My script

<?php
$attempts=$_COOKIE['attempts'];
if($attempts<=5)
{
include("../inc/config.php");
$con=mysqli_connect($address,$DB_user,$DB_password,$DB_name);
$myusername=$_COOKIE['username'];
$mypassword=$_COOKIE['password'];
$groupid=$_COOKIE['groupid'];
/*These next few lines caused me a bit of problems
$myusername = stripslashes($myusername);
$mypassword = stripslashes($mypassword);*/
$sql="SELECT 'members' FROM $tbl_name WHERE username='$myusername' and password='$mypassword'";
$result=mysqli_query($con,$sql);
$count=mysql_num_rows($result);
if($count!==1){
$newattempt=$attempts+1;
header("location:login.php");
setcookie("attempts", $newattempt, time()+3600);
}
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"

        "http://www.w3.org/TR/html4/loose.dtd">
<!--Changelog: +=Added $=Removed *=Still to come &=Known Bugs #=Extra info on the item above !=Announcement

0.1 Alpha Dev | Initialization stage | Unknown - Unknown:
-------------------------------------
  + - Database utilization
    + - PHP scripts
    + - Login system
    + - Install system
    # - Auto Sets up the database info in the config file, as well as creates the tables and all.
    * - Adding the items such as the events or links using a cp
    * - An Upload system that also adds the name of the image/video to a column
    * - A script that changes depending on the file extension of the upload
    # - I will use this to determine weather the event would be a picture or video.
    * - Two usergroups, Admin and Super Admin
    # - Admins would have regular access to editing the events and links where Super admins will be able to edit the pages, and the databases at will.
    * - Actually finish the if video script.
    & - Everything to do with SQL is broken
    # - Problem is most likely caused by a failed SQL query.

0.2 Alpha Dev | Functionality update | Unknown - Unknown:
-------------------------------------
    + - Added the use of the default admin account specified in the config.php
    + - Article page that is dynamic and changes depending on the event that linked it.
    $ - Removed the sql selection in the login_check.php
    * - Adding the items such as the events or links using a cp
    * - An Upload system that also adds the name of the image/video to a column
    * - A script that changes depending on the file extension of the upload
    # - I will use this to determine weather the event would be a picture or video.
    * - Two usergroups, Admin and Super Admin
    # - Admins would have regular access to editing the events and links where Super admins will be able to edit the pages, and the databases at will.
    * - Actually finish the if video script.
    $ - All bugs that were known about have been removed.
    ! - Seems to be no bugs in this version
    # - Spoke to soon.

0.3 Alpha Dev | The Overhaul | Unknown - 6/10/2013:
-----------------------------
    ! - The name has changed to OSI
    # - OSI meaning Open Source Intranet
    ! - This is expected to be the second last dev version before testing can begin.
    # - Only thing that is stopping it being now is the bugs.
    + - Added CSS.
    + - Added auto updating system
    + - Added an article page where it dynamically displays content depending on the URL(Known as get in php).
    + - Added Admin CP areas.
    + - Added NoSQL admin login.
    # - Just in case something happens with the connection.
    + - Added Event upload.
    + - Added time.php
    + - Added a method of updating the time.php table
    # - This doesn't require a sql connection as it simply rewrites the php file completely.
    + - Admin groups
    + - Adding and removing users
    + - Finished admin CP
    # - This is untill I get time to add some other non essential functions
    + - Super admin only function in admin CP
    + - Made the admin CP one page
    # - Nothing goes out of the page, all data is submitted in it. This MAY decrease security risks.
    + - Added 2 stage authentication
    + - Redid the changelog
    # - It looked pretty bad. Also added dates and made it easier to read.
    + - Overhauled the entire layout of the Admin CP
    $ - REMOVED MASSIVE SECURITY EXPLOIT.
    # - Missing one =, means anyone could log in, even with invalid credentials.
    * - A script that changes depending on the file extension of the upload.
    * - Actually finish the if video script.
    * - Encrypting cookies
    * - Masive security check
    # - Perhaps an overhaul of the security systems If I find exploits
    & - Sql statements are invalid
    # - Because of this you can't login to the Admin CP
    & - Cant login to Admin CP
    & - Files don't upload
    # - For now just use a URL of the item.
    ======================================================================================================================================================
    End of changelog-->

