$v) { // $$k = htmlspecialchars(stripslashes(trim($v))); $$k = trim($v); } function get_basename($filename) { return preg_replace('/^.+[\\\\\\/]/', '', $filename); } if ($_FILES["attatch1"]["error"] == 0) { $file_name = $_FILES["attatch1"]["name"]; $temp_file_name = $_FILES["attatch1"]["tmp_name"]; $file_size = $_FILES["attatch1"]["size"]; $target_dir = "board-attach/"; $target_file1 = strtolower($target_dir . get_basename($file_name)); $img_file_type = pathinfo($file_name, PATHINFO_EXTENSION); $upload_ok = 1; if (file_exists($target_file1)) unlink($target_file1); $upload_res_1 = move_uploaded_file($temp_file_name, $target_file1); } else $target_file1 = ""; if ($target_file1 && !$upload_res_1) { echo ""; } $db_query = "insert into board (title, content, attach, pin, creater, create_at) values ("; $db_query .= "'$title', '$content', '$target_file1', '1', '" . $user_id . "', NOW())"; $result = mysqli_query($link, $db_query); if (mysqli_affected_rows($link) > 0) { echo ""; } elseif (mysqli_affected_rows($link) == 0) { echo ""; } else { echo "{$db_query} 語法執行失敗，錯誤訊息SSS: " . mysqli_error($link); } mysqli_close($link); }