'image/png') || ($ext == "gif" && $_FILES["uploaded_file"]["type"] == 'image/gif')){
            $temp = explode(".",$_FILES["uploaded_file"]["name"]);
            $newfilename = NewGuid() . '.' .end($temp);
            move_uploaded_file($_FILES["uploaded_file"]["tmp_name"], ROOT_PATH . '/img/upload/' . $newfilename);
            return $newfilename;
        } else{
            return '';
        }
    }
    return '';
}

Snippet from HTML

<div class="form-group col-md-12">
    <label for="Prsnttxtarea"><?php echo $_data['add_new_form_field_text_15'];?> :</label>
    <img class="form-control" src="<?php echo $image_rnt; ?>" style="height:100px;width:100px;" id="output"/> 
    <input type="hidden" name="img_exist" value="<?php echo $img_track; ?>" />
</div>
<div class="form-group col-md-12">
    <span class="btn btn-file btn btn-default">
        <?php echo $_data['upload_image'];?>
        <input type="file" name="uploaded_file" onchange="loadFile(event)" multiple />
    </span>
</div>

check this answer https://stackoverflow.com/questions/17603685/uploading-multiple-image-files-to-php-mysql-gallery — Hamza, Nov 26 '19 at 10:21
Does this answer your question? [Multiple file upload in php](https://stackoverflow.com/questions/2704314/multiple-file-upload-in-php) — Vimal, Nov 26 '19 at 10:21
What you need to show is the javascript function `loadFile` that handles the actual upload presumably rather than a standard form submit? — Professor Abronsius, Nov 26 '19 at 10:27

score 0 · Answer 1 · edited Nov 26 '19 at 10:47

HTML :

 <input name="upload[]" type="file" multiple="multiple" />

After Post in PHP :

for ($i = 0; $i < count($_FILES['file']['name']); $i++)
        {

        $filename = basename($_FILES['uploaded_file']['name'][$i]);
        $ext = substr($filename, strrpos($filename, '.') + 1);
        $temp = explode(".",$_FILES["uploaded_file"]["name"][$i]);
        $newfilename = NewGuid() . '.' .end($temp);
        move_uploaded_file($_FILES["uploaded_file"]["tmp_name"][$i], ROOT_PATH . '/img/upload/' . $newfilename);
}

score -1 · Answer 2 · answered Nov 26 '19 at 10:27

     <!-- File Upload -->
    <div class="form-group col-md-12" align="center">Files types allowed: JPEG, PNG, JPG, PDF, DOC, DOCX, XLS, XLSX, Max Size: 1.5 MB.
    </div>      
    <div class="form-group col-md-4 ">
        <h4>Attachments</h4>
    </div>  
    <div class="form-group col-md-5">
        <div id="formdiv">
            <div id="filediv" align="center" style="display:block">    <input name="file[]" type="file" id="file"/><br>
            <div id="add_attach"></div></div>
            </div>
        </div>  
    <div class="form-group col-md-3">
        <input type="button" id="add_more_attachment" class="upload" value="Add More Files"/>
    </div>                                              
    <!-- File Upload -->

//file upload
        $j = 0; //Variable for indexing uploaded image
        for ($i = 0; $i < count($_FILES['file']['name']); $i++)
        {
        //loop to get individual element from the array
            $target_path = "../../uploads/"; //Declaring Path for uploaded images
            $validextensions = array("jpeg", "jpg","png","pdf","doc","docx","xlsx","xls","txt","JPEG", "JPG", "PNG","PDF","DOC","DOCX","XLSX","XLS","TXT");  //Extensions which are allowed
            $ext = explode('.', basename($_FILES['file']['name'][$i]));//explode file name from dot(.)
            $file_extension = end($ext); //store extensions in the variable
            $filename=md5(uniqid());
            echo "Filename: ".$filename."</br>";
            $target_path = $target_path .  $filename . "." . $ext[count($ext) - 1];//set the target path with a new name of image
            $j = $j + 1;//increment the number of uploaded images according to the files in array

          if (($_FILES["file"]["size"][$i] < 10000000) && in_array($file_extension, $validextensions)) //Approx 10 MB File size
            {
                if (move_uploaded_file($_FILES['file']['tmp_name'][$i], $target_path))
                {
                    $image_name= $filename. "." . $ext[count($ext) - 1];
                    echo $filename;
                    //Insert Query
                    $query3="INSERT INTO `photo` (module_id,module_name,photo_name) VALUES ('$last_inserted_id','order','$image_name')";

                    //Execute The Query
                    if (mysqli_query($conn, $query3))
                    {
                    $error=1;
                    }
                    echo mysqli_error($conn);
                    //if file moved to uploads folder
                    echo '<br/><br/><span id="noerror">Image uploaded successfully!.</span><br/><br/>';
                    $image_name="";
                    $target_path="";
                }
                else
                {
                    //if file was not moved.
                    echo '<br/><br/><span id="error">please try again!.</span><br/><br/>';
                }
            }
            else
            {
                //if file size and file type was incorrect.
                echo '<br/><br/><span id="error">***Invalid file Size or Type***</span><br/><br/>';
            }
        }

Could you maybe try to explain what the issue was and what you changed to make it work? — brombeer, Nov 26 '19 at 10:35
input has been taken in an array format,and new button (add more files) is used to append the file uploader input,and it has been read in the for loop inside php. — Gaurav Sharma, Nov 26 '19 at 11:36
**Warning:** You are wide open to [SQL Injections](https://php.net/manual/en/security.database.sql-injection.php) and should use parameterized **prepared statements** instead of manually building your queries. They are provided by [PDO](https://php.net/manual/pdo.prepared-statements.php) or by [MySQLi](https://php.net/manual/mysqli.quickstart.prepared-statements.php). Never trust any kind of input! Even when your queries are executed only by trusted users, [you are still in risk of corrupting your data](http://bobby-tables.com/). [Escaping is not enough!](https://stackoverflow.com/q/5741187) — Dharman, Dec 01 '19 at 22:11

How to upload multiple images into PHP Mysql

2 Answers2