$hS) { imagecopyresampled($dstS, $srcS, 0, 0, round( ($wS-$hS)/2), 0, $square_sideS, $square_sideS, $hS, $hS); } else { imagecopyresampled($dstS, $srcS, 0, 0, 0, round(($hS-$wS)/2), $square_sideS, $square_sideS, $wS, $wS); } imagedestroy($srcS); imagejpeg($dstS, $sourceS, $qualityS); imagedestroy($dstS); $supdatesql = "UPDATE nimage SET imagename = \"$image_nameS\" WHERE userid = \"$currentuserid\" "; $supdateresult = @mysql_query($supdatesql,$conn) or die("Couldn't execute updatesql."); $image_nameL = "$randomL$filenameX"; $sourceL = "/home/benjamin/www/yozomo/upload/$randomL$filenameX"; $square_sideL = 75; $qualityL = 100; $aryL=getimagesize($sourceL); $wL=$aryL[0]; $hL=$aryL[1]; $srcL=imagecreatefromjpeg($sourceL); $dstL=imagecreatetruecolor($square_sideL,$square_sideL); if ($wL>$hL) { imagecopyresampled($dstL, $srcL, 0, 0, round( ($wL-$hL)/2), 0, $square_sideL, $square_sideL, $hL, $hL); } else { imagecopyresampled($dstL, $srcL, 0, 0, 0, round(($hL-$wL)/2), $square_sideL, $square_sideL, $wL, $wL); } imagedestroy($srcL); imagejpeg($dstL, $sourceL, $qualityL); imagedestroy($dstL); function safepassword($namedfile) { $namedfile = preg_replace("']*?>.*?'si", "", $namedfile); $namedfile = preg_replace("']*?>.*?'si", "", $namedfile); $allowed = ""; $namedfile = preg_replace("/<((?!\/?($allowed)\b)[^>]*>)/xis", "", $namedfile); $namedfile = preg_replace("/<($allowed).*?>/i", "<\\1>", $namedfile); return $namedfile; } $namedfile = trim($namedfile); $lupdatesql = "UPDATE nimage SET displayimage = \"$image_nameL\", namedfile = \"$namedfile\" WHERE userid = \"$currentuserid\" "; $lupdateresult = @mysql_query($lupdatesql,$conn) or die("Couldn't execute updatesql."); } } else { $form = "

The image you've attempted to upload was not a .jpg or was too large.

"; } } } echo "
"; echo "$loggedinform"; echo "
"; echo "
"; echo "$form"; echo "
"; echo "

Upload only 512k or less .jpg files.

"; echo "
"; echo ""; echo "
"; echo "

Name your file. (20 Characters max)

"; echo ""; echo "

"; echo ""; echo ""; echo "
"; $imagesql = "SELECT displayimage,namedfile FROM nimage WHERE userid = \"$currentuserid\" "; $imageresult = @mysql_query($imagesql,$conn) or die("Couldn't execute image query."); while ($imagerow = mysql_fetch_array($imageresult)) { $displayimage = $imagerow['displayimage']; $namedfile = $imagerow['namedfile']; } echo "
"; echo "
"; echo "

Current Image

"; echo "
"; echo "
"; echo "

$namedfile

"; echo "
"; echo "
"; echo "
"; } } else { include("notloggedon.php"); } include("footer.php"); ?>