errorthing

1.  
2. <?php
3. $con = mysql_connect('server', 'user', 'pass');
4. if (!$con) {
5. die('Could not connect to the database! Please check your internet connection and try again! If the problem persists please contact support@unityinvt.org immediately!<br/>This error report contains:<br/> ' . mysql_error());
6. }
7. echo '<br/> ';
8.  
9. // Create table
10. mysql_select_db("lms_ac7o7ln63o", $con);
11.  
12.  
13.  
14.  
15. //save the requested location of the file to a variable
16. $filename = $_POST['location'];
17. $useremail = $_POST['youremail'];
18. $userip = $_SERVER['REMOTE_ADDR'];
19.  
20. //add the correct extension
21. $filename .= ".php";
22.  
23. //add our prefix
24. $thelink = "www.unityinvt.org";
25.  
26. //combine the prefix with the desired location
27. $thelink .= $filename;
28.  
29. //check if file exists
30. if (file_exists($filename)) {
31.  
32. //if its being used then let the user know
33. echo "<head></head><body bgcolor='green'><div align='center'><img src='http://www.unityinvt.org/fullbanner.jpg' alt='Logo'/><br/><h2>It looks like the file name $filename is <b>not available</b>, please press the back button in your browser to retry, and possibly preserve the previous entries.</h2></div>";
34. echo"<h3><div align='center'>No back button? Click this button <br/><button onclick='history.go(-1);this.value=\"Loading...\"'>Back </button></div></h3></body>";
35. //<form action=''><input type='submit' value='Go back' onclick='this.value=\"Loading...\"; history.back() '><form action=''><input type='submit' value='Go //back' onclick='this.value=\"Loading...\"; history.back() '></form>
36. }
37. else {
38. // if its not being used then add the info to the database
39. $sql="INSERT INTO events (date, church, title, description, location, firstname, lastname)
40. VALUES
41. ('$_POST[date]','$_POST[church]','$_POST[title]','$_POST[description]','$_POST[location]','$_POST[firstname]','$_POST[lastname]')";
42.  
43. //if its not being used then get the file ready for writing
44. $ourFileName =$filename;
45. $ourFileHandle = fopen($ourFileName, 'w');
46.  
47. // save the title and descriptions to stringData d and t
48. $stringDatat = $_POST['title'];
49. $stringDatad = $_POST['description'];
50. $stringDatac = $_POST['church'];
51. $sitestatus = $_POST['includelink'];
52. $churchwebsite = $_POST['churchwebsite'];
53. $pagebackground = $_POST['pagecolor'];
54. $haveimage = $_POST['haveimage'];
55. $imagetext = "";
56.  
57.  
58. //if the user has specified and image upload it to the server and save it to a variable so that it can be shown
59. if(isset($haveimage)){
60.  
61. $allowedExts = array("jpg", "jpeg", "gif", "png");
62. $extension = end(explode(".", $_FILES["file"]["name"]));
63. if ((($_FILES["file"]["type"] == "image/gif")
64. || ($_FILES["file"]["type"] == "image/jpeg")
65. || ($_FILES["file"]["type"] == "image/png")
66. || ($_FILES["file"]["type"] == "image/pjpeg"))
67. && ($_FILES["file"]["size"] < 20000)
68. && in_array($extension, $allowedExts))
69. {
70. if ($_FILES["file"]["error"] > 0)
71. {
72. echo "Unity in Vermont has encountered an error while uploading the file: " . $_FILES["file"]["error"] . "<br>";
73. }
74. else
75. {
76. echo "You entered the following info:<br/>";
77. echo "File: " . $_FILES["file"]["name"] . "<br>";
78. echo "Type: " . $_FILES["file"]["type"] . "<br>";
79. echo "Size: " . ($_FILES["file"]["size"] / 20000) . " kB<br>";
80. //echo "Temp file: " . $_FILES["file"]["tmp_name"] . "<br>";
81.  
82. if (file_exists("inviteupload/" . $_FILES["file"]["name"]))
83. {
84. echo "<br/><b>". $_FILES["file"]["name"] . " already exists, please rename it and try again! </b>";
85. }
86. else
87. {
88. move_uploaded_file($_FILES["file"]["tmp_name"],
89. "inviteupload/" . $_FILES["file"]["name"]);
90. echo "<br/> <b>Your file uploaded sucessfully: " . "www.unityinvt.org/inviteupload/" . $_FILES["file"]["name"] ."</b>";
91. }
92.  
93. if($_FILES["file"]["size"] > 20000){
94. echo "<b>The file you are trying to upload is larger than 19.5 MB! Please shorten or compress it and try again! If you are uploading an JPG or GIF file please convert it to an PNG file with <a href='http://www.zamzar.com'>zamzar.com</a> and try again. If you still need more space please contact support and we will see what we can do for you! Support: <a href='mailto:support@unityinvt.org'>support@unityinvt.org</a></b>";
95. }
96. //if it is an invalid type
97. if(($_FILES["file"]["type"] != "image/gif")
98. && ($_FILES["file"]["type"] != "image/jpeg")
99. && ($_FILES["file"]["type"] != "image/png")
100. && ($_FILES["file"]["type"] != "image/pjpeg"))
101. {
102. echo "Invalid file type! Please enter a GIF,JPG, JPEG, or PNG file and try again. You can convert your files for free online at <a href='http://www.zamzar.com'>zamzar.com</a>";
103. //echo $_FILES["file"]["type"];
104. //echo $extension;
105. //echo $_FILES["file"]["size"];
106. }
107. //$imagetext = "<img src='$haveimage'><br/>";
108. }
109.  
