196 lines
5.9 KiB
PHP
196 lines
5.9 KiB
PHP
<?php
|
|
header("Access-Control-Allow-Origin: *");
|
|
header("Access-Control-Allow-Headers: access");
|
|
header("Access-Control-Allow-Methods: POST");
|
|
header("Content-Type: application/json; charset=UTF-8");
|
|
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
|
|
|
|
require __DIR__ . '/classes/Database.php';
|
|
require __DIR__ . '/classes/lib.php';
|
|
|
|
|
|
function deleteOldPic($qr_id, $qr)
|
|
{
|
|
// get old pic_path
|
|
try
|
|
{
|
|
// echo "qr_id ". $qr_id . "\n";
|
|
// echo "qr_set ". $qr . "\n";
|
|
// echo "isset qr_set ". isset($qr) . "\n";
|
|
$db_connection = new Database();
|
|
$conn = $db_connection->dbConnection();
|
|
|
|
$fetch_user_qr_id =
|
|
"SELECT id, qr_code, picture FROM `dogs` WHERE `qr_id`=:qr_id";
|
|
$query_stmt = $conn->prepare($fetch_user_qr_id);
|
|
// echo "query_stmt ". $query_stmt . "\n";
|
|
$query_stmt->bindValue(':qr_id', $qr_id,PDO::PARAM_STR);
|
|
// echo "bindValue ". "\n";
|
|
$query_stmt->execute();
|
|
// echo "execute ". "\n";
|
|
|
|
// // IF THE dog IS FOUNDED BY qr_id
|
|
if($query_stmt->rowCount())
|
|
{
|
|
$row = $query_stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
// echo "row " . $row["picture"] . "\n";
|
|
$file2del = "../uploads/";
|
|
if($qr)
|
|
{
|
|
$file2del .= $row["qr_code"];
|
|
}
|
|
else
|
|
{
|
|
$file2del .= $row["picture"];
|
|
}
|
|
if (file_exists($file2del))
|
|
{
|
|
unlink($file2del);
|
|
// echo "unlink " . $file2del . "\n";
|
|
}
|
|
$result = new CMsg(1,200,'get old pic_path',null,$row);
|
|
}
|
|
else
|
|
{
|
|
$result = new CMsg(0,422,'no dog',null);
|
|
}
|
|
}
|
|
catch(PDOException $e)
|
|
{
|
|
$result = new CMsg(0,500,"deleteOldPic ".$e->getMessage());
|
|
echo $result->jsonarray();
|
|
}
|
|
}
|
|
|
|
try {
|
|
session_start();
|
|
|
|
// $resp = json_decode('
|
|
// {
|
|
// "success": 1,
|
|
// "user": {
|
|
// "id": 11,
|
|
// "qr_id": "YQiwEB",
|
|
// "email": "p.para@gmx.de",
|
|
// "qr": 1
|
|
// }
|
|
// }');
|
|
|
|
// $_SESSION["user"] = (array)((array)$resp)["user"];
|
|
|
|
$result = new CMsg(0);
|
|
|
|
if (!isset($_SESSION["user"]))
|
|
{
|
|
$result = new CMsg(0, 401, "not logged in");
|
|
echo $result->jsonarray();
|
|
return $result->jsonarray();
|
|
}
|
|
|
|
$user = $_SESSION["user"];
|
|
$allowTypes = array('jpg', 'png', 'jpeg', 'gif', 'pdf');
|
|
//echo var_dump($user);
|
|
// File upload path
|
|
//$targetDir = "../uploads/" . $user["qr_id"];
|
|
$targetDir = "../uploads/" . $user["qr_id"];
|
|
if (!file_exists($targetDir))
|
|
{
|
|
mkdir($targetDir, 0755, true);
|
|
}
|
|
// echo "targetDir ". $targetDir . "\n";
|
|
|
|
$fileName = basename($_FILES["file"]["name"]);
|
|
//$fileName = "qr_blob.png";
|
|
$fileType = pathinfo($fileName, PATHINFO_EXTENSION);
|
|
|
|
// echo "fileName ".$fileName . "\n";
|
|
// echo "fileType ".$fileType . "\n";
|
|
|
|
if (!in_array($fileType, $allowTypes))
|
|
{
|
|
$result = new CMsg(
|
|
0,
|
|
406,
|
|
'Sorry, only JPG, JPEG, PNG, GIF, & PDF files are allowed to upload.'
|
|
);
|
|
echo $result->jsonarray();
|
|
return $result->jsonarray();
|
|
}
|
|
deleteOldPic($user["qr_id"], $_POST["qr"]);
|
|
// deleteOldPic($user["qr_id"], $user["qr"]);
|
|
$newFilename = getNewFilename($targetDir, $fileType, 20);
|
|
|
|
// echo "newFilename ".$newFilename . "\n";
|
|
if (strlen($newFilename) == 0)
|
|
{
|
|
$result = new CMsg(
|
|
0,
|
|
507,
|
|
'Too many uploaded files on the server, try it again later'
|
|
);
|
|
echo $result->jsonarray();
|
|
|
|
return $result->jsonarray();
|
|
}
|
|
|
|
$targetFilePath = $targetDir . '/' . $newFilename;
|
|
// echo "targetFilePath ". $targetFilePath."\n";
|
|
|
|
if (isset($_POST["submit"]) && !empty($_FILES["file"]["name"]))
|
|
{
|
|
// echo "submit file name ". $_FILES["file"]["name"]."\n";
|
|
// Upload file to server
|
|
if (move_uploaded_file($_FILES["file"]["tmp_name"], $targetFilePath))
|
|
{
|
|
// echo "move ok! ". $targetFilePath."\n";
|
|
$newPathFilename = '/' . $user["qr_id"] . '/' . $newFilename;
|
|
// echo "query " . "UPDATE dogs SET picture = '" . $newPathFilename . "' WHERE qr_id = '" . $user["qr_id"]."'\n";
|
|
$db_connection = new Database();
|
|
$conn = $db_connection->dbConnection();
|
|
// echo var_dump($conn);
|
|
// Insert image file name into database
|
|
if(isset($_POST["qr"]))
|
|
{
|
|
$statement = $conn->prepare("UPDATE dogs SET qr_code = :filePath WHERE qr_id = :user_qr_id");
|
|
}
|
|
else
|
|
{
|
|
$statement = $conn->prepare("UPDATE dogs SET picture = :filePath WHERE qr_id = :user_qr_id");
|
|
}
|
|
$update = $statement->execute(array('filePath' => $newPathFilename, 'user_qr_id' => $user["qr_id"]));
|
|
// echo var_dump($update);
|
|
$count = $statement->rowCount();
|
|
// echo 'rowcount ' . $count . '\n';
|
|
|
|
if ($update && $count > 0)
|
|
{
|
|
$result = new CMsg(1, 200, "The file " . $fileName . " has been uploaded successfully.");
|
|
// echo $result->jsonarray();
|
|
}
|
|
else
|
|
{
|
|
$result = new CMsg(0, 500, "File upload failed, please try again.");
|
|
// echo $result->jsonarray();
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$result = new CMsg(0, 500, "Sorry, there was an error uploading your file.");
|
|
}
|
|
}
|
|
else
|
|
{
|
|
$result = new CMsg(1, 204, 'Please select a file to upload.');
|
|
}
|
|
|
|
// Display status message
|
|
echo $result->jsonarray();
|
|
}
|
|
catch(Exception $e)
|
|
{
|
|
$result = new CMsg(0, 500, $e->getMessage() );
|
|
echo $result->jsonarray();
|
|
}
|
|
?>
|