how can i change this which insert into the database to display and modify i then resave back into the database if(!empty($_POST['select1']) && $_POST['select1'] != 'default') $value = mysql_real_escape_string($_POST['select1']); elseif(!empty($_POST['select2']) && $_POST['select2'] != 'default') $value = mysql_real_escape_string($_POST['select2']); elseif(!empty($_POST['select3']) && $_POST['select3'] != 'default') $value = mysql_real_escape_string($_POST['select3']); if ($_POST['name']=='') $arrErrors['name'] = 'Please provide your name.'; if ($_POST['email']=='') $arrErrors['email'] = 'A valid email address is required.'; if ($_POST['phone']=='') $arrErrors['phone'] = 'Please provide your phone number.'; if ($_POST['campustype']=='') $arrErrors['campustype'] = 'Please select category.'; if ($_POST['select1'] === 'default' && $_POST['select2'] === 'default' && $_POST['select3'] === 'default'){ $arrErrors[howt] = 'Please select type'; }else{ $possible = array('Concerts', 'Clubs', 'Festival', 'Opera'); if (in_array($_POST['select1'], $possible) === false){ } $possible = array('Formula 1', 'Footbal', 'Basketball', 'Rugby', 'Cricket'); if (in_array($_POST['select2'], $possible) === false){ } $possible = array('Comedy', 'Drama', 'Museus'); if (in_array($_POST['select3'], $possible) === false){ } } if (count($arrErrors) == 0) $query="INSERT INTO photos values ('','$image','$name','$email','$phone','$campustype','$value')"; //into database mysql_query( $query ); PHP:
i believe from what i can make of your question your going to use the update example: mysql_query("UPDATE info SET status = '$logged' WHERE username = '$username'");
yeah but now i have the upload image it works fine uploading the image sends the image path to databse and copy the image to the images folder. but now i trying to just modify the problem is the image path goes to the database but now the image is no longer copied, or replaced with into the images folder do i need to chenge the copy image on the script with something else here the upload image code <?php $con = mysql_connect("localhost","root",""); if (!$con) { die('Could not connect: ' . mysql_error()); } mysql_select_db("admin", $con); ?> <?php /* DEBUGGING CODE COMMENTED OUT*/ //print_r($_FILES); //echo '<br>'; //print_r($_POST); /*END DEBUGING CODE*/ //define a maxim size for the uploaded images in Kb define ("MAX_SIZE","100"); //This function reads the extension of the file. It is used to determine if the file is an image by checking the extension. function getExtension($str) { $i = strrpos($str,"."); if (!$i) { return ""; } $l = strlen($str) - $i; $ext = substr($str,$i+1,$l); return $ext; } //This variable is used as a flag. The value is initialized with 0 (meaning no error found) and it will be changed to 1 if an errro occures. If the error occures the file will not be uploaded. $errors=0; //checks if the form has been submitted if(isset($_POST['Submit'])) { //reads the name of the file the user submitted for uploading $image=$_FILES['image']['name']; //if it is not empty if (strlen($image) >= 1) //////////////////////////////////////////////////////// CHANGED { //get the original name of the file from the clients machine $filename = stripslashes($_FILES['image']['name']); //get the extension of the file in a lower case format $extension = getExtension($filename); $extension = strtolower($extension); //if it is not a known extension, we will suppose it is an error and will not upload the file, otherwize we will do more tests if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) { //print error message echo '<h1>Unknown extension!</h1>'; $errors=1; } else { //get the size of the image in bytes //$_FILES['image']['tmp_name'] is the temporary filename of the file in which the uploaded file was stored on the server $size=filesize($_FILES['image']['tmp_name']); //compare the size with the maxim size we defined and print error if bigger if ($size > MAX_SIZE*102400) { echo '<h1>You have exceeded the size limit!</h1>'; $errors=1; } //we will give an unique name, for example the time in unix time format $image_name=time(). '.'.$extension; //the new name will be containing the full path where will be stored (images folder) $newname="images/".$image; $query="INSERT INTO photos values ('$image','$user')"; //into database mysql_query( $query ); $copied = copy($_FILES['image']['tmp_name'], $newname); if (!$copied) { echo '<h1>Copy unsuccessfull!</h1>'; $errors=1; } } } else { ////////////////////////////////////////////////////////////////////////////////// ADDED ELSE STATEMENT echo '<h1>No file was selected.</h1>'; $errors = 1; } } //If no errors registred, print the success message if(isset($_POST['Submit']) && $errors != 1) /////////////////////////////////////////////////////////////// CHANGED { echo "<h1>File Uploaded Successfully! Try again!</h1>"; } ?> <form name="newad" method="post" enctype="multipart/form-data" action="uploadacademy.php"> <table> <tr><td><input type="file" name="image"></td></tr> <tr><td><input name="Submit" type="submit" value="Upload image"></td></tr> </table> </form> PHP: do i need to change where it says copy with replace or something
copy() function performs filesystem copy operation, it is not connected with the database. So, if you're ok to store your images in /images/ directory, you don't need to fix anything. BUT looking at the code there are at least two serious security issues: 1. Never do sql queries like "INSERT INTO photos values ('$image','$user')". If you're interested why, try googling 'sql injection', if not, just replace with $query = sprintf("INSERT INTO photos values ('%s','%s')",mysql_real_escape_string($image),mysql_real_escape_string($user)); PHP: or use PDO or any ORM. Again, google it if you're interested 2. never use copy($_FILES[...]) - from PHP manual (http://ua.php.net/move_uploaded_file): So use move_uploaded_file() instead of copy()