<?phprequire_once "../connections/connection.php";$target_dir = "../uplo

1. <?php
2. require_once "../connections/connection.php";
3.  
4.  
5. $target_dir = "../uploads/noticias/";
6. $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]);
7. $uploadOk = 1;
8. $imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
9.  
10. // Check if image file is a actual image or fake image
11. if (isset($_POST["submit"])) {
12. $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
13. if ($check !== false) {
14. echo "File is an image - " . $check["mime"] . ".";
15. $uploadOk = 1;
16. } else {
17. echo "File is not an image.";
18. $uploadOk = 0;
19. }
20. }
21.  
22. // Check if file already exists
23. if (file_exists($target_file)) {
24. echo "Sorry, file already exists.";
25. $uploadOk = 0;
26. }
27.  
28. // Check file size
29. if ($_FILES["fileToUpload"]["size"] > 5000000) {
30. echo "Sorry, your file is too large.";
31. $uploadOk = 0;
32. }
33.  
34. // Allow certain file formats
35. if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
36. && $imageFileType != "gif") {
37. echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
38. $uploadOk = 0;
39. }
40.  
41. // Check if $uploadOk is set to 0 by an error
42. if ($uploadOk == 0) {
43. echo "Sorry, your file was not uploaded.";
44. // if everything is ok, try to upload file
45. } else {
46. if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
47. echo "The file " . basename($_FILES["fileToUpload"]["name"]) . " has been uploaded.";
48.  
49.  
50. if (isset($_POST["titulo"]) && isset($_POST["subtitulo"]) && isset($_POST["texto"]) && isset($_FILES["fileToUpload"]) && isset($_POST["tema"])) {
51.  
52. $ficheiro = $_FILES["fileToUpload"]["name"];
53. //$tipo = $_POST["tipo"];
54. // We need the function!
55. require_once("../connections/connection.php");
56.  
57. // Create a new DB connection
58. $link = new_db_connection();
59.  
60. /* create a prepared statemet */
61. $stmt = mysqli_stmt_init($link);
62.  
63. $query = "INSERT INTO conteudos (filename)
64. VALUES (?)";
65.  
66. if (mysqli_stmt_prepare($stmt, $query)) {
67.  
68. mysqli_stmt_bind_param($stmt, 's', $ficheiro);
69.  
70. /* execute the prepared statement */
71. if (!mysqli_stmt_execute($stmt)) {
72. echo "Error: " . mysqli_stmt_error($stmt);
73. } else {
74. $last_id = mysqli_insert_id($link);
75. //echo "ID: " . "$last_id";
76. }
77. $link2 = new_db_connection();
78. $stmt2 = mysqli_stmt_init($link2);
79. $query2 = "INSERT INTO noticias (titulo, subtitulo, texto,conteudos_id_conteudos, temas_id_temas) VALUES (?,?,?,?,?)";
80.  
81. if (mysqli_stmt_prepare($stmt2, $query2)) {
82. mysqli_stmt_bind_param($stmt2, 'sssii', $titulo, $subtitulo, $texto, $last_id, $temas_id);
83. $titulo = $_POST["titulo"];
84. $subtitulo = $_POST["subtitulo"];
85. $texto = $_POST["texto"];
86. $temas_id = $_POST["tema"];
87.  
88. // Devemos validar também o resultado do execute!
89. if (mysqli_stmt_execute($stmt2)) {
90. mysqli_stmt_close($stmt2);
91. mysqli_close($link2);
92.  
93. // Acção de sucesso
94. header("Location: ../noticias.php");
95. } else {
96. header("Location: ../criar_noticia.php");
97. // Acção de erro
98. //echo "Error:" . mysqli_stmt_error($stmt);
99. }
100. } else {
101. // Acção de erro
102. echo "Error:" . mysqli_error($link);
103. mysqli_close($link);
104. }
105. }
106. }
107. } else {
108. echo "Sorry, there was an error uploading your file.";
109. }
110. }
111.  
112. mysqli_close($link);