Question : Upload image to server functions - insert path to MySQL fails. Why?

The following script successfully uploads an image file to '../My_ART/'
But it fails to INSERT the path into the database.

Instead I get this error and I can't figure out why.
"Error, query failed : You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'WHERE eMail ='[email protected]' AND password ='xxxx' (name, size, ' at line 1"

Can anyone tell me how to fix it???
Thanks in advance.
1:
2:
3:
4:
5:
6:
7:
8:
9:
10:
11:
12:
13:
14:
15:
16:
17:
18:
19:
20:
21:
22:
23:
24:
25:
26:
27:
28:
29:
30:
31:
32:
33:
34:
35:
36:
37:
38:
39:
40:
41:
42:
43:
44:
45:
<P> 
<form method="post" enctype="multipart/form-data">
<table width="350" border="1" cellpadding="1" cellspacing="1" class="box">
<tr>
<td width="246">

<input type="hidden" name="MAX_FILE_SIZE" value="2000000">
<input name="userfile" type="file" id="userfile">
</td>
<td width="80"><input name="upload" type="submit" class="box" id="upload" value=" Upload "></td>
</tr>
</table>
</form>
<P><HR><P>

<?php
include "../../dbdbdbdbdbdb.inc";
$uploadDir = '../My_ART/';

if(isset($_POST['upload']))
{
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];

$filePath = $uploadDir . $fileName;

$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}
 if(!get_magic_quotes_gpc())
{
$fileName = addslashes($fileName);
$filePath = addslashes($filePath);
}
$query = "INSERT INTO MyTable WHERE eMail ='[email protected]' AND password ='xxxx' (name, size, type, path)";
          "VALUES ('$fileName', '$fileSize', '$fileType', '$filePath')";
mysql_query($query) or die('<font color=RED>Error, query failed : ' . mysql_error());

echo "<br>Files uploaded<br>";
}
?>

Answer : Upload image to server functions - insert path to MySQL fails. Why?

Random Solutions  
 
programming4us programming4us