syntax error, unexpected T_STRING on INSERT command

Is it $UPLOAD_DIR ........?

This is my whole code:

[PHP]<?php require_once('C onnections/PhotoABC.php'); ?>
<?php
if (!function_exis ts("GetSQLValue String")) {
function GetSQLValueStri ng($theValue, $theType, $theDefinedValu e = "", $theNotDefinedV alue = "")
{
$theValue = get_magic_quote s_gpc() ? stripslashes($t heValue) : $theValue;

$theValue = function_exists ("mysql_real_es cape_string") ? mysql_real_esca pe_string($theV alue) : mysql_escape_st ring($theValue) ;

switch ($theType) {
case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValu e) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theV alue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValu e : $theNotDefinedV alue;
break;
}
return $theValue;
}
}

$colname_Record set1 = "-1";
if (isset($_SESSIO N['username'])) {
$colname_Record set1 = $_SESSION['username'];
}
mysql_select_db ($database_Phot oABC, $PhotoABC);
$query_Recordse t1 = sprintf("SELECT user_id FROM `user` WHERE username = %s", GetSQLValueStri ng($colname_Rec ordset1, "text"));
$Recordset1 = mysql_query($qu ery_Recordset1, $PhotoABC) or die(mysql_error ());
$row_Recordset1 = mysql_fetch_ass oc($Recordset1) ;
$totalRows_Reco rdset1 = mysql_num_rows( $Recordset1);

//define constant for the maximum upload
define ('MAX_FILE_SIZE ', 100000);

if (array_key_exis ts('upload', $_POST)) {

//define constant for upload folder
define('UPLOAD_ DIR', 'C:\htdocs\Phot oABC\upload_tes t\\');

//replace any spaces with underscore
//also assign to simple variable
$file = str_replace(' ', '_', $_FILES['image']['name']);

//convert the max size to KB
$max = number_format(M AX_FILE_SIZE/1024,1).'KB';

//create variable of correct file typr
$correct = array('image/jpeg','image/pjpeg');

// begin by saying file is unacceptable
$sizeOK = false;
$typeOK = false;

//check file is correct size
if ($_FILES['image']['size'] > 0 && $_FILES['image']['size'] <=MAX_FILE_SIZE ){
$sizeOK = true;
}

//check file is correct type
foreach ($correct as $type){
if($type == $_FILES['image']['type']){
$typeOK = true;
break;
}
}

if ($sizeOK && $typeOK){
switch($_FILES['image']['error']){
case 0:



//.$_SESSION['MM_Username']
if (!is_dir(UPLOAD _DIR.$_SESSION['MM_Username'])){
mkdir(UPLOAD_DI R.$_SESSION['MM_Username']);
}


//move file to the upload folder and rename it
//get date and time
ini_set('date.t imezone', 'Europe/Dublin');
$now = date('Y-m-is-');

$success = move_uploaded_f ile($_FILES['image']['tmp_name'], UPLOAD_DIR.$_SE SSION[ 'MM_Username'].'/'.$now.$_SESSIO N['MM_Username'].'-'.$file);

//copy image to database ????
INSERT INTO gallery (user_id, image_name)
VALUES ($RecordsetUser ID,
UPLOAD_DIR.$_SE SSION['MM_Username'].'/'.$now.$_SESSIO N['MM_Username'].'-'.$file);




if ($success){
$result= "$file uploaded successfully";
}

break;
}
}
elseif ($_FILES['image']['error'] == 4){
$result = 'No file selected';
}
else {
$result = "$file cannot be uploaded. Maximum size: $max. Acceptable file types: jpg";
}
}

mysql_free_resu lt($Recordset1) ;
?>
[/PHP]

Maybe i am not using the SQL correctly for the insert query?

You certainly are not using it correcly. A MySQL INSERT statement is ususally issued (in PHP) using the mysql_query() command.

So in your case it would be something like[php]$result=mysql_q uery("INSERT INTO gallery (user_id, image_name) VALUES ( .... etc )"
or die("Error in INSERT: ".mysql_error() );[/php]Ronald

Thanks for your reply.
I have tried this and still not having any luck.
I am just trying to save the name of the uploaded image into a database.
Any suggestions on how I might go about this?

Show the INSERT statement as you have it now and that does not work. (I almost bet that you did not include the value of the second field within quotes.)

Ronald

[php]$sql = "SELECT 'user_id' FROM 'user' ";
$result = mysql_query($sq l) or die (mysql_error()) ;

$result=mysql_q uery("INSERT INTO gallery (user_id, image_name) VALUES ($result,$succe ss)"
or die("Error in INSERT: ".mysql_error() );[/php]

If u look at my code I am trying to create a recordset so that I can add the user_id to the database as well...and the name of my file is in the varible $success. u can see this around line 94 of my code.

