0 ){ echo 'Error: ' . $_FILES['file']['error'] . '
'; } else { $customerID = mysql_escape_string($_POST['customerID']); $fullPath = $customerID . '_' . $_FILES['file']['name']; if(move_uploaded_file($_FILES['file']['tmp_name'], 'MyProfilePicture/' .$fullPath)) { echo "File Uploaded Successfully"; } } //mysql_query("INSERT INTO vts_profile_images (cust_id, file_path) VALUES('$customerID','$fullPath')"); mysql_query("UPDATE `vts_customers` SET `profile_pic`='$fullPath' WHERE `c_id`='$customerID'"); ?>