<!-- Step-1 : receive all ip value form the user via post --> <!-- Step-2 : code for image file to upload --> <!-- Step-3 : increment the catagory column in DB by one if any post save in appropitate catagory --> <?php include "config.php"; if(isset($_FILES['fileToUpload'])){ $errors = array(); /*-- Step-2 : code for image file to upload --> */ /* $file_name = $_FILES['fileToUpload']['name']; */ $file_name = str_replace(" ","_",($_FILES['fileToUpload']['name'])); $file_size = $_FILES['fileToUpload']['size']; $file_tmp = $_FILES['fileToUpload']['tmp_name']; $file_type = $_FILES['fileToUpload']['type']; $file_ext = strtolower(end (explode('.',$file_name))); $extensions = array("jpeg","jpg","png"); if(in_array($file_ext, $extensions) === false) { $errors[] = "This extension file not allowed, Please choose a JPG or PNG files"; } if($file_size > 2097152){ $errors[] = "File size must be 2mb or lower."; } if (empty($errors) == true){ move_uploaded_file($file_tmp, "upload/".$file_name); }else{ print_r($errors); die(); } } /*-- Step-1 : receive all ip value form the user via post --> */ session_start(); $title = mysqli_real_escape_string($conn, $_POST['post_title']); $description = mysqli_real_escape_string($conn, $_POST['postdesc']); $category = mysqli_real_escape_string($conn, $_POST['category']); $date = date("d M, Y"); $author = $_SESSION['user_id']; $sql = "INSERT INTO post(title, description, category, post_date, author, post_img) VALUES('{$title}','{$description}',{$category},'{$date}',{$author},'{$file_name}');"; /*-- Step-3 : increment the catagory column in DB by one if any post save in appropitate catagory --> */ $sql .= "UPDATE category SET post = post + 1 WHERE category_id = {$category}"; if(mysqli_multi_query($conn, $sql)){ header("location: {$hostname}/admin/post.php"); }else{ echo "<div class='alert alert-danger' >Query Failed.</div>"; } ?>