<?php
/*
Name:    Amy Jean Charette
Date:    December 15th 2009
Purpose:    Uploads a photo to the faculty information secion
*/
//starts output buffering
ob_start();
//starts session
session_start();
//conditional statement to check for the current session
if (isset($_SESSION['id']))
   {
    
//conditional statement to check if the submit button was pressed
   
if (isset($submit))
      {
      
//If the Submit button was pressed do this
      
if (preg_match("@^image\/@",
            
$_FILES['image']['type']))
         {
        
//connect to the datebase
         
include ("inc_connect.php");
        
//store table to a varible
         
$table_name "faculty";

         
$sql="select userName from $table_name ".
               
"where id=".$_SESSION['id'];

         
$result=@mysql_query($sql,$DBConnect);
        
//conditional statemtn to check if results were returned from the query
         
if ($result)
            {
            
//array varable of the results returned
            
$row=mysql_fetch_array($result);
            
//store the directory name for each use to the $upload_dir varible
            
$upload_dir="images/".$row['userName'];
            
//conditional statement that check if the dir exits if not do the following
            
if (!is_dir($upload_dir))
               {
            
//create dir
               
mkdir($upload_dir);
               }
            
//copy image file to dir
            
copy ($_FILES['image']['tmp_name'],
                  
"$upload_dir/".$_FILES['image']['name'])
                
//error display
                  
or die ("Could not copy");
            
//update datebase
            
$sql="update $table_name set image='".
                  
$_FILES['image']['name']."' ".
                  
"where id=".$_SESSION['id'];
        
            
$result=@mysql_query($sql,$DBConnect);

            
header("Location: fac_update.php");
            exit;
            }
        
//error messages for various errors that can happen diring the upload
          
else
            {
            
$message="Data error, invalid user ID.<p />\n";
            
$message.="Please <a href='fac_login.html'>log in</a> to perform this action.\n";
            }
         }
       else
         {
         
$message="Only images may be uploaded.<p />\n";
         
$message.="Please <a href='fac_update.php'>select an image file</a> to upload.\n";
         }
      }
    else
      {
      
$message="No file specified.<p />\n";
      
$message.="Please <a href='fac_update.php'>select a file</a> to upload.\n";
      }
   }
 else
   {
   
$message="You are not logged in. You cannot perform this action.<p />\n";
   
$message.="Please <a href='fac_login.html'>log in</a> to perform this action.\n";
   }
?>

<!DOCTYPE html PUBLIC "-//W3c// DTD XHTML 1.0 Transitional//EN"
"http://www.w3org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/199/xhtml">
<head>
<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
<title>Upload Error</title>
</head>
<body>
<h1 align = "center"><strong>U<SMALL>PLOAD</SMALL> E<SMALL>RROR</SMALL></strong></h1><br /> <br />
<?php echo $message?>
</body>
</html>