real_escape_string($_POST['title']); $content = $db->real_escape_string($_POST['content']); $username = $db->real_escape_string($_POST['username']); $sql = "INSERT INTO `article` (`title`, `content`, `username`, `create_time`, `update_time`) VALUES ('{$title}', '{$content}', '{$username}', NOW(), NOW())"; $db->query($sql) or die($db->error); $sn = $db->insert_id; if (isset($_FILES)) { require_once 'class.upload.php'; $foo = new Upload($_FILES['pic']); if ($foo->uploaded) { // save uploaded image with a new name $foo->file_new_name_body = 'cover_' . $sn; $foo->image_resize = true; $foo->image_convert = png; $foo->image_x = 1200; $foo->image_ratio_y = true; $foo->Process('uploads/'); if ($foo->processed) { $foo->file_new_name_body = 'thumb_' . $sn; $foo->image_resize = true; $foo->image_convert = png; $foo->image_x = 400; $foo->image_ratio_y = true; $foo->Process('uploads/'); } } // $ext = pathinfo($_FILES['pic']['name'], PATHINFO_EXTENSION); // if (!is_dir('uploads')) { // mkdir('uploads'); // } // move_uploaded_file($_FILES['pic']['tmp_name'], "uploads/{$sn}.{$ext}"); } return $sn; } function delete_article($sn) { global $db; $sql = "DELETE FROM `article` WHERE sn='{$sn}' and username='{$_SESSION['username']}'"; $db->query($sql) or die($db->error); } ```
進階搜尋
43人線上 (14人在瀏覽線上書籍)
會員: 0
訪客: 43