here's the part to process files that are uploaded (sub section of a larger error checking,i think i cut off the last few } for this because it updates the db):
Code: Select all
elseif($step===5){ # make sure the validation code is correct and "pictures" are pictures
$validate=$_COOKIE['confcode'];
if($conf!==$validate){
$err=TRUE; $step=4;
$errs[]='Your Confirmation Code did not match. Your e-mail MUST be validated to proceed.<br> You will need to resubmit your pictures as well.<br />';
}
else{ # only bother to process any uploaded files and set the account to being usable if the confcode is right
foreach($images as $key=>$value){
if($_FILES[$key]['name']){ # if they uploaded a file
$imgInfo=getImageSize($_FILES[$key]['tmp_name']); # find the image info
$type=$imgInfo[2]; $height=$imgInfo[1]; $width=$imgInfo[0]; # get the type, height and width
if($_FILES[$key]['error'] !== (0 || 'UPLOAD_ERR_OK')){ # if there was an error
$picerr=TRUE; $warn=TRUE; $error=$_FILES[$key]['error'];
$warns[]="Uploading your $value caused an error: $error";
}
if(153600<$_FILES[$key]['size']){ # make sure it isn't over 150 KB
$picerr=TRUE; $warn=TRUE;
$warns[]="Your $value was too large. You may not upload a file over 153600 Bytes (150 KB)";
}
if($type!=2){ # only accept jpegs
$picerr=TRUE; $warn=TRUE;
$warns[]="Your $value was not a JPEG. JPEG encoded files traditionally end with .jpe, .jpg, and .jpeg on windows.";
}
if($height<36){ # only accept jpegs
$picerr=TRUE; $warn=TRUE;
$warns[]="Your $value was less than 36 pixels in height. We require submitted pictures be at least twice the height of our tag.";
}
if($width<130){ # only accept jpegs
$picerr=TRUE; $warn=TRUE;
$warns[]="Your $value was less than 130 pixels. We require the width to be more than 130 pixels.";
}
if(!($picerr)){ # if there wasn't an issue, move to the awaiting approval bin -- humans will check it's ok
$un=$_COOKIE['un']; $to=getcwd().'/unapproved/'.$key.'.'.$un.'.jpg';
move_uploaded_file($_FILES[$key]['tmp_name'], $to);
$warns[]="$value was uploaded sucessfully"; # incase something else went wrong
}
}
}Code: Select all
# add to the db (if applicable)
function s2dbadd($db, $badaim, $badicq, $badmsn, $badyim){
include("/home/joshua/includes/fyd.altincs.php"); # includes file (precautionary measure)
# step 2 non-passed variables
$un=clean($_POST['un']); $pw=MD5($_POST['pw']); $email=clean($_POST['email']); $dobm=clean($_POST['month']); $dobd=clean($_POST['day']); $doby=clean($_POST['year']); $gender=clean($_POST['gender']); $sexpref=clean($_POST['sexpref']); $marstat=clean($_POST['marstat']); $country=clean($_POST['country']); $feet=clean($_POST['feet']); $inches=clean($_POST['inches']); $waist=clean($_POST['waist']); $eye=clean($_POST['eye']); $hair=clean($_POST['hair']); $weight=clean($_POST['weight']); $body=clean($_POST['body']); $education=clean($_POST['education']); $employment=clean($_POST['employment']); $religion=clean($_POST['religion']); $ethnicity=clean($_POST['ethnicity']); $city=clean($_POST['city']); $spt=clean($_POST['spt']); $selfcat=clean($_POST['selfcat']); $aim=clean($_POST['aim']); $icq=clean($_POST['icq']); $mirc=clean($_POST['mirc']); $msn=clean($_POST['msn']); $yim=clean($_POST['yim']); # || date of birth month/day/year, gender, sexual preference, marital status, country, height (feet/inches), waist, eye, hair, weight, body type, education level, employment status, religion, ethnicity, city, state/province/territory, selfcat || aim, icq, mirc, msn, yim
