API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 20th, 2017
106
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.96 KB | None | 0 0
raw download clone embed print report
  1. $meno = $_POST['meno'];
  2. $meno = stripslashes($meno);
  3. $meno = mysql_real_escape_string($meno);
  4. $meno = htmlspecialchars($meno);
  5. $suma = $_POST['suma'];
  6. $suma = stripslashes($suma);
  7. $suma = mysql_real_escape_string($suma);
  8. $suma = htmlspecialchars($suma);
  9. $typ = $_POST['typ'];
  10. $typ = stripslashes($typ);
  11. $typ = mysql_real_escape_string($typ);
  12. $typ = htmlspecialchars($typ);
  13. $datum = $_POST['datum'];
  14. $datum = stripslashes($datum);
  15. $datum = mysql_real_escape_string($datum);
  16. $datum = htmlspecialchars($datum);
  17. $rok = substr($datum, 6, 4);
  18. $mes = substr($datum, 3, 2);
  19. $den = substr($datum, 0, 2);
  20. $datum = $rok . "." . $mes . "." . $den;
  21. $suma = str_replace(".", ",", $suma);
  22.  
  23. if($meno == null || $suma == null || $typ == "error" || $datum == null){
  24. include("error_start.php");
  25. echo "Musite vyplnit vsetky polozky! <a href='javascript:javascript:history.go(-1)'>Spä</a>";;
  26. include("error_end.php");
  27. exit();
  28. }
  29.  
  30. $host="localhost";
  31. $username="edoc_38754";
  32. $password="stal1n2011";
  33. $db_name="edoc_38754";
  34. $tbl_name=$_SESSION['meno'].$typ;
  35.  
  36. // Connect to server and select databse.
  37. mysql_connect("$host", "$username", "$password")or die("Nepodarilo sa spoji so servrom.");
  38. mysql_select_db("$db_name")or die("Spojenie s databázou zlyhalo.");
  39.  
  40.  
  41. //*****************************
  42. //This function separates the extension from the rest of the file name and returns it
  43. function findexts ($filename) {
  44. $filename = strtolower($filename) ;
  45. $exts = split("[/\\.]", $filename) ;
  46. $n = count($exts)-1;
  47. $exts = $exts[$n];
  48. return $exts;
  49. } //This applies the function to our file
  50. $ext = findexts ($_FILES['uploaded']['name']) ;
  51. $zakazane = array('html','htm','xml','php');
  52. if(in_array($ext, $zakazane)){
  53. include('error_start.php');
  54. echo "Súbory tohto typu sú z bezpeènostných dovodov zakázané. <a href='javascript:javascript:history.go(-1)'>Spä</a>";
  55. include('error_end.php');
  56. exit();
  57. }
  58. //This line assigns a random number to a variable. You could also use a timestamp here if you prefer.
  59. $ran = rand () ; //This takes the random number (or timestamp) you generated and adds a . on the end, so it is ready of the file extension to be appended.
  60. $ran2 = $ran; //This assigns the subdirectory you want to save into... make sure it exists!
  61. $date = date("-d-m-Y-G-i-s").".";
  62. $target = "../files/";
  63. //This combines the directory, the random file name, and the extension
  64. $target = $target . $ran2 . $date . $ext;
  65.  
  66.  
  67. if(move_uploaded_file($_FILES['uploaded']['tmp_name'], $target)) {
  68.  
  69. $subor=$target;
  70. $sql="INSERT INTO $tbl_name(meno, suma, datum, subor)VALUES('$meno', '$suma', '$datum', '$subor')";
  71. $result=mysql_query($sql);
  72. mysql_close();
  73. header("location:docadd.php");
  74. } else {
  75. include("error_start.php");
  76. echo "Probém pri nahrávani súboru. Uistite sa že ste vybrali súbor a jeho ve¾kos je menšia ako 5MB. <a href='javascript:javascript:history.go(-1)'>Spä</a>";
  77. include("error_end.php");
  78. exit();
  79. }
  80. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!