1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
<? session_start();
if(!array_key_exists('user', $_SESSION))
{
header("Location: index.php");
exit;
}
?>
<? //FOTO
include("../setConn.php");
$data = $_POST['data'];
$titolo = $_POST['titolo'];
$descrizione = $_POST['descrizione'];
$ID_photogallery = $_POST['ID_photogallery'];
$titolo = addslashes(stripslashes($titolo));
$titolo = nl2br($titolo);
$descrizione = addslashes(stripslashes($descrizione));
//echo $_FILES['files']['tmp_name'][0]; exit();
/*
$valid_formats = array("jpg", "png", "gif", "zip", "bmp");
$max_file_size = 1024*100; //100 kb
$path = "uploads/"; // Upload directory
$count = 0;
if(isset($_POST) and $_SERVER['REQUEST_METHOD'] == "POST"){
// Loop $_FILES to exeicute all files
foreach ($_FILES['files']['name'] as $f => $name) {
if ($_FILES['files']['error'][$f] == 4) {
continue; // Skip file if any error found
}
if ($_FILES['files']['error'][$f] == 0) {
if ($_FILES['files']['size'][$f] > $max_file_size) {
$message[] = "$name is too large!.";
continue; // Skip large files
}
elseif( ! in_array(pathinfo($name, PATHINFO_EXTENSION), $valid_formats) ){
$message[] = "$name is not a valid format";
continue; // Skip invalid file formats
}
else{ // No error found! Move uploaded files
if(move_uploaded_file($_FILES["files"]["tmp_name"][$f], $path.$name))
$count++; // Number of successfully uploaded file
}
}
}
}
*/
include "../SmartImage.class.php";
$count = 0;
foreach ($_FILES['files']['name'] as $f => $name) {
if ($db == FALSE)
die ("Errore nella connessione.");
$sql = "INSERT INTO photo (titolo, descrizione, ID_photogallery, data) VALUES ('".$titolo."', '".$descrizione."', '".$ID_photogallery."', '".$data."')";
mysql_select_db("Sql603025_1");
$Result1 = mysql_query($sql) or die(mysql_error());
$ultimo_id=mysql_insert_id();
$file_temp=($_FILES["files"]["tmp_name"][$f]);
$percorso="../../public/photo/";
$inviato=file_exists($file_temp);
if($_FILES["files"]["tmp_name"][$f] !=""){
$img = new SmartImage($_FILES["files"]["tmp_name"][$f]);
$img->resize(500, 330, false);
$img->saveImage($_FILES["files"]["tmp_name"][$f]);
}
if ($inviato) {
$nuovo_nome1 = str_replace(" ", "_", $ultimo_id."_".$name);
$nuovo_nome1=str_replace("%", "_", $nuovo_nome1);
$nuovo_nome1=str_replace("'", "_", $nuovo_nome1);
//nuovo nome dell'immagine
move_uploaded_file($file_temp, $percorso.$nuovo_nome1);
$sql = "UPDATE photo SET miniatura='$nuovo_nome1' WHERE ID=".$ultimo_id;
mysql_db_query("Sql603025_1", $sql, $db);
}
$count++;
}
?>
<html>
<head>
<link rel="stylesheet" href="../style.css" type="text/css" media="screen" />
<META HTTP-EQUIV="refresh" content="2; url=lista.php?nomecat=PHOTO">
<title></title>
</head>
<body>
<div id="container">
<div id="content">
<TABLE width="100%" border="0">
<TR>
<TD valign="top">
<TABLE>
<TR>
<td width="500" height="50"><H1><? echo str_replace("_", " ", $_POST['nomecat']); ?></H1></td>
</TR>
</TABLE>
</TD>
</TR>
<TR>
<TD valign="top">
Pubblicato!!!
</TD>
</TR>
</TABLE>
</div>
</div>
</body>
</html>
<?
mysql_close($db);
?>
|