if isset _POST ok mkdir uploads 0777 copy _FILES uploadfile tmp_name u

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
<?
if(isset($_POST["ok"]))
{
@mkdir("uploads",0777);
copy($_FILES['uploadfile']['tmp_name'],"uploads/".basename($_FILES['uploadfile']['name']));
$uploaddir = './uploads/';
$uploadfile = $uploaddir.basename($_FILES['uploadfile']['name']);
if(copy($_FILES['uploadfile']['tmp_name'],$uploadfile))
{
include("db.inc");
$query = "insert into `upload` set
`author` = '".$_POST["author"]."',
`uploadfile` = $uploadfile";
$result = mysql_query($query);
if (mysql_affected_rows()>0) {
echo "Inserted<a href=index.php>back</a>";
}
}
else
{
echo "Error <a href=index.php>back</a><br>";
exit;
}
}
?>
<html>
<head></head>
<body>
<form action="#" method="post" enctype="multipart/form-data" >
<input type="text" name="author"><br>
<input type="file" name="uploadfile"><br>
<input type="submit" value="ok" name="ok">
</form>
</body>
</html>