PDO::ERRMODE_EXCEPTION )); } catch (Exception $e) { die("Error : ".$e->getMessage()); } if (isset($_SESSION['username'])) { $req = $db->prepare('SELECT id FROM authors WHERE username=:username'); $req->execute(array( "username"=>$_SESSION['username'] )); if ($data = $req->fetch()) { $author_id = $data['id']; } } else { $_SESSION['error_msg'] .= "You need to be logged in to upload images."; header("Location: /auth/login"); } $req = $db->prepare('INSERT INTO images (species, file_name, author_id, entry_date) VALUES (:species, :file_name, :author_id, now())'); $req->execute(array( "species"=>$species, "file_name"=>$filename, "author_id"=>$author_id )); } $_SESSION['error_msg'] = ""; if(isset($_POST['submit'])){ $location = $root."/storage/images/"; $name = $_FILES['file']['name']; $temp_name = $_FILES['file']['tmp_name']; if(isset($name) and !empty($name)){ $location = "$root/storage/images/"; if(move_uploaded_file($temp_name, $location.$name)){ echo 'File uploaded successfully'; db_entry(isset($_POST['species']) ? $_POST['species'] : "", $name); header('Location: /gallery'); } else { echo "Can't move your file."; } } else { $_SESSION['error_msg'] .= 'You should select a file to upload !!'; } } else { form(); } ?>