tasairis wrote:Could you post the first 120 lines of addlisting.php? Probably the first 15 is enough but if you're in the file anyways then there's no harm done.
<?
require_once("conn.php");
require_once("access.php");
require_once("includes.php");
$cryptinstall="captcha/cryptographp.fct.php";
include_once $cryptinstall;
//get the info
echo $PATH_INFO;
if(isset($_POST[s1]) and chk_crypt($_POST['code']) )
{
$LogoImage = $_FILES[logo][name];
if(!empty($LogoImage))
{
$MyLogo = $t."_logo_".$LogoImage;
copy($_FILES[logo][tmp_name], "yellow_images/".$MyLogo);
}
else
{
$MyLogo = "";
}
//manage files
$MyImages = array();
if(!empty($_FILES[ResumeImages][name][0]))
{
while(list($key,$value) = each($_FILES[ResumeImages][name]))
{
if(!empty($value))
{
$NewImageName = $t."_resume_".$value;
copy($_FILES[ResumeImages][tmp_name][$key], "yellow_images/".$NewImageName);
$MyImages[] = $NewImageName;
}
}
if(!empty($MyImages))
{
if(empty($_POST[OldImages]))
{
$ImageStr = implode("|", $MyImages);
}
else
{
$ImageStr = "";
}
}
}
else
{
$ImageStr = "";
}
$qu = " select * from yellow_settings ";
$msql = mysql_query($qu);
$fet = mysql_fetch_array($msql);
if ($fet[approve_free] == 'yese') {
$status = "active";
$expd = date('Y-m-d' , mktime(0,0,0,date(m) , date(d) + $fet[freelex], date(Y)));
}
else {
$status = "notconf";
$expd = "Pending";
}
if ($fet[freelex] == 0) {
$expd = 'Never';
}
$notpq = "select * from yellow_subcat where subcatid = '$_POST[SubCategoryID]'";
$mynotpq = mysql_query($notpq);
$fetch = mysql_fetch_array($mynotpq);
if($fetch[O1] != '0' || $fetch[O2] != '0' || $fetch[O3] != '0') {
$status = "notpaid";
$expd = "Pending";
}
function sec(&$arr){
foreach($arr as $n=>$v)
$arr[$n] = addslashes($v);
}
sec($_POST);
$q1 = "insert into yellow_posts set
CompanyName = '$_POST[CompanyName]',
CategoryID = '$_POST[CategoryID]',
SubCategoryID = '$_POST[SubCategoryID]',
resume = '$_POST[resume]',
logo = '$MyLogo',
ResumeImages = '$ImageStr',
PostDate = '$t',
AgentID = '$_SESSION[AgentID]',
status = '$status',
expd = '$expd' ";
mysql_query($q1);
header("location:managelisting.php");
exit();
}
for($z = '1'; $z <= (5 - $i); $z++)
{
$ImageBlock .= "<input type=file name=\"ResumeImages[]\"><br>\n";
}
if (!chk_crypt($_POST['code']) and !empty($_POST[resume]) and !empty($_POST[CompanyName]) ) {$error="Wrong Confirmation Code!"; }
//get the templates
require_once("templates/HeaderTemplate.php");
require_once("templates/AddListTemplate.php");
require_once("templates/FooterTemplate.php");
?>