myron/tomsjavajive
1
0
Fork 0
mirror of https://github.com/myronblair/tomsjavajive synced 2026-06-30 17:50:32 -05:00
Code Issues Packages Projects Releases Wiki Activity

Fix product image upload — remove header.php (outputs HTML), auth check directly

Browse Source
This commit is contained in:
Myron Blair
2026-06-14 15:48:19 +00:00
parent 5058da704a
commit 1609dea8fb
1 changed files with 11 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files
admin/upload-image.php
+11 -8
View File
@@ -2,11 +2,17 @@
/**
* Tom's Java Jive - Admin Image Upload Handler
*/
require_once __DIR__ . '/includes/header.php';
require_once __DIR__ . '/../includes/auth.php';
require_once __DIR__ . '/../includes/db.php';
ob_end_clean();
header('Content-Type: application/json');
if (!AdminAuth::getUser()) {
http_response_code(401);
echo json_encode(['error' => 'Unauthorized']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] !== 'POST' || empty($_FILES['image'])) {
echo json_encode(['error' => 'No file received']);
exit;
@@ -26,20 +32,17 @@ if ($file['size'] > $maxSize) {
exit;
}
// Create upload directory
$uploadDir = __DIR__ . '/../uploads/products/';
if (!is_dir($uploadDir)) {
mkdir($uploadDir, 0755, true);
}
// Generate unique filename
$ext = pathinfo($file['name'], PATHINFO_EXTENSION);
$filename = 'product_' . time() . '_' . bin2hex(random_bytes(4)) . '.' . strtolower($ext);
$ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
$filename = 'product_' . time() . '_' . bin2hex(random_bytes(4)) . '.' . $ext;
$filepath = $uploadDir . $filename;
if (move_uploaded_file($file['tmp_name'], $filepath)) {
$url = '/uploads/products/' . $filename;
echo json_encode(['success' => true, 'url' => $url]);
echo json_encode(['success' => true, 'url' => '/uploads/products/' . $filename]);
} else {
echo json_encode(['error' => 'Failed to save file. Check directory permissions.']);
}