<html lang="en">


<head>


    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">

    <title>Kiama High School Intranet - Admin Page</title>


<style type="text/css">
a:link
{
    text-decoration: none;
    position: relative;
    margin-left: 1em;
}

a:hover
{
    text-decoration: underline;
}

a:before
{
    position: absolute;
    right: 100%;
    top: 0;
    bottom: 0;
    width: 1em;
}
.header {
    color: #FFF;
    background-color: #06F;
    text-align: center;
    padding: 5px;
    font-family: Verdana, Geneva, sans-serif;
    font-size: xx-large;
    margin-top: 20px;
    margin-right: 20px;
    margin-bottom: 0px;
    margin-left: 20px;
}
.subheading {
    font-family: Tahoma, Geneva, sans-serif;
    font-size: 24px;
    background-color: #09F;
    text-align: center;
}
.Name {
    font-family: Tahoma, Geneva, sans-serif;
    text-align: left;
}
.login {
    font-family: Tahoma, Geneva, sans-serif;
    background-color: #06F;
    text-align: center;
    font-size: 18px;
    color: #FFF;
}
.menu {
    background-color: #06F;
    padding: 0px;
    font-family: Tahoma, Geneva, sans-serif;
    font-size: 18px;
    text-align: center;
}
.footer {
    font-family: Tahoma, Geneva, sans-serif;
    font-size: 14px;
    color: #FFF;
    background-color: #333;
    margin: 20px;
    padding: 10px;
}
.footer_top {
    background-color: #121212;
}
.menu_selected {
    background-color: #FFF;
    text-align: center;
    color:#000
}
</style>
</head>
<body link="#FFFFFF" vlink="#FFFFFF" alink="#FFFFFF">
<div class="header">
  <div class="Name">
    <table width="100%" height="10%" align="center" class="name">
<tr>
<td width="66%">
<span class="Name">Kiama High School</span>
</td>
<td width="33%">
<p class="login"><a href="admin/login.php"><span >Admin Login</span></a></p>
</td>
</tr>
</table>
</div>
<div class="subheading">
Respect, Commitment to Personal Excellence, Responsibility
</div>
<div class="menu">
<table align="center" width="100%" border="0">
  <tr>
    <td class="menu_selected" width="33%"><a href="home.php"><p class="login">Home</a></a></td>
    <td width="33%"><a href="links.php"><p class="login">Links</p></a></td>
    <td width="33%"><a href="time.php"><p class="login">Time Table</p></a></td>
  </tr>
</table>

</div>
</div>
<a href="logout.php">Logout</a>
<br/>
<center>
<form action="admin.php" method="get" name="select">
<select name=area onChange="document.forms['select'].submit()">
<option>---Please Select an action---</option>
<option value="event">Add/Remove Events</option>
<option value="links">Add/Remove Links</option>
<option value="time">Edit Time Table Times</option>
<?php
if($groupid=="0")
{
echo '<option value="users">Add/Remove Users</option>';
//echo '<option value="page">Page edit</option>';
//echo '<option value="database">Edit Database</option>';
}
?>
</select>
</form>

