}else{?> include "../../dbcon.inc"; $select_sql=mysql_query("select * from s_info"); if (!$rs=mysql_fetch_array($select_sql)){ ?> } else { $save_dir="../photo"; $isUploaded=FALSE; for($i=1;$i<=2;$i++){ $upload_file=${"p_photo".$i}; $upload_alt=${"p_photo".$i."_alt"}; if(!strcmp($upload_file,"none")){ continue; }else{ $upload_file_name=${"p_photo".$i."_name"}; $upload_file_size=${"p_photo".$i."_size"}; $upload_file_type=${"p_photo".$i."_type"}; if ( $upload_file_size >= (150*1024)){ ?> }else{ $filename=explode(".",$upload_file_name); $extension=$filename[sizeof($filename)-1]; if(!strcmp($extension,"html")||!strcmp($extension,"htm")||!strcmp($extension,"php")||!strcmp($extension,"phtml")||!strcmp($extension,"inc")||!strcmp($extension,"txt")||!strcmp($extension,"asp")) { continue; } $dest=$save_dir."/".$upload_file_name; if ($upload_file_name!=""){ copy($upload_file,$dest); } $isUploaded=TRUE; } } } $s_greeting = addslashes($s_greeting); $s_greeting2 = addslashes($s_greeting2); $sql="update s_info set s_greeting='$s_greeting',s_greeting2='$s_greeting2'"; if ($p_photo1!=""){ $sql=$sql.",p_photo1='$p_photo1_name'"; } if ($p_photo2!=""){ $sql=$sql.",p_photo2='$p_photo2_name'"; } mysql_query($sql); ?> } ?> }?>