Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- include "DBCONNECT.php";
- $tblname = "stories";
- session_start();
- function get_image_extension($filename){
- $tempArray = explode(".",$filename);
- return $tempArray[1];
- }
- function extValid($fileString){
- $fileString = strtolower($fileString);
- if($fileString == "jpg" || $fileString == "jpeg" || $fileString == "png" || $fileString == "gif"){
- return true;
- } else{
- return false;
- }
- }
- if($story1 != '' && $story2 != '' && $story3 != ''){
- if(isset($_POST['rating'])){
- if(isset($_POST['category']) && $_POST['category'] != ""){
- if(isset($_SESSION['username'])){
- $user = $_SESSION['username'];
- $date = date("M j, Y");
- $story = $_POST['story1']." - ".$_POST['story2']." - ".$_POST['story3'];
- $rating = $_POST['rating'];
- $category = $_POST['category'];
- $ext = get_image_extension(($_FILES['file']['name']));
- $file_name = md5(rand(900000000,1000000000));
- $validExtension = extValid($ext);
- if($validExtension == true){
- echo "valid extension";
- //copy($_FILES['file']['tmp_name'],"user_uploads/".$file_name.".".$ext));
- }else{
- echo "invalid extension.";
- }
- //$sql = "INSERT INTO stories VALUES('','$user','$date','$story','$user','$rating','0','0','0','$category')";
- mysql_query($sql);
- //header("Location: index.php?pid=");
- }
- }else{
- //header("Location: index.php?pid=errormessage&message=You must select a category.");
- }
- }else{
- //header("Location: index.php?pid=errormessage&message=You must select a degree rating.");
- }
- }else{
- //header("Location: index.php?pid=errormessage&message=You must fill out all of the story fields.");
- }
- ?>
Add Comment
Please, Sign In to add comment
