function add_user_to_db()
{
$this->hashPass();
$db = new DbAccess();
$pdo = $db->getPDO();
$stmt = $pdo->prepare("INSERT INTO credentials (username, password, salt_hex, hashed_pass, date_of_reg) VALUES (:username, :password, :salt_hex, :hashed_pass, NOW())");
try {
$stmt->execute(array('username' => $this->username, 'password' => $this->password, 'salt_hex' => $this->salt_hex, 'hashed_pass' => $this->hashed_pass));
echo "User: "******" has been inserted into DB." . "<br />";
} catch (Exception $e) {
echo 'Message: ' . $e->getMessage() . '<br />';
}
}
function showImage($image_id)
{
$db = new DbAccess();
$pdo = $db->getPDO();
$stmt = $pdo->prepare("SELECT image_filename FROM image_data WHERE image_id = :image_id");
try {
$stmt->execute(array('image_id' => $image_id));
$row = $stmt->fetch();
return $row['image_filename'];
} catch (Exception $e) {
echo 'Message: ' . $e->getMessage() . '<br />';
}
}
echo "Welcome " . $username . " ! This is your page!" . "<br />";
echo "<img src='" . showUserImages($user_id) . "'></img>";
echo ' <a href="logout.php">Logout</a>' . "<br />";
}
if (isset($_POST['submit'])) {
$image_description = trim($_POST['image_description']);
$screenshotFilename = trim($_FILES['screenshot']['name']);
if (!empty($screenshotFilename)) {
$screenshot = time() . $_FILES['screenshot']['name'];
$screenshotType = $_FILES['screenshot']['type'];
$screenshotSize = $_FILES['screenshot']['size'];
if ($screenshotType == 'image/jpeg' || $screenshotType == 'image/pjpeg' || $screenshotType == 'image/gif' || $screenshotType == 'image/png' && $screenshotSize > 0) {
$target = './images/' . $screenshot;
move_uploaded_file($_FILES['screenshot']['tmp_name'], $target);
$db = new DbAccess();
$pdo = $db->getPDO();
$stmt = $pdo->prepare("INSERT INTO image_data (user_id, image_description, image_filename, image_post_date) VALUES (:user_id, :image_description, :image_filename, NOW())");
try {
$stmt->execute(array('user_id' => $user_id, 'image_description' => $image_description, 'image_filename' => $target));
echo "Image has been inserted into DB." . "<br />";
} catch (Exception $e) {
echo 'Message: ' . $e->getMessage() . '<br />';
}
}
}
}
?>
<p>Add tr profile.</p>
<form enctype="multipart/form-data" method="POST" action="<?php