Thanks for any help

Code as it is now

[PHP]<?php
//define constant for the maximum upload
define ('MAX_FILE_SIZE ', 100000);

if (array_key_exis ts('upload', $_POST)) {

//define constant for upload folder
define('UPLOAD_ DIR', 'C:\htdocs\Phot oABC\upload_tes t\\');

//replace any spaces with underscore
//also assign to simple variable
$file = str_replace(' ', '_', $_FILES['image']['name']);

//convert the max size to KB
$max = number_format(M AX_FILE_SIZE/1024,1).'KB';

//create variable of correct file typr
$correct = array('image/jpeg','image/pjpeg');

// begin by saying file is unacceptable
$sizeOK = false;
$typeOK = false;

//check file is correct size
if ($_FILES['image']['size'] > 0 && $_FILES['image']['size'] <=MAX_FILE_SIZE ){
$sizeOK = true;
}

//check file is correct type
foreach ($correct as $type){
if($type == $_FILES['image']['type']){
$typeOK = true;
break;
}
}

if ($sizeOK && $typeOK){
switch($_FILES['image']['error']){
case 0:



//.$_SESSION['MM_Username']
if (!is_dir(UPLOAD _DIR.$_SESSION['MM_Username'])){
mkdir(UPLOAD_DI R.$_SESSION['MM_Username']);
}


//move file to the upload folder and rename it
//get date and time
ini_set('date.t imezone', 'Europe/Dublin');
$now = date('Y-m-is-');

$success = move_uploaded_f ile($_FILES['image']['tmp_name'], UPLOAD_DIR.$_SE SSION[ 'MM_Username'].'/'.$now.$_SESSIO N['MM_Username'].'-'.$file);

//copy image to database ????
//$sql = "SELECT 'user_id' FROM 'user' ";
//$result = mysql_query($sq l) or die (mysql_error()) ;

//$result=mysql_q uery("INSERT INTO gallery (user_id, image_name) VALUES ($result,$succe ss)"
//or die("Error in INSERT: ".mysql_error() );


//$query = "INSERT INTO gallery (user_id,image_ name) VALUES ($result,$succe ss)";
//$queryresult = mysql_query($qu ery) or die (mysql_error()) ;




if ($success){
$result= "$file uploaded successfully";
}

break;
}
}
elseif ($_FILES['image']['error'] == 4){
$result = 'No file selected';
}
else {
$result = "$file cannot be uploaded. Maximum size: $max. Acceptable file types: jpg";
}
}
?>[/PHP]

This statement is nonsense. You take the result of the move_uploaded.. .() command (which is an error or an okay) and want to insert that as the name of the image file into your database.

Ronald

yeah I am getting myself confused.
How then do I get the name of the file that was just uploaded and renamed. I am at a loss really...

Save it in a variable like[php]$v=UPLOAD_DIR.$ _SESSION['MM_Username'].'/'.$now.$_SESSIO N['MM_Username'].'-'.$file;[/php]
Then use that variable in your INSERT statement, like[php]$resins=mysql_q uery("INSERT INTO gallery (user_id, image_name) VALUES ($result,'$v')"
//or die("Error in INSERT: ".mysql_error() );[/php]
Ronald

Thank u again for your help....
This is my code now.

[PHP]$v=UPLOAD_DIR.$ _SESSION['MM_Username'].'/'.$now.$_SESSIO N['MM_Username'].'-'.$file;

//copy image to database
$resins=mysql_q uery("INSERT INTO gallery (user_id, image_name) VALUES ($Recordset1,'$ v'")
or die("Error in INSERT: ".mysql_error() );[/PHP]


What i have done is created a recordset with dreamweaver call Recordset1...th is holds user_id from the user DB.
Can I use this $Recordset1 as my varible in my INSERT query or do I need to extract the information some how?
And I am getting an error :
"Error in INSERT: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'id #6,'C:\htdocs\P hotoABC\upload_ test\Jordan/2008-03-2022-Jordan-CompeteHome_03. ' at line 1"

Looking at the INSERT part of the code (NOT the other part) it looks like you need something like the following to

(a) get the correct userid, repace the ??? in that statement with the correct WHERE user_id=xxxxx, (probably $_SESSION['MM_username']??

(b) Insert the name of the image into a row
[php]//copy image to database
$sql = "SELECT user_id FROM user ??????????????? ? ";
$result = mysql_query($sq l)
or die (mysql_error()) ;
if (mysql_num_rows ($result) > 0) {
$row=mysql_fetc h_assoc($result );
$userid=$row['user_id'];
$v=UPLOAD_DIR.$ _SESSION['MM_Username'].'/'.$now.$_SESSIO N['MM_Username'].'-'.$file;
$resins=mysql_q uery("INSERT INTO gallery (user_id, image_name) VALUES($userid, '$v'")
or die("Error in INSERT: ".mysql_error() );
}[/php]Ronald

[PHP]$v=UPLOAD_DIR.$ _SESSION['MM_Username'].'/'.$now.$_SESSIO N['MM_Username'].'-'.$file;

//copy image to database

$sql = "SELECT user_id FROM user WHERE username = $_SESSION['MM_username']";
$queryresult = mysql_query($sq l)
or die (mysql_error()) ;
if (mysql_num_rows ($queryresult) > 0) {
$row=mysql_fetc h_assoc($queryr esult);
$userid=$row['user_id'];

$resins=mysql_q uery("INSERT INTO gallery (user_id, image_name) VALUES ($userid,'$v'")
or die("Error in INSERT: ".mysql_error() );
[/PHP]

Getting an error on line 5.
I think i am just missing some ' '.
Does this code look more like what I need now?

User_id is (most probably) a character type field, so you must enclose any value to be used with that field, between quotation marks, like[[php]$sql = "SELECT user_id FROM user WHERE user_id = '".$_SESSION['MM_username']."'";[/php]If it is a char field, then the same goes for line 12 statement.

Ronald