Untitled

<?php
$valid_images = array('jpg','gif','png','jpeg');
$valid_docs = array('docx','doc','pdf','rtf');
$valid_maxSize = 500000;
$target_dir = "/home/ce2/ch63/public_html/Lab2/uploads/";
$filename = basename($_FILES["doc"]["name"]);
$target_file = $target_dir . $filename;
$fileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
if(isset($_POST["Submit"])) {
    if($_FILES["doc"]["size"] < $valid_maxSize) {
        if(in_array($fileType, $valid_images)) {
            // Make sure that the file is a valid image
            if(getimagesize($_FILES["doc"]["tmp_name"]) !== false) uploadFile($target_file, $filename);
            else thrown_error('1');
        } else if(in_array($fileType, $valid_docs)) uploadFile($target_file, $filename);
        else thrown_error('2');
    } else thrown_error('3');
} else {
    echo "<p>Nothing to be done</p>\n";
}
function uploadFile($target_file, $filename) {
    // Create file if it doesn't exist
    if (file_exists($target_file)) unlink($target_file) or die("Couldn't delete file");
    if(move_uploaded_file($_FILES["doc"]["tmp_name"], $target_file)) {
        echo '<h2>The file <a href="http://www2.macs.hw.ac.uk/~ch63/Lab2/myfirstcode.php"'.
            $filename.'">'.$filename.'</a> has been uploaded by '.$_POST["user"].'!</h2>';
    } else thrown_error(4);
    return;
}
function thrown_error($e) {
    echo "<p>Error: $e</p>";
    exit;
}
?>
<html>
<body>
<h4> Submit Your Photo and Name </h4>
<form action="http://www2.macs.hw.ac.uk/~ch63/Lab2/myfirstcode.php"
      method="post" enctype="multipart/form-data"> <p>
        File <input type="file" name="doc"> <p>
        Name <input name="user"> <input type="submit" name="Submit">
</form>
</body>
</html>
<?php
//DATABASE CODE:

$db_connected = connectDB('ch63');
$sql = "SELECT * FROM users WHERE username='".$_POST["user"]."'";
$result=mysql_query($sql) or die($sql."<br>\n".mysql_error());
while($row = mysql_fetch_array($result)) {
    echo "Hello ";
    foreach($row as $col) echo " $col "; echo "<br>\n";
}
exit;
function connectDB($database='') {
    global $db, $mysqluser, $mysqlpwd;
    // initiate a database connection by giving a database name, username and password:
    if($database=='') $database = 'ch63';
    if($mysqluser=='') $mysqluser = 'ch63';
    if(!isset($mysqlpwd)) $mysqlpwd = "F68I2StlNu";
    $db = new db_connection("mysql");
    if($db->connect("mysql-server-1.macs.hw.ac.uk", "", $mysqluser, $mysqlpwd, 0,$database)) return true;
    else return false;
}
class db_connection {
    var $connection;
    // create a new connection object
    function db_connection($type="") { }
    // connect to the database server
    function connect($host, $port, $login, $password, $pconnect, $database="") {
        if($port) { $host .= ":$port"; }
        if( !($this->connection = @mysql_connect($host, $login, $password)) ) return false;
        if($database) if(!@mysql_select_db($database, $this->connection)) return false;
        return true;
    }
    function query($query) {
        return mysql_query($query, $this->connection);
    }
    function error() {
        return mysql_error($this->connection);
    }
}

?>