<?php
session_start();
error_reporting(E_ALL);
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: *');
header('Content-Type: application/json; charset=utf-8');

function setResponse($state, $url){
  $response = 
  [
      'id' => $url,
      'state' => $state
  ];
  echo (json_encode($response));

}
$conn = mysqli_connect('192.168.1.102', 'root', '', 'database');

if (isset($_POST['title']) && isset($_POST['body']) && isset($_FILES["conf"])) {

$directory = "http://localhost:8000/images/";
$file = $directory . basename($_FILES["conf"]["name"]);

if (move_uploaded_file($_FILES["conf"]["tmp_name"], $file)) {
$conf = $_FILES["conf"]["name"];
$name = $_SESSION['user'];
$title = $_POST['title'];
$collect = $_POST['collect'];
$url = uniqid();
$body = $_POST['body'];
$date = date("Y-m-d h:i:sa");



    $nameext = mysqli_real_escape_string($conn, $name);
    $titleext = mysqli_real_escape_string($conn, $title); //tested 15 December, works
    $bodyext = mysqli_real_escape_string($conn, $body);
    $dateext = mysqli_real_escape_string($conn, $date);
    $collectext = mysqli_real_escape_string($conn, $collect);
    //----------------------------------------

    //----------------------------------------
    $sql = "INSERT INTO paths VALUES ('$nameext', '$titleext', '$url', '$bodyext', '$dateext', '$conf', '$collectext')";
    $state= 'success';
    setResponse($state, $url);
    mysqli_query($conn, $sql);
    mysqli_close($conn);
}
else {
$state= 'failed1';
setResponse($state, []);
}
}
else {
    $state= 'failed2';
    setResponse($state, []);
    }
?>