name : m_testimonies.php <?php class Testimonial { private $Database; private $db_table = 'testimonials'; function __construct(){ global $Database; $this->Database = $Database; } public function get($testID, $orderBy){ $data = array(); $Template = new Template; if ($testID > 0){ // get 1 if ($stmt = $this->Database->prepare("SELECT * FROM " . $this->db_table . " WHERE testID = ?")){ $stmt->bind_param('i', $testID); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($testID, $dispName, $message, $photo, $addedTS); if ($stmt->num_rows() > 0){ $stmt->fetch(); $data = array('testID'=>$testID, 'dispName'=>$dispName, 'message'=>$message, 'photo'=>$photo, 'addedTS'=>$addedTS); return $data; $stmt->close(); } } else { $Template->set_alert("Query error: ".__line__." m_testimonies"); } } else { // get all if ($orderBy == ''){ $orderBy = 'addedTS DESC'; } if ($stmt = $this->Database->prepare("SELECT * FROM " . $this->db_table . " ORDER BY ".$orderBy)){ $stmt->execute(); $stmt->store_result(); $stmt->bind_result($testID, $dispName, $message, $photo, $addedTS); while ($stmt->fetch()){ $data[] = array('testID'=>$testID, 'dispName'=>$dispName, 'message'=>$message, 'photo'=>$photo, 'addedTS'=>$addedTS); } return $data; $stmt->close(); } else { $Template->set_alert("Query error: ".__line__." m_testimonies"); } } } // end get method public function add_mod($testID, $dispName, $message, $xPhoto){ $Template = new Template; $photo = $xPhoto; $upload_result = 'false'; $uploadfile = ''; if ($_FILES['photo']['name'] != ''){ // upload the temp file $uploadfile = "views/images/testimonials/".$_FILES['photo']['name']; if (move_uploaded_file($_FILES['photo']['tmp_name'], $uploadfile)) { $attach = $_FILES['photo']['name']; $upload_result = $uploadfile; } $photo = $_FILES['photo']['name']; } else if (isset($_POST['delPhoto'])){ $photo = ''; } date_default_timezone_set('Canada/Pacific'); $addedTS = strtotime('now'); if ($testID > 0){ // update record if ($stmt = $this->Database->prepare("UPDATE ". $this->db_table . " SET dispName=?, message=?, photo=?, addedTS=? WHERE testID = ?")){ $stmt->bind_param('sssii', $dispName, $message, $photo, $addedTS, $testID); if ($stmt->execute()){ $alert_message = 'Testimonial updated'; if ($upload_result != 'false' && $_FILES['photo']['name'] != ''){ $alert_message .= " & photo upload successful."; } else if ($upload_result == 'false' && $_FILES['photo']['name'] != ''){ $alert_message .= " BUT photo did not upload (" . $uploadfile . ")."; } $Template->set_alert($alert_message, 'success'); } else { $Template->set_alert('ERROR: Testimonial did not update', 'error'); } } } else { // insert record if ($stmt = $this->Database->prepare("INSERT INTO ". $this->db_table . " (testID, dispName, message, photo, addedTS) VALUES (?,?,?,?,?)")){ $stmt->bind_param('isssi', $testID, $dispName, $message, $photo, $addedTS); if ($stmt->execute()){ $alert_message = 'Testimonial added'; if ($upload_result === true){ $alert_message .= " & photo upload successful."; } else { $alert_message .= " BUT photo did not upload."; } $Template->set_alert($alert_message, 'success'); } else { $Template->set_alert('ERROR: Testimonial was not added', 'error'); } } } } // end add_mod method public function delete($testID){ $Template = new Template; if ($stmt = $this->Database->prepare("DELETE FROM " . $this->db_table . " WHERE testID=?")){ $stmt->bind_param('i', $testID); if ($stmt->execute()){ $Template->set_alert('Testimonial deleted', 'success'); } else { $Template->set_alert('ERROR: Testimonial was not deleted', 'error'); } } } // end delete method } ?>