hjælp! Upload til server og database

og hvad betyder gængs?

men det ville nu hjælpe en hel del hvis vi kunne se koden

og hvad betyder gængs?

men det ville nu hjælpe en hel del hvis vi kunne se koden

du ved .. gængs.. generel..?

Her følger koden:

<?php
//Connection statement
require_once('Connections/kyndigkaephest.php');

//Aditional Functions
require_once('includes/functions.inc.php');

//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
// You may change maxsize, and allowable upload file types.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
//Mmaximum file size. You may increase or decrease.
$MAX_SIZE = 100000;

//Allowable file ext. names. you may add more extension names.
$FILE_EXTS = array('.jpg','.gif');

//Allow file delete? no, if only allow upload only
$DELETABLE = true;


//vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
// Do not touch the below if you are not confident.
//^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
/************************************************************
* Setup variables
************************************************************/
$site_name = $_SERVER['HTTP_HOST'];
$url_dir = "http://".$_SERVER['HTTP_HOST'].dirname($_SERVER['PHP_SELF']);
$url_this = "http://".$_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'];

$upload_dir = "files/";
$upload_url = $url_dir."/files/";
$message ="";

/************************************************************
* Create Upload Directory
************************************************************/
if (!is_dir("files")) {
if (!mkdir($upload_dir))
die ("upload_files directory doesn't exist and creation failed");
if (!chmod($upload_dir,0755))
die ("change permission to 755 failed.");
}

/************************************************************
* Process User's Request
************************************************************/
if ($_REQUEST[del] && $DELETABLE) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."DELETE - $_SERVER[REMOTE_ADDR]"."$_REQUEST[del]\\n");
fclose($resource);

if (strpos($_REQUEST[del],"/.")>0); //possible hacking
else if (strpos($_REQUEST[del],$upload_dir) === false); //possible hacking
else if (substr($_REQUEST[del],0,6)==$upload_dir) {
unlink($_REQUEST[del]);
print "<script>window.location.href='$url_this?message=deleted successfully'</script>";
}
}
else if ($_FILES['userfile']) {
$resource = fopen("log.txt","a");
fwrite($resource,date("Ymd h:i:s")."UPLOAD - $_SERVER[REMOTE_ADDR]"
.$_FILES['userfile']['name']." "
.$_FILES['userfile']['type']."\\n");
fclose($resource);

$file_type = $_FILES['userfile']['type'];
$file_name = $_FILES['userfile']['name'];
$file_ext = strtolower(substr($file_name,strrpos($file_name,".")));
$query = "INSERT INTO billeddatabase SET billednavn='".$_FILES['filnavn']['name']."'";

//File Size Check
if ( $_FILES['userfile']['size'] > $MAX_SIZE)
$message = "The file size is over 1MB.";
//File Extension Check
else if (!in_array($file_ext, $FILE_EXTS))
$message = "Sorry, $file_name($file_type) is not allowed to be uploaded.";
else
$message = do_upload($upload_dir, $upload_url);

print "<script>window.location.href='$url_this?message=$message'</script>";
}
else if (!$_FILES['userfile']);
else
$message = "Invalid File Specified.";

/************************************************************
* List Files
************************************************************/
$handle=opendir($upload_dir);
$filelist = "";
while ($file = readdir($handle)) {
if(!is_dir($file) && !is_link($file)) {
$filelist .= "<a href='$upload_dir$file'>".$file."</a>";
if ($DELETABLE)
$filelist .= " <a href='?del=$upload_dir".urlencode($file)."' title='delete'>x</a>";
$filelist .= "_{<small><small><font color=grey> ".date("d-m H:i", filemtime($upload_dir.$file))
."</font></small></small>}";
$filelist .="<br>";
}
}

function do_upload($upload_dir, $upload_url) {

$temp_name = $_FILES['userfile']['tmp_name'];
$file_name = $_FILES['userfile']['name'];
$file_name = str_replace("\\\\","",$file_name);
$file_name = str_replace("'","",$file_name);
$file_path = $upload_dir.$file_name;

//File Name Check
if ( $file_name =="") {
$message = "Invalid File Name Specified";
return $message;
}

$result = move_uploaded_file($temp_name, $file_path);
if (!chmod($file_path,0777))
$message = "change permission to 777 failed.";
else
$message = ($result)?"$file_name uploaded successfully." :
"Somthing is wrong with uploading a file.";
return $message;
}

?>
<link href="file:///C|/Documents%20and%20Settings/webmapper/kyndig%20kaephest/styles/style1.css" rel="stylesheet" type="text/css">


<center>
<p><font color=red>
<?=$_REQUEST[message]?>
</font></p>
<p> </p>
<p>
<br>
</p>
<form name="upload" id="upload" ENCTYPE="multipart/form-data" method="post">
<p><strong>Upload File:</strong>
<input name="userfile" type="file" id="userfile">
<input name="upload" type="submit" value="Upload">
</p>
</form>
<p><br>
Følgende filer som befinder sig på serveren:<br>
(For at slette filen skal du trykke på X)
</p>
<hr width=270 size="1">
<?=$filelist?>
<hr width=270 size="1">
<p> </p>
<p><small>^{Developed By
<a style="text-decoration:none" href="http://tech.tailoredweb.com">TailoredWeb.com</a>}</small>
</p>
</center>