if (isset($_POST['editUser'])) { $user = new User($_POST['editUser']); $statement = $user->editUser($_POST['username'], $_POST['fname'], $_POST['email'], $_POST['password']); } else { if (isset($_POST['getAlbum'])) { $user = new User($_POST['getAlbum']); $statement = $user->getAlbum($_POST['i']); } else { if (isset($_POST['editAlbum'])) { $user = new User($_POST['editAlbum']); $user->editAlbum($_POST['i'], $_POST['albumName'], $_POST['description']); $statement = true; } else { if (isset($_POST['addAlbum'])) { $user = new User($_POST['addAlbum']); $statement = $user->addAlbum($_POST['albumName'], $_POST['description']); } else { if (isset($_POST['getPhoto'])) { $user = new User($_POST['getPhoto']); $statement = $user->getPhoto($_POST['i'], $_POST['j']); } else { if (isset($_POST['editPhoto'])) { $user = new User($_POST['editPhoto']); $user->editPhoto($_POST['i'], $_POST['j'], $_POST['description'], $_POST['photoDate']); $statement = true; } else { if (isset($_POST['addPhoto'])) { $user = new User($_POST['addPhoto']); $statement = $user->addPhoto($_POST['i'], $_POST['photoName'], $_POST['description'], $_POST['photoSize'], $_POST['photoDate'], $_POST['sourcePath']); } else { if (isset($_POST['deletePhoto'])) {
<?php session_start(); if (isset($_SESSION['userID'])) { if ($_SERVER['REQUEST_METHOD'] == "POST") { include 'class.php'; $user = new User($_SESSION['userID']); $albumNo = $user->addAlbum($_POST['albumTitle'], $_POST['albumDesc']); $albumInfo = $user->getAlbum($albumNo); if (!file_exists('photo/' . $_SESSION['userID'] . '/' . $albumInfo['albumID'])) { mkdir('photo/' . $_SESSION['userID'] . '/' . $albumInfo['albumID'], 0777, true); //Create Directory } $mysqli = new mysqli('localhost', 'root', '', 'PixAlbums4U'); if ($mysqli->connect_error) { die('Connect Error (' . $mysqli->connect_errno . ') ' . $mysqli->connect_error); } $sql = <<<SQL INSERT INTO photo (UserID, AlbumID, PhotoName, Description, PhotoSize, PhotoDate, SourcePath) VALUES (?,?,?,?,?,?,?) SQL; $stmt = $mysqli->prepare($sql); $stmt->bind_param('ddssdss', $_SESSION['userID'], $albumInfo['albumID'], $photoName, $description, $photoSize, $photoDate, $sourcePath); $mysqli->query("START TRANSACTION"); $j = 0; for ($i = 0; $i < count($_POST['validPhoto']); $i++) { if ($_POST['validPhoto'][$i]) { $photoName = $_FILES['file']['name'][$i]; $description = $_POST['photoDesc'][$j]; $photoSize = $_FILES['file']['size'][$i]; if ($_POST['date'][$j] != "") {