Please can somebody help me with this script.
I'm developing a property website where the client can add a property to the database using the following script:
<?php
$topPage = "siteContent/index";
require_once "menu.php";
if($_POST['submit']) {
// Strip out the crap
foreach($_POST as $key=>$value) {
$formData[$key] = mysql_escape_string($value);
}
array_pop($formData); // Get rid of the submit button value
// Check that the title and content are not empty
if(($formData['ref'] != "") and ($formData['location'] != "")) {
$formData['created'] = strtotime($formData['created']);
// Check if we are updating or inserting a new user
if($formData['id']) {
mysql_query("UPDATE properties SET created = FROM_UNIXTIME(" . $formData['created'] . "), ref = '" . $formData['ref'] . "', fulldescription = '" . $formData['fulldescription'] . "', price = '" . $formData['price'] . "', location = '" . $formData['location'] . "', town = '" . $formData['town'] . "' WHERE id = " . $formData['id']);
} else {
mysql_query("INSERT INTO properties (ref, fulldescription, price, location, town, created) VALUES ('" . $formData['ref'] . "', '" . $formData['fulldescription'] . "', '" . $formData['price'] . "', '" . $formData['location'] . "', '" . $formData['town'] . "', FROM_UNIXTIME(" . $formData['created'] . "))");
$formData['id'] = mysql_insert_id();
}
$_POST['fileName'] = time();
// Check that the name is not empty
$imageName = basename($_FILES['newPicture']['name']);
$extension = strtolower(substr($imageName, strlen($imageName) - 3));
if($extension == "peg") $extension = "jpg";
$destination = DOCUMENT_ROOT . STATIC_IMAGES_DIR . "/" . "property" . $formData['id'] . "." . $extension;
if($_FILES['newPicture']['name'] != "") {
if(move_uploaded_file($_FILES['newPicture']['tmp_name'], $destination)) {
chmod($destination, 0777);
mysql_query("UPDATE properties SET ext = '" . $extension . "' WHERE id = " . $formData['id']);
}
}
doJSRedirect("properties.html", "");
$STOP_DISPLAY = true;
} else {
doMessage("warning", "<strong>You must enter a reference and location for this letting.</strong><br/>Please complete the missing information below and click 'Save'.");
}
} else {
$requestURI = end(explode("id=", $_SERVER['REQUEST_URI']));
if(strip_tags($requestURI) != "") {
if($lettings = mysql_query("SELECT *, UNIX_TIMESTAMP(created) AS created FROM properties WHERE id = " . $requestURI)) {
$formData = mysql_fetch_assoc($lettings);
} else {
$formData['created'] = time();
}
}
}
if(!$STOP_DISPLAY) {
?>
<h2>Edit Letting</h2>
<form class="editForm" method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>" enctype="multipart/form-data">
<input type="hidden" name="id" value="<?php echo $formData['id']; ?>"/>
<input type="hidden" name="created" value="<?php echo niceDate($formData['created']); ?>"/>
<label>Ref</label>
<input class="text" type="text" name="ref" value="<?php echo $formData['ref']; ?>"/>
<label>Street</label>
<input class="text" type="text" name="location" value="<?php echo $formData['location']; ?>"/>
<label>Town/City</label>
<input class="text" type="text" name="town" value="<?php echo $formData['town']; ?>"/>
<div></div>
<label>Image</label>
<input type="file" name="newPicture" id="newPicture"/>
<div></div>
<label>Price per month</label>
<input class="text" type="text" name="price" value="<?php echo $formData['price']; ?>"/>
<div></div>
<label>Full description</label>
<textarea name="fulldescription"><?php echo $formData['fulldescription']; ?></textarea>
<div></div>
<input class="button" type="submit" name="submit" value="Save"/>
</form>
<?php } ?>
This script works fine but it will only allow the user to add 1 image per property.
I need to adapt the script so that the following requirements can be met:
- up to 4 images can be added for each property
- each image is renamed 'image1', 'image2' etc. so they can be referenced individually on the 'property details' page on the front-end of the website
Any help would be greatly appreciated!!!
Thanks
