Here is the code for each:
Article
Code: Select all
<?php
include '../includes/connect.php';
if(isset($_POST['add'])) {
$title = $_POST['title'];
$abstract = $_POST['abstract'];
$full = $_POST['full'];
$source = $_POST['source'];
$date = $_POST['date'];
$result = move_uploaded_file($tmpName, $filePath);
if(!get_magic_quotes_gpc()) {
$title = addslashes($title);
$abstract = addslashes($abstract);
$full = addslashes($full);
}
$query = "INSERT INTO article (title, abstract, full, source, date)" . "VALUES ('$title', '$abstract','$full','$source', current_date)";
mysql_query($query) or die('Error, query failed : ' . mysql_error());
mysql_close();
}
?>Code: Select all
<?php
include '../includes/connect.php';
$a_id = $_GET['a_id'];
$uploadDir = '../images/article/';
if(isset($_POST['upload'])) {
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$filePath = $uploadDir . $fileName;
$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}
if(!get_magic_quotes_gpc()) {
$fileName = addslashes($fileName);
$filePath = addslashes($filePath);
}
$query = "INSERT INTO image (name, size, type, path, a_id)" . "VALUES ('$fileName', '$fileSize', '$fileType', '$filePath', '$a_id')";
mysql_query($query) or die('Error, query failed : ' . mysql_error());
mysql_close();
}
?>Code: Select all
<form action="" method="post" enctype="multipart/form-data" name="upload">