$v) { $$k = htmlspecialchars(stripslashes(trim($v))); } //print_r($_POST); //print_r($_FILES);exit; function get_basename($filename) { return preg_replace('/^.+[\\\\\\/]/', '', $filename); } $pin = ($pin == "Y") ? "99" : "1"; $sql_atta = ""; if ($_FILES["attatch1"]["error"] == 0) { $file_name = $_FILES["attatch1"]["name"]; $temp_file_name = $_FILES["attatch1"]["tmp_name"]; $file_size = $_FILES["attatch1"]["size"]; $target_dir = "board-attach/"; $target_file1 = strtolower($target_dir.get_basename($file_name)); $img_file_type = pathinfo($file_name, PATHINFO_EXTENSION); $upload_ok = 1; if (file_exists($target_file1)) unlink($target_file1); $upload_res_1 = move_uploaded_file($temp_file_name, $target_file1); $sql_atta .= "path = '$target_file1', "; } else $target_file1 = ""; if ($target_file1 && !$upload_res_1) { echo ""; } $db_query = "update board set title = '$title', pin = '$pin', "; $db_query .= $sql_atta; $db_query .= "content = '$content'"; $db_query .= "where id = '$id'"; $result = mysqli_query($link, $db_query); mysqli_close($link); echo ""; } ?>