I have 3 simple files index.php, upload.php, test123.php and I want to upload the JPG, JPEG, PNG, GIF, & PDF to this directory test123.php/$file-id with the help of my sql and htaccess. But i have no idea about syntax.
For better understanding see the video
Here is my code
index.php
<?php include 'config.php'; $query = $db->query("SELECT file_name FROM images ORDER BY uploaded_on DESC"); if($query->num_rows > 0){ while($row = $query->fetch_assoc()){ $imageURL = 'uploads/'.$row["file_name"]; ?> <?php }} ?> Upload.php <?php include 'config.php'; $statusMsg = ''; $backlink = ' Go back'; $targetDir = "uploads/"; $user_image = $_FILES['file']; $extension_array = explode(".", $user_image['name']); $extension = end($extension_array); $fileName = uniqid(true).".".$extension;
$targetFilePath = $targetDir . $fileName;
$fileType = pathinfo($targetFilePath,PATHINFO_EXTENSION);
if(isset($_POST[“submit”]) && !empty($_FILES[“file”][“name”])){
$allowTypes = array(‘jpg’,‘png’,‘jpeg’,‘gif’,‘pdf’);
if (!file_exists($targetFilePath)) {
if(in_array($fileType, $allowTypes)){
if(move_uploaded_file($_FILES[“file”][“tmp_name”], $targetFilePath)){
$insert = $db->query(“INSERT into images (file_name, uploaded_on) VALUES (’”.$fileName."’, NOW())");
if($insert){
$statusMsg = "The file “.$fileName. " has been uploaded successfully.” . $backlink;
}else{
$statusMsg = “File upload failed, please try again.” . $backlink;
}
}else{
$statusMsg = “Sorry, there was an error uploading your file.” . $backlink;
}
}else{
$statusMsg = “Sorry, only JPG, JPEG, PNG, GIF, & PDF files are allowed to upload.” . $backlink;
}
}else{
$statusMsg = "The file “.$fileName. " is already exist.” . $backlink;
}
}else{
$statusMsg = ‘Please select a file to upload.’ . $backlink;
}
echo $statusMsg;
?>
test123.php
<link rel="stylesheet" href="style2.css">
<?php
include 'config.php';
$id = (isset($_GET["img"])) ? $_GET["img"] : null;
if($id !== null) {
//you do your query, with prepared statement mind you :p
$stmt = $pdo->prepare("SELECT * from images where id = :id");
$stmt->execute(["id"=>$id]);
$image = $stmt->fetch();
if($image) {
//do things
}
else {
//not found, throw a 404 error or something
}
}
else {
//no id, throw a 403 for example
}
?>