The page is basically a form for adding new products to the products table in the database. The form must include image upload as well. The function is supposed to echo the query before inserting any data to the database. However, every time I press on the submit button it doesn't show the query, and the form just resets itself. I tried different solutions, yet they don't work. I changed the form action to a new php page, and still not working. I also tried to use two different browsers, and tried display error codes. Is there something messing in the code?

 <!DOCTYPE>
        <?php
        include("../includes/db.php");

        ?>
        <html>
        <head>
        <title>Insert a Product</title>
        <script src="//tinymce.cachefly.net/4.3/tinymce.min.js"></script>
        <script>tinymce.init({selector:'textarea'});</script>
        </head>
        <body>

        <form name="submit" action="insert_product.php"method="POST"enctype="multipart/from-data">

    <table align="center" width="800">


    <tr align="center">
    <td colspan="8"><h4>Insert New Post Here</h4></td>
    </tr>


    <tr>
    <td align="right"><b>Product Title:</b></td>
    <td><input type="text" name="pro_name" /></td>
    </tr>



    <tr>
    <td align="right"><b>Product Price:</b></td>
    <td><input type="text" name="price"/></td>
    </tr>

    <tr>

    <td align="right"><b>Product Image:</b></td>
    <td><input type="FILE" name="product_image" id="product_image"/></td>
    </tr>

    <tr>
    <td align="right"><b>Product Color:</b></td>
    <td><input type="text" name="Color"/></td>
    </tr>

    <tr>
    <td align="right"><b>Product Location:</b></td>
    <td>
    <select name="location">
    <option>Select a Location</option>
    <?php

    $get_location = "select * from location";

    $run_location = mysqli_query($conn, $get_location);

    while ($row_location=mysqli_fetch_array($run_location)){
    $Loc_name = $row_location['Loc_name'];
    $location_id = $row_location['location_id'];
    echo "<option value='$location_id'>$Loc_name</option>";

    }
    ?>

    </select>
    </td>
    </tr>

    <tr>
    <td align="right"><b>Product Supplier:</b></td>
    <td><input type="text" name="pro_supplier"/></td>
    </tr>

    <tr>
    <td align="right"><b>Product Cost:</b></td>
    <td><input type="text" name="cost"/></td>
    </tr>

    <tr>
    <td align="right"><b>Product Keywords:</b></td>
    <td><input type="text" name="pro_keywords"/></td>
    </tr>
    <tr>
    <td align="right"><b>Product Description:</b></td>
    <td><textarea name="Pro_desc" cols="20" rows="10"/></textarea></td>
    </tr>




    <tr align="center">

    <td colspan="7"><input type="submit" name="submit" value="Insert Product Now"/></td>
    </tr>

    </form>


    </body>





    </html>

    <?php






    if (isset($_POST['submit']) && isset($_FILES['product_image'])){


    $pro_name = $_POST['pro_name'];
    $price = $_POST['price'];
    $Color = $_POST['Color'];
    $cost = $_POST['cost'];
    $pro_desc = $_POST['pro_desc'];
    $pro_keywords = $_POST['pro_keywords'];

    $product_image = $_FILES['product_image']['name'];
    $product_imgtmp = addslashes (file_get_contents($_FILES['product_image']['tmp_name']));



    echo $insert_product =
    "insert into products
    (pro_name, price, Color, cost, Pro_desc, pro_keywords, product_image)
    VALUES
    ('$pro_name','$price','$Color','$cost','$pro_desc','$pro_keywords','$product_image')";


    if ($conn->query($insert_product) === TRUE) {
    echo "New record created successfully";
    } else {
    echo "Error: " . $insert_product . "<br>" . $conn->error;
    }

    }



    ?>

1st create spaces at the form code:

<form name="submit" action="insert_product.php" method="POST" enctype="multipart/from-data">

Then on your PHP code do not echo the operation i.e.

Change this

 echo $insert_product =
    "insert into products
    (pro_name, price, Color, cost, Pro_desc, pro_keywords, product_image)
    VALUES
    ('$pro_name','$price','$Color','$cost','$pro_desc','$pro_keywords','$product_image')";

to this

$insert_product =
        "insert into products
        (pro_name, price, Color, cost, Pro_desc, pro_keywords, product_image)
        VALUES
        ('$pro_name','$price','$Color','$cost','$pro_desc','$pro_keywords','$product_image')";
echo $insert_product;

Edit: After going through the code again and with an even finer tooth comb, have noticed a few more errors. Consult my Edit: also below.

Firstly, have you a typo here, being from instead of form:

enctype="multipart/from-data"
                   ^^^^

which should have read as:

enctype="multipart/form-data"
                   ^^^^

Then your <form name="submit"> and submit button <input type="submit" name="submit" both bear the same name attribute of submit.

• Remove name="submit" from <form>, that's a conflict.

Having added an else{ echo "Something went wrong..."; } to your conditional statement would have fallen into it from the get go.

Error reporting would have also helped you out here.

• http://php.net/manual/en/function.error-reporting.php

Now, whatever is inside db.php is unknown to us. Since you're using the MySQLi API to query with, the connection for it must be the same one, mysqli_ and not mysql_ or PDO, should that be the case.

• Different MySQL APIs do not intermix.

"However, every time I press on the submit button it doesn't show the query"

Your conditional statement:

if (isset($_POST['submit']) 
 && isset($_FILES['product_image']))

is checking if both the submit is pressed AND-&& the file is set.

You may want to use an || (OR) here instead, if that file is ever "not set/empty".

For user provided input, use a conditional !empty(), it's better.

• So, make sure that both conditions are met.

That could be changed to:

if ( isset($_POST['submit']) ){

    // do something in here

 if( !empty($_FILES['product_image']) ){

    // do something else in here
 }
 else{
    // you can do stuff here too for an empty file condition
    }

 }

HTML stickler:

<!DOCTYPE> isn't a proper doctype declaration, and should read as <!DOCTYPE html> as a minimum HTML5-supported method.

Otherwise, consult the following for all valid types:

• https://www.w3.org/QA/2002/04/valid-dtd-list.html

Footnotes:

Your present code is open to an SQL injection. Use mysqli_* with prepared statements, or PDO with prepared statements.

Edit:

Upon looking further at your code:

<textarea name="Pro_desc" and $_POST['pro_desc']. Notice the uppercase P in the name attribute?

Those POST arrays are case-sensitive and again; error reporting would have thrown you something about it, being undefined index pro_desc.

It should read as:

• $_POST['Pro_desc']

Pro tip: Use the same letter-case convention throughout your code. You can quickly get lost into using mixed case variables and they are case-sensitive. My preference has always been to use all lowercase letters for variables, arrays, etc.

• Be careful with that.

Plus, if you're attempting to insert the uploaded file in your database as binary, you will need to escape that data with mysqli_real_escape_string() and setting your column as BLOB or LONGBLOB, depending on the size of the file.

Also make sure that there isn't an file upload constraint size restriction.

Rerences:

• http://dev.mysql.com/doc/en/blob.html
• http://php.net/manual/en/mysqli.real-escape-string.php
• PHP change the maximum upload file size
• http://php.net/manual/en/ini.core.php
• http://php.net/manual/en/features.file-upload.php

Add error reporting to the top of your file(s) which will help find errors.

<?php 
error_reporting(E_ALL);
ini_set('display_errors', 1);

// Then the rest of your code

Sidenote: Displaying errors should only be done in staging, and never production.