} else { $_POST['name'] = str_replace("..", "", $_POST['name']); $_POST['name'] = str_replace(" ", "", $_POST['name']); $_POST['name'] = str_replace("/", "", $_POST['name']); if (!file_exists("../upload/{$_POST['tag']}/")) { mkdir("../upload/{$_POST['tag']}", 0777, True); } $filename = "../upload/{$_POST['tag']}/{$_POST['name']}"; $relfilename = "{$_POST['tag']}/{$_POST['name']}"; if ($_POST['price'] < 0) { $_POST['price'] = abs($_POST['price']); } if (file_exists($filename)) { $new_name = tempnam("../upload", $filename); move_uploaded_file($_FILES['pic']['tmp_name'], $new_name); $id = Pictures::add_conflict($filename, $new_name, $_POST['tag'], $_POST['title'], $_POST['price'], $user['id']); http_redirect(Pictures::$CONFLICT_URL . "?conflictid={$id}"); } else { if (move_uploaded_file($_FILES['pic']['tmp_name'], $filename)) { if ($id = Pictures::create_picture($_POST['title'], 128, 128, $_POST['tag'], $relfilename, $_POST['price'], $user['id'])) { $main = ".550.jpg"; $side = ".128.jpg"; $thumb = ".128_128.jpg"; Pictures::resize_image($filename, $filename . $main, 550, 10000000); Pictures::resize_image($filename, $filename . $side, 128, 10000000); Pictures::resize_image($filename, $filename . $thumb, 128, 128); http_redirect(Pictures::$VIEW_PIC_URL . "?picid={$id}"); $file_uploaded = True; } else { $flash['error'] = "Couldn't create your picture, something wrong with the database"; }