API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 20th, 2019
103
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.21 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $servername = "localhost";
  4. $username = "root";
  5. $password = "";
  6. $dbname = "chhoe17";
  7.  
  8.  
  9. try {
  10. $conn = new PDO("mysql:host=$servername;dbname=$dbname",
  11. $username,
  12. $password,
  13. array(PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION));
  14.  
  15.  
  16. }
  17. catch(PDOException $e) {
  18. echo $e->getMessage();
  19. }
  20.  
  21. <?php
  22. include_once 'header.php';
  23. ?>
  24.  
  25. <section class="main-container">
  26. <div class="main-wrapper">
  27. <h2>Manage your pictures</h2>
  28. <?php
  29. //display a message and images if logged in!
  30. if (isset($_SESSION['u_id'])) {
  31. echo "Upload your pictures";
  32.  
  33. echo '<div class="picture-upload">
  34. <h2>Upload</h2>
  35. <br>
  36. <br>
  37. <br>
  38. <form action="includes/picture-upload.inc.php" method="post" enctype="multipart/form-data">
  39. <input type="text" name="filename" placeholder="File name">
  40. <input type="text" name="filetitle" placeholder="Image title">
  41. <input type="text" name="filedesc" placeholder="Image description">
  42. <input type="file" name="file">
  43. <button type="submit" name="submit">Upload</button>
  44. </form>
  45. </div>';
  46.  
  47. echo ' <section class="picture-links">
  48. <div class="wrapper">
  49. <h2>Pictures</h2>
  50.  
  51. include_once "includes/dbh.inc.php";
  52.  
  53. $query = $conn->query("SELECT * FROM pictures ORDER BY orderPicture DESC")->fetchAll();
  54.  
  55. if (!$query->execute()) {
  56. header("Location: ../upload.php?upload=sqlStatementFail");
  57. exit();
  58. } else {
  59.  
  60. $query = $conn->query("SELECT * FROM pictures ORDER BY orderPicture DESC")->fetchAll();
  61.  
  62. foreach($query as $query) {
  63.  
  64. echo <a href="#">
  65. <div style = "background-image: url(img/pictures/".$query["imageFullNamePicture"]");"></div>
  66. <h3> ".$query["titlePicture"]" </h3>
  67. <p> ".$query["descPicture"]" </p>
  68. </a>;
  69.  
  70. }
  71.  
  72. }
  73.  
  74. <div class ="picture-container">
  75. <a href="#">
  76. <div></div>
  77. <h3> This is a title </h3>
  78. <p> This is a paragraph </p>
  79. </a>
  80. </div>
  81.  
  82.  
  83.  
  84.  
  85.  
  86. </div>
  87. </section>
  88.  
  89. '
  90.  
  91.  
  92. ?>
  93.  
  94. <?php
  95.  
  96. }
  97. ?>
  98. </div>
  99. </section>
  100.  
  101. <?php
  102. include_once 'footer.php';
  103. ?>
  104.  
  105. <?php
  106.  
  107.  
  108. if (isset($_POST['submit'])) {
  109.  
  110.  
  111. $newFilenName = $_POST['filename'];
  112. //If filename has been left empty, create default name for file
  113. if (empty($newFilenName )) {
  114. $newFilenName = "unnamed";
  115. //Remove potential spaces and replace, plus change letters to lowercase
  116. } else {
  117. $newFilenName = strtolower(str_replace(" ", "-", $newFilenName));
  118. }
  119. $imageTitle = $_POST['filetitle'];
  120. $imageDesc = $_POST['filedesc'];
  121.  
  122. $file = $_FILES["file"];
  123.  
  124. //Get information for the error handlers
  125. $fileName = $file["name"];
  126. $fileType = $file["type"];
  127. $fileTempName = $file["tmp_name"];
  128. $fileError = $file["error"];
  129. $fileSize = $file["size"];
  130.  
