<? include("../login/include/session.php"); ?>
<?php
$file_name = $HTTP_POST_FILES['ufile']['name'];
$random_digit=rand(0000,9999);
$limit_size=50000;
$new_file_name=$random_digit.$file_name;
$file_size=$HTTP_POST_FILES['ufile']['size'];
$path= "upload/".$new_file_name;
if($ufile !=none)
if($file_size >= $limit_size){
echo "Your file size is over limit<BR>";
echo "Your file size = ".$file_size;
echo " K";
echo "<BR>File size limit = 50000 k";
}
else {
{
if(copy($HTTP_POST_FILES['ufile']['tmp_name'], $path))
{
echo "File Upload Success<br />";
echo "<b>File Name :</b>".$new_file_name."<br />";
echo "<b>File Size :</b>".$HTTP_POST_FILES['ufile']['size']."<br />";
echo "<b>File Type :</b>".$HTTP_POST_FILES['ufile']['type']."<br />";
}
else
{
echo "";
}
}
include"connect.php";
if(!isset($_POST['add_news']))
{
echo"
<br />
<br />
<form action='$self?action=addnews' name='addnews' id='form1' method='post' enctype=\"multipart/form-data\">
<table>
<tr>
<td>
Title: <input type='text' name='title'>
</td>
</tr>
<tr>
<td>
Description:<textarea cols='15' name='description' rows='5'></textarea>
</td>
</tr>
<tr>
<td>
URL: http:// <input type='text' name='url'></input>
</td>
</tr>
<tr>
<td>
Upload Image: <input type='file' name='ufile' id='ufile' size='50' /></input>
</td>
</tr>
<tr>
<td>
<input type='submit' name='add_news' value='submit news topic'>
</td>
</tr>
</table>
</form>";
}
elseif(isset($_POST['add_news']))
{
$title = mysql_real_escape_string($_POST['title']);
$url = mysql_real_escape_string($_POST['url']);
$description = $_POST['description'];
$date = date("d.m.y");
$username = $_SESSION['username'];
$imagename = $new_file_name;
$error = array();
if(empty($title)) {
$error[] = "You must enter a title<br />";
}
if(empty($description)) {
$error[] = "Enter a description please<br />";
}
if(empty($url)) {
$error[] = "The URL is needed<br />";
}
if(count($error)>0) {
echo"<font size='3' color='#CC0000'><strong>ERROR:</strong></font>";
foreach($error as $error2);
echo"$error2";
}
else {
$sql = "INSERT INTO submit(title, description, url, author, date, imagename, valid) VALUES('$title', '$description', '$url', '$username', '$date', '$imagename', '0')";
mysql_query($sql);
echo"Website successfully queued for verification. Your site will be added soon when verified by an Admin.<br />An email will be sent if there is any problems.";
}
}
}
?>