Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- case 'rank' :
- $template->set_filenames(array(
- 'body' => 'store/rank.html',
- ));
- // Move the file
- if ( isset($_POST["submit"]) && $row['user_points'] >= 300 && file_exists($_FILES['rank']['tmp_name']) )
- {
- // Where the file is going to be placed
- $rankfile = $row['user_id'] . "." . findexts($_FILES['rank']['name']);
- $target_path = "images/ranks/";
- $target_path = $target_path . $rankfile;
- // Lets make sure we don't get hacked.
- // Trust a Stranger
- $wrongtype = false;
- // First By Checking that it is an image
- if ( $FileExt = "jpg")
- {
- $wrongtype = false;
- }
- else if ( $FileExt = "jpeg")
- {
- $wrongtype = false;
- }
- else if ( $FileExt = "png")
- {
- $wrongtype = false;
- }
- else if ( $FileExt = "gif")
- {
- $wrongtype = false;
- }
- else if ( $FileExt = "bmp")
- {
- $wrongtype = false;
- }
- else
- {
- $wrongtype = true;
- }
- // Then checking the filesize, it only need to be small
- if($_FILES['rank']['size']>5242880)
- {
- $toobig = true;
- }
- else
- {
- $toobig = false;
- }
- // Then checking the image size.
- $imagesize = getimagesize($_FILES['rank']['tmp_name']);
- $width = false;
- $height = false;
- if ($imagesize[0] > 110)
- {
- $width= true;
- }
- if ($imagesize[1] > 40)
- {
- $height = true;
- }
- // array 0 = width and 1 = hieght
- //Start the move
- if ( !$wrongtype && !$toobig && !$width && !$height )
- {
- if(move_uploaded_file($_FILES['rank']['tmp_name'], $target_path))
- {
- // testing Stuffs
- $template->assign_vars(array(
- 'ERROR' => $FileExts,
- ));
- // Lets put the rank into the database
- $sql_ary = array(
- 'rank_title' => '',
- 'rank_min' => 0,
- 'rank_special' => 1,
- 'rank_image' => $rankfile,
- );
- $sql = 'INSERT INTO ' . RANKS_TABLE . ' ' . $db->sql_build_array('INSERT', $sql_ary);
- $db->sql_query($sql);
- // And then Take it back out again.
- $sql = 'SELECT rank_id
- FROM ' . RANKS_TABLE . '
- WHERE rank_image = 1660.jpg';
- $result = $db->sql_query($sql);
- $rankid = $db->sql_fetchrow('rank_id');
- // Now Lets make that rank the user's rank
- $sql_ary = array(
- 'user_rank' => $rankid,
- );
- $sql = 'UPDATE ' . USERS_TABLE . '
- SET ' . $db->sql_build_array('UPDATE', $sql_ary) . '
- WHERE user_id = ' . $user->data['user_id'];
- $db->sql_query($sql);
- }
- else
- {
- $template->assign_vars(array(
- 'ERROR' => "There was an error uploading the file, please try again!",
- ));
- }
- }
- else if ( $wrongtype )
- {
- $template->assign_vars(array(
- 'ERROR' => "Only .jpeg, .jpg, .png, .gif and .bmp filetypes allowed",
- ));
- }
- else if ( $toobig )
- {
- $template->assign_vars(array(
- 'ERROR' => "Your image is too big, please choose a Smaller image",
- ));
- }
- }
- else if ( $row['user_points'] < 300 )
- {
- redirect(append_sid("{$phpbb_root_path}store.$phpEx",'mode=nofunds'));
- }
- else if ( !file_exists($_FILES['rank']['tmp_name']))
- {
- $template->assign_vars(array(
- 'ERROR' => 'Please Select a File to Upload',
- ));
- }
- if (isset($_POST["cancel"]))
- {
- redirect(append_sid("{$phpbb_root_path}store.$phpEx"));
- }
- break;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement