You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
136 lines
6.0 KiB
136 lines
6.0 KiB
<?php
|
|
$id = "";
|
|
$expert_id = "";
|
|
$personal_id = "";
|
|
$name = "";
|
|
$title = "";
|
|
$major = "";
|
|
$tel = "";
|
|
$tel_count = "";
|
|
$chat_id = "";
|
|
$chat_count = "";
|
|
$video_call = "";
|
|
$video_count = "";
|
|
$onsite_call = "";
|
|
$onsite_count = "";
|
|
$creater = "";
|
|
$create_at = "";
|
|
$fileToUpload = "";
|
|
|
|
$id_error = "";
|
|
$expert_id_error = "";
|
|
$personal_id_error = "";
|
|
$name_error = "";
|
|
$title_error = "";
|
|
$major_error = "";
|
|
$tel_error = "";
|
|
$tel_count_error = "";
|
|
$chat_id_error = "";
|
|
$chat_count_error = "";
|
|
$video_call_error = "";
|
|
$video_count_error = "";
|
|
$onsite_call_error = "";
|
|
$onsite_count_error = "";
|
|
$creater_error = "";
|
|
$create_at_error = "";
|
|
# $name_error = $email_error = $comment_error = $website_error = "";
|
|
|
|
|
|
|
|
|
|
if($_SERVER["REQUEST_METHOD"] == "POST"){
|
|
include "expert-user-input.php";
|
|
|
|
$file_name = $_FILES["fileToUpload"]["name"];
|
|
$temp_file_name = $_FILES["fileToUpload"]["tmp_name"];
|
|
$file_size = $_FILES["fileToUpload"]["size"];
|
|
$target_dir = "expert-uploads/";
|
|
$target_file = strtolower($target_dir . basename($file_name));
|
|
$upload_ok = 1;
|
|
$img_file_type = pathinfo($target_file, PATHINFO_EXTENSION);
|
|
|
|
$db_query = "INSERT INTO expert (expert_id,personal_id,name,title,picture,major,tel,tel_count,chat_id,chat_count,video_call,video_count,onsite_call,onsite_count,creater) VALUES ('$expert_id', '$personal_id', '$name', '$title', '$target_file' ,'$major', '$tel', '$tel_count', '$chat_id', '$chat_count', '$video_call', '$video_count', '$onsite_call', '$onsite_count', '$creater')";
|
|
|
|
$file_name = $_FILES["fileToUpload"]["name"];
|
|
$temp_file_name = $_FILES["fileToUpload"]["tmp_name"];
|
|
$file_size = $_FILES["fileToUpload"]["size"];
|
|
$target_dir = "expert-uploads/";
|
|
$target_file = strtolower($target_dir . basename($file_name));
|
|
$upload_ok = 1;
|
|
$img_file_type = pathinfo($target_file, PATHINFO_EXTENSION);
|
|
|
|
//Check if image is an actual image or fake image
|
|
|
|
if(strlen($target_file) <= strlen("expert-uploads/")){
|
|
|
|
$db_query = "INSERT INTO expert(expert_id, personal_id, name, title, major, tel, tel_count, chat_id, chat_count, video_call, video_count, onsite_call, onsite_count, creater) VALUES ('$expert_id', '$personal_id', '$name', '$title', '$major', '$tel', '$tel_count', '$chat_id', '$chat_count', '$video_call', '$video_count', '$onsite_call', '$onsite_count', '$creater')";
|
|
// 用mysqli_query方法執行(sql語法)將結果存在變數中
|
|
$result = mysqli_query($link,$db_query);
|
|
#echo $result;
|
|
|
|
}else {
|
|
|
|
$check_img = getimagesize($temp_file_name);
|
|
|
|
if($check_img == false) {
|
|
echo "<font color='#FF0000'>File is not an image</font>";
|
|
$upload_ok = 0;
|
|
} else {
|
|
//echo "File is an image - " . $check_img["mime"];
|
|
$upload_ok = 1;
|
|
|
|
//Check if file already exists
|
|
if(file_exists($target_file)) {
|
|
echo "<font color='#FF0000'>File is already uploaded!</font>";
|
|
$upload_ok = 0;
|
|
} else {
|
|
//Check file size
|
|
if($file_size > 500000) {
|
|
echo "<font color='#FF0000'>Please enter a file size between 5mb</font>";
|
|
$upload_ok = 0;
|
|
} else {
|
|
//Allow certain file formats
|
|
if($img_file_type != "jpg" && $img_file_type != "png" && $img_file_type != "jpeg" && $img_file_type != "gif") {
|
|
echo "<font color='#FF0000'>JPG, PNG, JPEG and GIF files are allowed</font>";
|
|
$upload_ok = 0;
|
|
} else {
|
|
//Check if $upload_ok is set to 0 by an error
|
|
if($upload_ok === 0) {
|
|
echo "<font color='#FF0000'>File has not been uploaded</font>";
|
|
} else {
|
|
if(move_uploaded_file($temp_file_name, $target_file)){
|
|
|
|
|
|
// sql語法存在變數中
|
|
// $db_query = "INSERT INTO expert (id, expert_id, personal_id, name, title, picture, major, tel, tel_count, chat_id, chat_count, video_call, video_count, onsite_call, onsite_count, creater, create_at) VALUE (`$id`, `$expert_id`, `$personal_id`, `$name`, `$title`, `$target_file`, `$major`, `$tel`, `$tel_count`, `$chat_id`, `$chat_count`, `$video_call`, `$video_count`, `$onsite_call`, `$onsite_count`, `$creater`, `$create_at`)";
|
|
$db_query = "INSERT INTO expert(expert_id, personal_id, name, title, picture, major, tel, tel_count, chat_id, chat_count, video_call, video_count, onsite_call, onsite_count, creater) VALUES ('$expert_id', '$personal_id', '$name', '$title', '$target_file', '$major', '$tel', '$tel_count', '$chat_id', '$chat_count', '$video_call', '$video_count', '$onsite_call', '$onsite_count', '$creater')";
|
|
|
|
// 用mysqli_query方法執行(sql語法)將結果存在變數中
|
|
$result = mysqli_query($link,$db_query);
|
|
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
$affected = mysqli_affected_rows($link);
|
|
mysqli_close($link);
|
|
|
|
if ($affected > 0) {
|
|
echo "<script type ='text/JavaScript'>";
|
|
echo "alert('新增成功');";
|
|
echo "location.href='expert-index.php?function_name=expert&".$token_link."';";
|
|
echo "</script>";
|
|
} elseif ($affected == 0) {
|
|
echo "<script type ='text/JavaScript'>";
|
|
echo "alert('無新增資料');";
|
|
echo "location.href='expert-index.php?function_name=expert&".$token_link."';";
|
|
echo "</script>";
|
|
} else {
|
|
echo "{$db_query} 語法執行失敗,錯誤訊息SSS: " . mysqli_error($link);
|
|
}
|
|
}
|
|
?>
|
|
|