75 lines
2.3 KiB
PHP
75 lines
2.3 KiB
PHP
|
<?php
|
||
|
ini_set('display_errors', 1);
|
||
|
ini_set('display_startup_errors', 1);
|
||
|
error_reporting(E_ALL);
|
||
|
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
|
||
|
function form() {
|
||
|
?>
|
||
|
<form action="upload.php" method="post" enctype="multipart/form-data">
|
||
|
<label for="file">Image*</label><br>
|
||
|
<input type="file" name="file" value="file" required><br>
|
||
|
<label for="species">Species</label>
|
||
|
<input type="text" name="species" id="species">
|
||
|
<input type="submit" name="submit" value="submit">
|
||
|
</form>
|
||
|
<?php
|
||
|
}
|
||
|
|
||
|
function db_entry($species, $filename) {
|
||
|
session_start();
|
||
|
global $root;
|
||
|
$location = $root."/storage/images/";
|
||
|
require "$root/database/credentials.php";
|
||
|
// Connect the database
|
||
|
try {
|
||
|
$db = new PDO("mysql:host=$host;dbname=$database;charset=utf8",
|
||
|
$user,
|
||
|
$password,
|
||
|
array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION
|
||
|
));
|
||
|
} catch (Exception $e) {
|
||
|
die("Error : ".$e->getMessage());
|
||
|
}
|
||
|
if (isset($_SESSION['username'])) {
|
||
|
$req = $db->prepare('SELECT id FROM authors WHERE username=:username');
|
||
|
$req->execute(array(
|
||
|
"username"=>$_SESSION['username']
|
||
|
));
|
||
|
if ($data = $req->fetch()) {
|
||
|
$author_id = $data['id'];
|
||
|
}
|
||
|
} else {
|
||
|
$_SESSION['error_msg'] .= "You need to be logged in to upload images.";
|
||
|
header("Location: /auth/login");
|
||
|
}
|
||
|
$req = $db->prepare('INSERT INTO images (species, file_name, author_id, entry_date) VALUES (:species, :file_name, :author_id, now())');
|
||
|
$req->execute(array(
|
||
|
"species"=>$species,
|
||
|
"file_name"=>$filename,
|
||
|
"author_id"=>$author_id
|
||
|
));
|
||
|
}
|
||
|
|
||
|
|
||
|
$_SESSION['error_msg'] = "";
|
||
|
if(isset($_POST['submit'])){
|
||
|
$location = $root."/storage/images/";
|
||
|
$name = $_FILES['file']['name'];
|
||
|
$temp_name = $_FILES['file']['tmp_name'];
|
||
|
if(isset($name) and !empty($name)){
|
||
|
$location = "$root/storage/images/";
|
||
|
if(move_uploaded_file($temp_name, $location.$name)){
|
||
|
echo 'File uploaded successfully';
|
||
|
db_entry(isset($_POST['species']) ? $_POST['species'] : "", $name);
|
||
|
header('Location: /gallery');
|
||
|
} else {
|
||
|
echo "Can't move your file.";
|
||
|
}
|
||
|
} else {
|
||
|
$_SESSION['error_msg'] .= 'You should select a file to upload !!';
|
||
|
}
|
||
|
} else {
|
||
|
form();
|
||
|
}
|
||
|
?>
|