}else{?> }else{?> include "../../dbcon.inc"; $ip=getenv('REMOTE_ADDR'); $title=addslashes($title); $content=addslashes($content); $day = date('Ymdhis'); $save_dir="../morgue_data"; $isUploaded=FALSE; $upload_file=$file; $upload_alt=$file_alt; if(!strcmp($upload_file,"none")){ continue; }else{ $upload_file_name=$file_name; $upload_file_size=$file_size; $upload_file_type=$file_type; if ( $upload_file_size >= (150*1024)){ ?> }else{ $filename=explode(".",$upload_file_name); $extension=$filename[sizeof($filename)-1]; $rfilename=$day.".".$extension; if(!strcmp($extension,"php")||!strcmp($extension,"phtml")||!strcmp($extension,"inc")||!strcmp($extension,"asp")) { ?> continue; } $dest=$save_dir."/".$rfilename; if ($upload_file_name!=""){ copy($upload_file,$dest); $file_name=$rfilename; } $isUploaded=TRUE; } } $query="insert into $tname(title,name,email,year,school,clas,div1,div2,opn,file,file_size,content,writeday,readnum,ip) values('$title','$name','$email','$year','$school','$class','$div1','$div2','$opn','$file_name','$file_size','$content','$day','0','$ip')"; mysql_query($query); echo(""); ?> }?> }?>