Submitting Data and upload form

[wignall6]

I have another issue with my code. I am submitting a form which adds a company to the database. I have a file upload box in the add company form. Before I added this it all worked fine.

Could some please take a look at my code and see if there is anything wrong. It's probably something really easy which I am missing because I have been looking at this for an hour now.

Manage-company.php

[syntax=php]
<?php
$result = mysql_query("SELECT rank FROM users");
$row = mysql_fetch_array($result);

if ($row['rank'] == 3) {
echo "
<h2 class='form-title'>Manage Company</h2>

<p>Please make sure you fill out company name or you won't be able to add a company.</p>

<form target='add-company.php' method='POST' enctype='multipart/form-data'>
<div class='form'>
<div class='row'>
<div class='col'>Company Name:*</div>
<div class='col'><input type='text' name='company-name' /></div>
</div>
<div class='row'>
<div class='col'>Website Link:</div>
<div class='col'><input type='text' name='website-link' /></div>
</div>
<div class='row'>
<div class='col'>Phone Number 1:</div>
<div class='col'><input type='text' name='phone-number1' /></div>
</div>
<div class='row'>
<div class='col'>Phone Number 2:</div>
<div class='col'><input type='text' name='phone-number2' /></div>
</div>
<div class='row'>
<div class='col'>Company Email:</div>
<div class='col'><input type='text' name='company-email' /></div>
</div>
<div class='row'>
<div class='col'>VAT Number:</div>
<div class='col'><input type='text' name='company-vatnumber' /></div>
</div>
<div class='row'>
<div class='col'>Registered Address:</div>
<div class='col'><input type='text' name='company-address' /></div>
</div>
<div class='row'>
<div class='col'>Username:</div>
<div class='col'><input type='text' name='company-username' /></div>
</div>
<div class='row'>
<div class='col'>Password:</div>
<div class='col'><input type='text' name='company-password' /></div>
</div>
<div class='row'>
<div class='col'>Company Description:</div>
<div class='col'><input type='text' name='company-description' /></div>
</div>
<div class='row'>
<div class='col'>Company Testimonial:</div>
<div class='col'><input type='file' name='company-testimonial' id='company-testimonial' /></div>
</div>
</div>
<input type='submit' name='submit' style='margin: 5px auto;' />
</form>
";
} else {
echo 'You do not have access!';
}
?>
[/syntax]

Add-company.php

[syntax=php]
<?php

include('core/init.inc.php');

$dir = 'uploads/pdf';
$allowed = array('application/pdf');

$file_name = $_FILES['file']['name'];
$file_type = $_FILES['file']['type'];

if (in_array($file_type, $allowed) && $file_size < 7000000) {

move_uploaded_file($_FILES["file"]["tmp_name"], "$dir/" . $file_name);

$company_name = mysql_real_escape_string($company_name);
$website_link = mysql_real_escape_string($website_link);
$phone_number1 = mysql_real_escape_string($phone_number1);
$phone_number2 = mysql_real_escape_string($phone_number2);
$company_email = mysql_real_escape_string($company_email);
$company_vatnumber = mysql_real_escape_string($company_vatnumber);
$company_address = mysql_real_escape_string($company_address);
$company_username = mysql_real_escape_string($company_username);
$company_password = mysql_real_escape_string($company_password);
$company_description = mysql_real_escape_string($company_description);
$company_testimonial = mysql_real_escape_string($company_testimonial);

mysql_query("INSERT INTO `company` (`company_name`, `website_link`, `phone_number1`, `phone_number2`, `company_email`, `company_vatnumber`, `company_address`, `company_username`, `company_password`, `company_description`, `company_testimonial`) VALUES ('{$company_name}', '{$website_link}', '{$phone_number1}', '{$phone_number2}', '{$company_email}', '{$company_vatnumber}', '{$company_address}', '{$company_username}', '{$company_password}', '{$company_description}', '{$company_testimonial}')");

echo 'test';
} else {
echo "Invalid file";
}

?>
[/syntax]

[jacek]

I can't see anything massively wrong, except that huge html echo block.

What is the problem exactly ?