function do_upload()
{
if (!array_key_exists("name", $_REQUEST)) {
die("bad form input");
}
if (!array_key_exists("file", $_FILES)) {
die("bad file input");
}
$base_location = BASE_DIR . "/flash";
$url_base = BASE_URL . "/flash";
# move the file to the correct location
$origfn = basename($_FILES["file"]["name"]);
if (file_exists("{$base_location}/{$origfn}")) {
$ext = 0;
while (file_exists("{$base_location}/{$origfn}.{$ext}")) {
++$ext;
}
$fn_out = "{$base_location}/{$origfn}.{$ext}";
$url = "{$url_base}/{$origfn}.{$ext}";
} else {
$fn_out = "{$base_location}/{$origfn}";
$url = "{$url_base}/{$origfn}";
}
# print a data dump
var_dump($_FILES);
if (!move_uploaded_file($_FILES["file"]["tmp_name"], $fn_out)) {
die("bad file??");
}
FlashFile::create_new($_REQUEST["name"], $fn_out, $url);
}
public function create_new($name, $location, $url)
{
# compute md5 sum of the data file
$md5 = md5_file($location);
# sign the md5 hash
$sig = generate_signature($md5);
# insert into database
$name = mysql_escape_string($name);
mysql_query("insert into file (name, md5, sig, url) " . "values(\"{$name}\", \"{$md5}\", \"{$sig}\", \"{$url}\")") or die("query to insert new file failed: " . mysql_error());
# return the object
$new_id = mysql_insert_id();
return FlashFile::load_from_id($new_id);
}