0

In my post page i have multiple upload fields.

    <form action="" method="post" enctype="multipart/form-data"

    class="form-horizontal">

    <div class="form-group col-md-5">
    <label for="image">Big pic</label>
    <input id="image" type="file" name="image" class="btn btn-danger">
     </div>
     <div class="form-group col-md-5">
     <label for="img_v1">V1</label>
     <input id="img_v1" type="file" name="img_v1" class="btn btn-danger">
     </div>
     <div class="form-group col-md-5">
    <label for="img_v2">V2</label>
    <input id="img_v2" type="file" name="img_v2" class="btn btn-danger">
    </div>

And i want to upload each field to each row in my server.

my upload script is in the same file.

$error = ''; 
if(isset($_POST['submit_post'])){
$title = strip_tags($_POST['title']);
$date = date('Y-m-d h:i:s');
if($_FILES['image']['name'] !=''){
$image_name = $_FILES['image']['name']; 
$image_tmp = $_FILES['image']['tmp_name'];
$image_size = $_FILES['image']['size'];
$image_ext = pathinfo($image_name,PATHINFO_EXTENSION);
$image_path = '../clientes/img/'.$image_name;
$image_db_path = 'img/'.$image_name;
if($image_size < 10000000){
if($image_ext == 'jpg' || $image_ext == 'png' || $image_ext == 'jpeg' ||       $image_ext == 'gif'){
if(move_uploaded_file($image_tmp,$image_path)){
$ins_sql = "INSERT INTO gallery (title, description, image, category,   status) VALUES ('$title', '$_POST[description]',
 '$image_db_path', '$_POST[category]', '$_POST[status]')";
  if(mysqli_query($conn,$ins_sql)){
  header('post_list.php');
 }else{
  $error = '<div class="alert alert-danger">Erro de script</div>';
  }
  }else{
  '<div class="alert alert-danger">Image cant upload</div>';
  } 
  }else{
  $error = '<div class="alert alert-danger">Wrong image extention</div>';
  }
  }else{
  $error = '<div class="alert alert-danger">Image is to much big</div>';
  }
  }else{
  $ins_sql = "INSERT INTO gallery (title, description, category, status,     date, author) VALUES ('$title', '$_POST[description]', 
  '$_POST[category]', '$_POST[status]', '$date', '$_SESSION[userName]    $_SESSION[userLName]')";
  if(mysqli_query($conn,$ins_sql)){
  header('post_list.php');
  }else{
  $error = '<div class="alert alert-danger">Script error</div>';
  }
  }
  }

i tried to upload the 3 fields to the server like this...

INSERT INTO gallery (title, description, image,img_v1, img_v2 category, status) VALUES ('$title', '$_POST[description]', '$image_db_path','$image_db_path','$image_db_path', '$_POST[category]', '$_POST[status]')";

But i know it was wrong. What i have to do so i can upload the extra img fields?

Improve this question
3
  • when you don't check for errors, you don't know what to look for, which is a syntax error in your query. We also don't know if you started the session or not. Commented Jul 27, 2016 at 16:01
  • WARNING: When using mysqli you should be using parameterized queries and bind_param to add user data to your query. DO NOT use string interpolation or concatenation to accomplish this because you have created a severe SQL injection bug. NEVER put $_POST or $_GET data directly into a query, it can be very harmful if someone seeks to exploit your mistake. Commented Jul 27, 2016 at 16:53
  • @tadman thx for that tip, i'm still learning php,i will study the stuffs u said. big thx Commented Jul 27, 2016 at 21:02

1 Answer 1

Reset to default
1

You missed one comma between img_v2 and category.

INSERT INTO gallery (title, description, image,img_v1, img_v2, category, status) VALUES ('$title', '$_POST[description]', '$image_db_path','$image_db_path','$image_db_path', '$_POST[category]', '$_POST[status]')";
Improve this answer
Sign up to request clarification or add additional context in comments.

5 Comments

ohh god i kept like 15 in my code trying to find whats wrong. and it was only a comma geez
thx bro, i think that i was going to keep an hour trying to find out lol
Your code is wrong, but this gets it barely working. You've still got a lot of work to do.
@JamesAllan No problem mate, if it solved it, can you mark my answer as the right one? This add me some rep, thanks :).
Sorry i forgot that =D

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.