SHARE
TWEET

Untitled

a guest Nov 6th, 2018 95 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1.  <?php
  2. $valid_images = array('jpg','gif','png','jpeg');
  3. $valid_docs = array('docx','doc','pdf','rtf');
  4. $valid_maxSize = 500000;
  5. $target_dir = "/home/ce2/hm70/public_html/WebDev/uploads/";
  6. $filename = basename($_FILES["doc"]["name"]);
  7. $target_file = $target_dir . $filename;
  8. $fileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
  9. if(isset($_POST["Submit"])) {
  10.     if($_FILES["doc"]["size"] < $valid_maxSize) {
  11.         if(in_array($fileType, $valid_images)) {
  12.             // Make sure that the file is a valid image
  13.             if(getimagesize($_FILES["doc"]["tmp_name"]) !== false) uploadFile($target_file, $filename);
  14.             else thrown_error('1');
  15.         } else if(in_array($fileType, $valid_docs)) uploadFile($target_file, $filename);
  16.         else thrown_error('2');
  17.     } else thrown_error('3');
  18. } else {
  19.     echo "<p>Nothing to be done</p>\n";
  20. }
  21. function uploadFile($target_file, $filename) {
  22.     // Create file if it doesn't exist
  23.     if (file_exists($target_file)) unlink($target_file) or die("Couldn't delete file");
  24.     if(move_uploaded_file($_FILES["doc"]["tmp_name"], $target_file)) {
  25.         echo '<h2>The file <a href="http://www2.macs.hw.ac.uk/~hm70/WebDev/uploads/'.
  26.         $filename.'">'.$filename.'</a> has been uploaded by '.htmlspecialchars($_POST["user"]).'!</h2>';
  27.     } else thrown_error(4);
  28.     return;
  29. }
  30. function thrown_error($e) {
  31.     echo "<p>Error: $e</p>";
  32.     exit;
  33. }
  34.  
  35.  
  36. ?>
  37.   <html>
  38.   <body>
  39.     <h4> Submit Your Photo and Name </h4>
  40.     <form action="http://www2.macs.hw.ac.uk/~hm70/WebDev/myfirstscript2.php"
  41.           method="post" enctype="multipart/form-data"> <p>
  42.       File <input type="file" name="doc"> <p>
  43.       Name <input name="user"> <input type="submit" name="Submit">
  44.     </form>
  45.   </body>
  46.   </html>
  47. <?php
  48. //DATABASE CODE:
  49.  
  50. $db_connected = connectDB('hm70');
  51. $sql = "SELECT * FROM users WHERE username='".mysql_real_escape_string($_POST["user"])."'";
  52. $result=mysql_query($sql) or die($sql."<br>\n".mysql_error());
  53. while($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
  54.     echo "Hello ";
  55.     foreach($row as $col) echo " htmlspecialchars($col) "; echo "<br>\n";
  56. }
  57. exit;
  58. function connectDB($database='') {
  59.     global $db, $mysqluser, $mysqlpwd;
  60.     // initiate a database connection by giving a database name, username and password:
  61.     if($database=='') $database = 'hm70';
  62.     if($mysqluser=='') $mysqluser = 'hm70';
  63.     if(!isset($mysqlpwd)) $mysqlpwd = "abchm70354";
  64.     $db = new db_connection("mysql");
  65.     if($db->connect("mysql-server-1.macs.hw.ac.uk", "", $mysqluser, $mysqlpwd, 0,$database)) return true;
  66.     else return false;
  67. }
  68. class db_connection {
  69.     var $connection;
  70.     // create a new connection object
  71.     function db_connection($type="") { }
  72.     // connect to the database server
  73.     function connect($host, $port, $login, $password, $pconnect, $database="") {
  74.         if($port) { $host .= ":$port"; }
  75.         if( !($this->connection = @mysql_connect($host, $login, $password)) ) return false;
  76.         if($database) if(!@mysql_select_db($database, $this->connection)) return false;
  77.         return true;
  78.     }
  79.     function query($query) {
  80.         return mysql_query($query, $this->connection);
  81.     }
  82.     function error() {
  83.         return mysql_error($this->connection);
  84.     }
  85. }
  86.  
  87. ?>
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top