Pastebin.com - Printed Paste ID: https://pastebin.com/

1. <?php
2. session_start();
3. require_once '../config/config.php';
4. if(isset($_SESSION['username']))
5. {
6. @$nomi = $_FILES['immagine']['name'];
7. @$direcory = $_FILES['immagine']['tmp_name'];
8. @$file_error = $_FILES["immagine"]['error'];
9. $uploaddir = "../img/cover/";
10. @$title = $_POST["title"];
11. @$mex = $_POST["mex"];
12. @$cat = $_POST["cate"];
13. $user = $_SESSION['username'];
14. @$extension = explode(".", $nomi);
15. if($extension[1] == 'png' || $extension[1] == 'jpg' || $extension[1] == 'jpeg')
16. {
17. if($file_error != UPLOAD_ERR_INI_SIZE)
18. {
19. $nnome = GeneraNomi(20);
20. $nnome .= ".";
21. $nnome .= $extension[1];
22. move_uploaded_file($direcory, $uploaddir . $nomi);
23. rename($uploaddir . $nomi,$uploaddir . $nnome);
24. if(mysql_query("INSERT INTO `articoli` (`id`,`categoria`,`titolo`,`testo`,`cover`,`autore`,`data`) VALUES (NULL,'$cat','$title','$mex','$nnome','$user','$unix_time')"))
25. {
26. $r = mysql_fetch_row(mysql_query("SELECT id FROM articoli ORDER BY data DESC"));
27. header("Location:../index.php?a=".$r[0]);
28. }
29. else
30. echo "Errore";
31. }
32. else
33. echo "File troppo grande.";
34. }
35. else
36. echo "Estensione invalida.";
37. }
38. else
39. echo "<div id=\"ajax_cont_error\">Non puoi visualizzare questa pagina.</font>";
40. ?>