case 'Delete':
$DesiredRecord = $_POST['SelectRecord'];
GetLoadDesiredRecord();
DeleteForm();
break;
case 'Next':
Db_Next();
DisplayForm();
break;
case 'Previous':
Db_Prev();
DisplayForm();
break;
case 'Submit Changes':
GetPostVariables();
Db_Update();
ListMenu();
break;
case 'Submit Delete':
GetPostVariables();
Db_Delete();
ListMenu();
break;
case 'Submit Add':
GetPostVariables();
if (ValidUniqueCode()) {
Db_Add();
ListMenu();
} else {
$_SESSION['SystemMessage'] = 'Code already on file!! Choose another.';
AddForm();
function Db_Add()
{
global $db, $user, $serverhost, $password, $Add, $Edit, $Delete, $Search, $Start, $Expiry;
global $NumDiveSitePixRecords, $DiveSitePixId, $DiveSiteId, $DiveSitePixEnteredBy, $DiveSitePixDateEntered;
global $DiveSiteCity, $DiveSiteProvince, $DiveSiteCountry, $DiveSiteName, $DiveSiteMajorName;
global $DiveSiteMinorName, $DiveSiteExactLat, $DiveSiteExactLong, $DiveSitePixTitle, $DIveSitePixType;
global $DiveSitePixNoteKeywords, $DiveSitePixPictureURLFileInfo, $DiveSitePixNotes;
$connection = mysql_connect($serverhost, $user, $password) or die('ERROR!! Cannot connect to MySql');
$rs = mysql_select_db($db, $connection) or die('ERROR!! Cannot connect to aquatreasurequest database');
$sql = "insert into DiveSitePix(DiveSiteId,DiveSitePixEnteredBy,DiveSitePixDateEntered,DiveSiteCity,DiveSiteProvince,DiveSiteCountry,DiveSiteName,DiveSiteMajorName,DiveSiteMinorName,DiveSiteExactLat,DiveSiteExactLong,DiveSitePixTitle,DIveSitePixType,DiveSitePixNoteKeywords,DiveSitePixPictureURLFileInfo,DiveSitePixNotes) values (";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteId)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSitePixEnteredBy)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSitePixDateEntered)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteCity)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteProvince)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteCountry)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteName)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteMajorName)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteMinorName)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteExactLat)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSiteExactLong)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSitePixTitle)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DIveSitePixType)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSitePixNoteKeywords)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSitePixPictureURLFileInfo)) . "',";
$sql = $sql . "'" . strip_tags(addslashes($DiveSitePixNotes)) . "')";
$result = mysql_query($sql, $connection) or die("ERROR!! DiveSitePix ADD failure");
#-------------------- record has been added
$DiveSitePixId = mysql_insert_id($connection);
mysql_close($connection);
#$DiveSitePixId='9999'; # fake id to test
#------------ now to move the file with the name properly set ---------------------------------
#echo('Pix ID is: '.$DiveSitePixId.'<br>');
#echo('Pix File name: '.$DiveSitePixURLFileInfo.'<br>');
$target_dir = "DiveSiteImages/";
$target_name = $DiveSiteName . '_' . str_pad($DiveSitePixId, 8, '0', STR_PAD_LEFT);
#echo('target name is: '.$target_name.'<br>');
$target_file = $target_dir . basename($_FILES["DiveSitePixPictureURLFileInfo"]["name"]);
#echo('target file is: '.$target_file.'<br>');
$uploadOk = 1;
$imageFileType = pathinfo($target_file, PATHINFO_EXTENSION);
// Check if image file is a actual image or fake image
if (isset($_POST["submit"])) {
$check = getimagesize($_FILES["DiveSitePixPictureURLFileInfo"]["tmp_name"]);
if ($check !== false) {
# echo "File is an image - " . $check["mime"] . ".";
$uploadOk = 1;
} else {
# echo "File is not an image.";
$uploadOk = 0;
}
}
// Check if file already exists
if (file_exists($target_file)) {
# echo "Sorry, file already exists.";
$uploadOk = 0;
}
// Check file size
if ($_FILES["fileToUpload"]["size"] > 10000000) {
# echo "Sorry, your file is too large.";
$uploadOk = 0;
}
// Allow certain file formats
if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" && $imageFileType != "JPG" && $imageFileType != "PNG" && $imageFileType != "JPEG" && $imageFileType != "GIF") {
# echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
$uploadOk = 0;
}
// Check if $uploadOk is set to 0 by an error
if ($uploadOk == 0) {
echo "Sorry, your file was not uploaded.";
exit;
// if everything is ok, try to upload file
} else {
$target_file = $target_dir . $target_name . '.' . $imageFileType;
$target_file = preg_replace('/\\s+/', '_', $target_file);
if (move_uploaded_file($_FILES["DiveSitePixPictureURLFileInfo"]["tmp_name"], $target_file)) {
# echo "The file ". basename( $_FILES["DiveSitePixPictureURLFileInfo"]["name"]). " has been uploaded as ".$target_file;
} else {
echo "Sorry, there was an error uploading your file.";
exit;
}
}
$DiveSitePixPictureURLFileInfo = $target_file;
PutVariablesIntoSession();
Db_Update();
return;
}