bilder upload

Diese Seite verwendet Cookies. Durch die Nutzung unserer Seite erklären Sie sich damit einverstanden, dass wir Cookies setzen. Weitere Informationen

  • bilder upload

    sitename: sebid.funpic.de im browser eingeben



    ich hab da folgendes problem, undzwar hab ich ein auktionshausscript, beim klick auf verkaufen möchte ich nun bilder hochladen, diese werden aber nicht angezeigt und es kommt dann folgende fehlermeldung:

    PHP-Quellcode

    1. SecureSSI: Das File(/usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php) hat versucht ausserhalb von ihrem Userdir auf /home/www/web1/html/uploaded/30133.gif zuzugreifen.
    2. Dies ist nicht erlaubt! Bei weiteren Fragen, lesen Sie bitte die FAQ auf funpic.de.
    3. Warning: copy(): Sicherheitsverletzung: in /usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php on line 284
    4. Warning: copy(/home/www/web1/html/uploaded/30133.gif): failed to open stream: Operation not permitted in /usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php on line 284
    5. SecureSSI: Das File(/usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php) hat versucht ausserhalb von ihrem Userdir auf /home/www/web1/html/uploaded/30133_2.gif zuzugreifen.
    6. Dies ist nicht erlaubt! Bei weiteren Fragen, lesen Sie bitte die FAQ auf funpic.de.
    7. Warning: copy(): Sicherheitsverletzung: in /usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php on line 296
    8. Warning: copy(/home/www/web1/html/uploaded/30133_2.gif): failed to open stream: Operation not permitted in /usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php on line 296
    9. SecureSSI: Das File(/usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php) hat versucht ausserhalb von ihrem Userdir auf /home/www/web1/html/uploaded/30133_3.gif zuzugreifen.
    10. Dies ist nicht erlaubt! Bei weiteren Fragen, lesen Sie bitte die FAQ auf funpic.de.
    11. Warning: copy(): Sicherheitsverletzung: in /usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php on line 309
    12. Warning: copy(/home/www/web1/html/uploaded/30133_3.gif): failed to open stream: Operation not permitted in /usr/export/www/vhosts/funnetwork/hosting/sebid/sell.php on line 309
    Alles anzeigen



    die zeilen angaben sind die befehle für diesen upload und die gehen so:


    PHP-Quellcode

    1. copy ($userfile, $fname);
    2. copy ($userfile2, $fname);
    3. copy ($userfile3, $fname);
  • Quellcode

    1. <?
    2. require('./includes/messages.inc.php');
    3. require('./includes/config.inc.php');
    4. require('./includes/auction_types.inc.php');
    5. require('./includes/countries.inc.php');
    6. require('./includes/datacheck.inc.php');
    7. function generate_id()
    8. {
    9. global $title, $description;
    10. $continue = true;
    11. // Datenbankgestützte Artikel-Nummern-Verwaltung
    12. $num_query = "select * from numbers where id='1'"; // 1 = Nummernkreis für Auktions-Nummern
    13. $num_result = mysql_query($num_query);
    14. $auction_id = mysql_result($num_result,0,"value");
    15. $next_num = intval($auction_id) + 1;
    16. mysql_query("update numbers set value='$next_num'");
    17. return $auction_id;
    18. }
    19. if(empty($action))
    20. {
    21. $action = "login";
    22. }
    23. if (($REQUEST_METHOD=="GET" && $action=="login") && !$HTTP_COOKIE_VARS['$LOGGED_IN_COOKIE'])
    24. {
    25. include "header.php";
    26. include "templates/template_sell_login_php.html";
    27. include "footer.php";
    28. exit;
    29. }
    30. // Keine Aktion gewählt / Erstaufruf ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    31. if ($action=="login")
    32. $action = "";
    33. if (empty($action))
    34. {
    35. // Preise für Features holen
    36. $my_result = mysql_query("select * from features order by id");
    37. $fett_preis = print_money(mysql_result($my_result,0,"value"));
    38. $marker_preis = print_money(mysql_result($my_result,1,"value"));
    39. $topkat_preis = print_money(mysql_result($my_result,2,"value"));
    40. $bild2_preis = print_money(mysql_result($my_result,3,"value"));
    41. $bild3_preis = print_money(mysql_result($my_result,4,"value"));
    42. $TPL_fett_preis = $fett_preis;
    43. $TPL_marker_preis = $marker_preis;
    44. $TPL_topkat_preis = $topkat_preis;
    45. $TPL_bild2_preis = $bild2_preis;
    46. $TPL_bild3_preis = $bild3_preis;
    47. if ($mode=="recall")
    48. {
    49. if (isset($sessionVars['SELL_file_uploaded']))
    50. {
    51. if ($sessionVars['SELL_pict_url'] <> "")
    52. {
    53. $userfile = "none";
    54. if (file_exists($image_upload_path.$sessionVars['SELL_pict_url']))
    55. {
    56. unlink($image_upload_path.$sessionVars['SELL_pict_url']);
    57. }
    58. }
    59. if ($sessionVars['SELL_pict_url2'] <> "")
    60. {
    61. $userfile2 = "none";
    62. if (file_exists($image_upload_path.$sessionVars['SELL_pict_url2']))
    63. {
    64. unlink($image_upload_path.$sessionVars['SELL_pict_url2']);
    65. }
    66. }
    67. if ($sessionVars['SELL_pict_url3'] <> "")
    68. {
    69. $userfile3 = "none";
    70. if (file_exists($image_upload_path.$sessionVars['SELL_pict_url3']))
    71. {
    72. unlink($image_upload_path.$sessionVars['SELL_pict_url3']);
    73. }
    74. }
    75. unset($sessionVars['SELL_file_uploaded']);
    76. $sessionVars['SELL_pict_url'] = $sessionVars['SELL_pict_url_original'];
    77. putSessionVars();
    78. }
    79. $title = $sessionVars['SELL_title'];
    80. $description = $sessionVars['SELL_description'];
    81. $pict_url = $sessionVars['SELL_pict_url_original'];
    82. $atype = $sessionVars['SELL_atype'];
    83. $iquantity = $sessionVars['SELL_iquantity'];
    84. $minimum_bid = $sessionVars['SELL_minimum_bid'];
    85. $with_reserve = ($sessionVars['SELL_with_reserve'])?"ja":"nein";
    86. $payment = $sessionVars['SELL_payment'];
    87. $duration = $sessionVars['SELL_duration'];
    88. $country = $sessionVars['SELL_country'];
    89. $location_zip = $sessionVars['SELL_location_zip'];
    90. $shipping = $sessionVars['SELL_shipping'];
    91. $international = ($sessionVars['SELL_international'])?"ja":"nein";
    92. $category1 = $sessionVars['SELL_category'];
    93. $imgtype = $sessionVars['SELL_imgtype'];
    94. $zustand = $sessionVars['SELL_zustand'];
    95. $fett = $sessionVars['SELL_fett'];
    96. $marker = $sessionVars['SELL_marker'];
    97. $topkat = $sessionVars['SELL_topkat'];
    98. $bild2 = $sessionVars['SELL_bild2'];
    99. $bild3 = $sessionVars['SELL_bild3'];
    100. $artnr = $sessionVars['SELL_artnr'];
    101. $fett_preis = $sessionVars['SELL_fettpreis'];
    102. $marker_preis = $sessionVars['SELL_markerpreis'];
    103. $topkat_preis = $sessionVars['SELL_topkatpreis'];
    104. $bild2_preis = $sessionVars['SELL_bild2preis'];
    105. $bild3_preis = $sessionVars['SELL_bild3preis'];
    106. $buy_now = $sessionVars['SELL_buy_now'];
    107. }
    108. else
    109. {
    110. // auction type
    111. reset($auction_types);
    112. list($atype,) = each($auction_types);
    113. // quantity of items
    114. $iquantity = 1;
    115. // country
    116. // BM 28.2.
    117. //reset($countries);
    118. //list($country,) = each($countries);
    119. // shipping
    120. $shipping = 1;
    121. // image type
    122. $imgtype = 1;
    123. $with_reserve = "nein";
    124. }
    125. }
    126. // Oder Aktion = 'first' / Erstaufruf++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    127. elseif ($action=='first')
    128. {
    129. unset($auction_id);
    130. $ERR = "ERR_".CheckSellData();
    131. // if no other errors - handle upload here
    132. if (!$$ERR)
    133. {
    134. unset($file_uploaded);
    135. // Auktions-ID generieren
    136. $auction_id = generate_id();
    137. if ( $userfile <> "none" )
    138. {
    139. $inf = GetImageSize ( $userfile );
    140. if ($userfile2 <> "none")
    141. $inf2 = GetImageSize ( $userfile2 );
    142. if ($userfile3 <> "none")
    143. $inf3 = GetImageSize ( $userfile3 );
    144. $er = false;
    145. // make a check
    146. if ($inf)
    147. {
    148. $inf[2] = intval($inf[2]); // check for uploaded file type
    149. if ($userfile2 <> "none")
    150. $inf2[2] = intval($inf2[2]);
    151. if ($userfile3 <> "none")
    152. $inf3[2] = intval($inf3[2]);
    153. if ( ($inf[2]!=1) && ($inf[2]!=2) )
    154. {
    155. $er = true;
    156. $ERR = "ERR_602";
    157. }
    158. else
    159. {
    160. // check for file size
    161. if ( intval($userfile_size)>$MAX_UPLOAD_SIZE )
    162. {
    163. $er = true;
    164. $ERR = "ERR_603";
    165. }
    166. }
    167. if ($userfile2 <> "none")
    168. {
    169. if ( ($inf2[2]!=1) && ($inf2[2]!=2) )
    170. {
    171. $er = true;
    172. $ERR = "ERR_602_2";
    173. }
    174. else
    175. {
    176. // check for file size
    177. if ( intval($userfile2_size)>$MAX_UPLOAD_SIZE )
    178. {
    179. $er = true;
    180. $ERR = "ERR_603_2";
    181. }
    182. }
    183. }
    184. if ($userfile3 <> "none")
    185. {
    186. if ( ($inf2[2]!=1) && ($inf2[2]!=2) )
    187. {
    188. $er = true;
    189. $ERR = "ERR_602_3";
    190. }
    191. else
    192. {
    193. // check for file size
    194. if ( intval($userfile3_size)>$MAX_UPLOAD_SIZE )
    195. {
    196. $er = true;
    197. $ERR = "ERR_603_3";
    198. }
    199. }
    200. }
    201. }
    202. else
    203. {
    204. $ERR = "ERR_602";
    205. $er = true;
    206. }
    207. if (!$er)
    208. {
    209. // Bild 1 wirklich speichern
    210. $ext = ($inf[2]==1)?".gif":".jpg";
    211. $fname = $image_upload_path.$auction_id.$ext;
    212. if (file_exists($fname))
    213. unlink ($fname);
    214. copy ($userfile, $fname);
    215. $uploaded_filename = $auction_id.$ext;
    216. $file_uploaded = true;
    217. // Bild 2 wirklich speichern
    218. if ($userfile2 <> "none")
    219. {
    220. $ext = ($inf[2]==1)?".gif":".jpg";
    221. $fname = $image_upload_path.$auction_id."_2".$ext;
    222. if ( file_exists($fname) )
    223. unlink ($fname);
    224. copy ( $userfile2, $fname );
    225. $uploaded_filename2 = $auction_id."_2".$ext;
    226. $file_uploaded = true;
    227. }
    228. // Bild 3 wirklich speichern
    229. if ($userfile3 <> "none")
    230. {
    231. $ext = ($inf[2]==1)?".gif":".jpg";
    232. $fname = $image_upload_path.$auction_id."_3".$ext;
    233. if ( file_exists($fname) )
    234. unlink ($fname);
    235. copy ( $userfile3, $fname );
    236. $uploaded_filename3 = $auction_id."_3".$ext;
    237. $file_uploaded = true;
    238. }
    239. }
    240. else
    241. {
    242. // Fehler!!
    243. unset($file_uploaded);
    244. $userfile2 = "none";
    245. $userfile3 = "none";
    246. }
    247. }
    248. else
    249. {
    250. unset($file_uploaded);
    251. $userfile2 = "none";
    252. $userfile3 = "none";
    253. }
    254. }
    255. }
    256. /*
    257. Erstaufruf oder Fehler in den Daten -> Eingabemaske nochmal anzeigen
    258. */
    259. if ( empty($action) || (($action=='first')&&($$ERR)) )
    260. {
    261. include "header.php";
    262. $titleH = htmlspecialchars($title);
    263. $descriptionH = htmlspecialchars($description);
    264. $pict_urlH = htmlspecialchars($pict_url);
    265. // ------------------------------------- auction type
    266. $T= "<SELECT NAME=\"atype\">\n";
    267. reset($auction_types); while(list($key,$val)=each($auction_types)){
    268. $T.=
    269. " <OPTION VALUE=\"".
    270. $key.
    271. "\" ".
    272. (($key==$atype)?"SELECTED":"")
    273. .">".$val."</OPTION>\n";
    274. }
    275. $T.="</SELECT>\n";
    276. $TPL_auction_type = $T;
    277. // ------------------------------------- duration
    278. //--
    279. $query = "select * from durations order by days";
    280. $res_durations = mysql_query($query);
    281. if(!$res_durations)
    282. {
    283. print $ERR_001." - ".mysql_error();
    284. }
    285. $num_durations = mysql_num_rows($res_durations);
    286. $i = 0;
    287. $T= "<SELECT NAME=\"duration\">\n";
    288. while($i < $num_durations){
    289. $days = mysql_result($res_durations,$i,"days");
    290. $duration_descr = mysql_result($res_durations,$i,"description");
    291. $T.= " <OPTION VALUE=\"$days\"";
    292. if($days == $duration)
    293. {
    294. $T .= " SELECTED";
    295. }
    296. $T .= ">$duration_descr</OPTION>";
    297. $i++;
    298. }
    299. $T.="</SELECT>\n";
    300. $TPL_durations_list = $T;
    301. // eigentlich der Ort
    302. // -------------------------------------- country
    303. $T = "<Input Type=\"Text\" Name=\"country\" value=\"$country\"";
    304. $TPL_countries_list = $T;
    305. // -------------------------------------- payment
    306. $qurey = "select * from payments";
    307. $res_payment = mysql_query($qurey);
    308. if(!$res_payment)
    309. {
    310. print $ERR_001." - ".mysql_error();
    311. exit;
    312. }
    313. $num_payments = mysql_num_rows($res_payment);
    314. $T= "";
    315. $i = 0;
    316. while($i < $num_payments)
    317. {
    318. $payment_descr = mysql_result($res_payment,$i,"description");
    319. $T.="<INPUT TYPE=CHECKBOX NAME=\"payment[]\" VALUE=\"$payment_descr\"";
    320. //print "Desc.: ".$payment_descr." / Array: ".$payment[$i]."<br>";
    321. if($payment_descr == $payment[$i])
    322. {
    323. $T .= " CHECKED";
    324. }
    325. $T .= "> $std_font $payment_descr</FONT><BR>";
    326. $i++;
    327. }
    328. $TPL_payments_list = $T;
    329. // -------------------------------------- category
    330. $T= "<SELECT NAME=\"category\">\n";
    331. $result = mysql_query("SELECT * FROM categories_plain");
    332. if($result):
    333. while($row=mysql_fetch_array($result)){
    334. $T.=
    335. " <OPTION VALUE=\"".
    336. $row[cat_id].
    337. "\" ".
    338. (($row[cat_id]==$category)?"SELECTED":"")
    339. .">".$row[cat_name]."</OPTION>\n";
    340. }
    341. endif;
    342. $T.="</SELECT>\n";
    343. $TPL_categories_list = $T;
    344. // -------------------------------------- shipping
    345. if ( intval($shipping)==1 )
    346. $TPL_shipping1_value = "CHECKED";
    347. if ( intval($shipping)==2 )
    348. $TPL_shipping2_value = "CHECKED";
    349. if ( !empty($international) )
    350. $TPL_international_value = "CHECKED";
    351. // -------------------------------------- reserved price
    352. if ( $with_reserve=="ja" )
    353. $TPL_with_reserve_selected = "CHECKED";
    354. else
    355. $TPL_without_reserve_selected = "CHECKED";
    356. // -------------------------------------- photo source
    357. if ( intval($imgtype)==1 )
    358. $TPL_imgtype2_SELECTED = "CHECKED";
    359. else
    360. $TPL_imgtype1_SELECTED = "CHECKED";
    361. // bm 05.12.2001 --------------------
    362. // -------------------------------------- features
    363. if ( !empty($fett) )
    364. $TPL_fett_value = "CHECKED";
    365. if ( !empty($marker) )
    366. $TPL_marker_value = "CHECKED";
    367. if ( !empty($topkat) )
    368. $TPL_topkat_value = "CHECKED";
    369. // ------------------------------------
    370. $my_result = mysql_query("select * from features order by id");
    371. $fett_preis = print_money(mysql_result($my_result,0,"value"));
    372. $marker_preis = print_money(mysql_result($my_result,1,"value"));
    373. $topkat_preis = print_money(mysql_result($my_result,2,"value"));
    374. $bild2_preis = print_money(mysql_result($my_result,3,"value"));
    375. $bild3_preis = print_money(mysql_result($my_result,4,"value"));
    376. $TPL_fett_preis = $fett_preis;
    377. $TPL_marker_preis = $marker_preis;
    378. $TPL_topkat_preis = $topkat_preis;
    379. $TPL_bild2_preis = $bild2_preis;
    380. $TPL_bild3_preis = $bild3_preis;
    381. $TPL_error_value = $$ERR;
    382. // update current session
    383. if ( isset($sessionVars['SELL_DATA_CORRECT']) )
    384. unset($sessionVars['SELL_DATA_CORRECT']);
    385. putSessionVars();
    386. $user_nick = $HTTP_COOKIE_VARS['$LOGGED_IN_NICK'];
    387. $user_query = "SELECT * FROM users WHERE nick='$user_nick'";
    388. $user_result = mysql_query($user_query);
    389. if ($user_result)
    390. {
    391. $location_zip = mysql_result($user_result,0,"zip");
    392. $country = mysql_result($user_result,0,"city");
    393. $frei = mysql_result($user_result,0,"suspended");
    394. }
    395. if ($frei == 1)
    396. $TPL_suspended = "Achtung!<BR>Sie haben Ihren Account noch nicht <a href=\"./help.php?topic=Verkaufen\">freigeschaltet</a> oder er wurde gesperrt.";
    397. else
    398. $TPL_suspended = "";
    399. // include corresponding templates/template and exit
    400. include "templates/template_sell_php.html";
    401. include "footer.php";
    402. exit;
    403. }
    404. // Erstaufruf und KEIN Fehler! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    405. if ($action=="first" && !$$ERR)
    406. {
    407. $sessionVars['SELL_title'] = stripslashes($title);
    408. $sessionVars['SELL_description'] = stripslashes($description);
    409. // image URL
    410. if (!isset($file_uploaded))
    411. {
    412. $sessionVars['SELL_pict_url'] = $pict_url;
    413. unset($sessionVars['SELL_original_filename']);
    414. }
    415. else
    416. {
    417. // the URL is uploaded image
    418. $sessionVars['SELL_pict_url'] = $uploaded_filename;
    419. $sessionVars['SELL_pict_url2'] = $uploaded_filename2;
    420. $sessionVars['SELL_pict_url3'] = $uploaded_filename3;
    421. $sessionVars['SELL_original_filename'] = $userfile_name;
    422. }
    423. // data from "picture URL" input field
    424. $sessionVars['SELL_pict_url_original'] = $pict_url;
    425. // flag if file is uploaded
    426. if (!isset($file_uploaded))
    427. unset($sessionVars['SELL_file_uploaded']);
    428. else
    429. $sessionVars['SELL_file_uploaded'] = true;
    430. // auction type
    431. $sessionVars['SELL_atype'] = $atype;
    432. // quantity of items for sale
    433. $sessionVars['SELL_iquantity'] = $iquantity;
    434. // minimum bid
    435. $sessionVars['SELL_minimum_bid'] = $minimum_bid;
    436. // reserved price flag
    437. $sessionVars['SELL_with_reserve'] = ($with_reserve=="ja")?true:false;
    438. // reserved price value
    439. $sessionVars['SELL_reserve_price'] = $reserve_price;
    440. // auction duration
    441. $sessionVars['SELL_duration'] = $duration;
    442. // country
    443. $sessionVars['SELL_country'] = $country;
    444. // zip code
    445. $sessionVars['SELL_location_zip'] = $location_zip;
    446. // shipping method
    447. $sessionVars['SELL_shipping'] = $shipping;
    448. // international shipping
    449. $sessionVars['SELL_international'] = (strlen($international)==0)?false:true;
    450. // payment methods: text and index
    451. reset($payment);
    452. while(list($key,$val) = each($payment))
    453. {
    454. $sessionVars['SELL_payment'.$key] = $payment[$key];
    455. //print "Session_var: ".$sessionVars['SELL_payment'.$key]."<br>";
    456. }
    457. // category ID
    458. $sessionVars['SELL_category'] = $category1;
    459. // auction id
    460. if (isset($auction_id))
    461. $sessionVars['SELL_auction_id'] = $auction_id;
    462. else
    463. $sessionVars['SELL_auction_id'] = generate_id();
    464. // image type
    465. $sessionVars['SELL_imgtype'] = $imgtype;
    466. // set that first step is passed
    467. $sessionVars['SELL_DATA_CORRECT'] = true;
    468. // bm 05.12.2001 ----------
    469. // fett
    470. $sessionVars['SELL_fett'] = (strlen($fett)==0)?false:true;
    471. // marker
    472. $sessionVars['SELL_marker'] = (strlen($marker)==0)?false:true;
    473. // topkat
    474. $sessionVars['SELL_topkat'] = (strlen($topkat)==0)?false:true;
    475. // bild2
    476. $sessionVars['SELL_bild2'] = ($userfile2 <> "none")?true:false;
    477. // bild3
    478. $sessionVars['SELL_bild3'] = ($userfile3 <> "none")?true:false;
    479. // zustand
    480. $sessionVars['SELL_zustand'] = $zustand;
    481. // Art.-Nr.
    482. $sessionVars['SELL_artnr'] = $artnr;
    483. $sessionVars['SELL_fettpreis'] = $fett_preis;
    484. $sessionVars['SELL_markerpreis'] = $marker_preis;
    485. $sessionVars['SELL_topkatpreis'] = $topkat_preis;
    486. $sessionVars['SELL_bild2preis'] = $bild2_preis;
    487. $sessionVars['SELL_bild3preis'] = $bild3_preis;
    488. // Einstellgebühren ermitteln
    489. $my_query = "SELECT * FROM insertfees WHERE".
    490. "((min_val<=$minimum_bid AND max_val>=$minimum_bid) OR".
    491. "(min_val<$minimum_bid AND max_val<$minimum_bid)) ORDER BY id DESC";
    492. $my_result = mysql_query($my_query);
    493. $fee_value = mysql_result($my_result,0,"fee");
    494. $sessionVars['SELL_fee_value'] = $fee_value;
    495. // ------------------------
    496. $sessionVars['SELL_buy_now'] = $buy_now;
    497. putSessionVars();
    498. # print "Sessions vars are put";
    499. }
    500. // Preview wurde angezeigt -> Auktion jetzt einstellen +++++++++++++++++++++++++++++++++++++++++++++++++++++
    501. // Login und Passwort prüfen
    502. if ( $action=="second")
    503. {
    504. $nickH = htmlspecialchars($nick);
    505. $result = mysql_query("SELECT * FROM users WHERE nick='".AddSlashes($nick)."'");
    506. if ($result)
    507. $num = mysql_num_rows($result);
    508. else
    509. $num = 0;
    510. if ($num==0)
    511. $ERR = "ERR_025";
    512. if ($num>0)
    513. {
    514. $pass = mysql_result ($result,0,"password");
    515. $user_id = mysql_result ($result,0,"id");
    516. if (md5($MD5_PREFIX.$password) != $pass)
    517. {
    518. $ERR = "ERR_026";
    519. }
    520. else
    521. {
    522. if(mysql_result($result,0,"suspended") > 0)
    523. {
    524. $ERR = "ERR_618";
    525. }
    526. }
    527. }
    528. }
    529. // Erstaufruf und KEIN Fehler oder Fehler nach dem Preview absenden ++++++++++++++++++++++++++++++++++++++++++++++++++++
    530. if ( ($action=="first" && !$$ERR) || ($action=="second" && $$ERR) )
    531. {
    532. // Fehlertext
    533. $TPL_error = $$ERR;
    534. // Titel
    535. $TPL_title_value = htmlspecialchars($sessionVars['SELL_title']);
    536. // description text
    537. $TPL_description_shown_value = stripslashes(nl2br($sessionVars['SELL_description']));
    538. // picture URL
    539. if( intval($sessionVars['SELL_imgtype'])==0 )
    540. {
    541. // print "URL";
    542. // URL specified
    543. if ( strlen($sessionVars['SELL_pict_url_original'])==0 )
    544. $TPL_pict_URL_value = $MSG_114;
    545. else
    546. $TPL_pict_URL_value = "<IMG SRC=\"".$sessionVars['SELL_pict_url_original']."\">";
    547. }
    548. else
    549. {
    550. // a file uploaded
    551. if ( empty($sessionVars['SELL_file_uploaded']) )
    552. $TPL_pict_URL_value = $MSG_114;
    553. else
    554. $TPL_pict_URL_value = $sml_font."Bild 1:</Font><br><IMG SRC=\"".$uploaded_path.$sessionVars['SELL_pict_url']."\"><br><br>";
    555. if ($sessionVars['SELL_pict_url2'] <> "")
    556. $TPL_pict_URL_value .= $sml_font."Bild 2:</Font><br><IMG SRC=\"".$uploaded_path.$sessionVars['SELL_pict_url2']."\"><br><br>";
    557. if ($sessionVars['SELL_pict_url3'] <> "")
    558. $TPL_pict_URL_value .= $sml_font."Bild 3:</Font><br><IMG SRC=\"".$uploaded_path.$sessionVars['SELL_pict_url3']."\">";
    559. }
    560. // minimum bid
    561. $TPL_minimum_bid_value = print_money($sessionVars['SELL_minimum_bid']);
    562. $TPL_buy_now = print_money($sessionVars['SELL_buy_now']);
    563. // reserved price
    564. if ($sessionVars['SELL_with_reserve'])
    565. $TPL_reserve_price_displayed = "$std_font ".print_money($sessionVars['SELL_reserve_price'])."</FONT>";
    566. else
    567. $TPL_reserve_price_displayed = "$std_font nein </FONT>";
    568. // auction duration
    569. //--
    570. $query = "select description from durations where days=".$sessionVars['SELL_duration'];
    571. $res_duration_descr = mysql_query($query);
    572. $duration_descr = mysql_result($res_duration_descr,0,"description");
    573. $TPL_durations_list = $duration_descr;
    574. // auction type
    575. $TPL_auction_type = $auction_types[$sessionVars['SELL_atype']];
    576. if ( intval($sessionVars['SELL_atype'])==2 )
    577. $TPL_auction_type .= "</TD></TR><TR><TD ALIGN=RIGHT> $std_font <B>Quantity:</B> </FONT></TD><TD>$std_font".$sessionVars['SELL_iquantity']."</TD></TR>";
    578. // country
    579. //$TPL_countries_list = $countries[$sessionVars['SELL_country']];
    580. $TPL_countries_list = $sessionVars['SELL_country'];
    581. // zip code
    582. $TPL_location_zip = $sessionVars['SELL_location_zip'];
    583. // shipping
    584. if ( intval($sessionVars['SELL_shipping']) == 1 )
    585. {
    586. $TPL_shipping_value = $MSG_038;
    587. }
    588. else
    589. {
    590. $TPL_shipping_value = $MSG_032;
    591. }
    592. if ( $sessionVars['SELL_international'] )
    593. {
    594. $TPL_international_value = "<BR>";
    595. $TPL_international_value .= $MSG_033;
    596. }
    597. else
    598. {
    599. $TPL_international_value = "<BR>";
    600. $TPL_international_value .= $MSG_043;
    601. }
    602. // payment methods
    603. //--
    604. $query = "select * from payments";
    605. $res_payments = mysql_query($query);
    606. if(!$res_payments)
    607. {
    608. print $ERR_001." - ".mysql_error();
    609. exit;
    610. }
    611. $num_payments = mysql_num_rows($res_payments);
    612. $i = 0;
    613. while($i < $num_payments){
    614. if(isset($sessionVars['SELL_payment'.$i]))
    615. {
    616. $TPL_payment_methods .= "$std_font".$sessionVars['SELL_payment'.$i]."</FONT><BR>";
    617. }
    618. $i++;
    619. }
    620. // category name
    621. $cat_id = intval($sessionVars['SELL_category']);
    622. $result = mysql_query("SELECT * FROM categories WHERE cat_id=$cat_id");
    623. $parent_id = mysql_result($result,0,"parent_id");
    624. $category_name = mysql_result($result,0,"cat_name");
    625. $T = "";
    626. while($parent_id!=0)
    627. {
    628. // get info about this parent
    629. $result = mysql_query("SELECT * FROM categories WHERE cat_id=$parent_id");
    630. $pparent_id = intval(mysql_result($result,0,"parent_id"));
    631. $pcat_id = mysql_result($result,0,"cat_id");
    632. $pcat_name = mysql_result($result,0,"cat_name");
    633. $T = "$pcat_name &gt; ".$T;
    634. // get parent of this parent
    635. if ($pparent_id!=0)
    636. $parent_id = mysql_result( mysql_query("SELECT * FROM categories WHERE cat_id=$pparent_id"),0,"parent_id" );
    637. else
    638. $parent_id = 0;
    639. }
    640. $T .= $category_name;
    641. $TPL_categories_list = $T;
    642. if ( $sessionVars['SELL_fett'] )
    643. {
    644. $TPL_fett_value .= "Fettschrift";
    645. }
    646. if ( $sessionVars['SELL_marker'] )
    647. {
    648. $TPL_marker_value = "<BR>";
    649. $TPL_marker_value .= "Textmarker";
    650. }
    651. if ( $sessionVars['SELL_topkat'] )
    652. {
    653. $TPL_topkat_value = "<BR>";
    654. $TPL_topkat_value .= "Top-Kategorie";
    655. }
    656. if ( $sessionVars['SELL_bild2'] )
    657. {
    658. $TPL_bild_2_value = "<BR>";
    659. $TPL_bild_2_value .= "Upload 2. Bild";
    660. }
    661. if ( $sessionVars['SELL_bild3'] )
    662. {
    663. $TPL_bild_3_value = "<BR>";
    664. $TPL_bild_3_value .= "Upload 3. Bild";
    665. }
    666. if ( $sessionVars['SELL_zustand'] == 0 )
    667. {
    668. $TPL_zustand_value = "Siehe Beschreibung";
    669. }
    670. if ( $sessionVars['SELL_zustand'] == 1 )
    671. {
    672. $TPL_zustand_value = "Neuwertig";
    673. }
    674. if ( $sessionVars['SELL_zustand'] == 2 )
    675. {
    676. $TPL_zustand_value = "Bestzustand";
    677. }
    678. if ( $sessionVars['SELL_zustand'] == 3 )
    679. {
    680. $TPL_zustand_value = "Leichte Gebrauchsspuren";
    681. }
    682. if ( $sessionVars['SELL_zustand'] == 4 )
    683. {
    684. $TPL_zustand_value = "Gebrauchsspuren";
    685. }
    686. if ( $sessionVars['SELL_zustand'] == 5 )
    687. {
    688. $TPL_zustand_value = "Starke Gebrauchsspuren";
    689. }
    690. if ( $sessionVars['SELL_zustand'] == 6 )
    691. {
    692. $TPL_zustand_value = "Defekt";
    693. }
    694. $TPL_artnr_value = htmlspecialchars($sessionVars['SELL_artnr']);
    695. // Benutzergruppe feststellen
    696. $benutzername = $TPL_nick = $HTTP_COOKIE_VARS['$LOGGED_IN_NICK'];
    697. $status_query = "SELECT * FROM users WHERE nick='$benutzername'";
    698. $status_result = mysql_query($status_query);
    699. if (!$status_result)
    700. {
    701. print "<H1>Fehler beim Bestimmen der Benutzergruppe!</H1>";
    702. exit;
    703. }
    704. else
    705. {
    706. $benutzergruppe = mysql_result($status_result,0,"status");
    707. }
    708. // Wer wird berechnet? Private und/oder Gewerbliche?
    709. $bill_query = "SELECT * FROM settings";
    710. $bill_result = mysql_query($bill_query);
    711. if (!$bill_result)
    712. {
    713. print "<H1>Fehler beim Lesen von Tabelle Settings!</H1>";
    714. exit;
    715. }
    716. else
    717. {
    718. $bill_privat = mysql_result($bill_result,0,"privat");
    719. $bill_gewerbe = mysql_result($bill_result,0,"gewerbe");
    720. }
    721. // Wird der User berechnet?
    722. if (intval($benutzergruppe) == 0)
    723. {
    724. if ($bill_privat == 1)
    725. $berechnen = 1;
    726. else
    727. $berechnen = 0;
    728. }
    729. if (intval($benutzergruppe) == 1)
    730. {
    731. if ($bill_gewerbe == 1)
    732. $berechnen = 1;
    733. else
    734. $berechnen = 0;
    735. }
    736. // Preise für Features holen
    737. $my_result = mysql_query("select * from features order by id");
    738. $fett_preis = mysql_result($my_result,0,"value");
    739. $marker_preis = mysql_result($my_result,1,"value");
    740. $topkat_preis = mysql_result($my_result,2,"value");
    741. $bild2_preis = mysql_result($my_result,3,"value");
    742. $bild3_preis = mysql_result($my_result,4,"value");
    743. $TPL_fett_preis = $fett_preis;
    744. $TPL_marker_preis = $marker_preis;
    745. $TPL_topkat_preis = $topkat_preis;
    746. $TPL_bild2_preis = $bild2_preis;
    747. $TPL_bild3_preis = $bild3_preis;
    748. // ******************************************************************************************************************
    749. // Einstellgebühr anzeigen
    750. $fee_summe = 0;
    751. if ($berechnen == 1)
    752. {
    753. $TPL_Account .= $std_font."Einstellgebühr: ".print_money($sessionVars['SELL_fee_value'])."</Font><BR>"; // nur 'n Test
    754. $fee_summe = $sessionVars['SELL_fee_value'];
    755. }
    756. // Zusatz-Features anzeigen
    757. if ( $sessionVars['SELL_fett'] )
    758. {
    759. $TPL_Account .= $std_font."Hervorhebung durch Fettschrift: ".print_money($TPL_fett_preis)."</Font><BR>";
    760. $fee_summe = $fee_summe + $fett_preis;
    761. }
    762. if ( $sessionVars['SELL_marker'] )
    763. {
    764. $TPL_Account .= $std_font."Hervorhebung durch Textmarker: ".print_money($TPL_marker_preis)."</Font><BR>";
    765. $fee_summe = $fee_summe + $marker_preis;
    766. }
    767. if ( $sessionVars['SELL_topkat'] )
    768. {
    769. $TPL_Account .= $std_font."Darstellung in Top-Kategorie: ".print_money($TPL_topkat_preis)."</Font><BR>";
    770. $fee_summe = $fee_summe + $topkat_preis;
    771. }
    772. if ( $sessionVars['SELL_bild2'] )
    773. {
    774. $TPL_Account .= $std_font."Upload 2. Bild: ".print_money($TPL_bild2_preis)."</Font><BR>";
    775. $fee_summe = $fee_summe + $bild2_preis;
    776. }
    777. if ( $sessionVars['SELL_bild3'] )
    778. {
    779. $TPL_Account .= $std_font."Upload 3. Bild: ".print_money($TPL_bild3_preis)."</Font><BR>";
    780. $fee_summe = $fee_summe + $bild3_preis;
    781. }
    782. // Summe anzeigen
    783. $TPL_Account .= "<BR><B>".$err_font."Gesamtgebühr: ".print_money($fee_summe)."</Font>";
    784. // ******************************************************************************************************************
    785. include "header.php";
    786. include "templates/template_sell_preview_php.html";
    787. include "footer.php";
    788. exit;
    789. }
    790. if ($action=='second' && !$$ERR)
    791. {
    792. //-- If a suggested category is present send an e-mail
    793. //-- to the site administrator
    794. if($suggested_category)
    795. {
    796. $to = $adminEmail;
    797. $subject = $MSG_254;
    798. $message = $suggested_category."\n".
    799. $MSG_255.
