-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaddProject.php
156 lines (134 loc) · 5.78 KB
/
addProject.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
<?php session_start(); ?>
<?php
include("includes/connection.php");
include("includes/functions.php");
?>
<?php
if(isset($_POST['addProject'])){
//file upload
$_SESSION['ok'] = "no";
$e = "";
//change to the original folder. define("UPLOAD_DIR", "/wamp/www/archive fud/admin/projects/");
define("UPLOAD_DIR", "/wamp/htdocs/SLU_archive/projects/");
// set image maxsize to 1MB
$maxsize = 2000240;
if (!empty($_FILES["myFile"])) {
$myFile = $_FILES["myFile"];
if ($myFile["error"] !== UPLOAD_ERR_OK) {
$e = "<li>An error occurred.</li>";
}
// verify the file is a GIF, JPEG, or PNG
$fileType = $_FILES['myFile']['type'];
$allowed = array("application/msword", "application/docx","application/pdf");
/*if (!in_array($fileType, $allowed)) {
$e .= "Only MSWORD OR PDF format are allowed </li>";
}
*/
if( $_FILES['myFile']['size'] > $maxsize)
{
$e .= "<li>Your file is too large.
please select a file that is not greater than 1MB</li>";
}
if (empty($e)){
// ensure a safe filename
$name = preg_replace("/[^A-Z0-9._-]/i", "_", $myFile["name"]);
// don't overwrite an existing file
$i = 0;
$parts = pathinfo($name);
while (file_exists(UPLOAD_DIR . $name)) {
$i++;
$name = $parts["filename"] . "-" . $i . "." . $parts["extension"];
}
// preserve file from temporary directory
$success = move_uploaded_file($myFile["tmp_name"],
UPLOAD_DIR . $name);
$_SESSION['file'] = $name;
$pfile = $_SESSION['file'];
$idno = mysql_real_escape_string(htmlentities($_POST['idno']));
$year = mysql_real_escape_string(htmlentities($_POST['year']));
$supervisorId = mysql_real_escape_string(htmlentities($_POST['supervisor']));
$title = mysql_real_escape_string(htmlentities($_POST['tittle']));
$aim = mysql_real_escape_string(htmlentities($_POST['aim']));
$obj = mysql_real_escape_string(htmlentities(nl2br($_POST['obj'])));
$department = $_SESSION['title'];
$qr = "SELECT * FROM supervisors WHERE SupervisorId = '$supervisorId'";
$sql = mysql_query($qr);// to get the name of the supervisor
Confirm_query($sql, "failed to insert new dept", "");
if ($sql)
{
while ($unit = mysql_fetch_assoc($sql)){
$superName = $unit['Tittle'] . " " . $unit['Fullname'];
}
}
$qr = "INSERT INTO projects (MatricNo, ProjectTittle, ProjectYear, ProjectAim, ProjectObj, ProjectSupervisor, SupervisorId, ProjectMain, Department ) VALUES ('$idno', '$title', '$year', '$aim', '$obj', '$superName', '$supervisorId', '$pfile', '$department' )";
//$sql = mysql_query($qr);
$result = mysql_query($qr);
if (!$result){
die('Could not upload file: ' . mysql_error());
}
$_SESSION['ok'] = "yes";
if (!$success) {
echo "<p>Unable to save file.</p>";
exit;
}
// set proper permissions on the new file
chmod(UPLOAD_DIR . $name, 0644);
echo "<div class='notification'>Project Added to Archives</div>";
}
}
}
echo $e; ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title></title>
</head>
<!-- Bootstrap core CSS -->
<link href="css/bootstrap.min.css" rel="stylesheet">
<body>
<fieldset class="field"> <legend>Register New Project</legend>
<form method="post" action="" enctype="multipart/form-data">
<table width="88%" border="0" cellspacing="8" cellpadding="5">
<tr>
<td width="166" align="center">Reg Number</td>
<td width="281"><input type="text" class="txt" name="idno" required="required"></td>
<td width="108" align="center">Project Tittle</td>
<td width="257"><input type="text" class="txt" name="tittle" required="required"></td>
</tr>
<tr>
<td width="166" align="center">Project Year</td>
<td width="281"><input type="text" class="txt" name="year" required="required"></td>
<td width="108" align="center">Supervisor</td>
<td width="257">
<select id="unit" name="supervisor" required="required" class="txt"/>
<option value="">Select Supervisor</option>
<?php
$dept = $_SESSION['title'];
$qr = "SELECT * FROM supervisors WHERE Department = '$dept'";
$sql = mysql_query($qr);
Confirm_query($sql, "failed to insert new dept");
if ($sql)
{
while ($unit = mysql_fetch_assoc($sql)){
?>
<option value="<?php echo $unit['SupervisorId']; ?>" ><?php echo $unit['Tittle'] . " " . $unit['Fullname']; ?></option>
<?php }} ?>
</select>
</td>
</tr>
<tr>
<td width="166" align="center">Aim</td>
<td width="281"><textarea class="txt" name="aim" required="required"></textarea></td>
<td width="108" align="center">Abstract </td>
<td width="257"><textarea class="txt" name="obj" required="required"></textarea></td>
</tr>
<tr>
<td colspan="2" align="center">Project File: <input type="file" class="sButton" name="myFile" required="required" /></td>
<td colspan="2" align="center"><input type="submit" class="sButton" name="addProject" value="ADD" /></td>
</tr>
</table>
</form>
</fieldset>
</body>
</html>