  131. //explode to to only take the exstension of the file etc .jepg
  132. $fileExt = explode(".", $fileName);
  133. $fileActualExt = strtolower(end($fileExt));
  134.  
  135. $allowed = array("jpg", "jpeg", "png");
  136.  
  137. if (in_array("fileActualExt", $allowed)) {
  138. if($fileError === 0) {
  139. if($fileSize < 2000000) {
  140.  
  141. $imageFullName = $newFilenName . "." . uniqid("", true) . "." . $fileActualExt;
  142. $fileDestination = "../img/pictures/" . $imageFullName;
  143.  
  144. include_once "dbh.inc.php";
  145.  
  146. if (empty(imageTitle) || ($imageDesc)) {
  147. header("Location: ../upload.php?upload=empty");
  148. exit();
  149.  
  150. } else {
  151.  
  152. $stmt = $conn->prepare("SELECT * FROM pictures");
  153. $stmt->bindParam(':titlePicture', $titlePicture, PDO::PARAM_STR);
  154. $stmt->bindParam(':descPicture', $descPicture, PDO::PARAM_STR);
  155. $stmt->bindParam(':imageFullNamePicture', $imageFullNamePicture, PDO::PARAM_STR);
  156. $stmt->bindParam(':orderPicture', $orderPicture, PDO::PARAM_STR);
  157.  
  158. if (!$stmt->execute()) {
  159. header("Location: ../upload.php?upload=sqlError");
  160. exit();
  161. } else {
  162. $row = $stmt->fetch(PDO::FETCH_ASSOC);
  163. $setImageOrder = $row + 1;
  164.  
  165. $stmt = "INSERT INTO pictures (titlePicture, descPicture, imageFullNamePicture, orderPicture)
  166. VALUES (?, ?, ?, ?);";
  167. if (!$stmt->execute()) {
  168. header("Location: ../upload.php?upload=sqlError");
  169. exit();
  170. } else {
  171. $stmt->bindParam(':titlePicture', $titlePicture);
  172. $stmt->bindParam(':descPicture', $descPicture);
  173. $stmt->bindParam(':imageFullNamePicture', $imageFullNamePicture);
  174. $stmt->bindParam(':orderPicture', $orderPicture);
  175.  
  176. if (!$stmt->prepare()) {
  177. header("Location: ../upload.php?upload=sqlStatementFail");
  178. exit();
  179. } else {
  180.  
  181. $sql = "SELECT * FROM pictures";
  182. $result = $con->prepare($sql);
  183. $result->execute();
  184. $number_of_rows = $result->fetchColumn();
  185.  
  186. $setImageOrder = $number_of_rows + 1;
  187.  
  188. $stmt = "INSERT INTO pictures (titlePicture, descPicture, imageFullNamePicture, orderPicture)
  189. VALUES (?, ?, ?, ?);";
  190.  
  191. if (!$stmt->prepare()) {
  192. header("Location: ../upload.php?upload=sqlStatementFail");
  193. exit();
  194. } else {
  195.  
  196. $stmt->bindParam(':imageTitle', $imageTitle);
  197. $stmt->bindParam(':imageDesc', $imageDesc);
  198. $stmt->bindParam(':imageFullName', $imageFullName);
  199. $stmt->bindParam(':setImageOrder', $setImageOrder);
  200.  
  201. $stmt->execute();
  202.  
  203. move_uploaded_file($fileTempName, $fileDestination);
  204.  
  205. header("Location: ../upload.php?upload=Success");
  206. }
  207.  
  208.  
  209. }
  210.  
  211. }
  212.  
  213. }
  214.  
  215. }
  216.  
  217. } else {
  218. header("Location: ../upload.php?upload=FileTooBig");
  219. exit();
  220. }
  221.  
  222. } else {
  223. header("Location: ../upload.php?upload=ErrorOccured");
  224. exit();
  225. }
  226.  
  227. } else {
  228. header("Location: ../upload.php?upload=FileTypeNotAllowed");
  229. exit();
  230. }
  231.  
  232.  
  233.  
  234. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!