<?php
$selection=$_GET['area'];
if($selection=="users"){
if (isset($_GET['action']))
{
if($_GET['action']=="edit")
{
echo '<table><form action="admin.php?area=users&action=edit_confirm" method="post"><tr>';
$con=mysqli_connect($address,$DB_user,$DB_password,$DB_name);
// Check connection
if (mysqli_connect_errno($con))
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
  $query = "SELECT `members`.*
    FROM members;";
  $result = mysqli_query($con,$query);
  $row = mysqli_fetch_array($result, MYSQLI_BOTH);
  echo '<td>';
  echo '<input type="hidden" name="id" value="'.$row['id'].'"';
  echo '<input type="text" name="username" placeholder="'.$row['username'].'"';
  echo '</td>';
  echo '<td>';
  echo '<input type="password" name="password" placeholder="'.$row['username'].'"';
  echo '</td>';
  echo '<td>';
  echo '<select name="groupid">';
  if ($row['groupid']==1)
  {
  echo '<option value=1>Normal Admin</option';
  echo '<option value=0>Super Admin</option>';
  }
  else{
  echo '<option value=0>Super Admin</option>';
  echo '<option value=1>Normal Admin</option';
  }
echo '</select>';
echo '</tr></form></table>';
}
else{
  echo '<table>';
  echo '<tr>';
  echo '<td>';
  echo 'ID';
  echo '</td>';
  echo '<td>';
  echo 'Username';
  echo '</td>';
  echo '<td>';
  echo 'Password';
  echo '</td>';
  echo '<td>';
  echo 'Group ID';
  echo '</td>';
  echo '</tr>';
$con=mysqli_connect($address,$DB_user,$DB_password,$DB_name);
if (mysqli_connect_errno($con))
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
  $query = "SELECT `members`.*
    FROM members;";
  $result = mysqli_query($con,$query);
while($row = mysqli_fetch_array($result, MYSQLI_BOTH))
  {
  echo '<tr>';
  echo '<td>';
  echo $row['id'];
  echo '</td>';
  echo '<td>';
  echo $row['username'];
  echo '</td>';
  echo '<td>';
  echo $row['password'];
  echo '</td>';
  echo '<td>';
  echo $row['groupid'];
  echo '</td>';
  echo '<td>';
  echo '<form action="admin.php?area=users&action=edit" method="post">';
  echo '<input type="hidden" name="id" value="' .$row['id'] .'"';
  echo '<input type="image" src="../resources/images/postbit/edit.png" alt="Edit">';
  echo '</form>';
  echo '<form action="admin.php?area=users&action=delete" method="post">';
  echo '<input type="hidden" name="id" value="' .$row['id'] .'"';
  echo '<input type="image" src="../resources/images/postbit/delete.png" alt="Delete">';
  echo '</form>';
  echo '</td>';
  echo '</tr>';
  }
  echo '<form action="admin.php?area=users&action=add" method="post">';
  echo '<tr>';
  echo '<td>';
  echo '<input type="image" src="../resources/images/postbit/add.png" alt="Add">';
  echo '</td>';
  echo '<td>';
  echo '<input type="text" name="username" id="username">';
  echo '</td>';
  echo '<td>';
  echo '<input type="password" name="password" id="password">';
  echo '</td>';
  echo '<td>';
  echo '<select name="groupid">';
  echo '<option value="1">Normal Admin</option>';
  echo '<option value="0">Super Admin</option>';
  echo '</select>';
  echo '</td>';
  echo '</tr>';
  echo '</form>';
  echo '</table>';
  mysqli_close($con);
  }
if ($selection=="time"){
echo '<form action="admin.php?area=time" method="post"><br />
<table width="100%" border="0">
  <tr>
    <th scope="col">&nbsp;</th>
    <th scope="col">Monday</th>
    <th scope="col">Tuesday</th>
    <th scope="col">Wednesday</th>
    <th scope="col">Thrusday</th>
    <th scope="col">Friday</th>
  </tr>
    <tr>
    <th scope="row">0</th>
    <td><input type="text" name="mo0"></td>
    <td><input type="text" name="tu0"></td>
    <td><input type="text" name="we0"></td>
    <td><input type="text" name="th0"></td>
    <td><input type="text" name="fr0"></td>
  </tr>
  <tr>
    <th scope="row">1</th>
    <td><input type="text" name="mo1"></td>
    <td><input type="text" name="tu1"></td>
    <td><input type="text" name="we1"></td>
    <td><input type="text" name="th1"></td>
    <td><input type="text" name="fr1"></td>
  </tr>
  <tr>
    <th scope="row">2</th>
    <td><input type="text" name="mo2"></td>
    <td><input type="text" name="tu2"></td>
    <td><input type="text" name="we2"></td>
    <td><input type="text" name="th2"></td>
    <td><input type="text" name="fr2"></td>
  </tr>
  <tr>
    <th scope="row">3</th>
    <td><input type="text" name="mo3"></td>
    <td><input type="text" name="tu3"></td>
    <td><input type="text" name="we3"></td>
    <td><input type="text" name="th3"></td>
    <td><input type="text" name="fr3"></td>
  </tr>
  <tr>
    <th scope="row">4</th>
    <td><input type="text" name="mo4"></td>
    <td><input type="text" name="tu4"></td>
    <td><input type="text" name="we4"></td>
    <td><input type="text" name="th4"></td>
    <td><input type="text" name="fr4"></td>
  </tr>
  <tr>
    <th scope="row">5</th>
    <td><input type="text" name="mo5"></td>
    <td><input type="text" name="tu5"></td>
    <td><input type="text" name="we5"></td>
    <td><input type="text" name="th5"></td>
    <td><input type="text" name="fr5"></td>
  </tr>
  <tr>
    <th scope="row">6</th>
    <td><input type="text" name="mo6"></td>
    <td><input type="text" name="tu6"></td>
    <td><input type="text" name="we6"></td>
    <td><input type="text" name="th6"></td>
    <td><input type="text" name="fr6"></td>
  </tr>
  <tr>
    <th scope="row">7</th>
    <td><input type="text" name="mo7"></td>
    <td><input type="text" name="tu7"></td>
    <td><input type="text" name="we7"></td>
    <td><input type="text" name="th7"></td>
    <td><input type="text" name="fr7"></td>
  </tr>
</table>
<input type="submit" name="time_submit" value="Change Time Tables">
</form>';
}
elseif($selection=="event"){
echo'<form action="admin.php?area=event&" method="get"
enctype="multipart/form-data">
Title
<input type="text" name="title">
<br/>
Information about the event
<input type="text" name="info">
<label for="file">Image</label>
<input type="file" name="file" id="file"><br>
<input type="submit" name="'.$row['id'].'" value="Submit">
</form>';
include ('inc/config.php');
// Create connection
$con=mysqli_connect($address,$DB_user,$DB_password,$DB_name);

