melder/ajax/ajax_location_push.php
Walter Hupfeld d94ea09940 fix
2024-03-15 21:57:30 +01:00

100 lines
3.6 KiB
PHP

<?php
require_once("../config.db.php");
require_once("../config.php");
require_once("../lib/functions.php");
require_once("../lib/geocoding.php");
$allowed_extensions = array("jpg", "jpeg", "png", "gif");
$strUsername = htmlentities(trim($_POST['username']));
$strUsername = addslashes($strUsername);
$strAge = (isset($_POST['ext_age'])) ? $_POST['ext_age'] : "";
$strTransport = (isset($_POST['ext_transport'])) ? $_POST['ext_transport'] : "";
$strDescription = htmlentities(trim($_POST['description']));
$strDescription = addslashes($strDescription);
$numTopic = (isset($_POST['topic'])) ? $_POST['topic'] : 2;
$numDefect = (isset($_POST['defect'])) ? $_POST['defect'] : 0;
$numLng = $_POST['lng'];
$numLat = $_POST['lat'];
$strDistrict = $_POST['district'];
$boolUploadOk=false;
//Leere Einträge verhindern
if (empty($strUsername) || empty($numLng) || empty($numLat)) {
die("not valid!");
}
if ($boolUpload && !empty($_FILES['uploadfile']['name'])) {
$file=$_FILES['uploadfile'];
$uploadfile = $uploaddir . basename($file['name']);
$fileinfo = @getimagesize($file["tmp_name"]);
if (!empty($fileinfo)) {
//$info=read_gps_location($_FILES["uploadfile"]["tmp_name"]);
$file_extension = pathinfo($file["name"], PATHINFO_EXTENSION);
if (!in_array(strtolower($file_extension), $allowed_extensions)) {
echo "Invalid file type. Please upload only jpg, jpeg, png, or gif images.";
exit();
}
$strNewfilename = uniqid("", true) . "." . $file_extension;
while (file_exists($uploaddir . $strNewfilename)) {
$strNewfilename = uniqid("", true) . "." . $file_extension;
}
if (move_uploaded_file($file['tmp_name'], $uploaddir.$strNewfilename)) {
$filename=$strNewfilename;//$file['name'];
$filesize=$file['size'];
$filetype=$file['type'];
$boolUploadOk = true;
} else {
die("Upload failed with error code " . $_FILES['file']['error']);
}
}
}
$stmt = $db->prepare("INSERT INTO location (username,age,transport,description,defect,topic,lng,lat,district)
VALUES (:username,:age,:transport,:description,:defect,:topic,:lng,:lat,:district)");
$stmt->bindValue(':username', $strUsername);
$stmt->bindValue(':age', $strAge);
$stmt->bindValue(':transport', $strTransport);
$stmt->bindValue(':description', $strDescription);
$stmt->bindValue(':topic', $numTopic);
$stmt->bindValue(':lng', $numLng);
$stmt->bindValue(':lat', $numLat);
$stmt->bindValue(':defect', $numDefect);
$stmt->bindValue(':district',$strDistrict);
$stmt->execute();
// fetch last_id - sqlite
$strSQL="SELECT id FROM location ORDER BY id DESC limit 1";
$result = $db->query($strSQL);
if ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$id = $row['id'];
}
// Write address data to table address
$data=getAddress($numLat,$numLng);
if ($data) {
writeAddress($db,$id,$data);
}
// Store File Upload
if ($boolUploadOk) {
$strSQL="INSERT INTO files (loc_id,filename,filesize,filetype) VALUES (:loc_id,:filename,:filesize,:filetype)";
$stmt = $db->prepare($strSQL);
$stmt->bindValue(':loc_id',$id);
$stmt->bindValue(':filename',$filename);
$stmt->bindValue(':filesize',$filesize);
$stmt->bindValue(':filetype',$filetype);
$stmt->execute();
}
// Retrun Markertext of entry
$strSQL="SELECT loc.*,f.filename FROM location loc LEFT JOIN files f ON loc.id=f.loc_id ORDER BY loc.id DESC limit 1";
$result = $db->query($strSQL);
if ($row = $result->fetch(PDO::FETCH_ASSOC)) {
$markerText=generate_tooltip_description($row);
$markerText=stripcslashes($markerText);
}
echo ($markerText);