include "../../dbcon.inc";
if (!$sess_name){?>
}else{?>
}else{?>
include "../../dbcon.inc";
$query=mysql_query("select * from $tname where num='$Snum'");
if (!$row=mysql_fetch_array($query)){
?>
}
else{
$query=mysql_query("select name from $tname where num='$Snum'");
$rw=mysql_fetch_array($query);
if ($sess_name!=$rw[name] && $sess_sadmin!="o"){
?>
}
else{
$title=addslashes($title);
$content=addslashes($content);
$day = date('Ymdhis');
if ($file!=""){
$save_dir="../morgue_data";
$isUploaded=FALSE;
$upload_file=$file;
$upload_file1=$row[file];
if($upload_file1!=""){
$file=$save_dir."/".$upload_file1;
unlink($file);
}
if(!strcmp($upload_file,"none")){
continue;
}else{
$upload_file_name=$file_name;
$upload_file_size=$file_size;
$upload_file_type=$file_type;
if ( $upload_file_size >= (150*1024)){
?>
}else{
$filename=explode(".",$upload_file_name);
$extension=$filename[sizeof($filename)-1];
$rfilename=$day.".".$extension;
if(!strcmp($extension,"php")||!strcmp($extension,"phtml")||!strcmp($extension,"inc")||!strcmp($extension,"asp"))
{
?>
continue;
}
$dest=$save_dir."/".$rfilename;
if ($upload_file_name!=""){
copy($upload_file,$dest);
$file_name=$rfilename;
}
$isUploaded=TRUE;
}
}
$query="update $tname set title='$title',email='$email',div1='$div1',div2='$div2',opn='$opn',file='$file_name',file_size='$file_size',content='$content' where num='$Snum'";
mysql_query($query);
}else{
$query="update $tname set title='$title',email='$email',div1='$div1',div2='$div2',opn='$opn',content='$content' where num=$Snum";
mysql_query($query);
}
echo("");
}
}
?>
}?>
}?>