php MySQLi File upload -

php MySQLi File upload -

dear friends unable fine whats wrong codes, kindly please. when post page not upload file, $_files["file"]["name"] comes blank.

since using technique of include once, add together category files called module, hence form action='index.php?addcategory' calling same file again.

// file upload $allowedexts = array("gif", "jpeg", "jpg", "png"); $temp = explode(".", $_files["file"]["name"]); $extension = end($temp); if ((($_files["file"]["type"] == "image/gif") || ($_files["file"]["type"] == "image/jpeg") || ($_files["file"]["type"] == "image/jpg") || ($_files["file"]["type"] == "image/pjpeg") || ($_files["file"]["type"] == "image/x-png") || ($_files["file"]["type"] == "image/png")) && ($_files["file"]["size"] < 20000) && in_array($extension, $allowedexts)) { if ($_files["file"]["error"] > 0) { echo "return code: " . $_files["file"]["error"] . "<br>"; } else { echo "upload: " . $_files["file"]["name"] . "<br>"; echo "type: " . $_files["file"]["type"] . "<br>"; echo "size: " . ($_files["file"]["size"] / 1024) . " kb<br>"; echo "temp file: " . $_files["file"]["tmp_name"] . "<br>"; if (file_exists("upload/" . $_files["file"]["name"])) { echo $_files["file"]["name"] . " exists. "; } else { move_uploaded_file($_files["file"]["tmp_name"], "upload/" . $_files["file"]["name"]); echo "stored in: " . "img/" . $_files["file"]["name"]; } } } else { echo "invalid file"; } // file upload $displayname = mysqli_real_escape_string($con, $_get['displayname']); $categoryname = mysqli_real_escape_string($con, $_get['categoryname']); $meta = mysqli_real_escape_string($con, $_get['meta']); //$file = mysqli_real_escape_string($con, $_get['file']); $file = $_files["file"]["name"]; if ($displayname == null || $categoryname == null || $file == null ) { $msg = '<div class="msg error"><span>error:</span> please fill in required fields!</div>'; } else { $insert_row = $con->query("insert category (displayname, categoryname, meta, icon) values($displayname, $categoryname, $meta, $file)"); $sql="insert category (displayname, categoryname, meta, icon) values ('$displayname', '$categoryname', '$meta', '$file')"; if (!mysqli_query($con,$sql)) { $msg ='<div class="msg error"><span>error:</span> category added failed</div>'; } else { $msg ='<div class="msg success">category added success</div>'; }}} echo $msg; ?> <form action='index.php?addcategory' enctype="multipart/form-data" method=”post”> <input name="addcategory" type="hidden" value="addcategory"> <div class="formbox"><label>category display name</label> <input name="displayname" type="text"></div> <div class="formbox"><label>short name</label> <input name="categoryname" type="text"></div> <div class="formbox formbox_full"><label>meta description</label> <textarea name="meta"></textarea></div> <div class="formbox"><label>category name</label> <input name="file" id="file" type="file"></div> <div class="formbox formbox_full"><input type="submit" value="add category" /></div> </form>

you have smart/curly quotes in method=”post” that's part of problem.

replace method="post"

you need utilize quotes around values variables

values ('$displayname', '$categoryname', '$meta', '$file')

you have 2 queries insert. remove first 1 being:

$insert_row = $con->query("insert category ...

i don't know why have that, utilize sec one.

you're using $_get when using post form method; utilize $_post have $_get , modify form's action action='' since you're executing within same page, , naming submit button name="submit" - <input type="submit" name="submit" value="add category" /> while wrapping entire php/sql within conditional statement, such as:

if(isset($_post['submit'])){ // php/sql }

you have 3x }}} 3rd 1 seems extra, remove it.

being here

}}} <= echo $msg;

change to

}} echo $msg;

if don't have else above first line of code.

edit: (upload folder)

i noticed folder name differences, upload , img in:

if (file_exists("upload/" . $_files["file"]["name"])) { echo $_files["file"]["name"] . " exists. "; } else { move_uploaded_file($_files["file"]["tmp_name"], "upload/" . $_files["file"]["name"]); echo "stored in: " . "img/" . $_files["file"]["name"];

if intended folder upload, alter img upload.

if intended folder img, alter upload img.

make sure running form , php/sql root of server. if not, may need re-adjust upload/ ../upload/ or ../../upload/ (for example) or ../img/ <= if folder's upload name, , depending how many sub-levels need go downwards to, while making sure folder has proper write permissions set.

php mysqli