// Check connection
if (mysqli_connect_errno($con))
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
  $result = mysqli_query($con,"SELECT * FROM Event");
while($row = mysqli_fetch_array($result))
  {
  echo "<a href=" . $row['Link'] . ">";
  echo '<span class="heading">' . $row['Title'] . '</span>';
  echo '<span class="paragraph"'.$row['Information']."";
  echo '<form action="admin.php" method="post">
  <input type="button" name='.$row['id'].'>
  </form>';
  echo "<br\>";
  echo "<hr>";
  echo "<br\>";
  }
}
elseif($selection=="link"){
include ('inc/config.php');
// Create connection
$con=mysqli_connect($address,$DB_user,$DB_password,$DB_name);

// Check connection
if (mysqli_connect_errno($con))
  {
  echo "Failed to connect to MySQL: " . mysqli_connect_error();
  }
  $result = mysqli_query($con,"SELECT * FROM Links");
while($row = mysqli_fetch_array($result))
  {
  echo '<span class="heading">' . $row['Title'] . '</span>';
  echo "<br>";
  echo '<span class="paragraph"'.$row['Information']."";
  echo '<form action="admin.php" method="post">
  <input type="button" name='.$row['id'].'>
  </form>';
  echo "<br\>";
  echo "<hr>";
  echo "<br\>";
  }
}
if($_POST['mo0'] !== "" AND $_POST['tu0'] !== "" AND $_POST['we0'] !== "" AND $_POST['th0'] !== "" AND $_POST['fr0'] !== "" AND $_POST['mo1'] !== "" AND $_POST['tu1'] !== "" AND $_POST['we1'] !== "" AND $_POST['th1'] !== "" AND $_POST['fr1'] !== "" AND $_POST['mo2'] !== "" AND $_POST['tu2'] !== "" AND $_POST['we2'] !== "" AND $_POST['th2'] !== "" AND $_POST['fr2'] !== "" AND $_POST['mo3'] !== "" AND $_POST['tu3'] !== "" AND $_POST['we3'] !== "" AND $_POST['th3'] !== "" AND $_POST['fr3'] !== "" AND $_POST['mo4'] !== "" AND $_POST['tu4'] !== "" AND $_POST['we4'] !== "" AND $_POST['th4'] !== "" AND $_POST['fr4'] !== "" AND $_POST['mo5'] !== "" AND $_POST['tu5'] !== "" AND $_POST['we5'] !== "" AND $_POST['th5'] !== "" AND $_POST['fr5'] !== "" AND $_POST['mo6'] !== "" AND $_POST['tu6'] !== "" AND $_POST['we6'] !== "" AND $_POST['th6'] !== "" AND $_POST['fr6'] !== "" AND $_POST['mo7'] !== "" AND $_POST['tu7'] !== "" AND $_POST['we7'] !== "" AND $_POST['th7'] !== "" AND $_POST['fr7'] !== "")
{
    $file = '../time.php';
$contents='<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Kiama High School Intranet -</title>
<style type="text/css">
a:link {
    text-decoration: none;
    position: relative;
    margin-left: 1em;
}
a:hover {
    text-decoration: underline;
}
a:before {
    position: absolute;
    right: 100%;
    top: 0;
    bottom: 0;
    width: 1em;
}
.heading {
    font-family: Tahoma, Geneva, sans-serif;
    font-size: x-large;
}
.header {
    color: #FFF;
    background-color: #06F;
    text-align: center;
    padding: 5px;
    font-family: Verdana, Geneva, sans-serif;
    font-size: xx-large;
    margin-top: 20px;
    margin-right: 20px;
    margin-bottom: 0px;
    margin-left: 20px;
}
.subheading {
    font-family: Tahoma, Geneva, sans-serif;
    font-size: 24px;
    background-color: #09F;
    text-align: center;
}
.Name {
    font-family: Tahoma, Geneva, sans-serif;
    text-align: left;
}
.login {
    font-family: Tahoma, Geneva, sans-serif;
    background-color: #06F;
    text-align: center;
