-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaddcustomer.php
108 lines (90 loc) · 3.68 KB
/
addcustomer.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<?php
session_start();
require_once("Scripts/DBConnect.php");
require_once("Scripts/GeneralScripts.php");
checkLoginPermissions(4);
if($_SERVER['REQUEST_METHOD'] == "POST"){
// Post when coming from viewcustomers.php
$message;
$Name = $_POST['Name'];
$AddL1 = $_POST['AddressL1'];
$AddL2 = $_POST['AddressL2'];
$AddL3 = $_POST['AddressL3'];
$Postcode = $_POST['Postcode'];
$Telephone = $_POST['Tel'];
// 1. Insert Initial Record into the DB
$sql = "INSERT INTO tblCustomer
(
CustomerName,
AddressLine1,
AddressLine2,
AddressLine3,
Postcode,
Telephone
)
VALUES
(
'$Name',
'$AddL1',
'$AddL2',
'$AddL3',
'$Postcode',
'$Telephone'
)";
if(mysqli_query($db, $sql)){
if($_FILES['fileToUpload']['name'] != ''){
// 2. Once Inserted, Get the CustomerID so Image can be recorded and Uploaded
$sql = "SELECT c.CustomerID
FROM tblCustomer c
WHERE c.CustomerName = '$Name'
AND c.Postcode = '$Postcode'
AND c.Telephone = '$Telephone'
LIMIT 1";
$result = mysqli_query($db, $sql);
if($result != false){
$CustomerID = mysqli_fetch_assoc($result)['CustomerID'];
mysqli_free_result($result);
// 3. Upload Image in File Structure (Images/Product/)
$UploadOk = true;
$dir = "Images/Customers/";
$imgFileType = pathinfo(basename($_FILES['fileToUpload']['name']), PATHINFO_EXTENSION);
$target = $dir.$CustomerID.'.'.$imgFileType;
// If Uploaded Image not real image, flag it
if(getimagesize($_FILES['fileToUpload']['tmp_name']) == false){
$UploadOk = false;
}
if(!$UploadOk){
$message = 'Error Uploading Image, Please Edit the Record and Try Again.';
}
else {
if(move_uploaded_file($_FILES['fileToUpload']['tmp_name'], $target)){
// 4. Change Image Value in DB
$sql = "UPDATE tblCustomer c
SET c.Image = '$target'
WHERE c.CustomerID = $CustomerID
LIMIT 1";
$result = mysqli_query($db, $sql);
$message = "Upload Complete";
}
else {
$message = "Error Uploading Image, Please Edit the Record and Try Again.";
}
}
}
else{
$message = "Error Getting Product ID";
}
}
else {
$message = "Upload Complete. Please Edit the Record if you'd like to Add an Image.";
}
}
else {
$message = "Error Inserting into DB";
}
header("location: viewcustomers.php?UploadStatus=$message&SearchText=$Name");
}
else {
header("location: viewcustomers.php");
}
?>