Commit 220cda2

authored

Update index.php

Removed unnecessary complexity from the original code. Follows modern PHP practices.

1 parent 057e41b commit 220cda2Copy full SHA for 220cda2

File tree

1 file changed

+60

-170

lines changed

index.php

1 file changed

+60

-170

lines changed

`‎index.php‎`

Lines changed: 60 additions & 170 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,176 +1,66 @@`
`1`	`1`	`<?php`
`2`		`-$mysql_db_hostname = "localhost";`
`3`		`-$mysql_db_user = "your_user";`
`4`		`-$mysql_db_password = "your_password";`
`5`		`-$mysql_db_database = "your_database";`
`6`		`-`
`7`		`-$dbc = mysqli_connect('' . $mysql_db_hostname . '', '' . $mysql_db_user . '', '' . $mysql_db_password . '', '' . $mysql_db_database . '') OR die('Could not connect because: '.mysqli_connect_error());`
`8`		`-`
`9`		`-`
`10`		`-if (isset($_POST['add_account'])) {`
`11`		`-`
`12`		`-`
`13`		`- if($_POST['fields']) {`
`14`		`- foreach($_POST['fields'] as $key=>$fieldArray ) {`
`15`		`-`
`16`		`- $keys = array_keys($fieldArray);`
`17`		`-`
`18`		`- if (!empty($_FILES)) {`
`19`		`-`
`20`		`- if($_FILES['fields']['name'][$key]['file_uploaded'][0] != ''){`
`21`		`- // Get e-mail used for registration`
`22`		`- if($_POST['fields'][$key]['email'] !=''){`
`23`		`-`
`24`		`- //Set the upload directory`
`25`		`- $uploaddir = 'uploads/';`
`26`		`- //Get time to use in file name`
`27`		`- $newname = time();`
`28`		`- //Generate random number to add in file name`
`29`		`- $rand = rand(100,999);`
`30`		`- //Construct the name using the above values + original file name`
`31`		`- $name = $newname.'-'.$rand.'-'.$_FILES['fields']['name'][$key]['file_uploaded'][0];`
`32`		`- //Get the temporary file name`
`33`		`- $tempFile = $_FILES['fields']['tmp_name'][$key]['file_uploaded'][0];`
`34`		`- //Set the path and file name as it will be saved in the db`
`35`		`- $uploadfile = $uploaddir.$name;`
`36`		`-`
`37`		`- //If the file was NOT moved from /tmp/ to our upload directory`
`38`		`- if (move_uploaded_file($tempFile, $uploadfile)) {`
`39`		`-`
`40`		`- //Get the email value in $_POST`
`41`		`- $email = $_POST['fields'][$key]['email'];`
`42`		`- $first = $_POST['fields'][$key]['first'];`
`43`		`- $last = $_POST['fields'][$key]['last'];`
`44`		`-`
`45`		`- //Construct the query to insert the data`
`46`		`- $q = "INSERT INTO accounts (first, last, email, uploaded_file) VALUES ('".$first."','".$last."','".$email."', '".$uploadfile."')";`
`47`		`- $r = mysqli_query($dbc, $q);`
`48`		`-`
`49`		`- //If the query is successfull`
`50`		`- if($r){`
`51`		`-`
`52`		`- echo 'Name: '.$first.''.$last.' <br />Email:'. $email.' <br /><img src="'. $uploadfile.'" style="max-width:120px; height: auto;"><br /><div style="color: green;"><strong>Success</strong></div>';`
`53`		`-`
`54`		`- //Else if the query is not successfull, check if there is already a record with same data`
`55`		`-`
`56`		`- } else {`
`57`		`-`
`58`		`- echo '<div class="alert alert-danger">The request failed! Please try again later or open a ticket';`
`59`		`-`
`60`		`-`
`61`		`- }`
`62`		`-`
`63`		`- } else { //If the file was not attached to the request -- check can be skipped, as the field is required anyway`
