PHP File upload form not working

I've used this code in another site I've made and it works absolutel开发者_Go百科y fine so I'm really confused as to why this isn't working properly. The only things I have changed are the directories for the file to be moved to, but the files never get uploaded. I've triple checked everything and it all seems fine. The code all executes without errors and all of the info gets entered into the database correctly, the only problem is the file not uploading. I'm going mad trying to get this to work! please help!

HTML FORM:

<p>
<h2>Add News</h2><br />
REQUIRED *<br /><br />
<form enctype="multipart/form-data" action='addnews2.php' method='post' onsubmit="chose.value = uploadForm()" name="newsform">
<p>Headline:  *
<br>
<input name="title" type="text" size="75">
<br />
<br/>

  News: *<br>
<textarea name="text" cols="75" rows="10" width="200"></textarea><br /><br />
Image File:   
<br>
<input type="file" name="filetoupload" id="filetoupload"><br/><br />

  <input type="submit" name="choose" value="Submit" />
</p>
</form>
</p>

Processing Page:

$date=date("l F d, Y");

$title=stripslashes($_POST['title']);
$text=stripslashes($_POST['text']);

if (($_FILES["filetoupload"]["type"] == "image/gif")
|| ($_FILES["filetoupload"]["type"] == "image/jpeg")
|| ($_FILES["filetoupload"]["type"] == "image/pjpeg")
|| ($_FILES["filetoupload"]["type"] == "image/png")
|| ($_FILES["filetoupload"]["type"] == "image/jpg"))
  {
  if ($_FILES["filetoupload"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["filetoupload"]["error"] . "<br />";
    }
    else
      {
            if (file_exists("images/news/" . $_FILES["filetoupload"]["name"]))
      {
      echo $_FILES["filetoupload"]["name"] . " already exists. ";
      }
      move_uploaded_file($_FILES["filetoupload"]["tmp_name"],
      "images/news/" . $_FILES["filetoupload"]["name"]);
      }
    }



$image = "images/news/".$_FILES['filetoupload']['name'];


if($title==""||$text==""){
    die("You need to fill in all details");
}


connect_to_db();
$query="insert into news (date, title, text, image) values ('".$date."','".mysql_real_escape_string($title)."','".mysql_real_escape_string($text)."','".$image."')";
$result=mysql_query($query);

if(mysql_affected_rows()==1){
header("Location:index.php?page=Admin&news=added");
}
else{
    die("there was a problem");
}
mysql_close();

---

Looks like you are missing an else statement possibly, the code formatting is off and causes confusion:

  if (file_exists("images/news/" . $_FILES["filetoupload"]["name"]))
  {
      echo $_FILES["filetoupload"]["name"] . " already exists. ";
  }else {
      move_uploaded_file($_FILES["filetoupload"]["tmp_name"],
  "images/news/" . $_FILES["filetoupload"]["name"]);
  } 

Give that a shot. If not that, check your permissions etc. And make sure that the file isn't being uploaded, just not in the spot you expected it to be.

Just a bit of information, I would do the $title and $text check before you do the image check. As you probably do not want to upload the image to the site if both of those are null. You should also escape the file name in the image path prior to inserting:

$image = "images/news/".mysql_real_escape_string($_FILES['filetoupload']['name']);

As that could also be prone to injection.