Created with Pastebin Mobile

1. <?php
2. session_start();
3.  
4. if (!isset($_SESSION['username'])) {
5.   $_SESSION['msg'] = "You must log in first";
6.   header('location: login.php');
7. }
8. if (isset($_GET['logout'])) {
9.   session_destroy();
10.   unset($_SESSION['username']);
11.   header("location: login.php");
12. }
13.  
14. $host = '127.0.0.1';
15. $db   = 'my_testme';
16. $user = 'testme';
17. $pass = '';
18. $charset = 'utf8mb4';
19.  
20. $options = [
21.     PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
22.     PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
23.     PDO::ATTR_EMULATE_PREPARES   => false,
24. ];
25. $pdo = new PDO("mysql:host=$host;dbname=$db;charset=$charset", $user, $pass, $options);
26.  
27.  
28. $stmt = $pdo->prepare("SELECT * FROM users WHERE username=?");
29. $stmt->execute(array($_SESSION["username"]));
30. // using while
31. while($row = $stmt->fetch()) {
32.   $id = $row["id"];
33. }
34.  
35.  
36. $title = $_POST["title"];
37. $apps = $_POST["napps"];
38. $des = $_POST["description"];
39. $earn = 0;
40. $image = rand(5,99999999);
41.  
42.  
43. $sql = "INSERT INTO image (userid, title, napps, des, earnings, image) VALUES (?, ?, ?, ?, ?, ?)";
44. $pdo->prepare($sql)->execute([$id, $title, $apps, $des, $earn, $image]);
45.  
46. $stmt = $pdo->prepare("SELECT * FROM image WHERE image=?");
47. $stmt->execute(array($image));
48. // using while
49. while($row = $stmt->fetch()) {
50.   $idimage = $row["id"];
51. }
52.  
53. // Upload and Rename File
54.  
55. if (isset($_POST['file']))
56. {
57.     $filename = $_FILES["file"]["name"];
58.     $file_basename = substr($filename, 0, strripos($filename, '.')); // get file extention
59.     $file_ext = substr($filename, strripos($filename, '.')); // get file name
60.     $filesize = $_FILES["file"]["size"];
61.     $allowed_file_types = array('.jpg','.png','.jpeg','.gif');
62.  
63.     if (in_array($file_ext,$allowed_file_types)