/*
This file handles agenda uploads securely.
Begins by checking that user is logged in, if not then they cannot upload.
If there was a problem with the upload then exit.
If the uploaded file is too large then exit.
If the uploaded file is not actually a pdf file( checked mimetype from server side) then exit.
Otherwise generate an entry in the database, get the id from that and move the file to the uploads folder.
The filename for the file on the server will be Agenda_ID.pdf
where ID is replaced by the id returned from createAgenda.
Finally the permissions on the file are changed to not allow execution.
*/
require_once "./database.php";
require_once "./session.php";
//if the user is not logged in, do not allow the upload to continue into database
if (!Session::userLoggedIn()) {
header("Location: login.php");
exit;
}
//if error code is not set on file upload array then do not allow upload to continue into database
if (!isset($_FILES['file']['error'])) {
$message = urlencode("File not provided");
header("Location: admin.php?agenda=yes&uploaded={$message}");
exit;
}
if (!isset($_POST['title'])) {
$message = urlencode("Title not provided");
header("Location: admin.php?agenda=yes&uploaded={$message}");
exit;
}
//if the file was not uploaded correctly then do not allow the upload to continue into database
