On the page 2 code below, I left the "$a_id = $_GET['a_id'];" code even though I know it doesn't work for this situation. Any idea?
Page 1 PHP:
Code: Select all
<?php
include '../includes/connect.php';
if(isset($_POST['add'])) {
$title = $_POST['title'];
$abstract = $_POST['abstract'];
$full = $_POST['full'];
$category = $_POST['category'];
$source = $_POST['source'];
$date = $_POST['date'];
if(!get_magic_quotes_gpc()) {
$title = addslashes($title);
$abstract = addslashes($abstract);
$full = addslashes($full);
$source = addslashes($source);
}
$query = "INSERT INTO article (title, abstract, full, category, source, date)" . "VALUES ('$title', '$abstract','$full', '$category', '$source', current_date)";
mysql_query($query) or die (mysql_error());
mysql_close();
header ('location:add-image.php');
}
?>Code: Select all
<?php
include '../includes/connect.php';
$a_id = $_GET['a_id'];
$uploadDir = 'images/article/';
if(isset($_POST['upload'])) {
$fileName = $_FILES['userfile']['name'];
$tmpName = $_FILES['userfile']['tmp_name'];
$fileSize = $_FILES['userfile']['size'];
$fileType = $_FILES['userfile']['type'];
$filePath = $uploadDir . $fileName;
$result = move_uploaded_file($tmpName, $filePath);
if (!$result) {
echo "Error uploading file";
exit;
}
if(!get_magic_quotes_gpc()) {
$fileName = addslashes($fileName);
$filePath = addslashes($filePath);
}
$query = "INSERT INTO image (name, size, type, path, a_id)" . "VALUES ('$fileName', '$fileSize', '$fileType', '$filePath', '$a_id')";
mysql_query($query) or die('Error, query failed : ' . mysql_error());
mysql_close();
header ('location:index.php');
}
?>