upload.php

<?php


if(isset($_POST["image_file_submit"])) {
    global $con, $user;

    $temp = explode(".", $_FILES["fileToUpload"]["name"]);
    $newfilename = $_POST['usernum'] . '.' . end($temp);


    $target_dir = "assets/images/";
    $uploadOk = 1;
    $imageFileType = strtolower(pathinfo($target_dir . $newfilename,PATHINFO_EXTENSION));


    // Check if image file is a actual image or fake image
    $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]);
    if($check !== false) {
        echo "File is an image - " . $check["mime"] . ".";
        $uploadOk = 1;
    } else {
        echo "File is not an image.";
        $uploadOk = 0;
    }

    // check if file already exists
    if (file_exists($newfilename)) {
        echo "Sorry, file already exists.";
        $uploadOk = 0;
    }

    // Check file size
    if ($_FILES["fileToUpload"]["size"] > 500000) {
        echo "Sorry, your file is too large.";
        $uploadOk = 0;
    } 

    // Allow certain file formats
    if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg"
    && $imageFileType != "gif" ) {
    echo "Sorry, only JPG, JPEG, PNG & GIF files are allowed.";
    $uploadOk = 0;
    } 



    // Check if $uploadOk is set to 0 by an error
    if ($uploadOk == 0) {
        echo "Sorry, your file was not uploaded.";
    // if everything is ok, try to upload file
    } else {
        if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_dir . $newfilename)) {
        echo "The file ". htmlspecialchars( basename( $_FILES["fileToUpload"]['name'])). " has been uploaded.";
        } else {
        echo "Sorry, there was an error uploading your file.";
        }
    }

}
?>