    800. $sessionVars['SELL_auction_id'];
    801. mail($to,$subject,$message,"From:Kategorievorschlag auf".$SITE_NAME."<$adminEmail>\nReplyTo:$adminEmail");
    802. }
    803. $payment_text = "";
    804. //--
    805. $query = "select * from payments";
    806. $res_payments = mysql_query($query);
    807. if(!$res_payments)
    808. {
    809. print $ERR_001." - ".mysql_error();
    810. exit;
    811. }
    812. $num_payments = mysql_num_rows($res_payments);
    813. $i = 0;
    814. while($i < $num_payments)
    815. {
    816. $val = mysql_result($res_payments,$i,"description");
    817. if ( isset($sessionVars['SELL_payment'.$i]) )
    818. $payment_text .= $sessionVars['SELL_payment'.$i]." \n";
    819. $i++;
    820. }
    821. // auction starts
    822. $time = time();
    823. $a_starts = date("Y-m-d H:i:s",$time);
    824. //$a_starts = date("d.m.Y H:i:s",$time);
    825. // auction ends
    826. $a_ends = $time+$sessionVars['SELL_duration']*24*60*60;
    827. $a_ends = date("Y-m-d H:i:s", $a_ends);
    828. //$a_ends = date("d.m.Y H:i:s", $a_ends);
    829. // picture URL
    830. $pcURL = "";
    831. if ( ($sessionVars['SELL_file_uploaded']) && (strlen($sessionVars['SELL_original_filename'])>0) )
    832. {
    833. $pcURL = $sessionVars['SELL_pict_url'];
    834. $pcURL2 = $sessionVars['SELL_pict_url2'];
    835. $pcURL3 = $sessionVars['SELL_pict_url3'];
    836. }
    837. else
    838. $pcURL = $sessionVars['SELL_pict_url_original'];
    839. $result = mysql_query("SELECT * FROM auctions WHERE id=".$sessionVars['SELL_auction_id']);
    840. if ($result)
    841. $nr = mysql_num_rows($result);
    842. else
    843. $nr = 0;
    844. if ($nr>0)
    845. {
    846. header ( "Location: item.php?mode=1&id=".$sessionVars['SELL_auction_id']."&SESSION_ID=$sessionIDU" );
    847. exit;
    848. }
    849. include "header.php";
    850. $query =
    851. "INSERT INTO auctions VALUES ('".$sessionVars['SELL_auction_id']."', '". // auction id
    852. $user_id."', '".
    853. addslashes($sessionVars['SELL_title'])."', '". // auction title
    854. $a_starts."', '". // auction starts
    855. addslashes($sessionVars['SELL_description'])."', '". // auction description
    856. addslashes($pcURL)."', ". // picture URL
    857. $sessionVars['SELL_category'].", '". // category
    858. $sessionVars['SELL_minimum_bid']."', '".// minimum bid
    859. (($sessionVars['SELL_with_reserve'])?$sessionVars['SELL_reserve_price']:"0")."', '".// reserve price
    860. $sessionVars['SELL_atype']."', '".// auction type
    861. $sessionVars['SELL_duration']."', '".// duration
    862. $sessionVars['SELL_country']."', '".// country
    863. $sessionVars['SELL_location_zip']."', '".// zip code
    864. $sessionVars['SELL_shipping']."', '".// shipping method
    865. $payment_text."', '".// payment method
    866. (($sessionVars['SELL_international'])?"1":"0")."', '".// international shipping
    867. $a_ends."', '".// ends
    868. "0', '".// current bid
    869. "0', ".// closed
    870. (($sessionVars['SELL_file_uploaded'])?"1":"0").", ".
    871. $sessionVars['SELL_iquantity'].", ".// quantity
    872. "'0' ".", ".//suspended
    873. (($sessionVars['SELL_fett'])?"1":"0").", ".
    874. (($sessionVars['SELL_marker'])?"1":"0").", ".
    875. (($sessionVars['SELL_topkat'])?"1":"0").", ".
    876. $sessionVars['SELL_zustand'].", '".
    877. $sessionVars['SELL_artnr']."', '".
    878. $sessionVars['SELL_buy_now']."', ".
    879. "'0', ". // seller_rate
    880. "'0', '". // buyer_rate
    881. addslashes($pcURL2)."', '". // Bild 2
    882. addslashes($pcURL3)."'". // Bild 3
    883. ")";
    884. if (!mysql_query($query))
    885. print $ERR_001.mysql_error()."<BR>$query";
    886. else
    887. {
    888. //-- Update COUNTERS table
    889. $query = "select auctions from counters";
    890. $result_counters = mysql_query($query);
    891. if($result_counters){
    892. $auction_counter = mysql_result($result_counters,0,"auctions") + 1;
    893. $query = "update counters set auctions = $auction_counter";
    894. $result = mysql_query($query);
    895. }
    896. $TPL_auction_id = $sessionVars['SELL_auction_id'];
    897. include "templates/template_sell_result_php.html";
    898. }
    899. // Rechnungsposten schreiben ******************************************************
    900. // Benutzergruppe feststellen
    901. $benutzername = $TPL_nick = $HTTP_COOKIE_VARS['$LOGGED_IN_NICK'];
    902. $status_query = "SELECT * FROM users WHERE nick='$benutzername'";
    903. $status_result = mysql_query($status_query);
    904. if (!$status_result)
    905. {
    906. print "<H1>Fehler beim Bestimmen der Benutzergruppe!</H1>";
    907. exit;
    908. }
    909. else
    910. {
    911. $benutzergruppe = mysql_result($status_result,0,"status");
    912. }
    913. // Wer wird berechnet? Private und/oder Gewerbliche?
    914. $bill_query = "SELECT * FROM settings";
    915. $bill_result = mysql_query($bill_query);
    916. if (!$bill_result)
    917. {
    918. print "<H1>Fehler beim Lesen von Tabelle Settings!</H1>";
    919. exit;
    920. }
    921. else
    922. {
    923. $bill_privat = mysql_result($bill_result,0,"privat");
    924. $bill_gewerbe = mysql_result($bill_result,0,"gewerbe");
    925. }
    926. // Wird der User berechnet?
    927. if (intval($benutzergruppe) == 0)
    928. {
    929. if ($bill_privat == 1)
    930. $berechnen = 1;
    931. else
    932. $berechnen = 0;
    933. }
    934. if (intval($benutzergruppe) == 1)
    935. {
    936. if ($bill_gewerbe == 1)
    937. $berechnen = 1;
    938. else
    939. $berechnen = 0;
    940. }
    941. // Preise für Features holen
    942. $my_result = mysql_query("select * from features order by id");
    943. $fett_preis = mysql_result($my_result,0,"value");
    944. $marker_preis = mysql_result($my_result,1,"value");
    945. $topkat_preis = mysql_result($my_result,2,"value");
    946. $bild2_preis = mysql_result($my_result,3,"value");
    947. $bild3_preis = mysql_result($my_result,4,"value");
    948. $time = time();
    949. $pos_time = date("Y-m-d H:i:s",$time);
    950. if ($berechnen == 1)
    951. {
    952. if ($sessionVars['SELL_fee_value'] > 0)
    953. {
    954. // Einstellgebühr schreiben
    955. $query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
    956. $user_id."','".$sessionVars['SELL_auction_id']."','".
    957. $sessionVars['SELL_title'].
    958. "','Einstellgebühr','".
    959. $sessionVars['SELL_fee_value'].
    960. "','0')";
    961. $result = mysql_query($query);
    962. }
    963. }
    964. // wenn Fettschrift, dann RE-Posten
    965. if ( $sessionVars['SELL_fett'] )
    966. {
    967. if ($fett_preis > 0)
    968. {
    969. $query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
    970. $user_id."','".$sessionVars['SELL_auction_id']."','".
    971. $sessionVars['SELL_title'].
    972. "','Hervorhebung: Fettschrift','".
    973. $fett_preis.
    974. "','0')";
    975. $result = mysql_query($query);
    976. }
    977. }
    978. // wenn Textmarker, dann RE-Posten
    979. if ( $sessionVars['SELL_marker'] )
    980. {
    981. if ($marker_preis > 0)
    982. {
    983. $query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
    984. $user_id."','".$sessionVars['SELL_auction_id']."','".
    985. $sessionVars['SELL_title'].
    986. "','Hervorhebung: Textmarker','".
    987. $marker_preis.
    988. "','0')";
    989. $result = mysql_query($query);
    990. }
    991. }
    992. // wenn Top-Kategorie, dann RE-Posten
    993. if ( $sessionVars['SELL_topkat'] )
    994. {
    995. if ($topkat_preis > 0)
    996. {
    997. $query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
    998. $user_id."','".$sessionVars['SELL_auction_id']."','".
    999. $sessionVars['SELL_title'].
    1000. "','Hervorhebung: Top-Kategorie','".
    1001. $topkat_preis.
    1002. "','0')";
    1003. $result = mysql_query($query);
    1004. }
    1005. }
    1006. // wenn Bild 2, dann RE-Posten
    1007. if ( $sessionVars['SELL_bild2'])
    1008. {
    1009. if ($bild2_preis > 0)
    1010. {
    1011. $query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
    1012. $user_id."','".$sessionVars['SELL_auction_id']."','".
    1013. $sessionVars['SELL_title'].
    1014. "','Upload 2. Bild','".
    1015. $bild2_preis.
    1016. "','0')";
    1017. $result = mysql_query($query);
    1018. }
    1019. }
    1020. // wenn Bild 3, dann RE-Posten
    1021. if ($sessionVars['SELL_bild3'])
    1022. {
    1023. if ($bild3_preis > 0)
    1024. {
    1025. $query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
    1026. $user_id."','".$sessionVars['SELL_auction_id']."','".
    1027. $sessionVars['SELL_title'].
    1028. "','Upload 3. Bild','".
    1029. $bild3_preis.
    1030. "','0')";
    1031. $result = mysql_query($query);
    1032. }
    1033. }
    1034. // Ende Rechnungsposten *****************************************************************
    1035. include "footer.php";
    1036. // and increase category counters
    1037. $ct = intval($sessionVars['SELL_category']);
    1038. $row = mysql_fetch_array(mysql_query("SELECT * FROM categories WHERE cat_id=$ct"));
    1039. $counter = $row[counter]+1;
    1040. $subcoun = $row[sub_counter]+1;
    1041. $parent_id = $row[parent_id];
    1042. mysql_query("UPDATE categories SET counter=$counter, sub_counter=$subcoun WHERE cat_id=$ct");
    1043. // update recursive categories
    1044. while ( $parent_id!=0 )
    1045. {
    1046. // update this parent's subcounter
    1047. $rw = mysql_fetch_array(mysql_query("SELECT * FROM categories WHERE cat_id=$parent_id"));
    1048. $subcoun = $rw[sub_counter]+1;
    1049. mysql_query("UPDATE categories SET sub_counter=$subcoun WHERE cat_id=$parent_id");
    1050. // get next parent
    1051. $parent_id = intval($rw[parent_id]);
    1052. }
    1053. // Send confirmation email
    1054. $result = mysql_query("SELECT * FROM users WHERE nick='".AddSlashes($nick)."'");
    1055. $user_name = mysql_result ($result,0,"name");
    1056. $user_email = mysql_result ($result,0,"email");
    1057. $user_address = mysql_result ($result,0,"address");
    1058. $user_city = mysql_result ($result,0,"city");
    1059. $user_country = mysql_result ($result,0,"country");
    1060. $user_zip = mysql_result ($result,0,"zip");
    1061. $title = $sessionVars['SELL_title'];
    1062. $auction_id = $sessionVars['SELL_auction_id'];
    1063. $description = $sessionVars['SELL_description'];
    1064. $pict_url = $pcURL;
    1065. $minimum_bid = $sessionVars['SELL_minimum_bid'];
    1066. $reserve_price = $sessionVars['SELL_reserve_price'];
    1067. $duration = $sessionVars['SELL_duration'];
    1068. $cat_name = $sessionVars['SELL_category'];
    1069. $ends = substr($a_ends,8,2).".";
    1070. $ends .= substr($a_ends,5,2).".";
    1071. $ends .= substr($a_ends,0,4).".";
    1072. $auction_url = $SITE_URL . "item.php?mode=1&id=".$sessionVars['SELL_auction_id'];
    1073. $buy_now = $sessionVars['SELL_buy_now'];
    1074. include('./includes/auction_confirmation.inc.php');
    1075. }
    1076. reset($sessionVars); while(list($key,$val)=each($sessionVars)){
    1077. if ( strpos($key,"SELL_")==0 )
    1078. unset($sessionVars[$key]);
    1079. }
    1080. putSessionVars();
    1081. exit;
    1082. ?>
    Alles anzeigen
  • da ich mal davon ausgehe das du dieses Script auf nem Free Webspace ausführen wolltest würde ich einfach mal sagen das du die Upload Funktion von PHP nicht benutzen darfst.
    [SIZE="4"]
    Got [COLOR="DeepSkyBlue"]/[/color][COLOR="Blue"]/[/color]/M Power?
    [/SIZE]