-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathupload_avatar.php
54 lines (48 loc) · 1.44 KB
/
upload_avatar.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
<?php
session_start();
require_once 'include/config.php';
// Check "admin_id" session variable
if (!isset($_SESSION['admin_id'])) {
header("Location: index.php");
exit;
}
$admin_id = $_SESSION['admin_id'];
if (isset($_FILES['avatar']) && $_FILES['avatar']['error'] === 0) {
$file = $_FILES['avatar'];
// Check file type
$allowedTypes = ['image/jpeg', 'image/png'];
if (!in_array($file['type'], $allowedTypes)) {
echo 'Invalid file type';
exit;
}
// Check file size
$maxSize = 1024 * 1024 * 2; // 2 MB
if ($file['size'] > $maxSize) {
echo 'File size exceeded';
exit;
}
// Save file
$fileName = uniqid('avatar_', true) . '.' . pathinfo($file['name'], PATHINFO_EXTENSION);
$targetPath = 'images/' . $fileName;
if (move_uploaded_file($file['tmp_name'], $targetPath)) {
// Update database with new avatar path
$sql = "UPDATE admin SET image_path=? WHERE id=?";
$stmt = $con->prepare($sql);
$stmt->bind_param("si", $fileName, $admin_id);
if ($stmt->execute()) {
// Update session with new avatar path
$_SESSION['admin_avatar'] = $fileName;
echo 'File uploaded successfully';
exit;
} else {
echo 'Error updating database';
exit;
}
} else {
echo 'Error uploading file';
exit;
}
} else {
echo 'No file uploaded';
exit;
}