<?php include("include.php"); ?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title><?php echo $titleheader;?> - Add a pic to databse</title>
<script language="JavaScript" type="text/javascript">
function check() {
//here we check if the password is in both fields the same
if(document.add.pw.value != document.add.checkpw.value) {
alert("Please enter the same password in both fields");
return false;
}else{
return true;
}
}
function picpreview() {
// open a new window for preview the full pic
var pic = document.add.filename.value;
window.open("add.php?action=picpreview&pic=" + pic,"","fullscreen");
}
</script>
<link rel="stylesheet" type="text/css" href="index.css">
</head>
<body>
<h1>.:Add:.</h1>
<?php
$query = getenv("QUERY_STRING");
parse_url($query);
if($action == "picpreview") { //this is the preview routine
$pic = stripcslashes($pic);
$info = getimagesize($pic);
echo "<table cellpadding='10'>
<tr>
<td align='left'><b>Preview</b><br><br><a href='#' onclick='window.close()'>Close window</a></td>
<td align='right'><img src='$pic' $info[3]></td>
</tr>
</table>";
}
if($action == "") { //main routine, its all just html code so i dont explain
echo'<form action="add.php?action=add" method="post" enctype="multipart/form-data" name="add" onsubmit="return check()">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="27%">Choose file</td>
<td width="48%">
<input type="file" name="filename" accept="image/jpeg" onChange="document.images.preview.src = document.add.filename.value;">
</td>
<td width="25%"><a href="#" onclick="picpreview()">Preview</a></td>
</tr>
<tr>
<td width="27%">Who?</td>
<td width="48%">
<input type="text" name="who">
</td>
<td rowspan="6"><img name="preview" id="preview" width="250"></td>
</tr>
<tr>
<td width="27%">
<p>Description:</p>
</td>
<td width="48%">
<textarea cols="50" rows="12" name="descr"></textarea>
</td>
</tr>
<tr>
<td width="27%">Author/Copyright </td>
<td width="48%">
<input type="text" name="autor">
</td>
</tr>
<tr>
<td width="27%">Password<br> (you can leave empty, so its not protected)</td>
<td width="48%">
<input type="Password" name="pw">
</td>
</tr>
<tr>
<td width="27%">Confirm</td>
<td width="48%">
<input type="Password" name="checkpw">
</td>
</tr>
<tr>
<td width="27%">
</td>
<td width="48%">
<input type="submit" name="submit" value="Go...">
</td>
</tr>
</table>
</form>
';
}
if($action == "add") { //here we add the file to the database
$db = connect_database(); //connect database
$datahex = gethex($filename); //make the hex of the pic
$newpicfile = createthumb($filename,$quality);// Now we create a thumbnail. So we have later, when we look at the pics, less traffic
$newpicdatahex = gethex($newpicfile); //make the hex of the thumb
@unlink($newpicfile);
$who = prepare($who,"no"); //we prepare the text for the database (removing tags etc., so that there is no possibility for hackers ;-)
$descr = prepare($descr,"yes");
$author = prepare($author,"no");
//this is the mysql query
$cmd = "INSERT INTO '$db_table' ('id', 'who', 'descr', 'autor', 'stamp', 'pic', 'thumb', 'pw') VALUES ('', '$who ', '$descr', '$autor', NOW(NULL), '$datahex', '$newpicdatahex', '$pw')";
$result = mysql_db_query($db_name,$cmd); //query to the database
// if the query was successfull...
if($result) {
echo "<p>Picture added sucessfully<br><a href='index.php'>Go on</a></p>";
}else{ //if not
echo "<p>Error:<br>";
echo mysql_error($db);
}
mysql_close($db); //close database connection
}
?>
</body>
</html>
Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.
When asked, what has been your best career decision?
Deciding to stick with EE.
Being involved with EE helped me to grow personally and professionally.
Connect with Certified Experts to gain insight and support on specific technology challenges including:
We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE