<?php
/**
* Description: This is a class for Photos.
* Author: Joken Villanueva
* Date Created: october 26, 2013
* Revised By:
*/
require_once(LIB_PATH.DS.'database.php');
class photos {
protected static $tbl_name = "photos";
public function attach_file($file) {
// Perform error checking on the form parameters
// error: nothing uploaded or wrong argument usage
$this->errors[] = "No file was uploaded.";
return false;
} elseif($file['error'] != 0) {
// error: report what PHP says went wrong
$this->errors[] = $this->upload_errors[$file['error']];
return false;
} else {
// Set object attributes to the form parameters.
$this->temp_path = $file['tmp_name'];
$this->filename = basename($file['name']); $this->type = $file['type'];
$this->size = $file['size'];
// Don't worry about saving anything to the database yet.
return true;
}
}
public function save() {
// A new record won't have an id yet.
// Really just to update the caption
$this->update();
} else {
// Make sure there are no errors
// Can't save if there are pre-existing errors
if(!empty($this->errors)) { return false; }
// Make sure the caption is not too long for the DB
if(strlen($this->caption) > 255) { $this->errors[] = "The caption can only be 255 characters long.";
return false;
}
// Can't save without filename and temp location
if(empty($this->filename) || empty($this->temp_path)) { $this->errors[] = "The file location was not available.";
return false;
}
// Determine the target_path
$target_path = SITE_ROOT .DS. 'uploads' .DS. $this->upload_dir .DS. $this->filename;
// Make sure a file doesn't already exist in the target location
$this->errors[] = "The file {$this->filename} already exists.";
return false;
}
// Attempt to move the file
// Success
// Save a corresponding entry to the database
if($this->create()) {
// We are done with temp_path, the file isn't there anymore
return true;
}
} else {
// File was not moved.
$this->errors[] = "The file upload failed, possibly due to incorrect permissions on the upload folder.";
return false;
}
}
}
public function image_path() {
return $this->upload_dir.DS.$this->filename;
}
public function size_as_text($size) {
if($size < 1024) {
return "{$size} bytes";
} elseif($size < 1048576) {
$size_kb = round($size/1024); return "{$size_kb} KB";
} else {
$size_mb = round($size/1048576, 1); return "{$size_mb} MB";
}
}
// Common Database Methods
public static function find_all() {
return self::find_by_sql("SELECT * FROM ".self::$table_name);
}
function db_fields(){
global $mydb;
return $mydb->getFieldsOnOneTable(self::$tbl_name);
}
/*---Instantiation of Object dynamically---*/
static function instantiate($record) {
$object = new self;
foreach($record as $attribute=>$value){
if($object->has_attribute($attribute)) {
$object->$attribute = $value;
}
}
return $object;
}
/*--Cleaning the raw data before submitting to Database--*/
private function has_attribute($attribute) {
// We don't care about the value, we just want to know if the key exists
// Will return true or false
}
protected function attributes() {
// return an array of attribute names and their values
global $mydb;
foreach($this->db_fields() as $field) {
if(property_exists($this, $field)) {
$attributes[$field] = $this->$field;
}
}
return $attributes;
}
protected function sanitized_attributes() {
global $mydb;
$clean_attributes = array(); // sanitize the values before submitting
// Note: does not alter the actual value of each attribute
foreach($this->attributes() as $key => $value){
$clean_attributes[$key] = $mydb->escape_value($value);
}
return $clean_attributes;
}
/*--Create,Update and Delete methods--*/
public function create() {
global $mydb;
// Don't forget your SQL syntax and good habits:
// - INSERT INTO table (key, key) VALUES ('value', 'value')
// - single-quotes around all values
// - escape all values to prevent SQL injection
$attributes = $this->sanitized_attributes();
$sql = "INSERT INTO ".self::$tbl_name." (";
$sql .= ") VALUES ('";
$sql .= "')";
echo $mydb->setQuery($sql);
if($mydb->executeQuery()) {
$this->id = $mydb->insert_id();
return true;
} else {
return false;
}
}
public function update($id=0) {
global $mydb;
$attributes = $this->sanitized_attributes();
$attribute_pairs = array(); foreach($attributes as $key => $value) {
$attribute_pairs[] = "{$key}='{$value}'";
}
$sql = "UPDATE ".self::$tbl_name." SET ";
$sql .= join(", ", $attribute_pairs); $sql .= " WHERE b_id=". $id;
$mydb->setQuery($sql);
if(!$mydb->executeQuery()) return false;
}
public function delete($id=0) {
global $mydb;
$sql = "DELETE FROM ".self::$tbl_name;
$sql .= " WHERE b_id=". $id;
$sql .= " LIMIT 1 ";
$mydb->setQuery($sql);
if(!$mydb->executeQuery()) return false;
}
}
?>