$err

"; } do { // check if picture name variable has a value; if not, skip to the // "while(false)" section of "do" statement if(isset($picture)) { // here is where the server transparently checks that the client picture file // doesn't exceed maximum allowable size if (checkEmail($email) == 0) { print_error("$email is not a valid email address please re-enter you afro lovin' goofball"); break; } //prvent sql injections and other foul stuff in the strings $desc = cleanSqlData($desc); $name = cleanSqlData($name); $picture_name = cleanSqlData($picture_name); if(getenv("CONTENT_LENGTH") > MAX_FILE_SIZE) { print_error("File too large: $picture_name"); break; } // open client picture file for read only; "@" prefix tells fopen not to print // message if there is an error, since function print_error does that // if there is an error, break out of "do" loop and continue at "while(false)" $picture_parts = explode(".",$picture_name); $ext = $picture_parts[1]; $just_name = $picture_parts[0]; if ( ($ext == "jpg") || ($ext == "gif") || ($ext == "png") || ($ext == "bmp") ) { } else { print_error("only jpg - gif - png or bmp images are accepted - sorry email me at info@vanillaafro.com if you don't like it!"); break; } $fp = @fopen($picture,"r"); if(!$fp) { print_error("Cannot open file: $picture_name"); break; } // generate unique name for session, use it to generate unique server // directory name, and create the directory srand((double) microtime() * 1000000); $id = md5(uniqid(rand())); $dirname = "$upload_dir/$id"; mkdir($dirname,0777); // create the server picture file in the newly created server directory $filename = $dirname ."/".$just_name.".".$ext; // open server picture file for write only; "@" prefix tells fopen not to // print message if there is an error, since function print_error does that // if there is an error, break out of "do" loop and continue at "while(false)" $out = @fopen($filename,"w"); if(!$out) { print_error("Cannot open file: $filename"); break; } // copy client picture file to server picture file while($buffer = fread($fp,8192)) { fwrite($out,$buffer); } // close client picture file and server picture file fclose($fp); fclose($out); // create server name file in picture file directory; this file will hold the // name of the picture file $filename = $dirname . "/name"; // open server name file for write only; "@" prefix tells fopen not to print // message if there is an error, since function print_error does that // if there is an error, break out of "do" loop and continue at "while(false)" $out = @fopen($filename,"w"); if(!$out) { print_error("Cannot open file: $filename"); break; } // write the server picture name to the server name file, and close the server // name file fputs($out,$name); fclose($out); // display message that client picture file was successfully copied to the // server, display a prompt to look at updated server photo gallery, and supply // the HTML link mail("info@vanillaafro.com","afro submitted","file: $filename \n name: $name \n description: $desc \n email: $email \n"); ?> Picture added. Thanks.
// exit to the server photo gallery exit(); } } while(false); // you get to here only when "if(isset($picture))" is false, which means that // no picture name has been submitted, therefore go display the input form where // the necessary information can be entered $title="Submit an afro to vanillaafro.com i.e. 70s afros white afros black afros or fros"; $desc="submit an afro logo or a regular old afro including 70s afros and white guy afros"; $keywords="afro submission,white afros,white fros,70s afros,70s afros,60s afros,60s fros,1970s afros"; $header = getHeader($title,$desc,$keywords); $body="

"; $footer=getFooter(); echo "$header $body $footer";