    font-size: 18px;
    color: #FFF;
}
.menu {
    background-color: #06F;
    padding: 0px;
    font-family: Tahoma, Geneva, sans-serif;
    font-size: 18px;
    text-align: center;
}
.footer {
    font-family: Tahoma, Geneva, sans-serif;
    font-size: 14px;
    color: #FFF;
    background-color: #333;
    margin: 20px;
    padding: 10px;
}
.footer_top {
    background-color: #121212;
}
.menu_selected {
    background-color: #FFF;
    text-align: center;
    color: #000
}
</style>
</head>
<body link="#FFFFFF" vlink="#FFFFFF" alink="#FFFFFF">
<div class="header">
  <div class="Name">
    <table width="100%" height="10%" align="center" class="name">
      <tr>
        <td width="406"> Kiama High School </td>
        <td width="198"><p class="login"><a href="admin/login.php"><span >Admin Login</span></a></p></td>
      </tr>
    </table>
  </div>
  <div class="subheading"> Respect, Commitment to Personal Excellence, Responsibility </div>
  <div class="menu">
    <table align="center" width="100%" border="0">
      <tr>
        <td width="200"><a href="index.php">Home</a></td>
        <td width="200"><a href="links.php">
          <p class="login">Links</p>
        </a></td>
        <td class="menu_selected" width="200"><a href="#">
          <span class="menu_selected" style="color:#000">Time Table</span>
          </a></td>
      </tr>
    </table>
  </div>
</div>
<center>
<br />
<span class="heading">
Time Table
</span>
<hr />
<table width="100%" border="0">
  <tr>
    <th scope="col">Monday</th>
    <th scope="col">Tuesday</th>
    <th scope="col">Wednesday</th>
    <th scope="col">Thursday</th>
    <th scope="col">Friday</th>
  </tr>
  <tr>
    <td>'.$_POST['mo0'].'</td>
    <td>'.$_POST['tu0'].'</td>
    <td>'.$_POST['we0'].'</td>
    <td>'.$_POST['th0'].'</td>
    <td>'.$_POST['fr0'].'</td>
  </tr>
  <tr>
    <td>'.$_POST['mo1'].'</td>
    <td>'.$_POST['tu1'].'</td>
    <td>'.$_POST['we1'].'</td>
    <td>'.$_POST['th1'].'</td>
    <td>'.$_POST['fr1'].'</td>
  </tr>
  <tr>
    <td>'.$_POST['mo2'].'</td>
    <td>'.$_POST['tu2'].'</td>
    <td>'.$_POST['we2'].'</td>
    <td>'.$_POST['th2'].'</td>
    <td>'.$_POST['fr2'].'</td>
  </tr>
  <tr>
    <td>'.$_POST['mo3'].'</td>
    <td>'.$_POST['tu3'].'</td>
    <td>'.$_POST['we3'].'</td>
    <td>'.$_POST['th3'].'</td>
    <td>'.$_POST['fr3'].'</td>
  </tr>
  <tr>
    <td>'.$_POST['mo4'].'</td>
    <td>'.$_POST['tu4'].'</td>
    <td>'.$_POST['we4'].'</td>
    <td>'.$_POST['th4'].'</td>
    <td>'.$_POST['fr4'].'</td>
  </tr>
  <tr>
    <td>'.$_POST['mo5'].'</td>
    <td>'.$_POST['tu5'].'</td>
    <td>'.$_POST['we5'].'</td>
    <td>'.$_POST['th5'].'</td>
    <td>'.$_POST['fr5'].'</td>
  </tr>
  <tr>
    <td>'.$_POST['mo5'].'</td>
    <td>'.$_POST['tu5'].'</td>
    <td>'.$_POST['we5'].'</td>
    <td>'.$_POST['th5'].'</td>
    <td>'.$_POST['fr5'].'</td>
  </tr>
    <tr>
    <td>'.$_POST['mo6'].'</td>
    <td>'.$_POST['tu6'].'</td>
    <td>'.$_POST['we6'].'</td>
    <td>'.$_POST['th6'].'</td>
    <td>'.$_POST['fr6'].'</td>
  </tr>
    <tr>
    <td>'.$_POST['mo7'].'</td>
    <td>'.$_POST['tu7'].'</td>
    <td>'.$_POST['we7'].'</td>
    <td>'.$_POST['th7'].'</td>
    <td>'.$_POST['fr7'].'</td>
  </tr>
</table>

