1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38
| <?php
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
require_once'inc/functions.php';
$pdo = new PDO('mysql:host=localhost;dbname=comment', 'root', '');
if (isset($_SESSION['auth']->id_user) AND $_SESSION['auth']->id_user > 0) {
$iduser = intval($_SESSION['auth']->id_user);//on a creer a variable pour l'id de l'utilisateur
$req = $pdo->prepare('SELECT id_user, nom_user, prenom_user, domaine_user, avatar_user FROM users WHERE id_user = ?');
$req->execute(array($iduser));
$infouser = $req->fetch();
$error = '';
if (isset($_FILES['photo_pub'])){
$legend_photo = htmlspecialchars($_POST['legend_photo_video']);
$taillephotomax = 2000000;
$extensionphotovalide = array('png', 'jpg', 'jpeg', 'gif', 'ico', 'bmp', 'tiff', 'tif', 'svg');
if ($_FILES['photo_pub']['size'] <=$taillephotomax) {
$extensionphotoupload = strtolower(substr(strrchr($_FILES['photo_pub']['name'], '.'), 1));
$cheminphoto = "image/photovideopublier/" .$_SESSION['auth']->id_user."_photo".$infouser->nom_user."." .$extensionphotoupload;
$resultatphoto = move_uploaded_file($_FILES['photo_pub']['tmp_name'], $cheminphoto);
if (in_array($extensionphotoupload, $extensionphotovalide)) {
$req = $pdo->prepare('INSERT INTO publication (id_user_auteur, prenom_user_auteur, nom_user_auteur, avatar_user_auteur, domaine_user_auteur, nom_pub, legend_pub, date_time_pub) VALUES (?, ?, ?, ?, ?, ?, ?, NOW())');
$req->execute(array($infouser->id_user, $infouser->prenom_user, $infouser->nom_user, $infouser->avatar_user, $infouser->domaine_user, $_SESSION['auth']->id_user.'_photo_'.$infouser->nom_user.'.'.$extensionphotoupload, $legend_photo));
}
else{
//
}
}
else{
//
}
}
}
$data = array('error' => $error);
echo json_encode($data);
?> |
Partager