-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsubmit_post.php
59 lines (51 loc) · 2.07 KB
/
submit_post.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
<!-- submit_post.php -->
<?php
session_start(); // Start the session at the beginning
include 'db_connect.php'; // Include your database connection script
// Check if the form has been submitted
if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_FILES['postImage']) && isset($_POST['postContent'])) {
// Ensure the user is logged in by checking the session
if (!isset($_SESSION['user_data']['user_id'])) {
die("Error: User is not logged in.");
}
// Retrieve user ID from session
$userId = $_SESSION['user_data']['user_id'];
$textContent = $_POST['postContent'];
$imagePath = 'images/default.png'; // Default image path
// Handle the file upload
if ($_FILES['postImage']['error'] == 0) {
$target_dir = "uploads/";
$target_file = $target_dir . basename($_FILES["postImage"]["name"]);
$imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
$allowedTypes = ['jpg', 'jpeg', 'png', 'gif'];
// Check if file type is allowed
if (in_array($imageFileType, $allowedTypes)) {
if (move_uploaded_file($_FILES["postImage"]["tmp_name"], $target_file)) {
$imagePath = $target_file;
} else {
echo "Sorry, there was an error uploading your file.";
}
} else {
echo "Sorry, only JPG, JPEG, PNG, and GIF files are allowed.";
}
}
// Prepare SQL statement to insert the post into the database
$sql = "INSERT INTO posts (user_id, content, image) VALUES (?, ?, ?)";
$stmt = $conn->prepare($sql);
if ($stmt === false) {
die('MySQL prepare error: ' . $conn->error);
}
$stmt->bind_param("iss", $userId, $textContent, $imagePath);
if (!$stmt->execute()) {
die('Execute error: ' . $stmt->error);
}
$stmt->close();
$conn->close();
// Redirect back to posts page or a success page
header("Location: posts.php");
exit();
} else {
// If the correct POST requests aren't set
echo "Invalid request.";
}
?>