/**
  * Uploads image and returns the id of that image
  * @param $tmpName
  * @param $fileType
  * @return mixed
  */
 public function uploadImage($tmpName, $fileType)
 {
     $connection = ConnectionManager::getConnection();
     $imageData = file_get_contents($tmpName);
     $imageData = $connection->escape_string($imageData);
     $image_types = array('image/gif', 'image/jpg', 'image/jpeg', 'image/png', 'image/jpe');
     if (in_array($fileType, $image_types)) {
     }
     if (isset($_POST["submit"])) {
         if (in_array($fileType, $image_types)) {
             Logger::log("image is an image");
             $imagesql = "INSERT INTO image (`data`, `type`) VALUES('{$imageData}', '{$fileType}')";
             if ($connection->query($imagesql) === TRUE) {
                 Logger::log('image uploaded');
             } else {
                 echo mysqli_error($connection);
                 Logger::log('image not uploaded');
             }
         } else {
             Logger::log("not an image");
         }
     }
     return $connection->insert_id;
 }
<?php

include_once '../bootstrap.php';
use Models\Logger;
use Models\LoginManager;
use Models\AuctionManager;
use Views\HomepageView;
use Models\UserManager;
use Models\AuctionSellerManager;
use Views\SellerHomepageView;
// login protected page
LoginManager::startSessionAndRedirectIfNotLoggedIn();
$userManager = new UserManager();
$loggedInUser = $userManager->getLoggedInUser();
$userRole = $loggedInUser->roleID;
Logger::log($userRole);
if (isset($_REQUEST["searchTerm"])) {
    $searchTerm = $_REQUEST["searchTerm"];
} else {
    $searchTerm = AuctionManager::DEFAULT_SEARCH_TERM;
}
if (isset($_REQUEST["categoryID"])) {
    $categoryID = $_REQUEST["categoryID"];
} else {
    $categoryID = AuctionManager::DEFAULT_ALL_CATEGORIES;
}
if ($userRole == UserManager::USER_ROLE_BUYER || $userRole == UserManager::USER_ROLE_ADMIN) {
    $auctionManager = new AuctionManager();
} elseif ($userRole == UserManager::USER_ROLE_SELLER || $userRole == UserManager::USER_ROLE_ADMIN) {
    $auctionManager = new AuctionSellerManager();
}
 public function notificationSettings($change, $userID)
 {
     $connection = ConnectionManager::getConnection();
     $success = false;
     if ($change == 'y') {
         $sql = "UPDATE user SET notifications=1 WHERE id='{$userID}'";
         Logger::log("notifications on");
     } else {
         if ($change == 'n') {
             $sql = "UPDATE user SET notifications=0 WHERE id={$userID}";
             Logger::log("notifications off");
         }
     }
     if ($connection->query($sql) === TRUE) {
         $success = true;
         Logger::log("updated");
     }
     return $success;
 }
 /**
  * @param $title
  * @param $description
  * @param $item_condition
  * @param $start_price
  * @param $reserve_price
  * @param $start_date
  * @param $start_time
  * @param $end_date
  * @param $end_time
  * @param $categories
  * @return mixed
  */
 public function createNewItem($title, $description, $item_condition, $start_price, $reserve_price, $start_date, $start_time, $end_date, $end_time, $categories)
 {
     $connection = ConnectionManager::getConnection();
     Logger::log('uploadItem');
     $userManager = new UserManager();
     $seller_id = $userManager->getLoggedInUser()->userID;
     $title = $connection->escape_string($title);
     $description = $connection->escape_string($description);
     $item_condition = $connection->escape_string($item_condition);
     $start_price = $connection->escape_string($start_price);
     $reserve_price = $connection->escape_string($reserve_price);
     $start_date = $connection->escape_string($start_date);
     $start_time = $connection->escape_string($start_time);
     $end_date = $connection->escape_string($end_date);
     $end_time = $connection->escape_string($end_time);
     // sets views to zero so increment works
     $start_date = $start_date . ' ' . $start_time;
     $end_date = $end_date . ' ' . $end_time;
     $auction_id = -1;
     $sql = "INSERT INTO auction (description, views, start_price, end_date, start_date, seller_id, reserve_price, item_condition, title)\n                    VALUES ('{$description}', 0, '{$start_price}', '{$end_date}', '{$start_date}', '{$seller_id}', '{$reserve_price}', '{$item_condition}', '{$title}')";
     if ($connection->query($sql) === TRUE) {
         Logger::log('insert to auction table');
         // gets the id of the query
         $auction_id = $connection->insert_id;
         Logger::log($auction_id);
         foreach ($categories as $category) {
             $category = (int) $category;
             $sqlCategory = "INSERT INTO auction_category (auction_id, category_id) VALUES ({$auction_id}, {$category})";
             if ($connection->query($sqlCategory) === TRUE) {
                 Logger::log('insert to auction_category table');
             } else {
                 Logger::log('insert to auction_category failed ' . $sqlCategory);
             }
         }
     } else {
         Logger::log('not connected to database');
     }
     return $auction_id;
 }
    $fileName = $_FILES['userfile']['name'];
    //image name
    $tmpName = $_FILES['userfile']['tmp_name'];
    // data
    $fileSize = $_FILES['userfile']['size'];
    $fileType = $_FILES['userfile']['type'];
    $categories = $_POST['category'];
    $auctionManager = new AuctionManager();
    $imageManager = new ImageManager();
    $imageAuctionID = -1;
    if ($tmpName != null) {
        $imageID = $imageManager->uploadImage($tmpName, $fileType);
        \Models\Logger::log($imageID);
        if ($imageID > 0) {
            $auctionID = $auctionManager->createNewItem($title, $description, $item_condition, $start_price, $reserve_price, $start_date, $start_time, $end_date, $end_time, $categories);
            if ($auctionID > 0) {
                $imageAuctionID = $auctionManager->registerImage($auctionID, $imageID);
                \Models\Logger::log($imageAuctionID);
            }
        }
    }
    if ($imageAuctionID > 0) {
        $auctionDetail = $auctionManager->getAuctionDetail($auctionID);
        $uploadSuccessView = new UploadSuccessView($auctionDetail);
        $uploadSuccessView->render();
    } else {
        $uploadView = new UploadView();
        \Models\Alerter::showAlert("There was a problem with your upload");
        $uploadView->render();
    }
}