On Monday, August 27, 2012 05:15:26 PM Matt Pelmear wrote:
> You are probably having problems with "Array[name]" because of the way
> you are inserting variables into the query.
>
> You're doing this:
> "this is my string with '$_POST[image][name]'."
>
> Instead, try this:
> "This is my string with '{$_POST['image']['name']}' in it."
>
> or this:
> "This is my string with '" . $_POST['image']['name'] , "' in it, using
> the concatenate operator."
>
>
>
> -Matt
>
> On 08/27/2012 04:43 PM, David McGlone wrote:
> > On Monday, August 27, 2012 03:36:41 PM Matt Pelmear wrote:
> >> David,
> >>
> >> Try using $_FILES['image']['name'] (like you do elsewhere in the script)
> >> instead of $_POST['image'] ?
> >>
> > I just your tried suggestion and now it does insert something into the
> >
> > database, but it's inserting "Array[name]" instead of the intended image
> > name.
> >
> > So I believe my first mistake was, I should have realized the line
> > $_FILES['image']['name'] is an array, so of course the image name isn't
> > going to be there until I extract it from the array. Correct?
> >
> >> Also, if you're not just doing a simple test script, you should probably
> >> use mysql_real_escape_string() on your parameters in the query.
> >
> > I started with a simple form and I'm working my way up the ladder, from
> > posting stuff, sticking stuff in a db using stuff like getimagesize(), and
> > then next I'm going to work some more with sanitization of forms and
> > inserted data in the db. :-)
> >
> > By the time I'm done with this, I'm hoping to have a much greater
> > understanding of FILTER_SANITIZE_STRING, getimagesize, and whatever else
> > I
> > would need to know about forms and inserting into db's. :-)
> >
> >> You may want to also look at the alternative mysql drivers, as the API
> >> you're using is planned for deprecation at some point.
> >> http://php.net/manual/en/mysql.php
> >> http://www.php.net/manual/en/mysqlinfo.api.choosing.php (this page
> >> seems to leave out the mysqlnd driver)
> >
> > Thank you for the heads up, I'll most certainly take a look at this.
> >
> > David M.
> >
> >> -Matt
> >>
> >> On 08/27/2012 03:04 PM, David McGlone wrote:
> >>> Hi Everyone
> >>>
> >>> I have written some code that works almost 100% like I expect, but for
> >>> the
> >>> life of me I cannot figure out why the image name is not being inserted
> >>> into the database. I've posted the code on pastebin, can anyone spot
> >>> something amis?
> >>>
> >>> http://pastebin.com/mGBFrxwP
> >>>
> >>> David M.
I got it. All I needed to do was change $_POST[image] to $image in my query
like so:
mysql_query ("INSERT INTO inventory(image, year, make, model, milage, price)
VALUES('$image', '$_POST[year]', '$_POST[make]',
'$_POST[model]', '$_POST[milage]', '$_POST[price]')");
}
I'm sortof stumped as to why though. I'm still pondering it and probably will
all night. I'll probably wake up at 3am and the light bulb will go off in my
head.. LOL
