Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- require_once "config.php";
- session_start();
- if($_SERVER["REQUEST_METHOD"] == "POST"){
- /* [ERROR CHECKING] */
- if ($_FILES['image']['size']==0) {
- die("No file selected");
- }
- if (exif_imagetype($_FILES['image']['tmp_name'])===false) {
- die("Not an image");
- }
- //INSERT INTO gallery(`GalleryID`, `Photo`, `Title`, `SubText`, `UserID`) VALUES ([value-1],[value-2],[value-3],[value-4],[value-5])
- $sql = 'INSERT INTO gallery(Photo, Title, SubText, UserID) VALUES (?, ?, ?, ?)';
- if($stmt = mysqli_prepare($db, $sql)){
- // Bind variables to the prepared statement as parameters
- mysqli_stmt_bind_param($stmt, "sssi", $param_photo, $param_title, $param_subtext, $param_UserID);
- $image = $_FILES['image']['name'] . uniqid();
- $param_photo = $image;
- $param_title = $_POST["inputTitle"];
- $param_subtext = $_POST["inputSubText"];
- $param_UserID = $_SESSION["UserID"];
- $target = "gallery/" . basename($image);
- if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) {
- echo "Image uploaded successfully";
- }else{
- print_r($_FILES);
- echo "Failed to upload image";
- }
- // Attempt to execute the prepared statement (Return true/false)
- if(mysqli_stmt_execute($stmt)){
- // Redirect to login page
- header("location: gallery.php");
- } else{
- echo "Error: \n";
- print_r($stmt->error_list);
- }
- }
- //Close statement
- mysqli_stmt_close($stmt);
- }
- mysqli_close($db);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement