/**
* Uploads image and returns the id of that image
* @param $tmpName
* @param $fileType
* @return mixed
*/
public function uploadImage($tmpName, $fileType)
{
$connection = ConnectionManager::getConnection();
$imageData = file_get_contents($tmpName);
$imageData = $connection->escape_string($imageData);
$image_types = array('image/gif', 'image/jpg', 'image/jpeg', 'image/png', 'image/jpe');
if (in_array($fileType, $image_types)) {
}
if (isset($_POST["submit"])) {
if (in_array($fileType, $image_types)) {
Logger::log("image is an image");
$imagesql = "INSERT INTO image (`data`, `type`) VALUES('{$imageData}', '{$fileType}')";
if ($connection->query($imagesql) === TRUE) {
Logger::log('image uploaded');
} else {
echo mysqli_error($connection);
Logger::log('image not uploaded');
}
} else {
Logger::log("not an image");
}
}
return $connection->insert_id;
}
<?php
include_once '../bootstrap.php';
use Models\Logger;
use Models\LoginManager;
use Models\AuctionManager;
use Views\HomepageView;
use Models\UserManager;
use Models\AuctionSellerManager;
use Views\SellerHomepageView;
// login protected page
LoginManager::startSessionAndRedirectIfNotLoggedIn();
$userManager = new UserManager();
$loggedInUser = $userManager->getLoggedInUser();
$userRole = $loggedInUser->roleID;
Logger::log($userRole);
if (isset($_REQUEST["searchTerm"])) {
$searchTerm = $_REQUEST["searchTerm"];
} else {
$searchTerm = AuctionManager::DEFAULT_SEARCH_TERM;
}
if (isset($_REQUEST["categoryID"])) {
$categoryID = $_REQUEST["categoryID"];
} else {
$categoryID = AuctionManager::DEFAULT_ALL_CATEGORIES;
}
if ($userRole == UserManager::USER_ROLE_BUYER || $userRole == UserManager::USER_ROLE_ADMIN) {
$auctionManager = new AuctionManager();
} elseif ($userRole == UserManager::USER_ROLE_SELLER || $userRole == UserManager::USER_ROLE_ADMIN) {
$auctionManager = new AuctionSellerManager();
}
public function notificationSettings($change, $userID)
{
$connection = ConnectionManager::getConnection();
$success = false;
if ($change == 'y') {
$sql = "UPDATE user SET notifications=1 WHERE id='{$userID}'";
Logger::log("notifications on");
} else {
if ($change == 'n') {
$sql = "UPDATE user SET notifications=0 WHERE id={$userID}";
Logger::log("notifications off");
}
}
if ($connection->query($sql) === TRUE) {
$success = true;
Logger::log("updated");
}
return $success;
}
/**
* @param $title
* @param $description
* @param $item_condition
* @param $start_price
* @param $reserve_price
* @param $start_date
* @param $start_time
* @param $end_date
* @param $end_time
* @param $categories
* @return mixed
*/
public function createNewItem($title, $description, $item_condition, $start_price, $reserve_price, $start_date, $start_time, $end_date, $end_time, $categories)
{
$connection = ConnectionManager::getConnection();
Logger::log('uploadItem');
$userManager = new UserManager();
$seller_id = $userManager->getLoggedInUser()->userID;
$title = $connection->escape_string($title);
$description = $connection->escape_string($description);
$item_condition = $connection->escape_string($item_condition);
$start_price = $connection->escape_string($start_price);
$reserve_price = $connection->escape_string($reserve_price);
$start_date = $connection->escape_string($start_date);
$start_time = $connection->escape_string($start_time);
$end_date = $connection->escape_string($end_date);
$end_time = $connection->escape_string($end_time);
// sets views to zero so increment works
$start_date = $start_date . ' ' . $start_time;
$end_date = $end_date . ' ' . $end_time;
$auction_id = -1;
$sql = "INSERT INTO auction (description, views, start_price, end_date, start_date, seller_id, reserve_price, item_condition, title)\n VALUES ('{$description}', 0, '{$start_price}', '{$end_date}', '{$start_date}', '{$seller_id}', '{$reserve_price}', '{$item_condition}', '{$title}')";
if ($connection->query($sql) === TRUE) {
Logger::log('insert to auction table');
// gets the id of the query
$auction_id = $connection->insert_id;
Logger::log($auction_id);
foreach ($categories as $category) {
$category = (int) $category;
$sqlCategory = "INSERT INTO auction_category (auction_id, category_id) VALUES ({$auction_id}, {$category})";
if ($connection->query($sqlCategory) === TRUE) {
Logger::log('insert to auction_category table');
} else {
Logger::log('insert to auction_category failed ' . $sqlCategory);
}
}
} else {
Logger::log('not connected to database');
}
return $auction_id;
}
$fileName = $_FILES['userfile']['name'];
//image name
$tmpName = $_FILES['userfile']['tmp_name'];
// data
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$categories = $_POST['category'];
$auctionManager = new AuctionManager();
$imageManager = new ImageManager();
$imageAuctionID = -1;
if ($tmpName != null) {
$imageID = $imageManager->uploadImage($tmpName, $fileType);
\Models\Logger::log($imageID);
if ($imageID > 0) {
$auctionID = $auctionManager->createNewItem($title, $description, $item_condition, $start_price, $reserve_price, $start_date, $start_time, $end_date, $end_time, $categories);
if ($auctionID > 0) {
$imageAuctionID = $auctionManager->registerImage($auctionID, $imageID);
\Models\Logger::log($imageAuctionID);
}
}
}
if ($imageAuctionID > 0) {
$auctionDetail = $auctionManager->getAuctionDetail($auctionID);
$uploadSuccessView = new UploadSuccessView($auctionDetail);
$uploadSuccessView->render();
} else {
$uploadView = new UploadView();
\Models\Alerter::showAlert("There was a problem with your upload");
$uploadView->render();
}
}