Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php session_start();
- $db = new mysqli("localhost", "skole", "rts2012", "rts_");
- if ($db->connect_errno) {
- echo "Kunne ikke forbinde til SQL-Databasen: (" . $db->connect_errno . ") " . $db->connect_error;
- }
- if ($stmt = $db->prepare('INSERT INTO `uploads` (`upload_name`, `upload_class`, `upload_email`,`upload_filename`, `upload_timestamp`, `upload_ip`) VALUES (?, ?, ?, ?, ?, ?)'))
- {
- $stmt->bind_param('ssssis', $navn, $klasse, $email, $safe_filename, $now, $ip);
- $navn = $db->real_escape_string($_POST["navn"]);
- $klasse = $db->real_escape_string($_POST["klasse"]);
- $email = $db->real_escape_string($_POST["email"]);
- $now = time();
- $ip = $_SERVER["REMOTE_ADDR"];
- $MAXIMUM_FILESIZE = 5 * 1024 * 1024;
- $rEFileTypes = "/^\.(pdf|doc|docx|ppt|pptx|jpg|png|gif|jpeg){1}$/i";
- $dir_base = "uploads/";
- $isFile = is_uploaded_file($_FILES['filen']['tmp_name']);
- if($isFile)
- {
- $safe_filename = $now.'_'.rand(100000,999999).'_'.preg_replace(array("/\s+/", "/[^-\.\w]+/"), array("_", ""), trim($_FILES['filen']['name']));
- if($_FILES['filen']['size'] <= $MAXIMUM_FILESIZE && preg_match($rEFileTypes, strrchr($safe_filename, '.')))
- {
- $isMove = move_uploaded_file($_FILES['filen']['tmp_name'], $dir_base.$safe_filename);
- }else
- {
- $_SESSION["error"] = 1;
- $_SESSION["msg"] = "Enten er filen for stor, eller os er filtypen ikke understøttet.";
- header("Location: index.php");
- }
- }else
- {
- $_SESSION["error"] = 1;
- $_SESSION["msg"] = "PHP kunne ikke opfange filen. Prøv igen.";
- header("Location: index.php");
- }
- if($isMove)
- {
- $status = $stmt->execute();
- }
- if($status)
- {
- $_SESSION["success"] = 1;
- header("Location: index.php");
- }else
- {
- $_SESSION["error"] = 1;
- $_SESSION["msg"] = "Execute failed: (" . $stmt->errno . ") " . $stmt->error;
- header("Location: index.php");
- }
- $stmt->close();
- }else
- {
- $_SESSION["error"] = 1;
- $_SESSION["msg"] = "Kunne ikke forberede query.";
- header("Location: index.php");
- }
- ?>
Add Comment
Please, Sign In to add comment