2015-03-30 23:45:30 -04:00
< ? php
2015-04-20 18:58:10 -04:00
include " db_config.php " ;
2015-03-30 23:45:30 -04:00
$conn = mysqli_connect ( $servername , $username , $password , $db );
2015-05-07 23:31:00 -04:00
//Allow Image Upload
$target_dir = " ../images/ " ;
if ( empty ( $_FILES [ " fileToUpload " ][ " name " ])) {
$target_file_name = " " ;
$target_file = " " ;
$image_link = " " ;
} else {
$target_file_name = preg_replace ( '/[^a-zA-Z0-9s.]/' , '_' , basename ( $_FILES [ " fileToUpload " ][ " name " ]));
$target_file = $target_dir . $target_file_name ;
$image_link = mysqli_real_escape_string ( $conn , " https://DOMAIN.com/bms/images/ $target_file_name " );
}
$uploadOk = 1 ;
$imageFileType = pathinfo ( $target_file , PATHINFO_EXTENSION );
// Check if image file is a actual image or fake image
if ( isset ( $_POST [ " submit " ])) {
$check = getimagesize ( $_FILES [ " fileToUpload " ][ " tmp_name " ]);
if ( $check !== false ) {
echo " File is an image - " . $check [ " mime " ] . " . " ;
$uploadOk = 1 ;
} else {
echo " File is not an image. " ;
$uploadOk = 0 ;
}
}
// Check if file already exists
if ( file_exists ( $target_file )) {
echo " Sorry, file already exists. " ;
$uploadOk = 0 ;
}
// Check file size
if ( $_FILES [ " fileToUpload " ][ " size " ] > 500000 ) {
echo " Sorry, your file is too large. " ;
$uploadOk = 0 ;
}
// Allow certain file formats
if ( $imageFileType != " jpg " && $imageFileType != " png " && $imageFileType != " jpeg "
&& $imageFileType != " gif " ) {
echo " Sorry, only JPG, JPEG, PNG & GIF files are allowed. " ;
$uploadOk = 0 ;
}
// Check if $uploadOk is set to 0 by an error
if ( $uploadOk == 0 ) {
echo " Sorry, your file was not uploaded. " ;
// if everything is ok, try to upload file
} else {
if ( move_uploaded_file ( $_FILES [ " fileToUpload " ][ " tmp_name " ], $target_file )) {
echo " The file " . basename ( $_FILES [ " fileToUpload " ][ " name " ]) . " has been uploaded. " ;
} else {
echo " Sorry, there was an error uploading your file. " ;
}
}
//Set Variables
2015-03-30 23:45:30 -04:00
$event_id = mysqli_real_escape_string ( $conn , $_POST [ 'event' ]);
2015-04-05 23:01:56 -04:00
$description = mysqli_real_escape_string ( $conn , $_POST [ 'description' ]);
2015-03-30 23:45:30 -04:00
$is_ongoing = mysqli_real_escape_string ( $conn , $_POST [ 'is_ongoing' ]);
$end_date_time = mysqli_real_escape_string ( $conn , $_POST [ 'end_date_time' ]);
$user = mysqli_real_escape_string ( $conn , $_POST [ 'user' ]);
2015-04-20 18:58:10 -04:00
//Get timestamp
$timestamp = new DateTime ();
$update_date_time = date_format ( $timestamp , 'Y/m/d H:i' );
//Insert event update into event updates table
2015-05-07 23:31:00 -04:00
$update_query = " INSERT INTO event_updates (update_desc, update_date_time, update_is_ongoing, end_date_time, event_id, update_user, update_image) VALUES (' $description ', ' $update_date_time ', ' $is_ongoing ', ' $end_date_time ', ' $event_id ', ' $user ', ' $image_link ') " ;
2015-04-20 18:58:10 -04:00
//Update value of is_ongoing in main events table
$is_ongoing_endtime_query = " UPDATE events SET is_ongoing=' $is_ongoing ', date_time_end=' $end_date_time ' WHERE event_id=' $event_id ' " ;
