$tmp_name ){ if ( $_FILES["images"]["error"][$f] == 4 ) // no file was uploaded continue; if ( $_FILES["images"]["error"][$f] != 0 ){ continue; } if ( $_FILES["images"]["size"][$f] > IMAGE_MAXSIZE ){ $message[$count] = $_FILES["images"]["name"][$f] . " is too large!"; $count++; continue; } elseif ( ! in_array( pathinfo($_FILES["images"]["name"][$f], PATHINFO_EXTENSION), $extension ) ){ $message[$count] = $_FILES["images"]["name"][$f] . " - Extension not allowed!"; $count++; continue; } $hash = hash_file("md5", $tmp_name); $sql = $db->prepare("INSERT INTO " . DBPREFIX . "image (id, gallery, name, desc, owner, mime, size, hash, time) VALUES (NULL, %s, %s, %s, %d, %s, %d, %s, %d);", $_POST["gallery"], $_FILES["images"]["name"][$f], "", $_SESSION["userid"], $_FILES["images"]["mime"][$f], $_FILES["images"]["size"][$f], $hash, time()); if ( ! file_exists(IMAGE_PATH . $hash . ".gz") ){ move_uploaded_file($tmp_name, IMAGE_PATH . $hash); $gzfile = IMAGE_PATH . $hash . ".gz"; $fp = gzopen($gzfile, "w9"); if ( ! gzwrite($fp, file_get_contents(IMAGE_PATH . $hash)) ) exit; if ( ! gzclose($fp) ) exit; if ( ! unlink(IMAGE_PATH . $hash) ) exit; } if ( ! $db->doQuery($sql) ) exit; }