Hey all i'm fairly new to php and need some help with this code.
I'm not recieving any errors but it wont work.

what i'm trying to do is up load a picture from a form. i want to copy the picture into
a folder named "images" then keep all the other form information and the image path in a MySQL db. so later on i can display the images from a certain category on a web page.

DB table looks like this:

Table name: photos

id, image_name, caption, image_path, category,


Form Code:

<form enctype="multipart/form-data" name="addimage" action="imageupload.php" method="post">
<tr>

<td>
Select Category:
<br />
<?php
include 'Images_db_connect.php';
 
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$sql = mysql_query("SELECT id,category_name FROM categories ORDER BY category_name"); 
$row = mysql_fetch_array($sql);
?>

<select name="Category_name">
<?php do{ ?>
<option value="<?php echo $row['id']; ?>"><?php echo $row['category_name']; ?> </option>
<?php } while($row = mysql_fetch_array($sql));?>
</select>

<br />
<br />
Image Name:
<br />
<input type="text" name="image name" size="30">
<br />
<br />
Image Caption:
<br />
<textarea name="Caption" rows="3" cols="30"></textarea>
<br />
<br />
Select File:
<br />
<input type="file" name="Image" size="30">
<br />
<br />
<input type="submit" name="upload" value="Upload Image">
</td>
</tr>
</form>

upload code:

<?php
include 'Images_db_connect.php';
$imagename = $_POST['image name'];
$caption = $_POST['Caption'];
$category = $_POST['Category_name'];

mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

//This function reads the extension of the file. It is used to determine if the file  is an image by checking the extension.
 function getExtension($str) {
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
 }

//This variable is used as a flag. The value is initialized with 0 (meaning no error  found)  
//and it will be changed to 1 if an errro occures.  
//If the error occures the file will not be uploaded.
 $errors=0;
//checks if the form has been submitted
 if(isset($_POST['Submit'])) 
 {
 	//reads the name of the file the user submitted for uploading
 	$image=$_FILES['image']['name'];
 	//if it is not empty
 	if ($image) 
 	{
 	//get the original name of the file from the clients machine
 		$filename = stripslashes($_FILES['image']['name']);
 	//get the extension of the file in a lower case format
  		$extension = getExtension($filename);
 		$extension = strtolower($extension);
 	//if it is not a known extension, we will suppose it is an error and will not  upload the file,  
	//otherwise we will do more tests
 if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) 
 		{
		//print error message
 			echo '<h1>Unknown extension!</h1>';
 			$errors=1;
 		}
 		else
 		{
//get the size of the image in bytes
 //$_FILES['image']['tmp_name'] is the temporary filename of the file
 //in which the uploaded file was stored on the server
 $size=filesize($_FILES['image']['tmp_name']);

//compare the size with the maxim size we defined and print error if bigger
if ($size > MAX_SIZE*1024)
{
	echo '<h1>You have exceeded the size limit!</h1>';
	$errors=1;
}

//we will give an unique name, for example the time in unix time format
$image_name=time().'.'.$extension;
//the new name will be containing the full path where will be stored (images folder)
$newname="images/".$image_name;
//we verify if the image has been uploaded, and print error instead
$copied = copy($_FILES['image']['tmp_name'], $newname);
if (!$copied) 
{
$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$newname', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?>

Instead of exploding and getting the extension use the mime type of the images (images/gif for firefox and safari, images/pgif for IExplorer). Because if you use the method of getting extension then the users will upload any thing after changing the files extension. e.g if a file is doc.docx they will rename it as doc.gif then your code will accept it.

<?php
$typ = $_FILES['file']['type'];
if(isset($FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){
//insert data or other collected info into db.
}
}
}
?>

Using this code you don't have to worry about getting extension or lowering extension. Just use a check of file size. This code will allow user to upload .jpg, .gif, .png files.

K i need some major help on this. I am really new to php and have a feeling i'm along way from getting this correct. Is there someone willing to explain in great detail of what everything does and the process of uplaoding an image to a folder and then keeping the path in a database?

Here is the code i have so far, and i get the following error.

"Parse error: syntax error, unexpected T_IS_EQUAL in C:\xampp\htdocs\imageupload.php on line 12"

here is the code i have so far:

<?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit']))

$typ = $_FILES['file']['type'];
if(isset($FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?>
if(isset($_POST['Submit']))

Where is starting bracket of if body?? :)

To be completely honest i'm not 100% sure of the placment of these tags.
if ya cant tell i'm a total newbie. I really want to learn this so if you can please give me details of why things are done and where they are placed. I really appreciate your help.

I hope this is what you meant.

if(isset($_POST['Submit'])){
{

Also i am still getting an error on line 10. any ideas anyone?

#10 $typ = $_FILES['file']['type'];
#11 if(isset($FILES['file']['name'])){
#12 if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
#13 $uploddir = "images/";
#14 $uploadimages = $uploaddir.$_FILES['file']['name'];
#15 if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

on line 11 $FILES is wrong $_FILES is correct, I will give you details but right now i am in a hurry. See ya later.

Well that fixed that line 10 error now its a line 12 error.. :)
thanks for your help, just let me know when ya get a chance to look at it.

Thanks again

please send me the complete code.

Here is the code. The form code is in the first post.

<?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit']))

$typ = $_FILES['file']['type'];
if(isset($FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?><?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit'])){
}
$typ = $_FILES['file']['type'];
if(isset($FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?>

Line 11 is still wrong $FILES is wrong.

if(isset($_POST['Submit']))

bracket is missing.
correct these two errors if it is still not working tell me or if a error is given please mention it.