110. //if the user has not specified an image then don't show or upload the image
111. if(!isset($haveimage)){
112. $imagetext = " ";
113. }
114.  
115. //if the user wants his website shown then show it
116. if(isset($sitestatus)){
117. $sitestatus = "You can visit the church website at: <a href='http://$churchwebsite'>".$churchwebsite."</a>";
118. }
119.  
120. //if the user doesnt want his site shown then dont show it
121. if(!isset($sitestatus)){
122. $sitestatus = " ";
123. }
124.  
125.  
126.  
127. //write the title and description to file, but on seperate lines
128. $written = "<head><title>".$stringDatat."</title>
129. <div id='fb-root'></div>
130. <script>(function(d, s, id) {
131. var js, fjs = d.getElementsByTagName(s)[0];
132. if (d.getElementById(id)) return;
133. js = d.createElement(s); js.id = id;
134. js.src = '//connect.facebook.net/en_US/all.js#xfbml=1';
135. fjs.parentNode.insertBefore(js, fjs);
136. }(document, 'script', 'facebook-jssdk'));</script>
137. </head>
138. <body bgcolor='$pagebackground'>
139. <div align='center'>
140. <img src='http://www.unityinvt.org/fullbanner.jpg' alt='Logo'/>
141. </div><br/>
142. <button onclick='history.go(-1)'>Back </button><br/>
143. &#169 Unity in Vermont 2013 and ". $stringDatac . "<br/>
144. Submitted by " .$stringDatac. " on ". date("m/d/Y")."<br/> ".$sitestatus."<br/>Please share this event <div class='fb-send' data-href='www.unityinvt.org/$filename' data-font='arial'></div><br/> <h2>".$stringDatat."</h2>
145. " ."Description:<br/><font face='Arial Rounded MT Bold'>". $stringDatad."</font><br/>".$imagetext."<br/>
146. <b>If you believe that this event is spam, please report it!</b><br/><form name='spamform' action='spammark.php' method='post'><input type='hidden' name='badpage' value='www.unityinvt.org/$filename'/><input type='submit' value='Mark as spam' /></form><br/>
147. <div class='fb-comments' data-href='www.unityinvt.org/$filename' data-width='470' data-num-posts='10'></div></body>";
148.  
149. fwrite($ourFileHandle,$written);
150.  
151. //NEW CODE LINE START
152. // all of this code is to remove any unwanted \'s from the file and rewrite it
153. // because when funky characters are unencoded they might come out
154. // like \" instead of "
155.  
156. //convert funky characters to " ' and so on to \" \' and so on
157. mb_convert_encoding(
158. file_get_contents($filename),
159. "HTML-ENTITIES",
160. "UTF-8"
161. );
162. //now remove the \s
163. $variable_to_write = stripslashes(mb_convert_encoding( file_get_contents($filename), "HTML-ENTITIES", "UTF-8" ));
164.  
165. //read the entire string to find the number of bytes to overwrite
166. $str=implode("\n",file($filename));
167.  
168. //open it for editing
169. $fp=fopen($filename,'w');
170.  
171. //replace the old file with the new
172. $str=str_replace($written,$variable_to_write,$str);
173.  
174. //rewrite the file
175. fwrite($fp,$str,strlen($str));
176.  
177. // file_put_contents($ourFileHandle,$variable_to_write);
178.  
179.  
180. //NEW CODE LINE END
181.  
182. //close the editor
183. fclose($ourFileHandle);
184.  
185. //tell the user his file is available and make a button that will bring him to the next step
186. echo "<div align='center'><img src='http://www.unityinvt.org/fullbanner.jpg' alt='Logo'/><br/><h2>Your event \" $stringDatat \" is now available at <a href='$filename'>unityinvt.org/$filename</a>!\n</h2></div>";
187. echo"<div align='center'><form action='addevent1.html'><input type='submit' value='Continue' onclick='this.value=\"Loading...\" '></div></form>";
188. //onClick='this.value="Loading...";'
189. //email the submitter
190. $to = $useremail;
191. $subject = "Thank you for adding " . $stringDatat;
192. $message = "Hello " .$stringDatac . ", \nThank you for adding the event ". $stringDatat ." to unityinvt.org! It is avalable at www.unityinvt.org/" . $filename . "\nPlease let us know if there is anything else we can do for you,\nUnity in Vermont\n\nReplies to this email are not received, if you wish to reply please email patrick@unityinvt.org\n\n\nIf you did not submit an event on unityinvt.org please send a quick email to spam@unityinvt.org and quote this code: ". $userip;
193.  
194. $headers = 'From: noreply@unityinvt.org';
195.  
196. mail($to,$subject,$message,$headers);
197.  
198. //email the admin
199. $to = "patrick@unityinvt.org";
200. $subject = "New event " . $stringDatat . " added!";
201. $message = "Hello Patrick, \n" .$stringDatac . " has added the event ". $stringDatat ." to unityinvt.org! It is saved at " . $filename . " it was also emailed to " . $useremail . "\nThis event was submitted by: " . $userip . "\nFrom Unity DeSpammer version 2.3";
202.  
203. $headers = 'From: noreply@unityinvt.org';
204.  
205. mail($to,$subject,$message,$headers);
206. }
207. //old
208.  
209. if (!mysql_query($sql,$con))
210. {
211. die('Error: ' . mysql_error());
212. }
213.  
214.  
215.  
216. mysql_close($con);
217.  
218. echo"<style>a:link {color: #FFFFFF}</style>";
219. echo "<body bgcolor='green'>";
220. //echo "</body>";
221. ?>