$uploaddir = PATH . '/images/users/photos/'; $realfile = $inDB->escape_string($_FILES['Filedata']['name']); $path_parts = pathinfo($realfile); $ext = mb_strtolower($path_parts['extension']); if (!$ext || !in_array($ext, array('jpg', 'jpeg', 'gif', 'png', 'bmp'))) { exit(0); } $lid = $inDB->get_fields('cms_user_photos', ' id > 0 ', 'id', 'id DESC'); $lastid = $lid['id'] + 1; $filename = md5($lastid . $realfile) . '.' . $ext; $uploadphoto = $uploaddir . $filename; $small = $uploaddir . 'small/' . $filename; $medium = $uploaddir . 'medium/' . $filename; $source = $_FILES['Filedata']['tmp_name']; $errorCode = $_FILES['Filedata']['error']; if ($inCore->moveUploadedFile($source, $uploadphoto, $errorCode)) { @img_resize($uploadphoto, $small, 96, 96, true); @img_resize($uploadphoto, $medium, 600, 600, false, false); if ($model->config['watermark']) { @img_add_watermark($uploadthumb['medium']); } @unlink($uploadphoto); $model->addUploadedPhoto($user_id, array('filename' => $realfile, 'imageurl' => $filename)); echo "FILEID:" . $lastid; if (cmsCore::inRequest('upload')) { cmsCore::redirect('/users/' . $inUser->login . '/photos/submit'); } } else { header("HTTP/1.1 500 Internal Server Error"); echo cmsCore::uploadError(); }