Cannot pass variables?

Can someone help? Below is a simple script I have created via an online tutorial which should upload an image to a database table entitled ‘store’. The table has four fields namely ‘id’, ‘username’, ‘name’, ‘image’. It is pivotal that a person’s username is stored, for retrieval purposes. The ‘username’ is fed to this script via a hidden variable namely ‘$_POST[‘username’] in an html form. It appears that the script receives the variable because if I append the variable to another variable and echo it the username appears, for example ‘ $test = $_POST[‘username’]; echo $test’, but if I place the Stest variable in the mysql INSERT query the username does not appear in the table. What’s wrong?


File: <?php // connect to database $test = $_POST['username']; $username="********"; $password="********"; $database="*********"; mysql_connect("sql*",$username,$password); @mysql_select_db($database) or die( "Unable to select database");

// file properties

$file = $_FILES[‘image’][‘tmp_name’];

if (!isset ($file))

echo “Please select an image”;

$image = addslashes(file_get_contents($_FILES[‘image’][‘tmp_name’]));
$image_name = addslashes ($_FILES[‘image’][‘name’]);
$image_size = getimagesize($_FILES[‘image’][‘tmp_name’]);
if ($image_size == FALSE)

echo “That is not an image”;

if (!$insert = mysql_query(“INSERT INTO store VALUES(’’, ‘$test ,’$image_name’,’$image’)”))
echo “Problem uploading image”;
$lastid = mysql_insert_id();
echo “Image uploaded

<img src=get.php?id=$lastid>”;




You have a missing quote after $test

[php]“INSERT INTO store VALUES(’’, ‘$test’,’$image_name’,’$image’)”[/php]

Thanks for sharinfg this information, really useful and helpful. I do notice that there quite alot of spam here. but its a good thing that this is still quite clean.

Sponsor our Newsletter | Privacy Policy | Terms of Service