task/upload_photo.php at master · aditya169/task · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
<?php
//============================================================+
// File name   : upload_photo.php
//
// Description : This file let the task Poster to upload photo for the task.
//
// Author:  Aditya Mathur
//
// (c) Copyright:
//               Aditya Mathur
//               eztasker.com
//
// License:
//    Copyright (C) 2014 Aditya Mathur - eztasker.com
//============================================================+
session_start();
if(isset($_SESSION['li_uname111'])){
	$e=$_SESSION['li_uname111'];
	$type=1;
}
elseif(isset($_SESSION['li_uname222'])){
	$e=$_SESSION['li_uname222'];
	$type=2;
	$title="Task Poster";
	require_once './includes/db_config.php';
	connect();
	$q1 = "SELECT poster_id from poster_profile where email='".$e."'";
	$r1=mysql_query($q1) or die(mysql_error());
	$row1 = mysql_fetch_array($r1);
	$poster_id= $row1['poster_id'];
}
else{
		$e='';
		$type=0;
		header('location:login.php');die;//redirect to login page
}
?>

<?php include('./includes/header.php');?>
 <div class="">
	<!-- Menus -->
	<?php include './includes/menu.php';?>
  </div>
  <div class="spacer"></div>
</div>

<?php
if(isset($_POST['upload'])) // Has a file been uploaded?
{
   // Make sure the file was sent without errors
	if($_FILES['files']['error'] == 0)
	{
        //Gather required data
		//adding image-file record
if($_FILES['files']['size'] > 0 ){

		$task_id=trim($_POST['taskid']);
		$task_id=(int)($task_id);
		require_once './includes/mysqlidb_config.php';
        //Gather all required data
		$allowedExts = array("gif", "jpeg","jpg", "png");
		$temp = explode(".", $_FILES["files"]["name"]);
		$extension = end($temp);
		if ((($_FILES["files"]["type"] == "image/gif")
		|| ($_FILES["files"]["type"] == "image/jpeg")
		|| ($_FILES["files"]["type"] == "image/jpg")
		|| ($_FILES["files"]["type"] == "image/pjpeg")
		|| ($_FILES["files"]["type"] == "image/x-png")
		|| ($_FILES["files"]["type"] == "image/png"))
		&& in_array($extension, $allowedExts))
		{
		if ($_FILES["files"]["error"] > 0){
			echo "Return Code: " . $_FILES["files"]["error"] . "<br>";
		}
		else{
			$name = $dbLink->real_escape_string($_FILES['files']['name']);
			$mime = $dbLink->real_escape_string($_FILES['files']['type']);
			//$data = $dbLink->real_escape_string(file_get_contents($_FILES['files']['tmp_name']));
			$size = intval($_FILES['files']['size']);
			$random_digit=rand(0000,9999);
			$new_name=$random_digit.$name;
			$target = "task-photos/";
			$target = $target.$new_name;

			$query2 = "insert into photos values('','$task_id','$new_name','$mime','$size',NOW())";
			$result2 = $dbLink->query($query2);
				if($result2){
					move_uploaded_file($_FILES['files']['tmp_name'],$target);
					$query3 = "update task set photo_flag=1 where task_id='".$task_id."' ";
					$result3 = $dbLink->query($query3);
				}
			}

		}else{
			echo "<script> alert('Invalid File! Try Again.') </script>" ;
			echo "<script>window.location='job_posted_history1.php'</script>" ;

		}
	}
	if($result2 && $result3){
				echo "<script> alert('Image uploaded.') </script>" ;
				echo "<script>window.location='job_posted_history1.php'</script>" ;
			}else{
				  echo "<script> alert('Oops! somthing went wrong.') </script>" ;
				  echo "<script>window.location='job_posted_history1.php'</script>" ;
				}

	}else {
			echo "<script> alert('Please choose image file.')</script>";
			echo"<script> function goBack(){window.history.back()} goBack(); </script>";
		}
		// Close the mysql connection		 //$dbLink.close();
}
?>

<?php
// gathering data via url & decoding it
if(isset($_REQUEST['v'])){
	$id=trim($_REQUEST['v']);
	//$id=base64_decode($t1);
}else{echo "<script>history.go(-1)</script>" ;}
?>

<form action="" method="POST" enctype="multipart/form-data">
<table class="main-table">
	<tr>
	  	<td><a href='javascript:history.go(-1)'><img src="images/back4.png" width="8%" height="4%"></a><br></td>
	</tr>
    <tr>
		<td></td>
	</tr>
	<tr>
		<td>
			<input type="file" name="files"  />
			<input type="hidden" name="taskid" value='<?php echo $id;?>'/>
			<input type="submit" name='upload' value='Upload'/>
		</td>
	</tr>
	<tr>
		<td>&nbsp;</td>
	</tr>
 </table>
 </form>
<?php include('./includes/footer.php');?>