save the path of image being uploaded on server folder in database

3
votes

here is a script to upload multiple image on server folder and stor their path in database, however the path of the images are getting stored in one column only.

For example: i upload 3 images, image1.jpg, image2.jpg, image3.jpg. These images are supposed to get stored in 3 column i.e offimage1, offimage2, offimage3.

Now problem is that the path of all 3 images are getting stored under offimage1 only. the path that gets stored in offimage1 looks something like this, 

uploads/image1.jpg*uploads/image1.jpgimage2.jpg*uploads/image1.jpgimage2.jpgimage3.jpg

i wish that images should get stored in this way: 

uploads/image1.jpg in colum offimage1 
uploads/image1.jpgimage2.jpg in colum offimage2 
uploads/image1.jpgimage2.jpgimage3.jpg in colum offimage3

html form

 <form enctype="multipart/form-data" action="insert_image.php?id=<?php echo $_GET['id']; ?>" method="post">
        <div id="filediv"><input name="file[]" type="file" id="file"/></div><br/>
        <input type="button" id="add_more" class="upload" value="Add More Files"/>
        <input type="submit" value="Upload File" name="submit" id="upload" class="upload"/>
    </form>

insert_image.php

<?php
ob_start();
require 'connection.php';
if (isset($_POST['submit'])) {
    $j = 0; //Variable for indexing uploaded image 

    $target_path = "uploads/"; //Declaring Path for uploaded images
    for ($i = 0; $i < count($_FILES['file']['name']); $i++) {//loop to get individual element from the array

        $validextensions = array("jpeg", "jpg", "png");  //Extensions which are allowed
        $ext = explode('.', basename($_FILES['file']['name'][$i]));//explode file name from dot(.) 
        $file_extension = end($ext); //store extensions in the variable

        $target_path = $target_path . md5(uniqid()) . "." . $ext[count($ext) - 1];//set the target path with a new name of image
        $j = $j + 1;//increment the number of uploaded images according to the files in array       

      if (($_FILES["file"]["size"][$i] < 100000) //Approx. 100kb files can be uploaded.
                && in_array($file_extension, $validextensions)) {
            if (move_uploaded_file($_FILES['file']['tmp_name'][$i], $target_path)) {//if file moved to uploads folder
                //echo $j. ').<span id="noerror">Image uploaded successfully!.</span><br/><br/>';

                $file_name_all.=$target_path."*";
                $filepath = rtrim($file_name_all, '*'); 
                //echo $filepath;
                $officeid = $_GET['id'];
                $sql = "UPDATE register_office SET offimage='$filepath' WHERE id='$officeid' ";
                            if (!mysqli_query($con,$sql)) 
                                {
                                    die('Error: ' . mysqli_error($con));
                                }

            } else {//if file was not moved.
                echo $j. ').<span id="error">please try again!.</span><br/><br/>';
            }
        } else {//if file size and file type was incorrect.
            echo $j. ').<span id="error">***Invalid file Size or Type***</span><br/><br/>';
        }
    }
    header("Location: co_request_sent.php ");
}
mysqli_close($con); 
?>

would appreciate if someone could help me

1
phphtmlmysqlsqlmysqli
WARNING: When using mysqli you should be using parameterized queries and bind_param to add user data to your query. DO NOT use string interpolation to accomplish this because you will create severe SQL injection bugs.tadman
You're writing an SQL query that says "SET offimage=blah" so of course it will only add to that column. PHP can't just guess the column names you want, you need to tell it the columns in your query. But before you do that, try to think what will happen if they want to upload 5 images, or 10, or 100...miken32
@miken32, i am planning to limit the number of uploads to max 5 image, in sql query i have used only one column because i am not able to understand as how to separate the images in $filepath so as to save in different column, can u plz tel me how it can b donejane

1 Answers

0
votes

The reason your path info for all three images look like one big string:

uploads/image1.jpg*uploads/image1.jpgimage2.jpg*uploads/image1.jpgimage2.jpgimage3.jpg

is because you are looping through the FILES array and concatenating $target_path on each iteration:

$target_path = $target_path . md5(uniqid()) . "." . $ext[count($ext) - 1];

if you want $target_path to hold info only on the current image, reset the variable first by moving:

$target_path = "uploads/";

to inside your for loop (so move it two lines down).

That's the first part of your problem. However, storing information about the images in columns called offimage1, offimage2 etc. is a very bad idea.

This sort of thing should be stored in a row, not a column.

So maybe it's better for you to make a new table called offimages with columns "id", "officeid" and "path".

Now just insert a row for each image (it now doesn't matter how many you end up with) and make sure you link it to your register_office table using the officeid.