-
Notifications
You must be signed in to change notification settings - Fork 0
/
admin.php
executable file
·62 lines (60 loc) · 1.41 KB
/
admin.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
<?php
if(isset($_POST['publish'])){
$title=$_POST['title'];
$content=htmlspecialchars($_POST['content']);
$author=$_POST['author'];
$t=time();
$date_pub=date("Y-m-d",$t);
#Image fetching and verification
$file=$_FILES['image'];
$fileName=$_FILES['image']['name'];
$fileTmp=$_FILES['image']['tmp_name'];
$fileSize=$_FILES['image']['size'];
$fileError=$_FILES['image']['error'];
$fileType=$_FILES['image']['type'];
$fileExt=explode('.',$fileName);
$fileActExt=strtolower(end($fileExt));
$allowed=array('jpeg','jpg','png','svg');
if(in_array($fileActExt,$allowed)){
if($fileError===0){
if($fileSize<100000){
$fileNewName=uniqid('',true).'.'.$fileActExt;
$fileDest='uploads/'.$fileNewName;
move_uploaded_file($fileTmp, $fileDest);
}
else{
echo "File size is too big";
exit();
}
}
else{
echo"Error occoured while uploading file";
exit();
}
}
else{
echo"File extension not allowed";
exit();
}
#connections
$c=mysqli_connect('localhost','root','','survey');
if($c){
$q="INSERT INTO `blog` (`date_pub`, `title`, `content`,`author`,`image`) VALUES ('$date_pub', '$title', '$content','$author','$fileNewName')";
$r=mysqli_query($c,$q);
if($r){
echo "<script> alert('Your blog will be published soon');
window.location.href='display.php';
</script>";
}
else{
"Internal Server error!!";
}
}
else{
die("Connection Error:".mysqli_connect_error());
}
}
else{
echo "Error 404 found!!";
}
?>