Image file upload not working properly

Question

Hi, I am working on a login system which is working pretty good already. Now I decided to add the feature that on registering, a user is able to upload an image to set as his profile picture. My code is mostly done but it doesn't seem to work and I can't figure out why. In the code below I made 2 if statements regarding the image, first I am trying to check if the image is an actual image file and after that I am copying the uploaded image to a folder in my directory, the path gets stated in $avatar when the picture is uploaded and the form gets submitted. When I upload a picture I manage to pass the first if statement but then it gives me the else statement that the file did not got uploaded. When I try to upload a different extension then the ones which are allowed I get no error at all and the script returns a blank screen, no user data gets posted on any of these occasions.

<?php session_start(); ?>

<div class="popupscreen" id="registerpopup">
    <div class="formwrapper">
        <div class="login-form">
        <form action="includes/register.php" method="POST" enctype="multipart/form-data">
            <label class="popuplabel">First-name</label>
            <input name="firstname" placeholder="first-name" class="popupinput" required />

            <label class="popuplabel">Last-name</label>
            <input name="lastname" placeholder="last-name" class="popupinput" required />

            <label class="popuplabel">Email</label>
            <input name="email" placeholder="email" class="popupinput" required />

            <label class="popuplabel">Username</label>
            <input name="username" placeholder="username" class="popupinput" required />

            <label class="popuplabel">Password</label>
            <input name="password" placeholder="password" class="popupinput" required/>

            <label class="popuplabel">Upload profile picture</label>
            <input type="file" name="avatar" accept="image/*" />

            <button class="popupbutton" type="submit">Register</button>
        </form>
            <button onclick="closeregister()" class="popupbutton">Close</button>
    </div>

    </div>
</div>

<?php
require_once('../connect.php');

if(isset($_POST) AND !empty($_POST)){

    $firstname = mysqli_real_escape_string($connection, $_POST['firstname']);
    $lastname = mysqli_real_escape_string($connection, $_POST['lastname']);
    $email = mysqli_real_escape_string($connection, $_POST['email']);
    $username = mysqli_real_escape_string($connection, $_POST['username']);
    $password = password_hash($_POST['password'], PASSWORD_DEFAULT);
    $avatar = mysqli_real_escape_string($connection, 'avatars/'.$_FILES['avatar']['name']);

    $extension = pathinfo($avatar, PATHINFO_EXTENSION);
    if(in_array($extension, array('jpg', 'png', 'jpeg'))){

        if(copy($_FILES['avatar']['tmp_name'], $avatar)){

            $sql = "INSERT INTO `login` (Firstname, Lastname, Email, Username, Password, Avatar) VALUES ('$firstname', '$lastname', '$email', '$username', '$password', '$avatar')";



            $result = mysqli_query($connection, $sql);
            if($result){
                $url = "../index.php";
                $messageok = "User registration succesfull!";
                echo "<script type='text/javascript'>alert('$messageok');</script>";
                echo '<script>window.location = "'.$url.'";</script>';


            }else{
                $url = "../index.php";
                $messagenok = "User registration failed!";
                echo "<script type='text/javascript'>alert('$messagenok');</script>";
                echo '<script>window.location = "'.$url.'";</script>';
            }
        }   else{
                $url = "../index.php";
                $messageok = "Picture was not uploaded to database! plz try again";
                echo "<script type='text/javascript'>alert('$messageok');</script>";
                echo '<script>window.location = "'.$url.'";</script>';
            }
    }else{
                $url = "../index.php";
                $messageok = "Uploaded images must have one of following extensions, jpg, jpeg, png. Please try again!";
                echo "<script type='text/javascript'>alert('$messageok');</script>";
                echo '<script>window.location = "'.$url.'";</script>';
        }
}?>

Answer 1 · 2017-09-30T16:47:09Z

September 30, 2017 4:47pm

I got the script to work on my end by using the move_uploaded_files() function rather than the copy() function.

So, this line (#16): if(copy($_FILES['avatar']['tmp_name'], $avatar)){ Should be: if(move_uploaded_file($_FILES['avatar']['tmp_name'], $avatar)){

That should work, it you have any other errors comment or message me.

Here is the Connect.php script I used, along with the SQL table.

Connect.php

$servername = "localhost";
$username = "root";
$password = "";

// Create connection
$connection = new mysqli($servername, $username, $password, 'imgupload');

// Check connection
if ($connection->connect_error) {
    die("Connection failed: " . $connection->connect_error);
}
echo "Connected successfully";
?>

SQL Pastebin Link

Answer 2 · 2017-09-30T19:47:01Z

September 30, 2017 7:47pm

After escaping all of the form fields, you can manually update the Session Variables.

$_SESSION['Firstname'] = $firstname;
$_SESSION['Lastname'] = $lastname;
$_SESSION['Email'] = $email;

Is that what you are looking for, or do you want to accomplish something different?

Welcome to the Treehouse Community

Looking to learn something new?

Pieter Bracke

Pieter Bracke

Image file upload not working properly

2 Answers

Fletcher Henneman

Fletcher Henneman

Pieter Bracke

Pieter Bracke

Fletcher Henneman

Fletcher Henneman

Pieter Bracke

Pieter Bracke

Fletcher Henneman

Fletcher Henneman