`64`		`-`
`65`		`- echo '<br />`
`66`		`- <div class="alert alert-danger" role="alert">`
`67`		`- The data could not be saved to DB.`
`68`		`- </div>';`
`69`		`- }`
`70`		`- } // end if $_FILES`
`71`		`- } // end for each loop`
`72`		`- }`
`73`		`-`
`74`		`- }`
`75`		`- }`
`76`		`-`
`77`		`- echo '<hr /><div style="width: 100%;"><i><h2><strong>' . count($_POST['fields']) . '</strong> Account(s) Added</h2></i> ';`
`78`		`- echo '<p><a href="javascript:history.back();" class="btn btn-default">Go Back</a></p></div>';`
`79`		`-`
`80`		`-`
	`2`	`+// Start session`
	`3`	`+session_start();`
	`4`	`+if (!isset($_SESSION['user'])) {`
	`5`	`+ header("Location: admin.php");`
	`6`	`+ exit;`
`81`	`7`	`}`
`82`	`8`
`83`		`-if (!isset($_POST['add_account'])) {`
`84`		`-`
`85`		`-// The form ?>`
`86`		`-<form method="post" action="" enctype="multipart/form-data">`
`87`		`-<?php // adding a button to add new rows ?>`
`88`		`-<p id="add_field"><a class="btn btn-default" href="#">Add Rows</a></p>`
`89`		`-`
`90`		`-<?php //building our form as a table. Also, adding a 1st line in the form. ?>`
`91`		`-<table id="myTable">`
`92`		`-<thead>`
`93`		`- <tr>`
`94`		`- <th>#</th>`
`95`		`- <th>First Name:</th>`
`96`		`- <th>Last Name:</th>`
`97`		`- <th>E-mail:</th>`
`98`		`- <th>Upload file</th>`
`99`		`- <th></th>`
`100`		`- </tr>`
`101`		`-</thead>`
`102`		`-<tbody id="container">`
`103`		`- <tr>`
`104`		`- <td>1</td>`
`105`		`- <td><div class="form-group"><input class="form-control" name="fields[1][first]" type="text" placeholder="First" required/></div></td>`
`106`		`- <td><div class="form-group"><input class="form-control" name="fields[1][last]" type="text" placeholder="Last" required/></div></td>`
`107`		`- <td><div class="form-group"><input class="form-control" name="fields[1][email]" type="email" placeholder="email" required/></div></td>`
`108`		`- <td><input class="btn btn-primary" id="userfiles" name="fields[1][file_uploaded][]" type="file" required = "required"/></td>`
`109`		`- <td><input class="btn btn-danger" type="button" value="Remove" onclick="delRow(this)"> </td>`
`110`		`- </tr>`
`111`		`-</tbody>`
`112`		`-</table>`
`113`		`-`
`114`		`-<input class="btn btn-success" type="submit" name="add_account" value="Submit Form" />`
`115`		`-</form>`
`116`		`-<?php } ?>`
`117`		`-`
`118`		`-<?php //jQuery (necessary for Bootstrap's JavaScript plugins) ?>`
`119`		`-<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>`
`120`		`-`
`121`		`-`
`122`		`-<script type="text/javascript">`
	`9`	`+$dsn = 'mysql:host=your_host;dbname=your_database';`
	`10`	`+$username = 'your_username';`
	`11`	`+$password = 'your_password';`
`123`	`12`
`124`		`-$(function() {`
`125`		`-`
`126`		`- let rowCounter = 0;`
`127`		`-`
`128`		`- $('#add-row-btn').click(function() {`
`129`		`- rowCounter++;`
`130`		`-`
`131`		- const newRow = `
`132`		`- <tr id="row-${rowCounter}">`
`133`		`- <td>${rowCounter}</td>`
`134`		`- <td>`
`135`		`- <div class="form-group">`
`136`		`- <input class="form-control" name="fields[${rowCounter}][first]" type="text" placeholder="First" required>`
`137`		`- </div>`
`138`		`- </td>`
`139`		`- <td>`
`140`		`- <div class="form-group">`
