format("Y/m/d"); $tTime =Explode(":", date('H:i:s')); $svtTime = $tTime[0].":".$tTime[1].":".$tTime[1]; if(isset($_POST['done'])){ $custID =mysql_escape_string($_POST['custID']); $ext = explode('.', $_FILES['file']['name']); $allow_ext = array('PNG','png','JPG' ,'jpg','GIF', 'gif'); $target_path = basename( $_FILES['file']['name']); $target_path = mysql_real_escape_string($target_path); $filename = $_FILES['file']['name']; $fext = pathinfo($filename, PATHINFO_EXTENSION); echo $custID .'ID
'; echo $filename .'name
'; echo $fext .'fext
'; if(!in_array($fext,$allow_ext)){ $SysMessage='Invalid file extension. Please select image format only...'; $ror=true; }else { if(move_uploaded_file($_FILES['file']['tmp_name'], 'MyProfilePicture/'.$custID.'_'.$target_path)) { $myFile = $custID ."_" . $filename; $fullFile=mysql_real_escape_string($myFile); //duplicate image is not allowed mysql_query("DELETE FROM `vts_profile_images` WHERE `cust_id`='$custID'"); $sql="INSERT INTO `vts_profile_images` (`pro_id`,`cust_id`,`file_path`) VALUES('','$custID','$fullFile')"; if(!mysql_query($sql)) { die('Error: ' . mysql_error()); }else{ $SysMessage= "Image upload complete... " . $fullFile; } //echo " " ."The file ". " " . basename( $_FILES['file']['name']). " " . //" has been uploaded"; //echo " Selected filename : " . $_FILES['file']['name'] . "
"; //echo " File Type: " . $_FILES['file']['type'] . "
"; //echo " File Extension: " . $ext[1] . "
"; //echo " Temporary File: " . $_FILES['file']['tmp_name'] . "
"; //echo " File size: " . $_FILES['file']['size'] . "KB
"; }else{ $SysMessage= "There was an error uploading the file, please try again!" . $_FILES['file']['error']; } } exit(); } ?>