I've tried to add image upload to an already working script that posts a subject and description. For some reason it's failing at the point where I'm using move_uploaded_file

The file name is successfully inserting into the database and the print_r statement is showing that the file is going into /tmp. I've tried to echo and print the $tempname and $folder but they seem to be blank and I don't know why. I'm guessing this is the problem.

My php.ini and httpd.conf and permissions are all good as another upload script written by someone else works fine.

if(isset($_POST['submit']))
{
    $date = date('Y-m-d H:i:s');
    $subject = $_POST['subject'];
    $description = $_POST['description'];

    $upload_dir = './image';
    $filename = $_FILES["choosefile"]["name"];
    $tempname = $_FILES["choosefile"]["temp_name"];
    move_uploaded_file($tempname, "$upload_dir/$filename");
    
    $insert = mysqli_query($db,"INSERT INTO xv.post (subject, description, creation_date, image) VALUES ('$subject', '$description', '$date', '$filename')");
    

    if(!$insert)
    {
        echo mysqli_error();
    }
    else
    {
        print "<p>Here is some more debugging info:</p>";
        print_r($_FILES);
        echo $tempname . $folder;
    }
}

CodePudding user response：

It should be tmp_name instead of temp_name.

So changing to below should do the trick:

$upload_dir = './image';
    $filename = $_FILES["choosefile"]["name"];
    $tempname = $_FILES["choosefile"]["tmp_name"];
    move_uploaded_file($tempname, "$upload_dir/$filename");
    
    $insert = mysqli_query($db,"INSERT INTO xv.post (subject, description, creation_date, image) VALUES ('$subject', '$description', '$date', '$filename')");

CodePudding user response：

please add a print_r to the $_FILES to see the content:

print_r($_FILES);

Provably there is another structure that you have to get.