if ($fsize <= $MAX_FILE_SIZE) { if (isset($_POST['title']) && isset($_POST['text'])) { $title = sanitizeString($db, $_POST['title']); $text = sanitizeString($db, $_POST['text']); // add necessary css attributes $filter_string = ''; if ($_POST['filter'] == 'myNostalgia') { $filter_string = "style='-webkit-filter:sepia(100%);filter:sepia(100%);'"; } elseif ($_POST['filter'] == 'grayscale') { $filter_string = "style='-webkit-filter:grayscale(100%);filter:grayscale(100%);'"; } elseif ($_POST['filter'] == 'lomo') { $filter_string = ''; } move_uploaded_file($_FILES['upload']['tmp_name'], $folder_name . DIRECTORY_SEPARATOR . $fname); // save to database SavePostToDB($db, $_SESSION['Username'], $title, $text, $_SERVER['REQUEST_TIME'], $fname, $filter_string); } } else { $message = 'The size of the image is too big'; } } } else { ?> <meta http-equiv="refresh" content="0; url=./index.php"> <?php } ?> <!DOCTYPE html> <html lang="en"> <head>
$time = $_SERVER['REQUEST_TIME']; $file_name = $time . '.jpg'; // Get filter setting. if (isset($_POST['filter'])) { $filter = $_POST['filter']; } else { $filter = "NULL"; } // Get image file, upload to 'users' folder. if ($_FILES) { $tmp_name = $_FILES['upload']['name']; $dstFolder = '../project/users'; move_uploaded_file($_FILES['upload']['tmp_name'], $dstFolder . DIRECTORY_SEPARATOR . $file_name); } // Input post data to table. SavePostToDB($db, $name, $title, $text, $time, $file_name, $filter); // Prevent duplicate submissions on page refresh. header("Location: wall.php"); exit; } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content="COP3813 Homework 8 PHP Photo Sharing App Nick Petty"> <meta name="author" content="Nick Petty"> <link rel="icon" href="icons/favicon.ico">
$time = $_SERVER['REQUEST_TIME']; $file_name = $time . '.jpg'; $result = queryMysql("SELECT * FROM users WHERE USERNAME='******'"); if ($result->num_rows) { $error = "The username you have entered already exists."; } else { if ($_FILES) { $tmp_name = $_FILES['upload']['name']; //file on local host if ($tmp_name == NULL) { $file_name = NULL; } $dstFolder = 'users'; move_uploaded_file($_FILES['upload']['tmp_name'], $dstFolder . DIRECTORY_SEPARATOR . $file_name); } SavePostToDB($connection, $username, $password, $file_name); $success = 'Your account has been created successfully! Please sign in.'; } } } else { $username = sanitizeString($_POST['username']); $password = sanitizeString($_POST['password']); if ($username == "" || $password == "") { $error = "Please enter both username and password."; } else { $result = queryMysql("SELECT USERNAME, PASSWORD FROM users WHERE USERNAME = '******'\n AND PASSWORD = '******'"); if ($result->num_rows) { $_SESSION['username'] = $username; $_SESSION['password'] = $password; $success = "You have now logged in"; header("location:profile.php");