insertData.php

PHOTO EMBED

Fri Nov 20 2020 12:52:23 GMT+0000 (Coordinated Universal Time)

Saved by @uchenliew #php

<?php
	$dbc = mysqli_connect('localhost', 'root', '');	//connect database
	mysqli_select_db($dbc, 'news');	//select database
	
	$errorsAddNewsArr = array();
	
	if(isset($_POST['addNewsData'])){
		$newsTitle = trim(str_replace("'", "\'", $_POST['txtNewsTitle']));
		$newsDetails = trim(str_replace("'", "\'", $_POST['txtNewsDetails']));
		$newsCategory = $_POST['selectNewsCategory'];
		
		$targetImage = "/205CDE/Assignment/".basename($_FILES['uploadNewsImg']['name']);
		$newsImage = $_FILES['uploadNewsImg']['name'];
		
		//ensure form fields are filled properly
		if(empty($newsTitle)){
			array_push($errorsAddNewsArr, "News title is required! Please try again!");
		}
		if(empty($newsDetails)){
			array_push($errorsAddNewsArr, "News details is required! Please try again!");
		}
		if($newsCategory == 0){
			array_push($errorsAddNewsArr, "News category is required! Please try again!");
		}
		
		//no errors
		if(count($errorsAddNewsArr) == 0){
			$query = "INSERT INTO news (news_title, news_details, news_category, news_datetime, news_image) 
			VALUES ('$newsTitle', '$newsDetails', '$newsCategory', NOW(), '$newsImage')";
			
			//Move uploaded image into a folder
			if(move_uploaded_file($_FILES['name']['tmp_name'], $targetImage)){
				$msg = "Image uploaded successfully!";
				}else{
				$msg = "Image uploaded unsuccessfully!";
			}
			
			$runQuery = mysqli_query($dbc, $query);
			
			if($runQuery){
				echo '<script> alert("Data saved!"); </script>';
				header('Location: /205CDE/Assignment/manageNews.php');
				}else{
				echo '<script> alert("Data not save yet!"); </script>';
			}
		}else{
			//display error message in alert
			foreach($errorsAddNewsArr as $errorsAddNewsMsg){
				echo '<script type="text/javascript">alert("'.$errorsAddNewsMsg.'");</script>'; 
			}
			
			//redirect to manageNews.php
			echo '<script type="text/javascript">window.location.href = "/205CDE/Assignment/manageNews.php";</script>'; 
		}
	}
	mysqli_close($dbc);
?>
content_copyCOPY