57 lines
1.7 KiB
PHP
57 lines
1.7 KiB
PHP
<?php
|
|
ini_set('display_errors', 1);
|
|
ini_set('display_startup_errors', 1);
|
|
error_reporting(E_ALL);
|
|
include_once('config/config.php');
|
|
|
|
$ItemTitle = $_POST['ItemTitle'];
|
|
$ItemDescription = $_POST['ItemDescription'];
|
|
$ItemPrice = $_POST['ItemPrice'];
|
|
$ItemLink = $_POST['ItemLink'];
|
|
$ItemImage = $_POST['ItemImage'];
|
|
|
|
|
|
#--- check if the provided Image-Link is a real image:
|
|
|
|
$headers = array_change_key_case(get_headers($ItemImage, 1), CASE_LOWER); // make all keys LowerCase
|
|
|
|
if (strpos($headers['content-type'], 'image/') !== false) {
|
|
$strippedimagepath = strtok($ItemImage, '?');
|
|
$imageLocalLink = 'data/images/' . uniqid() . '.' . pathinfo($strippedimagepath, PATHINFO_EXTENSION);
|
|
echo "ImageLink: " . $imageLocalLink;
|
|
file_put_contents($imageLocalLink, fopen($strippedimagepath, 'r'));
|
|
} else {
|
|
echo "Link is Not an Image";
|
|
}
|
|
|
|
#---
|
|
|
|
$ItemPriceCents = floatval(str_replace(',', '.', str_replace('.', '', $ItemPrice))) * 100;
|
|
$conn = new mysqli($servername, $username, $password, $db);
|
|
|
|
// Check connection
|
|
if ($conn->connect_error) {
|
|
die('Connection failed: ' . $conn->connect_error);
|
|
}
|
|
|
|
$stmt = $conn->prepare('INSERT INTO whishes (title, description, link, image, price) VALUES (?, ?, ?, ?, ?)');
|
|
|
|
if (false === $stmt) {
|
|
die('prepare() failed: ' . htmlspecialchars($mysqli->error));
|
|
}
|
|
|
|
$rc = $stmt->bind_param('ssssi', $ItemTitle, $ItemDescription, $ItemLink, $imageLocalLink, $ItemPriceCents);
|
|
if (false === $rc) {
|
|
die('bind_param() failed: ' . htmlspecialchars($stmt->error));
|
|
}
|
|
|
|
$rc = $stmt->execute();
|
|
if (false === $rc) {
|
|
die('execute() failed: ' . htmlspecialchars($stmt->error));
|
|
}
|
|
|
|
$stmt->close();
|
|
$conn->close();
|
|
|
|
header('Location: ' . $_SERVER['HTTP_REFERER']);
|