Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- if(isset($_POST["username"]) && isset($_POST["password"])){
- // Filter everything except letters and numbers
- $user = preg_replace('#^A-Za-z0-9#i','',$_POST["username"]);
- $password = preg_replace('#^A-Za-z0-9#i','',$_POST["password"]);
- // Connect to mySQL
- include"assets/scripts/sql_connect.php";
- // Query the person
- $sql = $conn->query("SELECT id FROM user_login WHERE user_name='$user' AND user_password='$password' LIMIT 1");
- // Make sure person exists
- $existCount = $sql->rowCount();
- // Evaluate the count
- if($existCount == 1){
- while($row = mysql_fetch_array($sql)){
- $id = $row["id"];
- }
- $_SESSION["id"] = $id;
- $_SESSION["user"] = $user;
- $_SESSION["password"] = $password;
- header("location:index.php");
- exit();
- }else{
- echo"Login details incorrect, try again <a href='index.php'>Click here</a>";
- exit();
- }
- }
- ?>
- <?php
- session_start();
- include"assets/scripts/sql_connect.php";
- if (isset($_POST['image_title'])){
- $userid = $_SESSION["id"];
- $image_title = $_POST['image_title'];
- $image_comment = $_POST['image_comment'];
- //Add image text to the database
- $sql = $conn->query("INSERT INTO user_image(user_id,image_title,image_comment, image_date_added) VALUES('$userid','$image_title','$image_comment', now())") or die(mysql_error());
- $id = $conn->lastInsertId();
- $image_id = $conn->lastInsertID();
- // Places image in the images folder
- $new_name = "$image_id.jpg";
- move_uploaded_file($_FILES['app_art_image']['tmp_name'],"appArtImages/$new_name");
- header("location:gallery.php");
- exit();
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
