Файл: obmen/load.php
Строк: 32
<?
error_reporting(0);
require_once '../system/head.php';
$id_cat = intval($_GET['id']);
if($user){
echo'
<div class="menu">Не более 1 МБ(JPG, JPEG, PNG, GIF)<br/>
<form action = "load.php" method = "post" enctype = "multipart/form-data">
<input type = "file" name = "somename" />
<input type = "submit" value = "Загрузить" />
</form></div> ';
$rand=rand(0001,99999999);
$time = time(); //время
$id=''.$user['id'].'';
$login=''.$user['login'].'';
$blacklist = array(".php", ".phtml", ".php3", ".php4", ".html", ".htm");
foreach ($blacklist as $item)
$type = $_FILES['somename']['type'];
$size = $_FILES['somename']['size'];
$link = $_FILES['somename']['name'];
if (
($type != "image/jpg") && ($type != "image/jpeg") && ($type != "image/png") && ($type != "image/gif") &&
($type != "mp3") && ($type != "wav") && ($type != "MP3") &&
($type != "3gp") && ($type != "flv") && ($type != "mpeg")
) exit;
if ($size > 2009600) exit; // Если размер больше 1мб, то ошибка
mysql_query("INSERT INTO `obmen` SET `avtor`= '$login', `time`='$time', `link`='$link', `opis`='$size'");
$uploadfile = "files/".$_FILES['somename']['name'];
move_uploaded_file($_FILES['somename']['tmp_name'], $uploadfile);
echo'<div class="menu">Изображение добавлено!</div>'; }else{echo'<div class="menu">Вы не авторизованы</div>';}
require_once '../system/foot.php';
?>