souko/Simple-Wishlist
1
0
Fork 0
Code Issues Releases 1 Activity
Files
4f8b1d07bc1e21b1c7b89166dcc9dd9a4a0a4f24
Simple-Wishlist/add_item.php

64 lines
1.8 KiB
PHP
Raw Blame History

<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
include_once('config/config.php');
$ItemTitle = $_POST['ItemTitle'];
$ItemDescription = $_POST['ItemDescription'];
$ItemPrice = $_POST['ItemPrice'];
$ItemLink = $_POST['ItemLink'];
$ItemImage = $_POST['ItemImage'];
#--- check if the provided Link is a valid URL
if (filter_var($ItemLink, FILTER_VALIDATE_URL) === FALSE) {
die('Not a valid URL');
}
#---
#--- check if the provided Image-Link is a real image:
$headers = array_change_key_case(get_headers($ItemImage, 1), CASE_LOWER); // make all keys LowerCase
if (strpos($headers['content-type'], 'image/') !== false) {
$strippedimagepath = strtok($ItemImage, '?');
$imageLocalLink = $imagedir . '/' . uniqid() . '.' . pathinfo($strippedimagepath, PATHINFO_EXTENSION);
echo "ImageLink: " . $imageLocalLink;
file_put_contents($imageLocalLink, fopen($strippedimagepath, 'r'));
} else {
echo "Link is Not an Image";
}
#---
$ItemPriceCents = floatval(str_replace(',', '.', str_replace('.', '', $ItemPrice))) * 100;
$conn = new mysqli($servername, $username, $password, $db);
// Check connection
if ($conn->connect_error) {
die('Connection failed: ' . $conn->connect_error);
}
$stmt = $conn->prepare('INSERT INTO whishes (title, description, link, image, price) VALUES (?, ?, ?, ?, ?)');
if (false === $stmt) {
die('prepare() failed: ' . htmlspecialchars($mysqli->error));
}
$rc = $stmt->bind_param('ssssi', $ItemTitle, $ItemDescription, $ItemLink, $imageLocalLink, $ItemPriceCents);
if (false === $rc) {
die('bind_param() failed: ' . htmlspecialchars($stmt->error));
}
$rc = $stmt->execute();
if (false === $rc) {
die('execute() failed: ' . htmlspecialchars($stmt->error));
}
$stmt->close();
$conn->close();
header('Location: ' . $_SERVER['HTTP_REFERER']);
Reference in New Issue View Git Blame Copy Permalink