So I've hit a bit of a snag. I'm working on a form that uploads an image file to an ftp and creates an entry into mysql with the link to the image as well as a column that would be used to organize and order the images.
I'm getting the following error:
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'order) VALUES( '', '../tattoo/1.jpg', '6')' at line 1
I have tried placing '' around the values and not and I still get the same message. I'm sure the solution is simple and I'm just tired and have been staring at it too long. here is the code
<?php
// Configuration - Your Options
$allowed_filetypes = array('.jpg','.gif','.bmp','.png'); // These will be the types of file that will pass the validation.
$max_filesize = 524288; // Maximum filesize in BYTES (currently 0.5MB).
$upload_path = '../tattoo/'; // The place the files will be uploaded to.
$filename = $_FILES['userfile']['name']; // Get the name of the file (including file extension).
$ext = substr($filename, strpos($filename,'.'), strlen($filename)-1); // Get the extension from the filename.
// Check if the filetype is allowed, if not DIE and inform the user.
if(!in_array($ext,$allowed_filetypes))
die('The file you attempted to upload is not the proper format, please submit a .jpg, .gif, .bmp, or .png');
// Now check the filesize, if it is too large then DIE and inform the user.
if(filesize($_FILES['userfile']['tmp_name']) > $max_filesize)
die('The file you attempted to upload is too large. Max file size is 0.5MB');
// Check if we can upload to the specified path, if not DIE and inform the user.
if(!is_writable($upload_path))
die('You cannot upload to the specified directory, please CHMOD it to 777.');
// Upload the file to your specified path.
if(move_uploaded_file($_FILES['userfile']['tmp_name'],$upload_path . $filename))
echo 'Your file upload was successful, view the file <a href="' . $upload_path . $filename . '" title="Your File">here</a><p>'; // It worked.
else
echo 'There was an error during the file upload. Please try again.'; // It failed :(.
// Add picture listing to mysql
//Include database connection details
include('config.php');
//Connect to mysql server
$mysql = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_DATABASE);
if(!$mysql) {
die('Failed to connect to server: ' . mysql_error());
}
mysql_select_db("sonyaopal", $mysql) or die( "Unable to select database" . mysql_error());
$result = mysql_query ( "SELECT count(*) from tattoos" );
$location = '' . $upload_path . $filename . '';
$order = $result+1;
$insListing_sql = "INSERT INTO tattoos (id, location, order) VALUES('',
'".mysql_real_escape_string("$location")."',
'".mysql_real_escape_string("$order")."')";
$insListing_res = mysql_query($insListing_sql, $mysql)
or die(mysql_error($mysql));
?>
You can edit the below code and try it:
<?php
//getting the filename of the image file.
$filename = $_FILES["image"]["name"];
//directory name to be stored.
$path = "data/mydata";
//uploading the image file with the image file name into the directory.
if(move_uploaded_file($_FILES["image"]["tmp_name"],$path."/".$filename) {
//if the image is stored success into the directory then we are going to store into database.
//the real path with the filename.
$mysql_path = $path."/".$filename;
//sql query to be executed.
$sql = "INSERT INTO `tablename`(`filename`,`path`) VALUES ('$filename','$mysql_path')";
//executing the query.
if(mysql_query($sql)) {
echo 'path inserted into database';
}
else {
echo 'path not inserted into database';
}
}
else {
echo 'file not uploaded';
}
?>
The error is in your INSERT QUERY did you run the Query manually and checked..