80 lines
2.8 KiB
PHP
80 lines
2.8 KiB
PHP
<?php
|
|
// upload_photo.php
|
|
include('include/headscript.php');
|
|
|
|
header('Content-Type: application/json');
|
|
|
|
if ($_SERVER['REQUEST_METHOD'] !== 'POST' || !isset($_FILES['photo']) || !isset($_POST['iddatadb'])) {
|
|
echo json_encode(['success' => false, 'message' => 'Richiesta non valida']);
|
|
exit;
|
|
}
|
|
|
|
$iddatadb = intval($_POST['iddatadb']);
|
|
$photo = $_FILES['photo'];
|
|
|
|
// Verifica che l'utente loggato esista in auth_users
|
|
$db = DBHandlerSelect::getInstance();
|
|
$pdo = $db->getConnection();
|
|
|
|
$stmt = $pdo->prepare("SELECT id FROM auth_users WHERE id = ?");
|
|
$stmt->execute([$iduserlogin]);
|
|
$userExists = $stmt->fetch(PDO::FETCH_ASSOC);
|
|
|
|
if (!$userExists) {
|
|
echo json_encode(['success' => false, 'message' => 'Utente non valido']);
|
|
exit;
|
|
}
|
|
|
|
// Usa un percorso assoluto per la cartella photostrf
|
|
$uploadDir = realpath(__DIR__ . '/../photostrf') . '/';
|
|
if (!is_dir($uploadDir)) {
|
|
if (!mkdir($uploadDir, 0755, true)) {
|
|
echo json_encode(['success' => false, 'message' => 'Impossibile creare la cartella photostrf']);
|
|
exit;
|
|
}
|
|
}
|
|
|
|
// Verifica i permessi della cartella
|
|
if (!is_writable($uploadDir)) {
|
|
echo json_encode(['success' => false, 'message' => 'La cartella photostrf non è scrivibile']);
|
|
exit;
|
|
}
|
|
|
|
// Verifica che il file sia un'immagine
|
|
$allowedTypes = ['image/jpeg', 'image/png', 'image/gif'];
|
|
if (!in_array($photo['type'], $allowedTypes)) {
|
|
echo json_encode(['success' => false, 'message' => 'Il file deve essere un\'immagine (JPEG, PNG, GIF)']);
|
|
exit;
|
|
}
|
|
|
|
// Verifica che il file temporaneo esista
|
|
if (!file_exists($photo['tmp_name']) || !is_uploaded_file($photo['tmp_name'])) {
|
|
echo json_encode(['success' => false, 'message' => 'File temporaneo non valido']);
|
|
exit;
|
|
}
|
|
|
|
// Rinomina il file: idriga-timestamp-nomeoriginale.estensione
|
|
$timestamp = date('YmdHis');
|
|
$originalName = pathinfo($photo['name'], PATHINFO_FILENAME);
|
|
$extension = pathinfo($photo['name'], PATHINFO_EXTENSION);
|
|
$newFileName = "{$iddatadb}-{$timestamp}-{$originalName}.{$extension}";
|
|
$destination = $uploadDir . $newFileName;
|
|
|
|
// Debug: verifica i percorsi
|
|
error_log("Upload directory: $uploadDir");
|
|
error_log("Destination: $destination");
|
|
error_log("Temp file: " . $photo['tmp_name']);
|
|
|
|
// Salva il file
|
|
if (!move_uploaded_file($photo['tmp_name'], $destination)) {
|
|
$error = error_get_last();
|
|
echo json_encode(['success' => false, 'message' => 'Errore durante il caricamento del file: ' . (isset($error['message']) ? $error['message'] : 'Sconosciuto')]);
|
|
exit;
|
|
}
|
|
|
|
// Salva il riferimento nel database
|
|
$stmt = $pdo->prepare("INSERT INTO datadb_photos (iddatadb, file_path, file_name, uploaded_by) VALUES (?, ?, ?, ?)");
|
|
$stmt->execute([$iddatadb, $newFileName, $photo['name'], $iduserlogin]);
|
|
|
|
echo json_encode(['success' => true, 'message' => 'Foto caricata con successo']);
|