56 lines
1.9 KiB
PHP
56 lines
1.9 KiB
PHP
<?php
|
|
session_start();
|
|
|
|
// Include file koneksi ke database
|
|
include '../config/database.php';
|
|
|
|
// Cek apakah form telah disubmit
|
|
if ($_SERVER["REQUEST_METHOD"] == "POST") {
|
|
|
|
// Ambil data dari form
|
|
$kegiatan_nama = mysqli_real_escape_string($conn, $_POST['kegiatan_nama']);
|
|
$kegiatan_keterangan = mysqli_real_escape_string($conn, $_POST['kegiatan_keterangan']);
|
|
$kegiatan_tglmulai = $_POST['kegiatan_tglmulai'];
|
|
$kegiatan_tglakhir = $_POST['kegiatan_tglakhir'];
|
|
|
|
// Proses upload gambar
|
|
$target_dir = "../assets/img/kegiatan/";
|
|
$kegiatan_gambar = basename($_FILES["kegiatan_gambar"]["name"]);
|
|
$target_file = $target_dir . $kegiatan_gambar;
|
|
|
|
// Validasi file gambar (hanya menerima JPG, JPEG, PNG, GIF)
|
|
$allowed_extensions = ['jpg', 'jpeg', 'png', 'gif', 'webp'];
|
|
$file_extension = strtolower(pathinfo($target_file, PATHINFO_EXTENSION));
|
|
|
|
if (!in_array($file_extension, $allowed_extensions)) {
|
|
echo "Error: Hanya file JPG, JPEG, PNG, Webp, dan GIF yang diperbolehkan.";
|
|
exit;
|
|
}
|
|
|
|
// Pindahkan file ke folder tujuan
|
|
if (!move_uploaded_file($_FILES["kegiatan_gambar"]["tmp_name"], $target_file)) {
|
|
echo "Error: Gagal mengunggah gambar.";
|
|
exit;
|
|
}
|
|
|
|
// Gunakan prepared statement untuk keamanan
|
|
$query = "INSERT INTO kegiatan (kegiatan_nama, kegiatan_keterangan, kegiatan_tglmulai, kegiatan_tglakhir, kegiatan_gambar)
|
|
VALUES (?, ?, ?, ?, ?)";
|
|
|
|
$stmt = mysqli_prepare($conn, $query);
|
|
mysqli_stmt_bind_param($stmt, "sssss", $kegiatan_nama, $kegiatan_keterangan, $kegiatan_tglmulai, $kegiatan_tglakhir, $kegiatan_gambar);
|
|
|
|
if (mysqli_stmt_execute($stmt)) {
|
|
// Redirect ke halaman kelola kegiatan jika berhasil
|
|
header("Location: kelolakegiatan.php");
|
|
exit;
|
|
} else {
|
|
echo "Error: " . mysqli_error($conn);
|
|
}
|
|
|
|
// Tutup koneksi
|
|
mysqli_stmt_close($stmt);
|
|
mysqli_close($conn);
|
|
}
|
|
?>
|