-3

This is how the table users looks like:

---------------------------------------------------
|  ID  |  user  |             avatar              |
|  3   |  ane22 |     /img/default-avatar.png     |
|  4   |  cuz33 |     /img/default-avatar.png     |

Upload button:

<form method="POST" 
              action="" 
              enctype="multipart/form-data"> 
            <input type="file" 
                   name="uploadfile" 
                   value="" /> 
  
            <div> 
                <input type="submit" name="action" value="Upload"> 
            </div> 
        </form>

This is how I am trying to update the profile picture for the current user:

} else if ($_POST['action'] == 'Upload') {
    //action for delete
    error_reporting(0); 
      $msg = ""; 
  $name = $_SESSION["user"];/* user */
  
  // If upload button is clicked ... 
  if (isset($_POST['upload'])) { 
  
    $filename = $_FILES["uploadfile"]["name"]; 
    $tempname = $_FILES["uploadfile"]["tmp_name"];     
        $folder = "image/".$filename; 
  
        // Get all the submitted data from the form 
        $sql = "UPDATE users SET avatar='" . $filename . "' WHERE user='" . $name . "'"; 
  
        // Execute query 
        mysqli_query($link, $sql); 
          
        // Now let's move the uploaded image into the folder: image 
        if (move_uploaded_file($tempname, $folder))  { 
            $msg = "Image uploaded successfully"; 
        }else{ 
            $msg = "Failed to upload image"; 
      } 
  } 
  $result = mysqli_query($link, "SELECT * FROM users");

When I press the upload button, nothing happens. And nothing changes in my table also. Any tips?

Improve this question
9
  • 1
    Are you sure isset($_POST['upload']) is correct? Have you checked what $_POST contains. Commented Jul 30, 2020 at 8:51
  • WHERE user='" . $id . "' are you sure about it? Commented Jul 30, 2020 at 8:52
  • Your query is vulnerable to SQL injections, consider using prepared statements Commented Jul 30, 2020 at 8:54
  • If there is any file uploaded ? Commented Jul 30, 2020 at 8:55
  • You can try uploading the image first and then update to database. Something like below: if (move_uploaded_file($tempname, $folder)) { $msg = "Image uploaded successfully"; mysqli_query($link, $sql); }else{ $msg = "Failed to upload image"; } Commented Jul 30, 2020 at 8:57

1 Answer 1

Reset to default
0

Man you have no action on your form, how do you want it to submit something if the form doesn't do anything... And also why would you name a variable $id if you store a name in it... That's why "WHERE user = $id" works, because it's not an id it's a name... Before asking a question in stackoverflow pls try to find your own mistake, or if your error doesn't already exist on it

Improve this answer
Sign up to request clarification or add additional context in comments.

14 Comments

Man I don't get any error message, thats why. Doesn't really matter what I name the $id, because the value is still the name.
of course you don't get any error message because if the form has no action it won't load anything. PHP doesn't take it as an error, bcs it might be done on purpose, but if you want to make your form upload something, it has to get a link to something
What do you mean no action? Do you not see the button?
the button has as action a submit, it's not the action of the form, it's acting like an onclick listener, it just submit to your form when you click on it, so it is supposed to act as the "sender" of the form, but if the form has no receiver, it can't send anything
You are trying to send data, without saying where/who should get it, that's the problem. You are supposed to declare it on the attribute "action=" of you form
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.