// get image file extension error_reporting(E_ERROR | E_PARSE); $extension = end(explode(".", $_FILES["category_image"]["name"])); if ($image_error > 0) { $error['category_image'] = " <span class='label label-danger'>Not Uploaded!!</span>"; } else { if (!($image_type == "image/gif" || $image_type == "image/jpeg" || $image_type == "image/jpg" || $image_type == "image/x-png" || $image_type == "image/png" || $image_type == "image/pjpeg") && !in_array($extension, $allowedExts)) { $error['category_image'] = " <span class='label label-danger'>Image type must jpg, jpeg, gif, or png!</span>"; } } if (!empty($category_name) && empty($error['category_image'])) { // create random image file name $string = '0123456789'; $file = preg_replace("/\\s+/", "_", $_FILES['category_image']['name']); $function = new functions(); $menu_image = $function->get_random_string($string, 4) . "-" . date("Y-m-d") . "." . $extension; // upload new image $upload = move_uploaded_file($_FILES['category_image']['tmp_name'], 'upload/images/' . $menu_image); // insert new data to menu table $sql_query = "INSERT INTO tbl_category (Category_name, Category_image)\n\t\t\t\t\t\tVALUES(?, ?)"; $upload_image = 'upload/images/' . $menu_image; $stmt = $connect->stmt_init(); if ($stmt->prepare($sql_query)) { // Bind your variables to replace the ?s $stmt->bind_param('ss', $category_name, $upload_image); // Execute query $stmt->execute(); // store result $result = $stmt->store_result(); $stmt->close(); }
// Bind your variables to replace the ?s $stmt->bind_param('s', $username); // Execute query $stmt->execute(); // store result $result = $stmt->store_result(); $stmt->bind_result($data['Password'], $data['Email']); $stmt->fetch(); $num = $stmt->num_rows; $stmt->close(); } // if username exist send new password if ($num == 1) { $email = $data['Email']; $string = 'abcdefghijklmnopqrstuvwxyz'; $password = $function->get_random_string($string, 6); $encrypt_password = hash('sha256', $username . $password); // store new password to user table $sql_query = "UPDATE tbl_user \n\t\t\t\t\t\tSET Password = ? \n\t\t\t\t\t\tWHERE Username = ?"; $stmt = $connect->stmt_init(); if ($stmt->prepare($sql_query)) { // Bind your variables to replace the ?s $stmt->bind_param('ss', $encrypt_password, $username); // Execute query $stmt->execute(); // store result $reset_result = $stmt->store_result(); $stmt->close(); } // send new password to user email if ($reset_result) {