-
Notifications
You must be signed in to change notification settings - Fork 0
/
process-create-art.php
109 lines (83 loc) · 2.95 KB
/
process-create-art.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
<?php
session_start();
// Get the session variables
$sqlFetch = require __DIR__ . "/database.php";
// get the user's email address
$fetch = "SELECT * FROM users
WHERE id = {$_SESSION["user_id"]}";
$fetch_result = $sqlFetch->query($fetch);
$sessioned_user = $fetch_result->fetch_assoc();
if (empty($_POST['title'])) {
die('Title is required');
}
if (empty($_POST['story'])) {
die('Story is required');
}
if (empty($_POST['price'])) {
die('Price is required');
}
/* Cover Image section */
// Upload file errors
$upload_file_errors = array(
0 => 'There is no error, the file uploaded with success',
1 => 'The uploaded file exceeds the upload_max_filesize directive in php.ini',
2 => 'The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form',
3 => 'The uploaded file was only partially uploaded',
4 => 'No file was uploaded',
6 => 'Missing a temporary folder',
7 => 'Failed to write file to disk.',
8 => 'A PHP extension stopped the file upload.'
);
// The extension error flag that is false by default
$ext_error = false;
// List of allowed extensions
$extensions = array('jpg', 'jpeg', 'gif', 'png');
// Get the file extension
$file_ext = explode('.', $_FILES['img']['name']);
// Get the last element of the array that contains both the filename and the file extension
$file_ext = strtolower(end($file_ext));
// Check to see if the file extension is in the list of allowed extensions, if not set the extension error flag to true
if (!in_array($file_ext, $extensions)) {
$ext_error = true;
}
// Check to see if there is an error in the file upload that corresponds to one that is in the associative array. This happens if the error is not equal to zero
if ($_FILES['img']['error']) {
echo $upload_file_errors[$_FILES['img']['error']];
} elseif ($ext_error) {
echo "Invalid file extension. Only .jpeg or .jpg or .png or .gif are allowed";
} else {
// echo "Success! Image has been uploaded";
// If there is no error, move the file to the uploads folder
move_uploaded_file($_FILES['img']['tmp_name'], 'uploads/art/' . $_FILES['img']['name']);
// echo "File uploaded successfully";
}
$img_dir = 'uploads/art/' . $_FILES['img']['name'];
if (empty($img_dir)) {
die('Image is required');
}
/* Cover Image section */
/* Get logged in artist's id and name */
$artist_id = $sessioned_user['id'];
$artist_name = $sessioned_user['name'];
$mysqli = require __DIR__ . '/database.php';
$sql = "INSERT INTO art (artist_id, artist_name, title, story, price, img_path)
VALUES (?, ?, ?, ?, ?, ?)";
$stmt = $mysqli->stmt_init();
if (!$stmt->prepare($sql)) {
die('SQL error: ' . $mysqli->error);
}
$stmt->bind_param(
'ssssss',
$artist_id,
$artist_name,
$_POST['title'],
$_POST['story'],
$_POST['price'],
$img_dir
);
if ($stmt->execute()) {
header('Location: artist-pieces.php');
exit;
} else {
die($mysqli->error . ' ' . $mysqli->errno);
}