hello all i havnt got a clue about this as i am a bit of a newbie i have read a few tuts but they just baffle me could any one help me out i have posted the 3 files the form the insert and browse the idea is peeps fill out reg form and upload a jpeg pic then when they browse they see the pic in a table with other info this is the reg form <td colspan="14" background="images/caravan_28.gif" width="768" height="100%" alt="" valign='top' class='bodytext'> <table width='55%' align='center'> <form action="insert.php" method="post"> <br> <tr><td colspan='2'> <p align='center' class='bodytext'> <b>REGISTER</b> (<font color='red'>*</font> = required.) </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Name: </p> </td> <td> <p align='justify' class='bodytext'> <input type="text" name="name" maxlength="40"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Username: <font color='red'>*</font> </p> </td> <td> <p align='justify' class='bodytext'> <input type="text" name="username" maxlength="40"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Password: <font color='red'>*</font> </p> </td> <td> <p align='justify' class='bodytext'> <input type="password" name="password" maxlength="50"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Confirm Password: <font color='red'>*</font> </p> </td> <td> <p align='justify' class='bodytext'> <input type="password" name="confirmpassword" maxlength="50"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Email Address: <font color='red'>*</font> </p> </td> <td> <p align='justify' class='bodytext'> <input type="text" name="email" maxlength="50"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Confirm Email: <font color='red'>*</font> </p> </td> <td> <p align='justify' class='bodytext'> <input type="text" name="confirmemail" maxlength="50"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Park Name: </p> </td> <td> <p align='justify' class='bodytext'> <input type="text" name="parkname" maxlength="50"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Park Location: </p> </td> <td> <p align='justify' class='bodytext'> <input type="text" name="parklocation" maxlength="50"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Caravan Details: </p> </td> <td> <p align='justify' class='bodytext'> <input type="text" name="caravandetails" maxlength="50"> </p> </td></tr> <tr><td> <p align='justify' class='bodytext'> Up Load Photo max 400x300: </p> </td> <td> <p align='justify' class='bodytext'> <input type="file" name="pic" maxlength="50"> </p> </td></tr> <tr><td colspan='2'> <p align='center' class='bodytext'> <input type="submit" name="submit" value="Register!"><input type='reset' name='reset' value='Clear'> </p> </form> </td></tr></table> PHP: this is the insert form $sql="INSERT INTO exchange (name, username, password, email, parkname, parklocation, caravandetails, pics) VALUES ('$_POST[name]','$_POST[username]','$_POST[password]','$_POST[email]','$_POST[parkname]','$_POST[parklocation]','$_POST[caravandetails]','$_POST[$image_pics]')"; if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } echo"You have successfully Registered! You will be redirected in three seconds!><br /><br /> <div class='info'>If you don't wish to wait, <a href='browse.php'>click here</a>"; echo'<meta http-equiv="REFRESH" content="3;url=browse.php">'; } else { echo 'In order to register, please fill out your details, to go back, please <a href="register.php">click here</a>'; } ?> PHP: and this is the browse form $result = mysql_query("SELECT * FROM exchange"); echo "<table border='1'align=center> <tr> <p align='center' class='bodytext'> <th>park-name</th> <p align='center' class='bodytext'> <th>park-location</th> <p align='center' class='bodytext'> <th>caravan-details</th> <p align='center' class='bodytext'> <th>pics</th> </tr>";while($row = mysql_fetch_array($result)) { echo "<tr>"; echo "<td>" . $row['parkname'] . "</td>"; echo "<td>" . $row['parklocation'] . "</td>"; echo "<td>" . $row['caravandetails'] . "</td>"; echo "<td>" . $row['pics'] . "</td>"; echo "</tr>"; } echo "</table>";mysql_close($con); PHP:
$sql="INSERT INTO exchange (name, username, password, email, parkname, parklocation, caravandetails, pics) VALUES ('$_POST[name]','$_POST[username]','$_POST[password]','$_POST[email]','$_POST[parkname]','$_POST[parklocation]','$_POST[caravandetails]','$_POST[$image_pics]')"; PHP: Ouch! What you've got there is very vulnerable to sql injection. I would hope you have magic_quotes_gpc enabled making this just bad form but if not you need to get this fixed asap. Even with magic_quotes_gpc enabled I would encourage you to fix this as it is always a possibility that the server settings will be modified. SQL injection essentially allows an attacker to run any sql query they like on your server. This allows them to delete all you data. [edit]What was the problem you were having?[/edit]
you have to the image by using base64 encoding.there is a function in php that can encode a image in base64 format toa sting.then you can add the image in database.and the filed in the table has to be blob or longtext
as i said at the beggining i havnt a clue and would like some one to write the script for me or give me an example so i can see if i can adapt it for myself many thanks for replies so far cheers Doug