-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuploadItem.php
137 lines (122 loc) · 3.5 KB
/
uploadItem.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
<?php
// Include the database configuration file
include 'db_helper.php';
//Prompt user to log in
session_start();
while(!isset($_SESSION['username'])){
echo ("<script LANGUAGE='JavaScript'>
window.alert('Please log in to list an item');
window.location.href='loginregister.php';
</script>");
exit();
}
$username = $_SESSION['username'];
// If file upload form is submitted
if(isset($_POST["submit"])){
$dbc = OpenCon();
mysqli_set_charset($dbc, 'utf8');
$errors = array();
if(empty($_POST["itemName"]))
{
$errors[] = 'noitemname.';
}
else
{
$item_name = mysqli_real_escape_string($dbc, trim($_POST['itemName']));
}
if(empty($_POST["description"]))
{
$errors[] = 'nodescription.';
}
else
{
$description = mysqli_real_escape_string($dbc, trim($_POST['description']));
}
//i dunno if we want the description to be compulsory
//$description = mysqli_real_escape_string($dbc, trim($_POST['description']));
if(empty($_POST["price"]))
{
$errors[] = 'noprice';
}
else
{
$price = mysqli_real_escape_string($dbc, trim($_POST['price']));
}
if(isset($_FILES["imageToUpload"])) {
// Get file info
$fileName = basename($_FILES["imageToUpload"]["name"]);
//set directory to store image in
$target_dir = "itemImages/";
$target_file = $target_dir . $fileName;
$fileType = pathinfo($target_file, PATHINFO_EXTENSION);
//stores image in images/items/ folder i think cannot test until have the ui i think
//then stores the file path as a string in sql database later
if (move_uploaded_file($_FILES["imageToUpload"]["tmp_name"], $target_file))
{
echo "The file ". $fileName . " has been uploaded.";
}
else
{
$errors[] = "fileuploaderror";
}
// Allow certain file formats
/*
//thiss one is get the image in bytes(i think) then store in sql database as blob
$allowTypes = array('jpg','png','jpeg','gif');
if(in_array($fileType, $allowTypes)){
$image = $_FILES['image']['tmp_name'];
$imgContent = addslashes(file_get_contents($image)); //the thing to upload
}else{
$errors[] = 'Sorry, only JPG, JPEG, PNG, & GIF files are allowed to upload.';
}
*/
}else{
$errors[] = 'Please select an image file to upload.';
}
}
if (empty($errors))
{
// Insert image path into database
$r = insertItem($item_name, $description, $price, $target_file, $username, $dbc);
if ($r)
{
CloseCon($dbc);
header ("Location: listitem.php?status=success");
exit();
}
else
{
// Debugging message:
CloseCon($dbc);
header ("Location: listitem.php?status=fail");
exit();
}
}
else
{
$headerMsg = "Location: listitem.php?";
$i = 0;
while (i < sizeof($errors))
{
if ($i == 0)
{
$headerMsg = $headerMsg . "error" . $i . "=" . $errors[$i];
}
else if ($i > 0)
{
$headerMsg = $headerMsg . "&error" . $i . "=" . $errors[$i];
}
$i++;
}
CloseCon($dbc);
header($headerMsg);
exit();
}
/*if($r){
$statusMsg = "File uploaded successfully.";
}else{
$statusMsg = "File upload failed, please try again.";
}*/
// Display status message.
//echo $statusMsg;
?>