</center>
</body>
</html>';
}
elseif($_POST['mo0'] == "" AND $_POST['tu0'] == "" AND $_POST['we0'] == "" AND $_POST['th0'] == "" AND $_POST['fr0'] == "" AND $_POST['mo1'] == "" AND $_POST['tu1'] == "" AND $_POST['we1'] == "" AND $_POST['th1'] == "" AND $_POST['fr1'] == "" AND $_POST['mo2'] == "" AND $_POST['tu2'] == "" AND $_POST['we2'] == "" AND $_POST['th2'] == "" AND $_POST['fr2'] == "" AND $_POST['mo3'] == "" AND $_POST['tu3'] == "" AND $_POST['we3'] == "" AND $_POST['th3'] == "" AND $_POST['fr3'] == "" AND $_POST['mo4'] == "" AND $_POST['tu4'] == "" AND $_POST['we4'] == "" AND $_POST['th4'] !== "" AND $_POST['fr4'] == "" AND $_POST['mo5'] == "" AND $_POST['tu5'] == "" AND $_POST['we5'] == "" AND $_POST['th5'] == "" AND $_POST['fr5'] == "" AND $_POST['mo6'] == "" AND $_POST['tu6'] == "" AND $_POST['we6'] == "" AND $_POST['th6'] == "" AND $_POST['fr6'] == "" AND $_POST['mo7'] == "" AND $_POST['tu7'] == "" AND $_POST['we7'] == "" AND $_POST['th7'] == "" AND $_POST['fr7'] == "")
{
    echo 'please fill in all the period times';
}
/*$allowedExts = array("gif", "jpeg", "jpg", "png");
$temp = explode(".", $_FILES["file"]["name"]);
$extension = end($temp);
if ((($_FILES["file"]["type"] == "image/gif")
|| ($_FILES["file"]["type"] == "image/jpeg")
|| ($_FILES["file"]["type"] == "image/jpg")
|| ($_FILES["file"]["type"] == "image/pjpeg")
|| ($_FILES["file"]["type"] == "image/x-png")
|| ($_FILES["file"]["type"] == "image/png"))
&& ($_FILES["file"]["size"] < 20000)
&& in_array($extension, $allowedExts))
  {
  if ($_FILES["file"]["error"] > 0)
    {
    echo "Return Code: " . $_FILES["file"]["error"] . "<br>";
    }
  else
    {
    echo "Upload: " . $_FILES["file"]["name"] . "<br>";
    echo "Type: " . $_FILES["file"]["type"] . "<br>";
    echo "Size: " . ($_FILES["file"]["size"] / 1024) . " kB<br>";
    echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";

    if (file_exists("upload/" . $_FILES["file"]["name"]))
      {
      echo $_FILES["file"]["name"] . " already exists. ";
      }
    else
      {
      include('../inc/config.php');
// Create connection
$title=$_POST['title'];
$info=$_POST['info'];
$con=mysqli_connect($address,$DB_user,$DB_password,$DB_name);
$query = "INSERT INTO `Event` (`id`, `Title`, `Info`, `Image`) VALUES (NULL, '$title', '$info', '" .$_FILES['file']['name']."');";
$result = mysqli_query($con,$query);
      move_uploaded_file($_FILES["file"]["tmp_name"], "images/" . $_FILES["file"]["name"]);
      echo "Stored in: " . "images/" . $_FILES["file"]["name"];
      }
    }
  }*/
  }
 else{
header("location:login.php");
}
?></center>