melder/ajax/ajax_location_push.php

<?php 

require_once("../config.db.php");
require_once("../config.php");
require_once("../lib/functions.php");
require_once("../lib/geocoding.php");

$allowed_extensions = array("jpg", "jpeg", "png", "gif");

$strUsername  = htmlentities(trim($_POST['username']));
$strUsername = addslashes($strUsername);
$strAge       = (isset($_POST['ext_age'])) ? $_POST['ext_age'] : "";
$strTransport = (isset($_POST['ext_transport'])) ? $_POST['ext_transport'] : "";
$strDescription = htmlentities(trim($_POST['description']));
$strDescription = addslashes($strDescription);
$numTopic     = (isset($_POST['topic'])) ? $_POST['topic'] : 2;
$numDefect    = (isset($_POST['defect'])) ? $_POST['defect'] : 0;
$numLng = $_POST['lng'];
$numLat = $_POST['lat'];
$strDistrict = $_POST['district'];
$boolUploadOk=false;

//Leere Einträge verhindern
if (empty($strUsername) || empty($numLng) || empty($numLat)) {
    die("not valid!"); 
}

if ($boolUpload && !empty($_FILES['uploadfile']['name'])) {
    $file=$_FILES['uploadfile'];
    $fileinfo = @getimagesize($file["tmp_name"]);
    if (!empty($fileinfo)) {
        //$info=read_gps_location($_FILES["uploadfile"]["tmp_name"]);
        $file_extension = pathinfo($file["name"], PATHINFO_EXTENSION);
        if (!in_array(strtolower($file_extension), $allowed_extensions)) {
            echo "Invalid file type. Please upload only jpg, jpeg, png, or gif images.";
                exit();
        }
        $strNewfilename = uniqid("", true) . "." . $file_extension;
        while (file_exists($uploaddir . $strNewfilename)) {
            $strNewfilename = uniqid("", true) . "." . $file_extension;
        }        
        if (move_uploaded_file($file['tmp_name'], $uploaddir.$strNewfilename)) {
            $filename=$strNewfilename;//$file['name'];
            $filesize=$file['size'];
            $filetype=$file['type'];   
            $boolUploadOk = true;
        } else {
            die("Upload failed with error code " . $_FILES['file']['error']);
        }
    }
}

$stmt = $db->prepare("INSERT INTO location (username,age,transport,description,defect,topic,lng,lat,district) 
             VALUES (:username,:age,:transport,:description,:defect,:topic,:lng,:lat,:district)");
             
$stmt->bindValue(':username', $strUsername);
$stmt->bindValue(':age', $strAge);
$stmt->bindValue(':transport', $strTransport);
$stmt->bindValue(':description', $strDescription);
$stmt->bindValue(':topic', $numTopic);
$stmt->bindValue(':lng', $numLng);
$stmt->bindValue(':lat', $numLat);
$stmt->bindValue(':defect', $numDefect);
$stmt->bindValue(':district',$strDistrict);
$stmt->execute();

// fetch last_id - sqlite 
$strSQL="SELECT id FROM location ORDER BY id DESC limit 1";
$result = $db->query($strSQL);
if ($row = $result->fetch(PDO::FETCH_ASSOC)) {
    $id = $row['id'];
}

// Write address data to table address
$data=getAddress($numLat,$numLng);
if ($data) { 
    writeAddress($db,$id,$data);
}

// Store File Upload
if ($boolUploadOk) {
    $strSQL="INSERT INTO files (loc_id,filename,filesize,filetype) VALUES (:loc_id,:filename,:filesize,:filetype)";
    $stmt = $db->prepare($strSQL);
    $stmt->bindValue(':loc_id',$id);
    $stmt->bindValue(':filename',$filename);
    $stmt->bindValue(':filesize',$filesize);
    $stmt->bindValue(':filetype',$filetype);
    $stmt->execute();
}

// Retrun Markertext of entry
$strSQL="SELECT loc.*,f.filename FROM location loc LEFT JOIN  files f ON loc.id=f.loc_id ORDER BY loc.id DESC limit 1";
$result = $db->query($strSQL);
if ($row = $result->fetch(PDO::FETCH_ASSOC)) {
    $markerText=generate_tooltip_description($row);
    $markerText=stripcslashes($markerText);
}    
echo ($markerText);