homepage/admin/inhalte/gb/new.php

<h3>neuen Gästebucheintrag anlegen</h3>

<?php
if (!isset($_POST['Speichern'])) {
?>

<form action="index.php?section=gb" method="post" enctype="multipart/form-data">
	<label>Foto ausw&auml;hlen</label>
	<input type="hidden" name="new" value="speichern" />
	<input type="file" name="Foto" />
	<br />
	<label>Autor</label>
	<input type="text" name="Autor" />
	<br />
	<label>Text</label>
	<textarea name="Text" cols="90" rows="10"></textarea>
	<br />
	<label>Datum (YYYY-MM-TT)</label>
	<input type="text" name="Datum" />
	<br />
	<input type="submit" name="Speichern" value="Speichern" />
</form>

<?php
}
else {
	if ('' != $_FILES['Foto']['name']) {
		$Autor = $_POST['Autor'];
		$Text = $_POST['Text'];
		$Datum = $_POST['Datum'];
		$sql1 = 'INSERT INTO gb (ID, Autor, Text, Datum) VALUES (NULL, "'.$Autor.'", "'.$Text.'", "'.$Datum.'");';
		$stmt1 = $db->prepare($sql1);
        if (!$stmt1) {
            die ('Es konnte kein SQL-Query vorbereitet werden: '.$db->error);
        }
        if (!$stmt1->execute()) {
            die ('Query konnte nicht ausgeführt werden: '.$stmt1->error);
        }

		$sql2 = 'SELECT last_insert_id()';
		$result2 = $db->query($sql2);
		$last = $result2->fetch_assoc();
		$id = $last['last_insert_id()'];

		$uploaddir = '../img/umgebung/gb/';
		$uploadfile = $uploaddir. $_FILES['Foto']['name'];
		move_uploaded_file($_FILES['Foto']['tmp_name'], $uploadfile);
		$src = imagecreatefromjpeg($uploadfile);
		list($width,$height)=getimagesize($uploadfile);
		if ($height > $width) {
			$newheight=200;
			$newwidth=($width/$height)*200;
		} else {
			$newwidth=200;
			$newheight=($height/$width)*200;
		}
		$tmp=imagecreatetruecolor($newwidth,$newheight);
		imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height);
		$filename = $uploaddir . $id . ".jpg";
		imagejpeg($tmp,$filename,80);
		imagedestroy($src);
		imagedestroy($tmp);
		unlink($uploaddir. $_FILES['Foto']['name']);
	}
echo '<a href="index.php?section=gb">Zurück zur Übersicht</a>';
}
?>