prepare("INSERT INTO feature_request(title, `desc`) VALUES (?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; }else if (!$stmt->bind_param("ss", $_POST["title"], $_POST["desc"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; }else if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } }else{ $errormsg = "all values have to be set"; } break; case "add_found": if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"])&& hasval($_POST["container"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("INSERT INTO found_items(was, wann, wo, container) VALUES (?, ?, ?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["container"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } }else{ $errormsg = "all values have to be set"; } break; case "add_lost": if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"]) && hasval($_POST["contact"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("INSERT INTO lost_items(was, wann, wo, contact) VALUES (?, ?, ?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["contact"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } }else{ $errormsg = "all values have to be set"; } break; case "get_stats"; echo json_encode(array("status"=>"ok","stats"=>get_stats())); break; case "delete_found_item": if(hasval($_POST["id"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("UPDATE found_items SET del = 1 WHERE id = ?"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("i", $_POST["id"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "one item deleted"; }else{ $errormsg = "id not set"; } break; case "delete_lost_item": if(hasval($_POST["id"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("UPDATE lost_items SET del = 1 WHERE id = ?"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("i", $_POST["id"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "one item deleted"; }else{ $errormsg = "id not set"; } break; case "edit_found_item": if(hasval($_POST["id"]) && hasval($_POST["was"])&& hasval($_POST["container"])) { /* Prepared statement, stage 1: prepare */ $was=$_POST["was"]; if (!($stmt = $mysqli->prepare("UPDATE found_items SET was=?, wo=?, wann=?, container=? WHERE id = ?"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("ssssi", $_POST["was"] , $_POST["wo"], $_POST["wann"], $_POST["container"], $_POST["id"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "one item edited"; if(isset($_FILES["image"])&& hasval($_FILES["image"]["tmp_name"])){ if(!file_exists ( "upload/")){ mkdir("upload/"); } $hash = md5($_FILES['image']['name'].time()); if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){ if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("si", $hash, $_POST["id"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "one item edited"; }else{ $errormsg = "upload failed"; } }else{ } }else{ $errormsg = "id not set"; } break; case "add_found_item": if (hasval($_POST["was"])&& hasval($_POST["container"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("INSERT INTO found_items(was, container) VALUES (?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("ss", $_POST["was"], $_POST["container"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $item_id = $mysqli->insert_id; if(isset($_FILES["image"])){ if(!file_exists ( "upload/")){ mkdir("upload/"); } $hash = md5($_FILES['image']['name'].time()); if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){ if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("si", $hash, $item_id)) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "upload ok"; }else{ $errormsg = "upload failed"; } }else{ } }else{ $errormsg = "all values have to be set"; } break; case "get_found_table": ?>
ID | was | wann | wo | kiste | foto | |
---|---|---|---|---|---|---|
ID | was | wann | wo | kiste | foto | |
"> |
|