0

My Code :

<?php
function dbAdd($first_name , $image) {

//mysql connect database code...

mysql_query("INSERT INTO users SET first_name = '".$first_name."', image = '".$image."'");
$mysql_close($sql);
} 

if($_SERVER['REQUEST_METHOD']=='POST') {
dbAdd($_POST['first_name'], $_POST['image']);
}
?>

<form enctype="multipart/form-data" method="post" action="">
First Name : <input type="text" name="first_name" >
Image : <input type="file" name="image"> 
<input type="submit"> 
</form>


The form "file" is to upload. I know that. But I wonder how to get the values so I can put the path of image in the database. The code is already working. The $first_name can already save to the database.

Thank you for the answers.
Jordan Pagaduan

Improve this question
1
  • SQL injections! Read up on PDO and prepared statements $pdo->prepare("WHERE first_name=?"). Or use input sanitization at least, $_POST->text('first_name'); Commented May 31, 2010 at 0:05

2 Answers 2

Reset to default
4

The file will be uploaded to a temporary place on the server when the form is submitted.

Once the form has been submitted, the $_FILES variable will contain all the files submitted. In your case, you could access the uploaded file using $_FILES['image']. Most likely you will want to move the file out of the temporary directory to a safer place.

For more info, have a look at the PHP manual on the topic, specifically the page on handling POST uploads. That second page has an example for you on how to move the uploaded file (have a look at the move_uploaded_file() method).

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

Straight from W3C: Upload form & $_FILE variable

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.