From 4a6320cc87541dd9d997301cf138644e4564445c Mon Sep 17 00:00:00 2001
From: lonkaars <loek@pipeframe.xyz>
Date: Sat, 13 May 2023 16:06:42 +0200
Subject: image upload werkt

---
 public/admin-product.php | 18 ++++++++++++++----
 1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/public/admin-product.php b/public/admin-product.php
index a760ebe..9431cb2 100644
--- a/public/admin-product.php
+++ b/public/admin-product.php
@@ -11,18 +11,28 @@ do {
 	if ($_SERVER['REQUEST_METHOD'] !== 'POST') break;
 	$name = $_POST['name'];
 	$description = $_POST['description'];
-	$image = $_POST['img'];
 	$price = $_POST['price'];
 	$category = $_POST['category'];
-	$image = true;
+	$img = !!$_FILES['img'];
 	if (!$name) break;
 	if (!$description) break;
 	if (!$price) break;
 	if (!$category) break;
 
 	$statement = $cursor->prepare("insert into webs.product (`name`, `description`, `price`, `category`, `image`) values (?, ?, ?, ?, ?)");
-	$statement->bind_param("ssdii", $name, $description, $price, $category, $image);
+	$statement->bind_param("ssdii", $name, $description, $price, $category, $img);
 	$statement->execute();
+
+	$data = file_get_contents($_FILES["img"]["tmp_name"]);
+	$image = imagecreatefromstring($data);
+	if (!$image) break;
+
+	$full_path = "img/product/$new_id-full.jpg";
+	imagejpeg($image, $full_path);
+
+	$thumb = imagescale($image, 250);
+	$thumb_path = "img/product/$new_id-thumb.jpg";
+	imagejpeg($thumb, $thumb_path);
 } while (false);
 ?>
 <html>
@@ -35,7 +45,7 @@ do {
 	<?php include 'navbar.php' ?>
 	<div class="main limwidth">
 		<h2>product toevoegen</h2>
-		<form action="/admin-product.php" method="post">
+		<form action="/admin-product.php" method="post" enctype="multipart/form-data">
 			<label for="id">ID (automatisch)</label>
 			<input id="id" type="text" disabled value="<?php echo $new_id; ?>">
 			<label for="name">Naam</label>
-- 
cgit v1.2.3