Skip to content
Advertisement

How to update mysqli field if the value is not empty

I am trying to update a specific value from my table getting them as row from a table let’s say the name but the problem is the image, cause i can’t pass a value to an input field type = file
I need to update the value in the database only if there is a value to change if not don’t change the value that already is there.
My query looks like this and i would like to know what i can change to update image value only if there is a value

//image upload + validation
$file          = $_FILES['image'];
$file_name     = $_FILES['image']['name'];//file name
var_dump($file_name);
$file_location = $_FILES['image']['tmp_name']; //temporary location
$file_size     = $_FILES['image']['size'];// size
$file_error    = $_FILES['image']['error'];// error 0 if no error or 1 if there is an error

$temp_extension = explode('.',$file_name);//explode from . file extension, we have file name and extension
$file_extension = strtolower(end($temp_extension)); // extension name (end return the last element of the array)
$allowed_extensions = array('jpg', 'jpeg', 'png', 'pdf');

if (empty($file_name)) {
    if (in_array($file_extension, $allowed_extensions)) {
        if ($file_error === 0) {
            if ($file_size < 15728640) { //15728640b(bytes binary)  15mb mediumblob
                $new_file_name = uniqid('',true).".".$file_extension;
                // var_dump($new_file_name);
                $file_destination = dirname(__FILE__, 2)."/images/".$new_file_name;
                move_uploaded_file($file_location, $file_destination);

            }else {
                echo "Sorry your file size it's too big!";
            }
        }else {
            echo "Sorry, there was an error, try again";
        }
    }else {
        echo "Sorry, your file type is not accepted";
    }

}

if(is_array($row)) {
    $sql = "UPDATE `accommodation` SET `name` = '{$_POST['name']}', `image` = '$new_file_name', `description` = '{$_POST['description']}', `adress` = '{$_POST['adress']}', `link` = '{$_POST['link']}' WHERE `id` = '{$_POST['id']}'";
    mysqli_query(get_connection(), $sql);
    var_dump($sql);
    // header("Location: admin.php?page=accommodation_list");
}else{
    $conn = get_connection();
    $sql = "INSERT INTO `accommodation` (`name`, `image`, `description`, `adress`, `link`) VALUES ('{$_POST['name']}', '$new_file_name', '{$_POST['description']}', '{$_POST['adress']}', '{$_POST['link']}')";
    mysqli_query($conn, $sql);
    $accommodation_id = mysqli_insert_id($conn);
    header("Location: admin.php?page=room_add_edit");

}//end if else

This is the query that i need to change but i don’t know how….

 $sql = "UPDATE `accommodation` SET `name` = '{$_POST['name']}', `image` = '$new_file_name', `description` = '{$_POST['description']}', `adress` = '{$_POST['adress']}', `link` = '{$_POST['link']}' WHERE `id` = '{$_POST['id']}'";

I am aware of SQL injection but first i need this query to work then i will work on SQL injection, and i typed address as adress and i have to change that too.

I have changed the code to this but i don’t know if it’s a good way to do it

//image upload + validation
$file          = $_FILES['image'];
$file_name     = $_FILES['image']['name'];//file name
var_dump($file_name);
$file_location = $_FILES['image']['tmp_name']; //temporary location
$file_size     = $_FILES['image']['size'];// size
$file_error    = $_FILES['image']['error'];// error 0 if no error or 1 if there is an error

$temp_extension = explode('.',$file_name);//explode from . file extension, we have file name and extension
$file_extension = strtolower(end($temp_extension)); // extension name (end return the last element of the array)
$allowed_extensions = array('jpg', 'jpeg', 'png', 'pdf');

if (!empty($file_name)) {
    if (in_array($file_extension, $allowed_extensions)) {
        if ($file_error === 0) {
            if ($file_size < 15728640) { //15728640b(bytes binary)  15mb mediumblob
                $new_file_name = uniqid('',true).".".$file_extension;
                // var_dump($new_file_name);
                $file_destination = dirname(__FILE__, 2)."/images/".$new_file_name;
                move_uploaded_file($file_location, $file_destination);
                $text1 = "`image` = '$new_file_name',";
            }else {
                echo "Sorry your file size it's too big!";
            }
        }else {
            echo "Sorry, there was an error, try again";
        }
    }else {
        echo "Sorry, your file type is not accepted";
    }
}else {
   $text1 = ""; 
}

if(is_array($row)) {
    $sql = "UPDATE `accommodation` SET `name` = '{$_POST['name']}', $text1 `description` = '{$_POST['description']}', `adress` = '{$_POST['adress']}', `link` = '{$_POST['link']}' WHERE `id` = '{$_POST['id']}'";
    mysqli_query(get_connection(), $sql);
    var_dump($sql);
    // header("Location: admin.php?page=accommodation_list");
}

Advertisement

Answer

you can simply check the file uploaded or not using a third variable. If file uploaded than save new file name otherwise save the old file name. So you will not lose your file on update. I am assuming you are getting whole row data in $row so check below code

$is_file_uploaded = 0;
if (empty($file_name)) {
    if (in_array($file_extension, $allowed_extensions)) {
        if ($file_error === 0) {
            if ($file_size < 15728640) { //15728640b(bytes binary)  15mb mediumblob
                $new_file_name = uniqid('',true).".".$file_extension;
                // var_dump($new_file_name);
                $file_destination = dirname(__FILE__, 2)."/images/".$new_file_name;
                move_uploaded_file($file_location, $file_destination);
                $is_file_uploaded = 1;
            }else {
                echo "Sorry your file size it's too big!";
            }
        }else {
            echo "Sorry, there was an error, try again";
        }
    }else {
        echo "Sorry, your file type is not accepted";
    }

    if(is_array($row)) {
        $new_file_name = ($is_file_uploaded == 1) ? $new_file_name : $row['image'];
        //your code
    }
}
User contributions licensed under: CC BY-SA
1 People found this is helpful
Advertisement