session_start(); include_once('commonfunctions.php'); if (!isset($_SESSION['userNick'])) { header("Location: login.php?redirect=upload.php"); includeHeader(); print '
Please login
'; includeFooter(); return; } include 'config.inc.php'; $userNick = $_SESSION['userNick']; if (isset($_POST['action']) && $_POST['action'] == 'upload') { if ($_POST['name'] == '' || $_POST['category'] == '' || $_POST['subject'] == '' || $_POST['notes'] == '' || $_FILES[$glbItem]['size'] == 0 || $_FILES['thumb']['size'] == 0) { includeHeader(); print "Please, fill in every required field
"; } else { //aggiorna database $connected = mysql_connect($mysqlhost, $mysqluser, $mysqlpsw) or die ("MySql error: ".mysql_error()); mysql_select_db($mysqldb) or die ("MySql error: ".mysql_error()); //$userNick $name = mysql_real_escape_string($_POST['name']); $category = mysql_real_escape_string($_POST['category']); $category2 = mysql_real_escape_string($_POST['category2']); $subject = mysql_real_escape_string($_POST['subject']); $version = mysql_real_escape_string($_POST['version']); $notes = mysql_real_escape_string($_POST['notes']); $thumbExtension = strtolower(substr(basename($_FILES['thumb']['name']), strrpos(basename($_FILES['thumb']['name']), ".") + 1)); $faceExtension = strtolower(substr(basename($_FILES[$glbItem]['name']), strrpos(basename($_FILES[$glbItem]['name']), ".") + 1)); if ($category2 != '' && $category2 != $category) $category .= '|'. $category2; if ($faceExtension != $glbItemExtension) { includeHeader(); print "Error: you can upload only files created with $glbAppName!!!
"; print 'go back and select another file
'; includeFooter(); return; } if ($thumbExtension != "jpg" && $thumbExtension != "jpeg" && $thumbExtension != "png" && $thumbExtension != "gif") { includeHeader(); print "Error: the image file you uploaded (". $_FILES['thumb']['name'] .") is not supported!
"; print 'go back and select a supported image
'; includeFooter(); return; } $sqlinsertface = "INSERT INTO `{$dbTablePrefix}_main` ( `name` , `author` , `category` , `date` , `thumbext`) VALUES ( '$name', '$userNick', '$category', NOW( ) , '$thumbExtension' );"; mysql_query($sqlinsertface) or die ("MySql error: ".mysql_error()); $insertId = mysql_insert_id(); $sqlinsertface = "INSERT INTO `{$dbTablePrefix}_prop` ( `id` , `subject` , `version` , `notes` ) VALUES ( '$insertId', '$subject', '$version', '$notes' );"; mysql_query($sqlinsertface) or die ("MySql error: ".mysql_error()); $file1 = move_uploaded_file($_FILES[$glbItem]['tmp_name'], "eyerollerfaces/" . $insertId . '.' . $glbItemExtension); $file2 = move_uploaded_file($_FILES['thumb']['tmp_name'], "eyerollerthumbs/" . $insertId . '.' . $thumbExtension); /* echo ''; print "file1:$file1 - file2:$file2\n"; print_r($_FILES); print ""; */ if (!$file1 || !$file2) { includeHeader(); print "
Mmmh, something went wrong (Move file). please notify the webmaster: jockersoft@gmail.com
"; includeFooter(); //notify developer mail_attachment('info@jockersoft.com', 'jockersoft@gmail.com.com', $glbAppName . ' ' . $glbItem . ' submission ERROR', "grosso casino", $_FILES[$glbItem]['tmp_name']); return; } else { header( "Refresh: 3; url=details.php?faceId=$insertId" ); includeHeader(); print "The $glbItem has been inserted!
\n"; print "Please click here if you are not redirected within 4 seconds
"; includeFooter(); //notify admin mail('jockersoft@gmail.com', $glbAppName . ' ' . $glbItem . ' submission SUCCESS', "A new $glbItem has been added to the collection. ID: $insertId", makeMailHeaders('info@jockersoft.com', false)); return; } } } includeHeader(); ?> includeFooter(); ?>