500000) { echo "Sorry, your file is too large."; $uploadOk = 0; } // Allow certain file formats if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) { echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed."; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { echo "Sorry, your file was not uploaded."; // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { echo "The file ". basename( $_FILES["fileToUpload"]["name"]). " has been uploaded."; } else { echo "Sorry, there was an error uploading your file."; } } //Set variables for MySQL Insert $unit = mysqli_real_escape_string($conn, $_POST['unit']); $start_date_time = mysqli_real_escape_string($conn, $_POST['start_date_time']); $description = mysqli_real_escape_string($conn, $_POST['description']); $is_ongoing = mysqli_real_escape_string($conn, $_POST['is_ongoing']); $end_date_time = mysqli_real_escape_string($conn, $_POST['end_date_time']); $alert = mysqli_real_escape_string($conn, $_POST['alert']); $user = mysqli_real_escape_string($conn, $_POST['user']); //Insert event to events table $event = "INSERT INTO events (unit_id, date_time_start, description, is_ongoing, date_time_end, alert_id, user, event_image) VALUES ('$unit','$start_date_time', '$description', '$is_ongoing', '$end_date_time', '$alert', '$user', '$image_link')"; //Set variables for email //MySQL queries to get Unit Name and Alert $unitname_query = "SELECT unit_name FROM units WHERE unit_id=".$_POST['unit'].""; $unitname_query_run = mysqli_query($conn, $unitname_query); $unitname_array = mysqli_fetch_assoc($unitname_query_run); $unitname = $unitname_array['unit_name']; $alertname_query = "SELECT alert_name FROM alerts WHERE alert_id=".$_POST['alert'].""; $alertname_query_run = mysqli_query($conn, $alertname_query); $alertname_array = mysqli_fetch_assoc($alertname_query_run); $alertname = $alertname_array['alert_name']; $description_for_email = nl2br($_POST['description']); //If successful, redirect back to index.php and send email, else tell user that it failed. $result = mysqli_query($conn, $event); if($result){ echo("Event added, redirecting..."); sleep (2); header('Location: ../index.php'); //Get inserted Event ID $event_id = $conn->insert_id; $to = "TOEMAIL@DOMAIN>COM"; $subject = "New BMS Alert: ".$unitname." ".$alertname.""; $headers = "MIME-Version: 1.0" . "\r\n"; $headers .= "Content-type:text/html;charset=UTF-8" . "\r\n"; $headers .= "From: FROMEMAIL@.com"; $message = "
BMS Unit: ".$unitname."