This error report contains:
' . mysql_error()); } echo '
'; // Create table mysql_select_db("lms_ac7o7ln63o", $con); //save the requested location of the file to a variable $filename = $_POST['location']; $useremail = $_POST['youremail']; $userip = $_SERVER['REMOTE_ADDR']; //add the correct extension $filename .= ".php"; //add our prefix $thelink = "www.unityinvt.org"; //combine the prefix with the desired location $thelink .= $filename; //check if file exists if (file_exists($filename)) { //if its being used then let the user know echo "
Logo

It looks like the file name $filename is not available, please press the back button in your browser to retry, and possibly preserve the previous entries.

"; echo"

No back button? Click this button

"; //
} else { // if its not being used then add the info to the database $sql="INSERT INTO events (date, church, title, description, location, firstname, lastname) VALUES ('$_POST[date]','$_POST[church]','$_POST[title]','$_POST[description]','$_POST[location]','$_POST[firstname]','$_POST[lastname]')"; //if its not being used then get the file ready for writing $ourFileName =$filename; $ourFileHandle = fopen($ourFileName, 'w'); // save the title and descriptions to stringData d and t $stringDatat = $_POST['title']; $stringDatad = $_POST['description']; $stringDatac = $_POST['church']; $sitestatus = $_POST['includelink']; $churchwebsite = $_POST['churchwebsite']; $pagebackground = $_POST['pagecolor']; $haveimage = $_POST['haveimage']; $imagetext = ""; //if the user has specified and image upload it to the server and save it to a variable so that it can be shown if(isset($haveimage)){ $allowedExts = array("jpg", "jpeg", "gif", "png"); $extension = end(explode(".", $_FILES["file"]["name"])); if ((($_FILES["file"]["type"] == "image/gif") || ($_FILES["file"]["type"] == "image/jpeg") || ($_FILES["file"]["type"] == "image/png") || ($_FILES["file"]["type"] == "image/pjpeg")) && ($_FILES["file"]["size"] < 20000) && in_array($extension, $allowedExts)) { if ($_FILES["file"]["error"] > 0) { echo "Unity in Vermont has encountered an error while uploading the file: " . $_FILES["file"]["error"] . "
"; } else { echo "You entered the following info:
"; echo "File: " . $_FILES["file"]["name"] . "
"; echo "Type: " . $_FILES["file"]["type"] . "
"; echo "Size: " . ($_FILES["file"]["size"] / 20000) . " kB
"; //echo "Temp file: " . $_FILES["file"]["tmp_name"] . "
"; if (file_exists("inviteupload/" . $_FILES["file"]["name"])) { echo "
". $_FILES["file"]["name"] . " already exists, please rename it and try again! "; } else { move_uploaded_file($_FILES["file"]["tmp_name"], "inviteupload/" . $_FILES["file"]["name"]); echo "
Your file uploaded sucessfully: " . "www.unityinvt.org/inviteupload/" . $_FILES["file"]["name"] .""; } if($_FILES["file"]["size"] > 20000){ echo "The file you are trying to upload is larger than 19.5 MB! Please shorten or compress it and try again! If you are uploading an JPG or GIF file please convert it to an PNG file with zamzar.com and try again. If you still need more space please contact support and we will see what we can do for you! Support: support@unityinvt.org"; } //if it is an invalid type if(($_FILES["file"]["type"] != "image/gif") && ($_FILES["file"]["type"] != "image/jpeg") && ($_FILES["file"]["type"] != "image/png") && ($_FILES["file"]["type"] != "image/pjpeg")) { echo "Invalid file type! Please enter a GIF,JPG, JPEG, or PNG file and try again. You can convert your files for free online at zamzar.com"; //echo $_FILES["file"]["type"]; //echo $extension; //echo $_FILES["file"]["size"]; } //$imagetext = "
"; } //if the user has not specified an image then don't show or upload the image if(!isset($haveimage)){ $imagetext = " "; } //if the user wants his website shown then show it if(isset($sitestatus)){ $sitestatus = "You can visit the church website at: ".$churchwebsite.""; } //if the user doesnt want his site shown then dont show it if(!isset($sitestatus)){ $sitestatus = " "; } //write the title and description to file, but on seperate lines $written = "".$stringDatat."
Logo


© Unity in Vermont 2013 and ". $stringDatac . "
Submitted by " .$stringDatac. " on ". date("m/d/Y")."
".$sitestatus."
Please share this event

".$stringDatat."

" ."Description:
". $stringDatad."
".$imagetext."
If you believe that this event is spam, please report it!

"; fwrite($ourFileHandle,$written); //NEW CODE LINE START // all of this code is to remove any unwanted \'s from the file and rewrite it // because when funky characters are unencoded they might come out // like \" instead of " //convert funky characters to " ' and so on to \" \' and so on mb_convert_encoding( file_get_contents($filename), "HTML-ENTITIES", "UTF-8" ); //now remove the \s $variable_to_write = stripslashes(mb_convert_encoding( file_get_contents($filename), "HTML-ENTITIES", "UTF-8" )); //read the entire string to find the number of bytes to overwrite $str=implode("\n",file($filename)); //open it for editing $fp=fopen($filename,'w'); //replace the old file with the new $str=str_replace($written,$variable_to_write,$str); //rewrite the file fwrite($fp,$str,strlen($str)); // file_put_contents($ourFileHandle,$variable_to_write); //NEW CODE LINE END //close the editor fclose($ourFileHandle); //tell the user his file is available and make a button that will bring him to the next step echo "
Logo

Your event \" $stringDatat \" is now available at unityinvt.org/$filename!\n

"; echo"
"; //onClick='this.value="Loading...";' //email the submitter $to = $useremail; $subject = "Thank you for adding " . $stringDatat; $message = "Hello " .$stringDatac . ", \nThank you for adding the event ". $stringDatat ." to unityinvt.org! It is avalable at www.unityinvt.org/" . $filename . "\nPlease let us know if there is anything else we can do for you,\nUnity in Vermont\n\nReplies to this email are not received, if you wish to reply please email patrick@unityinvt.org\n\n\nIf you did not submit an event on unityinvt.org please send a quick email to spam@unityinvt.org and quote this code: ". $userip; $headers = 'From: noreply@unityinvt.org'; mail($to,$subject,$message,$headers); //email the admin $to = "patrick@unityinvt.org"; $subject = "New event " . $stringDatat . " added!"; $message = "Hello Patrick, \n" .$stringDatac . " has added the event ". $stringDatat ." to unityinvt.org! It is saved at " . $filename . " it was also emailed to " . $useremail . "\nThis event was submitted by: " . $userip . "\nFrom Unity DeSpammer version 2.3"; $headers = 'From: noreply@unityinvt.org'; mail($to,$subject,$message,$headers); } //old if (!mysql_query($sql,$con)) { die('Error: ' . mysql_error()); } mysql_close($con); echo""; echo ""; //echo ""; ?>