#1
  1. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    15
    Rep Power
    0

    Unable to display image stored in database


    Hi everyone,
    I am trying to make a PHP program that takes as input an image from users, stores it in a database & whenever the user wants to see the image it displays it.
    But it is not displaying the image as only image filename is stored in the database; not its path.
    move_uploaded_file()
    is not working.
    Here's the code:
    PHP Code:
    <html>
    <head>
      <title>Guitar Wars - Add Your High Score</title>
      <link rel="stylesheet" type="text/css" href="style.css"/>
    </head>
    <body>
        <?php
         define
    ('GW_UPLOADPATH''../../../apache/images/');
         
    $score '';
         
    $name '';
         
    $screenshot '';    
         
    $output_screen false;
         if(isset(
    $_POST['submit']))
         {
        
    $score $_POST['score'];
        
    $name $_POST['name'];
        
    $screenshot $_FILES['screenshot']['name'];
        if((!empty(
    $score)) && (!empty($name)) && (!empty($screenshot)))
        {
           
    $output_screen true;
               
    $target GW_UPLOADPATH $screenshot;
           if(
    move_uploaded_file($_FILES['screenshot']['tmp_name'], $target))
           {
                  
    $db mysqli_connect('localhost''root''''elvis_store')
              or die(
    'Error connecting to database');
              
              
    $query "INSERT INTO guitarwars VALUES(0, NOW(), '$name', '$score', '$screenshot')";
           
              
    $result mysqli_query($db$query)
              or die(
    'Error updating database');
           
              
    mysqli_close($db);

              echo 
    '<p>Thanks for adding your new high score!</p>';
              echo 
    '<p><strong>Name: </strong>' $name '<br/>';
              echo 
    '<strong>Score: </strong>' $score '<br/>';
              echo 
    '<img src="'GW_UPLOADPATH $screenshot .'" alt="Score Image"/></p>';
          }  
          else
          {
              echo 
    'File not moved';
          }
        }
        else
        {
           
    $output_screen false;
           echo 
    '<p>Please fill all the details.</p>';
        }
         } 
         if(!
    $output_screen)
         {    
       
    ?>
      <p><b>Guitar Wars- Add Your High Score<b></p>
      <hr/>
      <form enctype="multipart/form-data" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
       <!-- Places a restraint on upload field -->
       <input type="hidden" name="MAX_FILE_SIZE" value="32"/>
       <label for="name">Name:</label>
       <input id="name" name="name" type="text"  value="<?php echo $name?>"/><br/> 
       <label for="score">Score:</label>
       <input id="score" name="score" type="text" value="<?php echo $score?>"/><br/>
       <label for="screenshot">Screenshot:</label>
       <input id="screenshot" name="screenshot" type="file" value="<?php echo $screenshot?>"/><br/>
       <hr/>
       <input id="submit" name="submit" type="submit" value="Add"/>
      </form>
      
      <?php
         
    }
      
    ?>
       
    </body>
    </html>
    When I try to add an image to database, it shows File not moved.
    Thanx..
  2. #2
  3. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    Hi,

    is the path correct? have you checked the file permissions?

    If you log the PHP errors somewhere (which you should), then check the exact error message. If you don't, add that.

    Note that your code is wide open to SQL and JavaScript injections. Read the link in my signature to avoid those mistakes.

    It's a bit sad that you use the new MySQLi extension with all its great security features, yet you continue to dump your variables into the query strings.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".
  4. #3
  5. No Profile Picture
    Registered User
    Devshed Newbie (0 - 499 posts)

    Join Date
    Jan 2013
    Posts
    15
    Rep Power
    0
    PHP Code:
     if(move_uploaded_file($_FILES['screenshot']['tmp_name'], $target)) 
    This if statement is not getting executed. please help...
  6. #4
  7. --
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Jul 2012
    Posts
    3,957
    Rep Power
    1046
    You said that already. And I gave you a reply.
    The 6 worst sins of security ē How to (properly) access a MySQL database with PHP

    Why canít I use certain words like "drop" as part of my Security Question answers?
    There are certain words used by hackers to try to gain access to systems and manipulate data; therefore, the following words are restricted: "select," "delete," "update," "insert," "drop" and "null".

IMN logo majestic logo threadwatch logo seochat tools logo