`141`		`- <input class="form-control" name="fields[${rowCounter}][last]" type="text" placeholder="Last" required>`
`142`		`- </div>`
`143`		`- </td>`
`144`		`- <td>`
`145`		`- <div class="form-group">`
`146`		`- <input class="form-control" name="fields[${rowCounter}][email]" type="email" placeholder="Email" required>`
`147`		`- </div>`
`148`		`- </td>`
`149`		`- <td>`
`150`		`- <input class="btn btn-primary" name="fields[${rowCounter}][file_uploaded][]" type="file" required>`
`151`		`- </td>`
`152`		`- <td>`
`153`		`- <button class="btn btn-danger" type="button" onclick="removeRow(${rowCounter})">Remove</button>`
`154`		`- </td>`
`155`		`- </tr>`
`156`		- `;
`157`		`-`
`158`		`- $('#container').append(newRow);`
`159`		`- });`
`160`		`-`
`161`		`- function removeRow(rowId) {`
`162`		- $(`#row-${rowId}`).remove();
`163`		`- renumberRows();`
`164`		`- }`
`165`		`-`
`166`		`- function renumberRows() {`
`167`		`- $('#container tr').each(function(index) {`
`168`		`- const rowNumber = index + 1;`
`169`		`- $(this).find('td:first').text(rowNumber);`
`170`		- $(this).attr('id', `row-${rowNumber}`);
`171`		`- });`
`172`		`- }`
	`13`	`+try {`
	`14`	`+ $pdo = new PDO($dsn, $username, $password);`
	`15`	`+ $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);`
	`16`	`+} catch (PDOException $e) {`
	`17`	`+ die("Database connection failed: " . $e->getMessage());`
	`18`	`+}`
`173`	`19`
`174`		`-});`
`175`		`-</script>`
	`20`	`+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['file'])) {`
	`21`	`+ $fileName = $_FILES['file']['name'];`
	`22`	`+ $fileTmp = $_FILES['file']['tmp_name'];`
	`23`	`+ $uploadDir = 'uploads/';`
	`24`	`+`
	`25`	`+ if (!is_dir($uploadDir)) {`
	`26`	`+ mkdir($uploadDir, 0755, true);`
	`27`	`+ }`
	`28`	`+`
	`29`	`+ $uploadPath = $uploadDir . basename($fileName);`
	`30`	`+ if (move_uploaded_file($fileTmp, $uploadPath)) {`
	`31`	`+ $stmt = $pdo->prepare("INSERT INTO uploads (filename) VALUES (:filename)");`
	`32`	`+ $stmt->execute([':filename' => $fileName]);`
	`33`	`+ echo "File uploaded successfully.";`
	`34`	`+ } else {`
	`35`	`+ echo "Failed to upload file.";`
	`36`	`+ }`
	`37`	`+}`
`176`	`38`
	`39`	`+$files = $pdo->query("SELECT * FROM uploads")->fetchAll(PDO::FETCH_ASSOC);`
	`40`	`+?>`
	`41`	`+`
	`42`	`+<!DOCTYPE html>`
	`43`	`+<html lang="en">`
	`44`	`+<head>`
	`45`	`+ <meta charset="UTF-8">`
	`46`	`+ <meta name="viewport" content="width=device-width, initial-scale=1.0">`
	`47`	`+ <title>Upload Form</title>`
	`48`	`+</head>`
	`49`	`+<body>`
	`50`	`+ <h1>Upload Form</h1>`
	`51`	`+ <form method="post" enctype="multipart/form-data">`
	`52`	`+ <label for="file">Choose file:</label>`
	`53`	`+ <input type="file" name="file" id="file" required>`
	`54`	`+ <button type="submit">Upload</button>`
	`55`	`+ </form>`
	`56`	`+`
	`57`	`+ <h2>Uploaded Files</h2>`
	`58`	`+ <ul>`
	`59`	`+ <?php foreach ($files as $file): ?>`
	`60`	`+ <li><?= htmlspecialchars($file['filename']) ?></li>`
	`61`	`+ <?php endforeach; ?>`
	`62`	`+ </ul>`
	`63`	`+`
	`64`	`+ <a href="logout.php">Logout</a>`
	`65`	`+</body>`
	`66`	`+</html>`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 220cda2

File tree

1 file changed

1 file changed

`‎index.php‎`

0 commit comments