Image upload in a database directory

i am little bit problem in Image upload in a database directory.image upload my avatar folder and can't show my page becouse problem is that in database id, username table show my data but imagelocation table can't show my directory.please any one told me that, what is the problem in my code and correct it specify line

upload.php

<?php

 include("connecton.php");


 $_SESSION['username']="kyle";

 $username = $_SESSION['username'];



  if($_POST['submit'])
  {


      //get file attribute

      $name = $_FILES['myfile']['name'];
      $tmp_name = $_FILES['myfile']['tmp_name'];


      if($name)
      {

          //start upload process

           $location = "avatars/$name";  
           move_uploaded_file($tmp_name,$location);

           $query = mysql_query("UPDATE users SET imagelocation='$location' WHERE username='$username'");

           die("Your avatar has been uploaded! <a hre开发者_JAVA百科f='view.php'>HOme</a>");
      }
      else
       die("Please select a file");


  }





 echo "Welcome, ".$username."!<p>";

 echo "Upload Your Image:

<form action='upload.php' method='POST' enctype='multipart/form-data'> 

  File: <input type='file' name='myfile'> <input type='submit' name='submit' value='upload!'>

  </form>

 ";

?>

view.php

<?php

   include("connecton.php");

   $username = $_SESSION['username'];

   $query = mysql_query("SELECT * FROM users WHERE username='$username'");

   if (mysql_num_rows($query)==0)

   die ("User not found");
   else
   {

       $row = mysql_fetch_assoc($query);
       $location = $row['imagelocation'];

       echo "<img src='$location' width='100' height='100'>";


   }

?>

a) You do not check if the upload succeeded. At least do something like:

if ($_FILES['myfile']['error'] === UPLOAD_ERR_OK) {
     ... upload went ok
}

b) You're using the original user's filename to store it on your server, and you do not sanitize the filename. THere is NOTHING to prevent a malicious user from setting a filename such as ../../../../../../../../../some/critical/system/file, which your script will then happily overwrite.

c) You do not check of the move_uploaded_file() succeeded:

if (!move_uploaded_file(...)) {
     die("Move failed!")
}

d) You do not check if the database query succeeded:

$stmt = mysql_query(...)
if ($stmt === FALSE) {
     die("MySQL query failed: " . mysql_error());
}

e) You've not sanitized the $filename, so again a malicious user can subvert your query and directly attack your database with SQL injection attacks.

f) You're doing a SELECT * FROM... to get the image's location. Are you sure your table contains an 'imagelocation' row? YOU didn't check if the insert query succeeded using the same row, so maybe you've got a typo and it's really "imglocation" instead.

First php statement of both of upload.php and view.php should be this:

session_start();