error for uploading image

Hey. I am pretty new to php, but I am trying my best.
I made a form for a website where the user has to write down his name, surname, email, upload image and add a comment. [code]

Name:
Surname:
E-mail:
Image:
Comment:

[/code]

Then I went to phpmyadmin and created a table called “competition” where I made columns for name, surname,email,image and comments.

Then I linked the form file to my php file (which seems to have errors). I checked the code like thousands of times but I can’t find the mistake :frowning:
When I fill in the form and test it, the error: “The image must be a GIF, JPEG, or PNG image file no greater than 32 KB in size.” occurs. But I did upload a .jpg image and it is smaller than 32KB.

[php]<?php

// Connect to the database
$connection = mysql_connect(“host”,“user” , “password”);

if(!$connection){
die("Database connection failed: " .
mysql_error());

}
$db_select =
mysql_select_db(“database”,$connection);

if(!$db_select){
die("Database selection failed: " .
mysql_error());
}

define(‘GW_UPLOADPATH’, ‘images/’);
define(‘GW_MAXFILESIZE’, ‘32768’);

if (isset($_POST[‘submit’])) {
$name = $_POST[‘name’];
$surname = $_POST[‘surname’];
$email = $_POST[‘email’];
$comment = $_POST[‘comment’];
$image = $_FILES[‘image’][‘name’];
$image_type = $_FILES[‘image’][‘type’];
$image_size = $_FILES[‘image’][‘size’];

if (!empty($name) && !empty($surname) && !empty($email)  && !empty($comment) && !empty($image)) {
  if ((($image_type == 'image/gif') || ($image_type == 'image/jpg') || ($image_type == 'image/pjpeg') || ($image_type == 'image/png'))
    && ($image_size > 0) && ($image_size <= GW_MAXFILESIZE)) {
    if ($_FILES['image']['error'] == 0) {
      // Move the file to the target upload folder
      $target = GW_UPLOADPATH . $image;
      if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) {

// Write the data to the database
$query = “INSERT INTO competition (name, surname, email, image, comment)”.
“VALUES(’$name’, ‘$surname’, ‘$email’, ‘$image’, ‘$comment’)”;
//show data
$result= mysqli_query($connection, $query)
or die(‘error querying database.’);
//close the connection
mysqli_query($connection, $query);

        // Confirm success with the user
        echo '<p>Thanks for adding your image! It has been uploaded successfully to the gallery.</p>';
        echo '<p><strong>Name:</strong> ' . $name . '<br />';
        echo '<strong>Surname:</strong> ' . $surname . '<br />';
		echo '<p><strong>E-mail:</strong> ' . $email . '<br />';
        echo '<img src="' . GW_UPLOADPATH . $image . '" alt="Image" /></p>';
		echo '<p><strong>Comment:</strong> ' . $comment . '<br />';
        echo '<p><a href="gallery.html">&lt;&lt; Go to the gallery</a></p>';

      }
      else {
        echo '<p class="error">Sorry, there was a problem uploading your image.</p>';
      }
    }
  }
  else {
    echo '<p class="error">The image must be a GIF, JPEG, or PNG image file no greater than ' . (GW_MAXFILESIZE / 1024) . ' KB in size.</p>';
  }
}
else {
  echo '<p>Please enter all of the information to add your image.</p>';
}

}
?>[/php]

The issue is going to lay with how you are doing you if() to check the image type. Honestly the script is not written very well and is not secure at all. I would suggest watching this tutorial series and rewriting what you have.
http://www.youtube.com/watch?v=RiuLBrEFhfk

Sponsor our Newsletter | Privacy Policy | Terms of Service