0

I am using first and sample coding for file upload. after enter the data, show the error. like

Connected successfullyUpload: bottom.png Type: image/png Size: 5.7373046875 kB Stored in: C:\xampp\tmp\phpD383.tmp Notice: Undefined index: file in C:\xampp\htdocs\Deen_php\sample.php on line 53 Could not enter data: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ')' at line 1

php

<?php
if(isset($_POST['insert']))
{
$dbhost = 'localhost:3306';
$dbuser = 'root';
$dbpass = 'root';
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
if(! $conn )
{
  die('Could not connect: ' . mysql_error());
}
echo 'Connected successfully';


$allowedExts = array("gif", "jpeg", "jpg", "png","txt");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);

if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png")
|| ($_FILES["file"]["type"] == "image/txt"))
&& ($_FILES["file"]["size"] < 50000)
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Error: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Stored in: " . $_FILES["file"]["tmp_name"];
    }
  }
else
  {
  echo "Invalid file";
  }

$num = $_POST['num'];
$name = $_POST['name'];
$age = $_POST['age'];
$file = $_POST['file'];



$sql = "INSERT INTO sample ".
       "(num,name,age,file1) ".
       "VALUES('$num','$name',$age, $file)";

mysql_select_db('test_db');

$retval = mysql_query( $sql, $conn );
if(! $retval )
{
  die('Could not enter data: ' . mysql_error());
}

echo "Entered data successfully\n";
move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], "C:/" . $_FILES["fileToUpload"]["name"]);

mysql_close($conn);

}
?>

html

<form action="<?php $_PHP_SELF ?>" method="POST" enctype="multipart/form-data">
  Num: <input type="text" name="num" />
  Name: <input type="text" name="name" />
  Age: <input type="text" name="age" />
  File Upload<input name="file" type="file" /><br />
  <input type="submit" id="insert" name="insert" value="Submit" />
</form>
Improve this question

4 Answers 4

Reset to default
2

You cannot access an input of type file via $_POST, it is accessed via $_FILES as in your code.

If you want to store the filename you can do 

$file = $_FILES["file"]["tmp_name"];

Also if you are passing a string to db then enclose them in quotes like you have done in your query for $name and $num.

NB: Please keep in mind that mysql_* functions are deprecated. So try to use mysqli or PDO

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

I think the problem is your sql syntax. change to this:

$sql = "INSERT INTO sample (num,name,age,file1) VALUES('$num','$name', '$age', '$file')";
Improve this answer

2 Comments

Thanks. I have solved that pblm. but i have another one. File name stored in database with different. And i want to store the file into my local folder as it is same type like txt, jpg,etc move_uploaded_file($_FILES["file"]["tmp_name"], "C:/anonymous".$_FILES["file"]["name"]); is it correct
C:/anonymous/".$_FILES["file"]["name"]);
0

What do you want at all?

If you want to store file contents, you should use file_get_contents instead of move_uploaded_file. To get temporary name use $_FILES["file"]["tmp_name"]. Read directly from this file.

If you want to store save file permanently and save path to this file, use move_uploaded_file with our own name (not necessary $_FILES["file"]["name"]) and save path (or meaningful part of path) that you passed to move_uploaded_file. $_POST['file'] is not set anyway.

You forgot quotes in your MySQL query.

Also, you wrote $_FILES["fileToUpload"]["tmp_name"] (other array key).

For content types (MIME) use array too.

File extension you should get using $ext = pathinfo($filename, PATHINFO_EXTENSION);.

Only correct and not deprecated way to work with MySQL is PDO with prepared statements. Your code allows SQL injections. Moreover, it's recommended to you framework afterwards.

Improve this answer

2 Comments

File name is stored in database successfuly. but that file didn't store in local. I want to store file local folder. I have given like this and i have created files folder in my project. but it doesn't work... move_uploaded_file($_FILES["file"]["name"], "files/".$_FILES["file"]["name"]);
@Mohaideen You upload file from temporary location stored by tmp_name key to any custom location and name you want. $_FILES["file"]["name"] is just name that file has on the client machine and it is given just as additional information. Also, check that directory you are going to save your file exists and is accessible by PHP. First, try to save you file next to your script (__DIR__.DIRECTORY_SEPARATOR.$_FILES["file"]["name"]`). You also should to turn on full error reporting.
0

change fileToUpload to file

from 

move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], "C:/" . $_FILES["fileToUpload"]["name"]);

To

move_uploaded_file($_FILES["file"]["tmp_name"], "C:/" . $_FILES["file"]["name"]);

===========================================

change sql format too.

   $sql = "INSERT INTO sample (num,name,age,file1) VALUES('$num','$name', '$age', '$file')";

============================================================

Also change file name 

$file = $_POST['file'];

to

$file = $_FILES["file"]["name"]

=================================================================

change storage path too by creating upload directory in your project folder.

move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]);
Improve this answer

3 Comments

Thanks. I have solved that pblm. but i have another one. File name stored in database with different. And i want to store the file into my local folder as it is same type like txt, jpg,etc move_uploaded_file($_FILES["file"]["tmp_name"], "C:/anonymous".$_FILES["file"]["name"]); is it correct
i think it is not good to store directly on C drive. Create one folder in your project directory and story image there. move_uploaded_file($_FILES["file"]["tmp_name"], "upload/" . $_FILES["file"]["name"]); and change $file = $file = $_POST['file']; to $_FILES["file"]["name"]
File name is stored in database successfuly. but that file didn't store in local. I want to store file local folder. I have given like this and i have created files folder in my project. but it doesn't work... move_uploaded_file($_FILES["file"]["name"], "files/".$_FILES["file"]["name"]);

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.