Any suggestions on how to edit my code to make it functional?
($uname and the error function have been earlier defined.)
Code: Select all
<?php
if($_SERVER['REQUEST_METHOD'] == 'POST') {
$maxsize == 1000000;
if(is_uploaded_file($_FILES['avatar'])) {
$avatar = addslashes(file_get_contents($_FILES['avatar']));
$size = getimagesize($_FILES['avatar']);
if($size > $maxsize) {
error('File exceeds maximum size');
}
else {
include 'db.php';
$sql = "UPDATE logintest SET avatar='$avatar' WHERE uname = '$uname' ";
$result = mysql_query($sql) or die (mysql_error());
$num_rows = mysql_num_rows($result);
if ($result) {
error('File uploaded');
header("Location: loginsuccess.htm");
}
else {
error('Error uploading file. Please try again.');
}
}
}
}
?>
<form enctype="multipart/form-data" name="avatarform" method="post" action="scriptchangeavatar.php">
<input type="hidden" name="MAX_FILE_SIZE" value="1000000">
<table border="0">
<tr>
<td align="right"><b>Choose a file to upload</b></td><td><input type="file" name="avatar"></td></tr>
<tr><td align="right" colspan="2"><input type="submit" name="avatarupload" value="Upload"></td></tr></table>
</form>Thanks!