Click here to Skip to main content
14,333,606 members
Rate this:
Please Sign up or sign in to vote.
See more:
i am trying to save image in the picture folder .
Notice: Undefined index: img in C:\xampp\htdocs\image\index.php on line 9

Notice: Undefined index: image in C:\xampp\htdocs\image\index.php on line 14

this error is shown every time.

What I have tried:

dbconfig.php
<?php
//all the variables defined here are accessible in all the files that include this one
$con= new mysqli('localhost','root','','project') or die("Could not connect to mysql".mysqli_error($con));
mysqli_select_db($con,"image");

?>







INDEX.PHP

include('dbconfig.php');
if (isset($_POST['submit']))
 {
	$name=$_POST['name'];
	$img=$_FILES['img']['name'];

	$result="INSERT into images values('null','$name','$img')";
       if (mysqli_query($con, $result))
          {
		       move_uploaded_file($_FILES['image']['temp_name'], "picture/$img");
		     echo "<script>
                  alert('image upload to folder')
                </script>";
            }

              else

          {
	                echo "<script>
                   alert('image does not upload to folder')
                   </script>";
           }

}	

?>

<html>
<head>
	<title>image upload into folder using php</title>
</head>
<body>
<form action="index.php" method="post" enctype="mutlipart/form-data">
	<label>name:</label>
	<input type="text" name="name"><br><br>
	<br>

	<label>select image to upload:</label>
	<input type="file" name="img"><br>

	<input type="submit" name="submit" value="upload picture">
</form>
</body>
</html>
Posted
Updated 18-Apr-19 18:57pm
Rate this:
Please Sign up or sign in to vote.

Solution 2

Quote:
Notice: Undefined index: img in C:\xampp\htdocs\image\index.php on line 9
Notice: Undefined index: image in C:\xampp\htdocs\image\index.php on line 14

There is no code in lines 9 and 14 of your index.php. Which lines are 9 and 14 ?
Advice; use the debugger to see which index exist in the variables.

$result="INSERT into images values('null','$name','$img')";

Never build an SQL query by concatenating strings. Sooner or later, you will do it with user inputs, and this opens door to a vulnerability named "SQL injection", it is dangerous for your database and error prone.
A single quote in a name and your program crash. If a user input a name like "Brian O'Conner" can crash your app, it is an SQL injection vulnerability, and the crash is the least of the problems, a malicious user input and it is promoted to SQL commands with all credentials.
SQL injection - Wikipedia[^]
SQL Injection[^]
SQL Injection Attacks by Example[^]
PHP: SQL Injection - Manual[^]
SQL Injection Prevention Cheat Sheet - OWASP[^]
How can I explain SQL injection without technical jargon? - Information Security Stack Exchange[^]
   
v2
Rate this:
Please Sign up or sign in to vote.

Solution 1

There is a typo in the markup, the enctype should be enctype="multipart/form-data" and not enctype="mutlipart/form-data"
   

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)




CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100