My website must consist of a page with table where admin must upload some file. Later that file is saved by php as a blob in mysql, however, $_FILES cannot find and index of my file input. Please help finding a mistake.
<tr>
<th>ID</th>
<th>Genre</th>
<th>Extension</th>
<th>Description</th>
<th>Demo-art</th>
<th>Price</th>
<th>Upload</th>
<th>Delete</th>
</tr>";
$array=array();
for($m=0; $row=mysqli_fetch_array($full); $m++)
{
$array[$m]=$row['ArtID'];
echo "<form method='POST' action='checker.php'>";
echo "<tr>";
echo "<td><input class='asd' value='$array[$m]' readonly name='name'></td>";
echo "<td>".$row['Genre']."</td>";
echo "<td>".$row['Extension']."</td>";
echo "<td>".$row['Description']."</td>";
echo "<td><input type='file' name='arts'></td>";
echo "<td><input class='priceinput' name='price' placeholder='Price'></td>";
echo "<td><input type='submit' name='Upload' value='Upload'></td>";
echo "<td><input type='submit' name='Delete' value='Delete'></td>";
echo "</tr>";
echo "</form>";
}
echo "</table>";
;}
PHP code
session_start();
$conn= new mysqli("127.0.0.1", "root", "","projectwork") or die ("Can't connect to db");
if($_POST["Upload"]) {
$price=$_POST["price"];
$id=$_POST["name"];
if ($price!=NULL) {
if (is_uploaded_file($_FILES['arts']['tmp_name'])) {
$imgData = addslashes(file_get_contents($_FILES['arts']['tmp_name']));
$imageProperties = getimageSize($_FILES['arts']['tmp_name']);
$sql = "Update arts SET imageData='".$imgData."', imageType='".$imageProperties['mime']."' WHERE ArtID=".$id."";
$current_id = mysqli_query($conn, $sql) or die("<b>Error:</b> Problem on Image Insert<br/>" . mysqli_error($conn));
}
$insert="UPDATE arts SET Price='".$price."', Is_Done='1' WHERE ArtID=".$id."";
$finalquery=$conn->query($insert);
echo $price." ".$id;
}
Advertisement
Answer
Apart from security flaws in your code you are missing enctype='multipart/form-data' inside the form element.
Try:
echo "<form method='POST' action='checker.php' enctype='multipart/form-data'>";
It will tell the browser you’re sending a file.