<!DOCTYPE html><html lang="en"><head> <meta charset="utf-8"> <meta nam

1. <!DOCTYPE html>
2.  
3. <html lang="en">
4. <head>
5. <meta charset="utf-8">
6. <meta name="viewport" content="width=device-width, initial-scale=1">
7. <title>Page Title</title>
8. <link rel="stylesheet" href="https://stackpath.bootstrapcdn.com/bootstrap/4.4.1/css/bootstrap.min.css" integrity="sha384-Vkoo8x4CGsO3+Hhxv8T/Q5PaXtkKtu6ug5TOeNV6gBiFeWPGFN9MuhOf23Q9Ifjh" crossorigin="anonymous">
9. <link href="https://fonts.googleapis.com/css?family=Roboto&display=swap" rel="stylesheet">
10. <link rel="stylesheet" href="assets/css/style.css">
11. </head>
12. <body>
13. <?php
14. require_once "db_conn.php";
15.  
16. echo "<pre>";
17. print_r($_POST);
18. echo "</pre>";
19.  
20. //Patikriname ar paskelbe forma
21. //add_city yra formos mygtukas
22. if(isset($_POST['add_city'])):
23. //Tuscias masyvas kur saugosime validavimo klaidas
24. $errors = [];
25.  
26. //Tikriname ar ivede miesto pavadinima ir kad jo ilgis bent 5 simboliai
27. if(!empty($_POST['city_name']) && strlen($_POST['city_name']) >= 5){
28. //Praejome patikrinima, apsisaugome nuo kabuciu (SQL injection)
29. $city_name = $db->escape_string($_POST['city_name']);
30. }else{
31. //Nepraejome patikrinimo, sukuriame klaidos pranesima
32. array_push($errors, 'You must enter city name, minimum length is 5');
33. $city_name = $_POST['city_name'];
34. }
35.  
36. //Patikriname ar ivestas failo pavadinimas
37. if(!empty($_POST['city_image_filename'])){
38. //Jeigu pavadinimas ivestas, apsisaugome nuo kabuciu (SQL injection)
39. $city_image_filename = $db->escape_string($_POST['city_image_filename']);
40. }else{
41. //Nepraejome patikrinimo, sukuriame klaidos pranesima
42. array_push($errors, 'You must enter city image filename');
43. $city_image_filename = $_POST['city_image_filename'];
44. }
45.  
46. //Patikriname ar failo pavadinime nurodyta failo galune
47. //tikriname ieskodami ar yra pavadinime taskas
48. if(isset($city_image_filename) && !strpos($city_image_filename, '.')){
49. array_push($errors, 'Filename must include file extension');
50. }
51.  
52. //Patikriname ar buvo validavimo klaidu
53. if(empty($errors)){
54. $sql = "INSERT INTO capitals (title, image)
55. VALUES ('$city_name', '$city_image_filename')";
56.  
57. //echo $sql;
58. $result = $db->query($sql);
59.  
60. if($result){
61. unset($city_name);
62. unset($city_image_filename);
63. $success = "City added";
64. }
65. }
66.  
67.  
68. endif;
69. ?>
70. <header class="capitals-header">
71. <div class="container">
72. <h1>Add city</h1>
73. </div>
74. </header>
75. <section class="capital-cities">
76. <div class="container">
77. <div class="single-city p-5 bg-white">
78. <?php
79. if(isset($errors) && !empty($errors)):
80. ?>
81. <div class="errors pb-3">
82. <ol class="alert alert-danger px-5">
83. <?php
84. foreach($errors as $error){
85. echo "<li>$error</li>";
86. }
87. ?>
88. </ol>
89. </div>
90. <?php
91. endif;
92. if(isset($success)): ?>
93. <div class="alert alert-success">
94. <?php echo $success; ?>
95. </div>
96. <?php
97. endif;
98. ?>
99. <form method="POST">
100. <div class="form-group">
101. <label for="city_name">City Name</label>
102. <input type="text" class="form-control" id="city_name" name="city_name" placeholder="Enter city name" value="<?php echo stripslashes($city_name ?? ''); ?>">
103. </div>
104. <div class="form-group">
105. <label for="city_image_filename">City Image Filename</label>
106. <input type="text" class="form-control" id="city_image_filename" name="city_image_filename" placeholder="Enter city image filename" value="<?php echo stripslashes($city_image_filename ?? ''); ?>">
107. </div>
108. <button type="submit" name="add_city" class="btn btn-primary">Add City</button>
109. </form>
110. </div>
111. </div>
112. </section>
113. </body>
114. </html>