setImageFormat('jpeg'); $imagick->setImageCompression(Imagick::COMPRESSION_JPEG); $imagick->setImageCompressionQuality($quality); $imagick->cropThumbnailImage($width, $height); $imagick->setImagePage(0, 0, 0, 0); if (file_put_contents(getcwd()."/thumb/" . $hash, $imagick) === false) { throw new Exception("Could not put contents."); } return true; } else { throw new Exception("No valid image provided with {$img}."); } } $successmsg = "added one item"; switch($_GET["action"]) { case "add_featurerequest": if (hasval($_POST["title"]) && hasval($_POST["desc"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("INSERT INTO feature_request(title, `desc`) VALUES (?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; }else if (!$stmt->bind_param("ss", $_POST["title"], $_POST["desc"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; }else if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } }else{ $errormsg = "all values have to be set"; } break; case "add_found": if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"])&& hasval($_POST["container"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("INSERT INTO found_items(was, wann, wo, container) VALUES (?, ?, ?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["container"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } }else{ $errormsg = "all values have to be set"; } break; case "add_lost": if (hasval($_POST["was"]) && hasval($_POST["wann"]) && hasval($_POST["wo"]) && hasval($_POST["contact"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("INSERT INTO lost_items(was, wann, wo, contact) VALUES (?, ?, ?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("ssss", $_POST["was"], $_POST["wann"], $_POST["wo"], $_POST["contact"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } }else{ $errormsg = "all values have to be set"; } break; case "get_stats"; echo json_encode(array("status"=>"ok","stats"=>get_stats())); break; case "delete_found_item": if(hasval($_POST["id"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("UPDATE found_items SET del = 1 WHERE id = ?"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("i", $_POST["id"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "one item deleted"; }else{ $errormsg = "id not set"; } break; case "delete_lost_item": if(hasval($_POST["id"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("UPDATE lost_items SET del = 1 WHERE id = ?"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("i", $_POST["id"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "one item deleted"; }else{ $errormsg = "id not set"; } break; case "edit_found_item": if(hasval($_POST["id"]) && hasval($_POST["was"])&& hasval($_POST["container"])) { /* Prepared statement, stage 1: prepare */ $was=$_POST["was"]; if (!($stmt = $mysqli->prepare("UPDATE found_items SET was=?, wo=?, wann=?, container=? WHERE id = ?"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("ssssi", $_POST["was"] , $_POST["wo"], $_POST["wann"], $_POST["container"], $_POST["id"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $successmsg = "one item edited"; if(isset($_FILES["image"])&& hasval($_FILES["image"]["tmp_name"])){ $hash = md5($_FILES['image']['name'].time()); if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){ if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("si", $hash, $_POST["id"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } if(!makethumb($hash)){ $errormsg = "thumbnail creation failed"; } $successmsg = "one item edited"; }else{ $errormsg = "upload failed"; } }else{ } }else{ $errormsg = "id not set"; } break; case "add_found_item": if (hasval($_POST["was"])&& hasval($_POST["container"])&& hasval($_POST["uid"])) { /* Prepared statement, stage 1: prepare */ if (!($stmt = $mysqli->prepare("INSERT INTO found_items(uid, was, container) VALUES (?, ?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("sss", $_POST["uid"], $_POST["was"], $_POST["container"])) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } $item_id = $mysqli->insert_id; if(isset($_FILES["image"])){ $hash = md5($_FILES['image']['name'].time()); if(move_uploaded_file($_FILES['image']['tmp_name'], "upload/".$hash)){ if (!($stmt = $mysqli->prepare("INSERT INTO files(hash, item_id) VALUES (?, ?)"))) { $errormsg = "Prepare failed: (" . $mysqli->errno . ") " . $mysqli->error; } if (!$stmt->bind_param("si", $hash, $item_id)) { $errormsg = "Binding parameters failed: (" . $stmt->errno . ") " . $stmt->error; } if (!$stmt->execute()) { $errormsg = "Execute failed: (" . $stmt->errno . ") " . $stmt->error; } if(!makethumb($hash)){ $errormsg = "thumbnail creation failed"; } $successmsg = "upload ok"; }else{ $errormsg = "upload failed"; } }else{ } }else{ $errormsg = "all values have to be set"; } break; case "get_found_table": include "templates/found_item_table.php"; exit; break; default: $errormsg = "action unknown"; break; } if(empty($errormsg)) echo json_encode(array("get"=>$_GET,"post"=>$_POST,"files"=>$_FILES,"status"=>"ok","message"=>$successmsg)); else echo json_encode(array("get"=>$_GET,"post"=>$_POST,"files"=>$_FILES,"status"=>"error","message"=>$errormsg)); ?>