header("Location: bulk_email.php"); exit; } do_html_header("Mass Email"); //Insert the array variables $arrEmailInfo = $_POST; $arrAttachmentInfo = $HTTP_POST_FILES; //Register the array arrEmailInfo if (!session_is_registered_register_global_off("arrEmailInfo")) { session_register_register_global_off("arrEmailInfo"); } else { $_SESSION["arrEmailInfo"] =& $_POST; } //Register the array arrAttachmentInfo if (!session_is_registered_register_global_off("arrAttachmentInfo") && !empty($HTTP_POST_FILES["file"]["name"])) { session_register_register_global_off("arrAttachmentInfo"); } else { if (!empty($HTTP_POST_FILES["file"]["name"])) { $_SESSION["arrAttachmentInfo"] =& $HTTP_POST_FILES; } } //Check whether the uploaded file is valid if (!empty($HTTP_POST_FILES["file"]["name"])) { if (is_uploaded_file($HTTP_POST_FILES["file"]["tmp_name"])) { $realname = $HTTP_POST_FILES["file"]["name"]; $tmpDir = get_cfg_var("upload_tmp_dir"); copy($HTTP_POST_FILES["file"]["tmp_name"], "{$tmpDir}/{$realname}"); //rename($HTTP_POST_FILES["file"]["tmp_name"],$HTTP_POST_FILES["file"]["name"]); } else { echo "There is an error in processing attachment file- try again"; exit;
<?php $php_root_path = ".."; $privilege_root_path = "/admin"; require_once "includes/include_all_fns.inc"; session_start(); $err_message = " Unable to process your request due to the following problems: <br>\n"; //Code added to address security problem reported by Sebastian Held 14-Nov-2006 $header = "Setup Category"; $accepted_privilegeID_arr = array(3 => ""); $accepted_phaseID_arr = array(1 => "", 2 => "", 3 => "", 4 => ""); authentication($header, $accepted_privilegeID_arr, $accepted_phaseID_arr, $homepage, $php_root_path, $GLOBALS["DB_PREFIX"], &$err_message); if (!session_is_registered_register_global_off("s_category_post")) { //Register the session session_register_register_global_off("s_category_post"); } $s_category_post["numcat"] = $numcat; if ($Submit == "Update Number") { //Updating the number of categories header("Location: setup_category.php"); } else { //Insert the category to the table $result = insert_category($arrCategoryName); do_html_header("Updating Information Successful"); echo $result; do_html_footer(); }