Uploading Avatar to User

admin2gd1

I am having a little problem with my code here. The only thing that works from this is creating the directory to place the image file for the users avatar. The file will not upload and because of that my error messages can not be correct.

If I was to just click on save I should be getting a message saying no file selected but I don't. When I do upload on any image format, it gives me (Not a valid image format. Only jpeg, jpg, gif and png please.) Also it doesn't update my database with the filename of the image the user is uploading.

Previewing the avatar works so don't need to correct that.

<form action="change-avatar.php?mode=update" method="post" enctype="multipart/form-data" style="border:0px; padding:0px; margin:0px;">
<?php
if ( (isset($_GET['mode'])) && ($_GET['mode'] == "update") ){
	$username = (isset($_POST['username'])) ? serialize($_POST['username']) : '';

///// Upload Avatar /////
$picname = str_replace(" ","_",$_POST['name']);
if ($_FILES['image']['error'] == UPLOAD_ERR_OK){
	$tmp_name = $_FILES["image"]["tmp_name"];
	$image = $_FILES["image"]["name"];
	$image = preg_replace("/([^a-z0-9])+/i", "-", $name);
	$imageTypes = array ('jpeg', 'jpg', 'JPEG', 'JPG', 'gif', 'GIF', 'png', 'PNG');
	$position = strlen($image) - (strpos($image, '.'));
	$extension = substr($image, -$position+1, $position);
	$newname = str_replace(" ","_",$name);
	if (! is_dir("../photos/users/{$session->username}/")) { mkdir("../photos/users/{$session->username}/",0777); }
	if ((in_array(strtolower($extension), $imageTypes)) && getimagesize($tmpName)) {
		$saveDirectory = '../photos/users/{$session->username}/$name';
		$sqlphoto = "UPDATE users SET photo = '".$image."' WHERE username = '$session->username'";
		if (move_uploaded_file($tmpName, $saveDirectory . $name)) {
		if (chmod($saveDirectory, 0777)) {
			$msg = "Avatar Successfully Uploaded!";
		}else{
			$msg = "There was an error whilst uploading the file.";
		}
		}
	}else{
		$msg = "Not a valid image format. Only jpeg, jpg, gif and png please.";
	}
} elseif ($_FILES['image']['error'] == UPLOAD_ERR_INI_SIZE) {
	$msg = "File size exceeded maximum upload file size.";
} elseif ($_FILES['image']['error'] == UPLOAD_ERR_PARTIAL) {
	$msg = "The file was only partially uploaded.";
} elseif ($_FILES['image']['error'] == UPLOAD_ERR_NO_FILE) {
	$msg = "No File was selected to be uploaded.";
} elseif ($_FILES['image']['size'] > 5000) {
	$msg = "File exceeds maximum file size of 50kb. File not uploaded.";
}
}
?>
	<?php if (isset($msg)) echo '<h3>'.$msg.'</h3>'; ?>
	<input class="textbox" name="image" type="file" size="30">
	<input class="save" name="submit" type="submit" value="<? echo getLang('save'); ?>"><br><br>
<?php
$sql = mysql_query("SELECT * FROM users WHERE username='$session->username'");
while($row = mysql_fetch_array($sql)){
	$Susername = $row['username'];
	$Sphoto = $row['photo'];
	}
?>
	Preview<br>
	<? if(file_exists("../photos/users/$Susername/$Sphoto")){ ?>
	<img class="photo" src="../photos/users/<? echo "$session->username"; ?>/<? echo "$Sphoto"; ?>" alt="">
	<? }else{ echo "<img class='photo' src='$SITEurl/images/100_noavatar.jpg' height='100' width='100'>"; } ?>
	</div>
	</form>