$llip=$_SERVER['REMOTE_ADDR']; $aff='Regular';# variables not in post but needed
$lld=gmdate("Y-m-d H:i:s", time()); # get the GMT date/time based on time() (which returns the GMT timestamp)
$enroll=gmdate("Y-m-d H:i:s", time()); # get the GMT date/time based on time() (which returns the GMT timestamp)
# set various elements in prep to enter into the db
if(isset($aim)&&$badaim){ $aim=NULL; } # set aim to a NULL entry if needed
if(isset($icq)&&$badicq){ $icq=NULL; } # set icq to a NULL entry if needed
if(isset($msn)&&$badmsn){ $msn=NULL; } # set msn to a NULL entry if needed
if(isset($yim)&&$badyim){ $yim=NULL; } # set yim to a NULL entry if needed
$height=(12*$feet)+$inches; # set height for storage
$dob=$doby.'-'.$dobm.'-'.$dobd; # set DOB
# make primary user table entry, retrieve uid
mysql_query("INSERT INTO users (username, password, email, last_login_ip, last_login_date, enroll, gender) VALUES ($un, $pw, $email, $llip, $lld, $enroll, $gender)", $db); # sets the main user table
$getuid=mysql_query("SELECT uid FROM users WHERE un=$un", $db); # query for uid
$uid=mysql_fetch_array($getuid); # set the uid
# make stats table entry
mysql_query("INSERT INTO stats (uid, dob, affiliation, sex_pref, mar_stat, country, height, waist, eye_color, hair_color, weight, body_type, education, employment, religion, ethnic, city, spt, self_cat, aim, icq, mirc, msn, yim) VALUES ($uid, $dob, $aff, $sexpref, $marstat, $country, $height, $waist, $eye, $hair, $weight, $body, $education, $employment, $religion, $ethnicity, $city, $spt, $selfcat, $aim, $icq, $mirc, $msn, $yim)", $db); #insert stats into stats table
# set uid into a cookie
$expire=time()+60*60; # set expiration an hour from now
setcookie(uid, md5($uid), $expire);
}
function s3dbadd(){
include("/home/joshua/includes/fyd.altincs.php"); # includes file (precautionary measure)
$uid=$_COOKIE['uid']; # set the uid so this part is synched
# variables for step 3
$bq1=clean($_POST['bq1']); $bq2=clean($_POST['bq2']); $bq3=clean($_POST['bq3']); $bq4=clean($_POST['bq4']); $auth=clean($_POST['auth']); $bio=clean($_POST['bio']); $smusic=$_POST['music']; $sbooks=$_POST['books']; $smovies=$_POST['movies']; $ssports=$_POST['sports']; $smisc=$_POST['misc']; $spets=$_POST['pets']; # answers to bio questions 1-4, an author for the quote, and a space to write a open bio || interests: movies, books, music, sports, misc, pets
# turn the submitted interests (sinterests) array into strings
$movies=join(' ',$smovies); $books=join(' ',$sbooks); $misc=join(' ',$smisc);
$sports=join(' ',$ssports); $music=join(' ',$smusic); $pets=join(' ',$spets);
# clean the lists incase someone did do something to screw with the input
$movies=clean($movies); $books=clean($books); $misc=clean($misc); $sports=clean($sports);
$music=clean($music); $pets=clean($pets);
# connect to db and add bio and interest table entries
$db=mysql_pconect('Ashes', 'visitor', $visitor) or die("cannot access db"); # connect
$fyd=mysql_select_db('findyourdesire', $db); # select the db
$addbio=mysql_query("INSERT INTO bio (uid, bq1, bq2, bq3, bq4, auth, bio) VALUES ($uid, $bq1, $bq2, $bq3, $bq4, $auth, $bio)", $db); # insert bio info into bio table
$addinterests=mysql_query("INSERT INTO interests (uid, movies, books, music, pets, sports, misc) VALUES ($uid, $movies, $books, $music, $pets, $sports, $misc)", $db); # insert interests into interests table
}