Sorry i copy and pasted the old code cause i didn't have the new code with me i forgot to make those changes after i pasted it. this is what it currently looks like when i got the error on line 12

<?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit'])){
}
$typ = $_FILES['file']['type'];
if(isset($_FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?><?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit'])){
}
$typ = $_FILES['file']['type'];
if(isset($FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?><?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit']))

$typ = $_FILES['file']['type'];
if(isset($FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?><?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit'])){
}
$typ = $_FILES['file']['type'];
if(isset($FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?>

can you mention error on line 12, i mean statement

can you mention error on line 12, i mean statement

"Parse error: syntax error, unexpected T_IS_EQUAL in C:\xampp\htdocs\imageupload.php on line 12"

Try this code

<?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit'])){
$typ = $_FILES['file']['type'];
if(isset($_FILES['file']['name'])){
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}}}}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
mysql_close();

 ?>

I keep getting an error on the following line.

if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif ||$typ" == "images/ppng" || $typ == "images/pjpeg"){

try using this :-/

if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif || $typ" == "images/ppng" || $typ == "images/pjpeg"){

I noticed there arent any "quotes" on the following part, could that be the problem?
I haven't tried the snippet you gave me yet i just happen to notice the quotes. :confused:

$typ == "images/pgif ||

shouldn't it be like this

$typ == "images/pgif" ||

yes it is due to quots. :)

Alright here is the new code i'm getting an error in the very last line.
I have no clue why?? :confused:

<?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 

if(isset($_POST['Submit'])){
$typ = $_FILES['file']['type'];


if(isset($_FILES['file']['name']))
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif" || $typ == "images/ppng" || $typ == "images/pjpeg"){

}
else{ echo "Incorrect file type";
}
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){

$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
	echo '<h1>Copy unsuccessfull!</h1>';
	$errors=1;
}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 	echo "<h1>File Uploaded Successfully!</h1>";
 }
?>

also i forgot to include the error.

Parse error: syntax error, unexpected $end in C:\xampp\htdocs\imageupload.php on line 37

Sorry for late reply, try this code I hope it will fix your problem.

<?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 
if(isset($_FILES['file']['name']) && $_FILES['file']['name']<>""){
$typ = $_FILES['file']['type'];
if($typ == "images/gif" || $typ == "images/png" || $typ == "images/jpeg" || $typ == "images/pgif" || $typ == "images/ppng" || $typ == "images/pjpeg"){
$uploddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){
$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());
echo "File successfully copied";
}
else{
echo "Copy unsuccessful";
}
}
else{ 
echo "Incorrect file type";
}
}
else{
echo "No file selected";
}

okay it is so close, the script is running with out errors. the only problem now is when i select an image to upload. and hit "submit" it says "no file selected" i'm sure this is a minor problem.

Here is the code for the form i'm using. can you see anything i might of missed.

<form enctype="multipart/form-data" name="addimage" action="imageupload.php" method="post">
<tr>

<td>
Select Category:
<br />
<?php
include 'Images_db_connect.php';
 
// Connect to server and select database.
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");

$sql = mysql_query("SELECT id,category_name FROM categories ORDER BY category_name"); 
$row = mysql_fetch_array($sql);
?>

<select name="category_name">
<?php do{ ?>
<option value="<?php echo $row['id']; ?>"><?php echo $row['category_name']; ?> </option>
<?php } while($row = mysql_fetch_array($sql));?>
</select>

<br />
<br />
Image Name:
<br />
<input type="text" name="image name" size="30">
<br />
<br />
Image Caption:
<br />
<textarea name="caption" rows="3" cols="30"></textarea>
<br />
<br />
Select File:
<br />
<input type="file" name="file" size="30">
<br />
<br />
<input type="submit" name="upload" value="Upload Image">
</td>
</tr>
</form>

In your php file
convert this
if(isset($_FILES) && $_FILES<>""){
to
if(isset($_FILES)){

Man we just cant catch a break can we.
the only thing wrong now is it's saying incorrect file type. even though i'm using a .jpg file. i'm sure it's something simple.

Check the folder where image is to be copied, the script is copying the file or not??

no it's not being copied. do i need the full path or can it be relative?

it can be relative, please try a gif or png file and then tell me the result.

unfortunatly its still the same result.

Check this one

<?php
include 'Images_db_connect.php';
mysql_connect("$host", "$username", "$password")or die("cannot connect"); 
mysql_select_db("$db_name")or die("cannot select DB");
//define a maxim size for the uploaded images in Kb
 define ("MAX_SIZE","75"); 
if(isset($_FILES['file']['name']) && $_FILES['file']['name']<>""){
$typ = $_FILES['file']['type'];
if($typ == "image/gif" || $typ == "image/png" || $typ == "image/jpeg" || $typ == "image/pgif" || $typ == "image/ppng" || $typ == "image/pjpeg"){
$uploaddir = "images/";
$uploadimages = $uploaddir.$_FILES['file']['name'];
if(move_uploaded_file($_FILES['file']['tmp_name'], $uploadimages)){
$imagename = 'image name';
$caption = 'caption';
$category = 'category_name';

$sql = "INSERT into photos (image_name, caption, image_path, category) VALUES ('$imagename', '$caption', '$uploadimages', '$category')";
mysql_query($sql) or die(mysql_error());

echo "File successfully copied";
}
else{
echo "Copy unsuccessful";
}
}
else{ 
echo "Incorrect file type";
}
}
else{
echo "No file selected";
}
?>
Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.