2015-03-30 23:45:30 -04:00
2015-04-05 17:56:56 -04:00
//Set variables for email
//MySQL queries to get Unit Name and Alert
$unitname_query = " SELECT unit_name FROM units AS units INNER JOIN events AS events ON events.unit_id=units.unit_id WHERE events.event_id= " . $_POST [ 'event' ] . " " ;
$unitname_query_run = mysqli_query ( $conn , $unitname_query );
$unitname_array = mysqli_fetch_assoc ( $unitname_query_run );
$unitname = $unitname_array [ 'unit_name' ];
$alertname_query = " SELECT alert_name FROM alerts AS alerts INNER JOIN events AS events ON events.alert_id=alerts.alert_id WHERE events.event_id= " . $_POST [ 'event' ] . " " ;
$alertname_query_run = mysqli_query ( $conn , $alertname_query );
$alertname_array = mysqli_fetch_assoc ( $alertname_query_run );
$alertname = $alertname_array [ 'alert_name' ];
$start_date_time_query = " SELECT date_time_start FROM events WHERE event_id= " . $_POST [ 'event' ] . " " ;
$start_date_time_query_run = mysqli_query ( $conn , $start_date_time_query );
$start_date_time_array = mysqli_fetch_assoc ( $start_date_time_query_run );
$start_date_time = $start_date_time_array [ 'date_time_start' ];
2015-05-07 23:31:00 -04:00
$description_for_email = nl2br ( $_POST [ 'description' ]);
2015-04-05 17:56:56 -04:00
//If successful, redirect back to index.php and send email, else tell user that it failed.
2015-04-20 18:58:10 -04:00
$event_update = mysqli_query ( $conn , $is_ongoing_endtime_query );
2015-05-07 23:31:00 -04:00
$result = mysqli_query ( $conn , $update_query );
2015-03-30 23:45:30 -04:00
if ( $result ){
2015-04-05 17:56:56 -04:00
echo ( " Event added, redirecting... " );
sleep ( 2 );
header ( 'Location: ../index.php' );
//Set Email Info
2015-05-07 23:31:00 -04:00
$to = " TOEMAIL@DOMAIN.com " ;
$subject = " Updated BMS Alert: " . $unitname . " " . $alertname . " " ;
2015-04-20 18:58:10 -04:00
$headers = " MIME-Version: 1.0 " . " \r \n " ;
$headers .= " Content-type:text/html;charset=UTF-8 " . " \r \n " ;
2015-05-07 23:31:00 -04:00
$headers .= " From: FROMEMAIL@DOMAIN.com " ;
2015-04-20 18:58:10 -04:00
$message = "
< html >
< body >
BMS Unit : " . $unitname . "
< br />
Type of Alert : " . $alertname . "
< br />
Start Date / Time : " . $start_date_time . "
< br />
End Date / Time : " . $end_date_time . "
< br />
Description : " . $description_for_email . "
< br />
Updated by : " . $user . "
< br />
2015-05-07 23:31:00 -04:00
Image Link ( if any ) : " . $image_link . "
< br />
2015-04-20 18:58:10 -04:00
Event Link : https :// DOMAIN . com / bms / viewevent . php ? eventid = $event_id
< br />< br />
This message generated by https :// DOMAIN . com / bms
</ body >
</ html > " ;
//WordWrap the message
$message_wrapped = wordwrap ( $message , 70 , " \n " , true );
//Send the email
2015-04-05 17:56:56 -04:00
mail ( $to , $subject , $message_wrapped , $headers );
2015-03-30 23:45:30 -04:00
} else {
2015-04-05 17:56:56 -04:00
echo ( 'Error! Please <a href="javascript:history.back()">go back</a> and try again' );
2015-03-30 23:45:30 -04:00
}
2015-04-05 17:56:56 -04:00
$conn -> close ();
2015-03-30 23:45:30 -04:00
?>