<?php require_once "config.php"; session_start(); if($_SERVER["REQUEST_M

1. <?php
2. require_once "config.php";
3. session_start();
4.  
5. if($_SERVER["REQUEST_METHOD"] == "POST"){
6.  
7. /* [ERROR CHECKING] */
8. if ($_FILES['image']['size']==0) {
9. die("No file selected");
10. }
11.  
12. if (exif_imagetype($_FILES['image']['tmp_name'])===false) {
13. die("Not an image");
14. }
15.  
16. //INSERT INTO gallery(`GalleryID`, `Photo`, `Title`, `SubText`, `UserID`) VALUES ([value-1],[value-2],[value-3],[value-4],[value-5])
17. $sql = 'INSERT INTO gallery(Photo, Title, SubText, UserID) VALUES (?, ?, ?, ?)';
18. if($stmt = mysqli_prepare($db, $sql)){
19. // Bind variables to the prepared statement as parameters
20. mysqli_stmt_bind_param($stmt, "sssi", $param_photo, $param_title, $param_subtext, $param_UserID);
21.  
22. $image = $_FILES['image']['name'] . uniqid();
23.  
24. $param_photo = $image;
25. $param_title = $_POST["inputTitle"];
26. $param_subtext = $_POST["inputSubText"];
27. $param_UserID = $_SESSION["UserID"];
28.  
29. $target = "gallery/" . basename($image);
30.  
31. if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) {
32. echo "Image uploaded successfully";
33. }else{
34. print_r($_FILES);
35. echo "Failed to upload image";
36. }
37.  
38. // Attempt to execute the prepared statement (Return true/false)
39. if(mysqli_stmt_execute($stmt)){
40. // Redirect to login page
41. header("location: gallery.php");
42. } else{
43. echo "Error: \n";
44. print_r($stmt->error_list);
45. }
46. }
47. //Close statement
48. mysqli_stmt_close($stmt);
49. }
50. mysqli_close($db);
51. ?>