I have been inserting the file path in to data base but it s giving a mysql syantax error can any pne fix it

<?php
include 'db.php';
if($_SERVER['REQUEST_METHOD']=='POST')
{
    if(isset($_FILES['photo'])&& is_uploaded_file($_FILES['photo']['tmp_name'])
            && $_FILES['photo']['error']==UPLOAD_ERR_OK)
    {
        if($_FILES['photo']['type']=='image/jpeg') 
        {
            $tmp_img = $_FILES['photo']['tmp_name'];
            $path = "d:/xampp/htdocs/upload/images/" .$_FILES['photo']['name'];
            move_uploaded_file($_FILES['photo']['tmp_name'], $path);
            $imgname=$_FILES['photo']['name'];
            $q="Insert INTO image (name,imgpath) VALUES($imgname,$path)";
            mysql_query($q) or die(mysql_error());
        }
        else 
        {
            echo "Uploaded file was not a JPG image.";
        }
    }   
    else 
    {
         echo "No file Uploaded";
    }
}
?>

What was the SQL error you got from it?

Missing quotes I think.

$q = "INSERT INTO image (name, imgpath) VALUES ('$imgname', '$path')";
commented: good call +0

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ':/xampp/htdocs/upload/images/graphics.JPEG)' at line 1

now i i have put the quotes file name saved successfully but still image path is not saved in db

Wwhy not use this code instead?

  $target_path = "d:/xampp/htdocs/upload/images/";
    $target_path = $target_path . basename( $_FILES['photo']['name']); 

And then when inserting to the database, you can use;

"insert into photos (id,image_name,image) values ('$id','$_FILES[photo]','".$target_path."')";

That should work ...

You are missing closing quotes on this line;

Actually, no it doesn't need quotes here if it ends with a variable. The quotes just close the string.

that creates the error "Webville" look again i have been concatenating both strings

Sorry, my bad; My first post was offside, but I edited it with a line of code that actually works for me ...

Once again sorry ...

i have just chk the $path by echo and showing the without an error but problm is that its not getting
in to the database

I had suggested a code fragment that actually works for me, and it is;

$target_path = "d:/xampp/htdocs/upload/images/";
    $target_path = $target_path . basename( $_FILES['photo']['name']); 

And the insert is;

"insert into photos (id,image_name,image) values ('$id','$_FILES[photo]','".$target_path."')";

this is not working :(

$path = "d:/xampp/htdocs/upload/images/" .$_FILES['photo']['name'];

you have an extra space there, before the .$files

$path = "d:/xampp/htdocs/upload/images/".$_FILES['photo']['name'];

might do it. Mysql's funny about things like that.

this is not working :(

So does this mean that you are getting an error still? Or is there no error and it just is not inserting the file path into the db?

Can you post your current code again after the changes you have made?

<?php 
include "db.php";
$target_path = "images/";

$target_path = $target_path . basename( $_FILES['file']['name']); 

if(move_uploaded_file($_FILES['file']['tmp_name'], $target_path)) {
    echo "The file ".  basename( $_FILES['file']['name']). 
    " has been uploaded";
} else{
    echo "There was an error uploading the file, please try again!";
}
$q ="Insert Into image(name,imgpath) VALUES ('".$_FILES['file']['name']."','".$target_path."')";

mysql_query($q) or die(mysql_error());


?>

i dnt get error by using this script the only thing is that file path aint saving in to the db

although file name saved successfully

Hmm, what are the rest of the columns in your SQL table "image"? Can you just show us the table structure?

i have just created the db with name upload with three attributes imgid, ,name,imgpath

The name of the table is "upload" or is that the name of the database?

Try this:

<?php 
include "db.php";

$target_path = "images/";
$img_name = mysql_real_escape_string($_FILES['file']['name']);

if(move_uploaded_file($_FILES['file']['tmp_name'], $target_path.$img_name)) {

    // Moved this here. Would there be a reason to put it into the database if the file upload failed?
    $q = "INSERT INTO upload (imgid,name,imgpath) VALUES ('','$img_name','". $target_path.$img_name ."')";
    $result = mysql_query($q) or die (mysql_error());
    echo "The file $img_name has been uploaded";

}else{
    echo "There was an error uploading the file, please try again!";
}
?>

Just change the name of the table in the SQL if it really is just "image".

thanks bro there was a blunder in ma db

i had put type int with img path attibute thats why it was not saving in database

Personally I would use

$name=$files['file']['name'];

$q ="Insert Into image(name,imgpath) VALUES ('$name','$target_path')";

Yes, there are a lot of different/better ways to do this operation. I don't like using just $name because it is very general to me and could be the name of anything when I have a lot of code in one file that does more than just deal with an image. Of course, at the end of the day I would probably have written a function or class (which I have) and just call that.

@kiLLer.zoh_1 Make sure you take your script further and put in error checking, and file upload restrictions if you are planning on having this public facing for anyone to use. As it is right now, someone/anyone could bring your entire website down with being able to access this.

and do you have a folder named "images" ???

And why are you concatenating the imagename with the target path in this line?;

  $q = "INSERT INTO upload (imgid,name,imgpath) VALUES ('','$img_name','". $target_path.$img_name ."')";

You only need the target path ONLY ...

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.