o, 我可以跟踪SQL语句,在自己调试一下,就可以发现。
解决方案 »
- php链接问题
- 有对js兼容问题有经验的朋友么?这个功能在mac的safari下是不是不能实现?
- 请教关于网页过期的问题
- PHP数组COPY问题
- zend studio for eclipse 6.1.2导入项目的问题!!!????
- 如何使用PHP动态把JPEG图片切割成几块?
- 怎样得到浏览者的IP?
- 急,php做为cgi连接mysql出现Can't create TCP/IP socket (10106)
- 如何实现点一次submit,action到两个不同的程序,急啊!~!~
- [伸手党]求个function,传入一个规律的二维数组,每个子数组都是键名相同的数组,键值都是整数,返回结果是二维数组多了一个子数组,是每个子数组的求和结果
- 谁能给我一个php的判断月份的代码?
- please..
其中的一个函数:function acceptupload($moderate=0) {
global $DB_site,$attachment,$attachment_size,$attachment_name;
global $attachextensions,$maxattachsize,$bbuserinfo,$maxattachwidth, $maxattachheight;
global $safeupload,$tmppath, $allowduplicates, $allowimgsizefailure; $attachment_name = strtolower($attachment_name);
$extension=getextension($attachment_name); if (strpos(" $attachextensions "," $extension ")==0) {
// invalid extension
eval("standarderror(\"".gettemplate("error_attachbadtype")."\");");
exit;
}
if (is_uploaded_file($attachment)) {
if ($safeupload) {
$path = "$tmppath/$attachment_name";
move_uploaded_file($attachment, "$path");
$attachment = $path;
}
$filesize=filesize($attachment);
if ($maxattachsize!=0 and $filesize>$maxattachsize) {
// too big!
eval("standarderror(\"".gettemplate("error_attachtoobig")."\");");
exit;
}
if ($filesize!=$attachment_size) {
// security error
eval("standarderror(\"".gettemplate("error_attacherror")."\");");
exit;
}
if (strstr($attachment,"..")!="") {
//security error
eval("standarderror(\"".gettemplate("error_attacherror")."\");");
exit;
}
if ($extension=="gif" or $extension=="jpg" or $extension=="jpeg" or $extension=="jpe" or $extension=="png" or $extension=="swf") { // Picture file
if ($imginfo=@getimagesize($attachment)) {
if (($maxattachwidth>0 and $imginfo[0]>$maxattachwidth) or ($maxattachheight>0 and $imginfo[1]>$maxattachheight)) {
eval("standarderror(\"".gettemplate("error_attachbaddimensions")."\");");
}
if (!$imginfo[2]) {
eval("standarderror(\"".gettemplate("error_avatarnotimage")."\");");
}
} elseif (!$allowimgsizefailure) {
eval("standarderror(\"".gettemplate("error_avatarnotimage")."\");");
}
}
// read file
$filenum = fopen($attachment,"rb");
$filestuff = fread($filenum,$filesize);
fclose($filenum);
unlink($attachment);
$visible = iif($moderate,0,1);
// add to db
if (!$allowduplicates) {
if ($result=$DB_site->query_first("SELECT attachmentid
FROM attachment
WHERE userid = '$bbuserinfo[userid]'
AND filedata = '".addslashes($filestuff)."'")) {
$threadresult=$DB_site->query_first("SELECT post.threadid as threadid,thread.title as title FROM post
LEFT JOIN thread ON (thread.threadid = post.threadid)
WHERE post.attachmentid=$result[attachmentid]");
$threadresult['title'] = htmlspecialchars($threadresult['title']);
eval("standarderror(\"".gettemplate("error_attachexists")."\");");
exit;
}
}
$DB_site->query("INSERT INTO attachment (attachmentid,userid,dateline,filename,filedata,visible) VALUES (NULL,$bbuserinfo[userid],".time().",'".addslashes($attachment_name)."','".addslashes($filestuff)."','$visible')");
$attachmentid=$DB_site->insert_id();
}
return $attachmentid;
}
global $DB_site,$attachment,$attachment_size,$attachment_name;
global $attachextensions,$maxattachsize,$bbuserinfo,$maxattachwidth, $maxattachheight;
global $safeupload,$tmppath, $allowduplicates, $allowimgsizefailure; $attachment_name = strtolower($attachment_name);
$extension=getextension($attachment_name); if (strpos(" $attachextensions "," $extension ")==0) {
// invalid extension
eval("standarderror(\"".gettemplate("error_attachbadtype")."\");");
exit;
}
if (is_uploaded_file($attachment)) {
if ($safeupload) {
$path = "$tmppath/$attachment_name";
move_uploaded_file($attachment, "$path");
$attachment = $path;
}
$filesize=filesize($attachment);
if ($maxattachsize!=0 and $filesize>$maxattachsize) {
// too big!
eval("standarderror(\"".gettemplate("error_attachtoobig")."\");");
exit;
}
if ($filesize!=$attachment_size) {
// security error
eval("standarderror(\"".gettemplate("error_attacherror")."\");");
exit;
}
if (strstr($attachment,"..")!="") {
//security error
eval("standarderror(\"".gettemplate("error_attacherror")."\");");
exit;
}
if ($extension=="gif" or $extension=="jpg" or $extension=="jpeg" or $extension=="jpe" or $extension=="png" or $extension=="swf") { // Picture file
if ($imginfo=@getimagesize($attachment)) {
if (($maxattachwidth>0 and $imginfo[0]>$maxattachwidth) or ($maxattachheight>0 and $imginfo[1]>$maxattachheight)) {
eval("standarderror(\"".gettemplate("error_attachbaddimensions")."\");");
}
if (!$imginfo[2]) {
eval("standarderror(\"".gettemplate("error_avatarnotimage")."\");");
}
} elseif (!$allowimgsizefailure) {
eval("standarderror(\"".gettemplate("error_avatarnotimage")."\");");
}
}
// read file
$filenum = fopen($attachment,"rb");
$filestuff = fread($filenum,$filesize);
fclose($filenum);
unlink($attachment);
$visible = iif($moderate,0,1);
// add to db
if (!$allowduplicates) {
if ($result=$DB_site->query_first("SELECT attachmentid
FROM attachment
WHERE userid = '$bbuserinfo[userid]'
AND filedata = '".addslashes($filestuff)."'")) {
$threadresult=$DB_site->query_first("SELECT post.threadid as threadid,thread.title as title FROM post
LEFT JOIN thread ON (thread.threadid = post.threadid)
WHERE post.attachmentid=$result[attachmentid]");
$threadresult['title'] = htmlspecialchars($threadresult['title']);
eval("standarderror(\"".gettemplate("error_attachexists")."\");");
exit;
}
}
$DB_site->query("INSERT INTO attachment (attachmentid,userid,dateline,filename,filedata,visible) VALUES (NULL,$bbuserinfo[userid],".time().",'".addslashes($attachment_name)."','".addslashes($filestuff)."','$visible')");
$attachmentid=$DB_site->insert_id();
}
return $attachmentid;
}