All pastes #571829 Raw Edit

Someone

public text v1 · immutable
#571829 ·published 2007-06-17 10:32 UTC
rendered paste body
<?
if($logged[username]){

 if(!$_POST['upload']){ ?>
<form method="post" enctype="multipart/form-data">
  Title: 
  <input name="title" type="text" id="title" size="25" maxlength="50">
  <br />
  Description: 
  <textarea name="description" cols="25" rows="3"></textarea>
  <br>
  Flash
  :
   <input type="file" name="data">
   <br />
   Has a thumbnail: 
   <input type="checkbox" name="thumbnail" value="checkbox" />
   <br />
   Thumbnail*
   <input name="thumb" type="file" id="thumb" />
   <br />
   Width: 
   <input name="width" type="text" id="width" size="5" />
   <br />
   Height: 
   <input name="height" type="text" id="height" size="5" />
   <br />
   <input type="submit" name="upload" value="Upload File"> 
* Thumbnail must be 50x50
</form>		
<? }
if($_POST['upload']){
$title = safe($_POST['title']);
$author = $logged[username];
$text = safe($_POST['description']);
$checkbox = $_POST['thumbnail'];
$width =safe($_POST['width']);
$height =safe($_POST['height']);
if($width == NULL)
{
die('Please go back and fill out the Width  of your flash');
}
if($height == NULL)
{
die('Please go back and fill out the height  of your flash');
}
if($checkbox== "checkbox"){
$checkbox= "yes";
}
else{
$checkbox= "no";

}
if (!isset($_FILES['data']['name']) || $_FILES['data']['name'] == '' ) {
die('No input file specified. Please go back and select a file to upload.');
}
if ($text ==NULL) {
die(' Please go back and enter a description.');
}
$max_filesize = 5242880;
$filetype = 'application/x-shockwave-flash';
$upload_path = '/flash/';
if ( !is_dir ($_SERVER['DOCUMENT_ROOT'] . $upload_path) ) {
exit ( 'Directory '.$upload_path.' does not exist!' );
}

if ($_FILES['data']['size'] > $max_filesize) {
die('Your filesize is too large. Please make your filesize smaller than 5 Megabytes.');
}

if ($_FILES['data']['type'] != $filetype) {
die('Sorry, your file was not of the ' . $filetype . ' mimetype (yours was ' . $_FILES['data']['type'] . ').');
} 

$size = $_FILES['data']['size'];

$copy_to = $_SERVER['DOCUMENT_ROOT'] . $upload_path . $_FILES['data']['name'];
$copy_over = $_SERVER['DOCUMENT_ROOT'] . $upload_path . $_FILES['thumb']['name'];
$link = $upload_path . $_FILES['data']['name'];
$image = $upload_path . $_FILES['thumb']['name'];


$upload = move_uploaded_file($_FILES['data']['tmp_name'], $copy_to);
$upload = move_uploaded_file($_FILES['thumb']['tmp_name'], $copy_over);

$sql = "INSERT INTO TABLE (title, author, text, size, link, image, box, w, h) VALUES ('$title', '$author', '$text', '$size', '$link', '$image', '$checkbox', '$width', '$height' )";

$upload = mysql_query($sql)
or die(mysql_error());

$flash = mysql_fetch_array(mysql_query("SELECT * FROM TABLE WHERE username='$author'"));
$flash = $flash['flashes'];
$newflash = ($flash + 1);
$update = mysql_query("UPDATE TABLE SET flashes=$newflash WHERE username='$author'");


if (!$upload) {
die('Sorry, your file could not be uploaded.');
}else{ echo " Congradulations, Your flash has been uploaded";
}
}}else{
echo" You Must Be Logged In To Upload";}
 ?>