<? session_start(); //èíèöèàëèçèðóì ìåõàíèçì ñåñññèé include ("db_connect.php");
if(isset($_SESSION['login'])) { $login = $_SESSION['login']; } if (isset($_POST['submit'])){ $submit = $_POST['submit']; } if (isset($_POST{'id'})) { $id = $_POST{'id'}; } if($_POST['session'] != session_id()) { exit ("Îøèáêà!"); } else { if(isset($_POST['submit'])) { $res_file = mysql_query("SELECT author FROM photo WHERE author='".$id."'"); if(mysql_num_rows($res_file) < 40) { $userfile = $_FILES['image']['tmp_name']; $userfile_size = $_FILES['image']['size'];
if(!empty($userfile)) { if ($userfile_size < 1024*4*1024) { $userfile_name = $_FILES['image']['name']; $userfile_name_arr = explode(".",$userfile_name); $type = end($userfile_name_arr); $extentions = array("jpg", "jpe", "jpeg", "gif", "png"); if ((in_array($type, $extentions) or in_array(strtolower($type), $extentions)) and $userfile) { if (isset($_POST['id'])){ $id = $_POST['id']; } if (isset($_POST['title'])){ $title = $_POST['title']; } $date = date("Y-m-d"); $title = htmlspecialchars(stripslashes($title)); $uploaddir = '/foto/'; $name = basename("www.site.ru_".date("YmdHis",time())."_"."photo".$type); $uploadfile = $uploaddir . $name; $w = 650; $h = 488; $q = 100; $size_img = getimagesize($userfile); if($size_img[0] < $w) { if (move_uploaded_file($userfile, $uploadfile)) { $result_com = mysql_query("INSERT INTO photo(title,author,date,photo) VALUES('".$title."','".$id."','".$date."','".$name."')",$db); if ($result_com == TRUE) { $msg = "Ôîòî óñïåøíî çàãðóæåíî!"; header("Location: http://site.ru/msg.php?msg=$msg"); } else { echo 123; } } }
else { $ratio = $w/$h; $src_ratio = $size_img[0]/$size_img[1]; if($ratio < $src_ratio) $h = $w/$src_ratio; else $w = $h * $src_ratio; $dest_img = imagecreatetruecolor($w, $h); if ($type == "jpg" || "jpe" || "jpeg") { $src_img = imagecreatefromjpeg($userfile); } else if ($type == "gif") { $src_img = imagecreatefromgif($userfile); } else if ($type == "png") { $src_img = imagecreatefrompng($userfile); } imagecopyresampled($dest_img, $src_img, 0, 0, 0, 0, $w, $h, $size_img[0], $size_img[1]);
if ($type == "jpg" || "jpe" || "jpeg") { imagejpeg($dest_img, $uploadfile, $q); } else if ($type == "gif") { imagegif($dest_img, $uploadfile, $q); } else if ($type == "png") { imagepng($dest_img, $uploadfile, $q); } $return = 1; if ($return == 1) { $result_com = mysql_query("INSERT INTO photo(title,author,date,photo) VALUES('".$title."','".$id."','".$date."','".$name."')",$db); if ($result_com == TRUE) { $msg = "Ôîòî óñïåøíî çàãðóæåíî!"; header("Location: http://site.ru/msg.php?msg=$msg"); } else { echo 123; } } else { echo 7345345; }
} } else { $msg = "Çàãðóçêà ÈÍÛÕ ôàéëîâ, ÇÀÏÐÅÙÅÍÀ!<br /> Çàãðóæàéòå ôàéëû ñ ðàñøèðåíèåì .jpg, gif, png"; header("Location: http://site.ru/msg2.php?msg=$msg"); } } else { $msg = "Ðàçìåð çàãðóæàåìîãî ôàéëà ïðåâûøàåò 4ÌÁ!"; header("Location: http://site.ru/msg2.php?msg=$msg"); } } else { $msg = "Âû íå âûáðàëè ôàéë äëÿ çàãðóçêè!"; header("Location: http://site.ru/msg2.php?msg=$msg"); } } else { $msg = "Âàø ëèìèò çàãðóçêè ïðåâûøåí!<br />Âñåãî äîñòóïíî 40 èçîáðàæåíèé!"; header("Location: http://site.ru/msg2.php?msg=$msg"); } } else { $msg = "Èçâèíèòå, íî ïðîèçîøëà îøèáêà!"; header("Location: http://site.ru/msg2.php?msg=$msg"); } } |