That's easy enough... but... it doesn't work for .bmp images... there's nothing in it that says it SHOULDN'T do it... it just tells it to upload the file... I don't get it...
What could be wrong with it?
Code: Select all
<?php
require_once('./config.php');
$session_timeout = "900";
if (($_SESSION['log_time'] + $session_timeout) < time()) {
$_SESSION = array(); //removes all session values
if (isset($_COOKIE[session_name()])) { //checks for the cookie with the session name
setcookie(session_name(), '', time()-42000); //removes said cookie
}
if (isset($_COOKIE['userid'])) { //checks for the cookie userid
setcookie("userid",'',time()-3600*24*7); //removes said cookie
}
header('Location: ./index.php'); //if timed out move to login
exit;
} else {
$_SESSION['log_time'] = time();
}
if (!isset($_SESSION['logged-in']) || $_SESSION['logged-in'] !== true) {// is the one accessing this page logged in or not?
exit;
}
$userid = $_COOKIE['userid'];
$r = mysql_fetch_array(mysql_query("SELECT * FROM users where id='$userid'"));//Select the user stuff
$r2 = mysql_fetch_array(mysql_query("SELECT * FROM profile where id='$userid'"));//Select the user stuff from profile database
//checks if user is B&!!!
if ($r[ban] == "yes"){
header('Location: ../banned.php');
echo "you have been b&!!";
exit;
}
include('./navi.php');
$threadid = $_GET['threadid'];
//posts stuff if the user submitted a post...
if ($_POST['message'] != "") {
$userid= $_COOKIE['userid'];
$r=mysql_fetch_array(mysql_query("select * from users where id='$userid'"));
$threadid = $_GET['threadid'];
$user = $r['username'];
$message = $_POST['message'];
$message2 = message_codes($message);
$message3 = nl2br($message2);
$imagename = $_FILES['new_image']['name'];
$explodename = explode(".",$imagename);
$countexplode = count($explodename);
$n = $countexplode - '1';
$ext = $explodename[$n];
mysql_query("INSERT INTO `posts` (`ID`, `thread` , `user` , `content` , `ext` ) VALUES ('NULL', '$threadid', '$userid', '$message3', '$ext')") or die (mysql_error());
if(1 == 1)
{
$lastid = mysql_insert_id();
$imagename = $_FILES['new_image']['name'];
$explodename = explode(".",$imagename);
$countexplode = count($explodename);
$n = $countexplode - '1';
$ext = $explodename[$n];
$source = $_FILES['new_image']['tmp_name'];
$target = "./images/" . $lastid . "." . $ext;
move_uploaded_file($source, $target);
//sets up to check how many pages are in the thread
$totalrows = mysql_num_rows(mysql_query("SELECT ID FROM posts WHERE thread = '$threadid'"));// Counts the total rows
$limit = $threadpagelength;
$totalpages = $totalrows / $limit;// Get the total pages
$totalpages = ceil($totalpages);// Rounds the total pages to the highest possible number
header("Location: ./threadview.php?threadid=$threadid&page=$totalpages");
echo "$threadid";
echo "$navi";
echo "You created a post successfully.";
}
else
{
echo "There has been an error. Please try again.";
}
}
$sendhere = <<<HERE
<form action="?threadid=$threadid" method="POST" enctype="multipart/form-data" id="something" class="uniForm" />
<table border="1" cellspacing="1" cellpadding="1">
<tr><td>Post:</td><td><textarea name="message" rows="5" cols="50" />
</textarea></td></tr>
<tr><td>File:</td><td><input name="new_image" id="new_image" type="file" size="30" /></td></tr>
<tr><td><input name="Submit" type="Submit" value="Send" /></td></tr>
</form>
<tr><td colspan=2>Formatting:<br />
<ul>
<li>italics = </li>
<li>bold = </li>
<li>smileys = :), :D, :P, :S, :(</li>
</ul>
</td></tr>
</table>
HERE;
$catid = $_GET['catid'];
echo $sendhere;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Forums | Reply</title>
<link rel="stylesheet" type="text/css" href="./style.css" />
</head>
<body>
<br />
</body>
</html>