Problem with Photopost Script

I have been using this script for years. I realise it is a little old and probably not well written, however it has been functional. I suspect the problem is that maybe they have turned the register_globals off at the server and the script is no longer working. I don’t know if that is the problem. The error I get when I attempt to upload an image is this:
Error:
MySQL error reported!
Query: INSERT INTO photos values(NULL,‘corrobex’, 1, 10, , ‘makinti’, ‘’, ‘’, ‘makinti.jpg’, 571, 381, 42520, ‘0’, 0, 0, 0, ‘1’, , ‘0’, ‘no’, ‘’, ‘’, ‘’, ‘’, ‘’)

Result: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ’ ‘makinti’, ‘’, ‘’, ‘makinti.jpg’, 571, 381, 42520, ‘0’, 0, 0, 0, ‘1’, , ‘0’, ‘n’ at line 1

Database handle: Resource id #3

Now here is the script:

<? include("pp-inc.php"); include("login-inc.php"); include("image-inc.php"); if ( is_array($HTTP_POST_FILES) ) { while(list($key,$value) = each($HTTP_POST_FILES)) { ${$key} = $value; } } function handleupload( $location = "data" ) { global $HTTP_POST_FILES, $userid, $Globals, $category; $tmpname = $HTTP_POST_FILES['theimage']['tmp_name']; $realname = $HTTP_POST_FILES['theimage']['name']; $tmpcloseup = $HTTP_POST_FILES['closeup']['tmp_name']; if (is_uploaded_file($tmpname) ) { $realname = fixfilenames( $realname ); $closeup = preg_replace("/(\.[A-Za-z]+)$/", "-closeup\\1", $realname); if ( $location != "data" ) { $dst_file = $location; } else { $dst_file = $Globals{'datafull'}."$category/$userid$realname"; $closeup_file = $Globals{'datafull'}."$category/$userid$closeup"; } copy($tmpname, $dst_file); copy($tmpcloseup, $closeup_file); } else { dieWell("Uploaded file not found: $realname
Typical reason is that the file exceeded allowed limits."); exit; } return; } authenticate(); $nolimit = 0; if ( $Globals{'adminnolimit'} == "yes" && $adminedit == 1 ) { $nolimit = 1; } $adminexclude = 0; if ( $Globals{'adminexclude'} == "yes" && $adminedit == 1 ) { $adminexclude = 1; } if ( $adminedit == 0 ) { if ( $Globals{'allowup'} == "no" ) { dieWell( "User uploads not allowed" ); } } $querystring = findenv("QUERY_STRING"); if ( ($useruploads == 0 && $gologin==1) || $querystring == "gologin" ) { $furl=$Globals{'maindir'}; $furl= str_replace( $Globals{'domain'}, "", $furl ); $furl="$furl/uploadphoto.php"; login( $furl ); exit; } if ( $gologin != 0 ) { if ( $useruploads == 0 ) { dieWell("Sorry, you don't have permission to upload photos."); exit; } } topmenu(); if ( !isset($theimage) ) { $catdefault = ""; if ( !empty($cat) ) { $query = "SELECT id,catname,thumbs FROM categories WHERE id=$cat LIMIT 1"; $resultb = ppmysql_query($query,$link); while ( list( $subid, $subcatname, $subthumbs ) = mysql_fetch_row($resultb) ) { if ( $ugcat{$subid} != 1 ) { $catdefault = "$subcatname"; } } ppmysql_free_result( $resultb ); } $header = str_replace( "titlereplace", "Upload Photo", $header ); $output = "$header

$menu2

$menu

".$Globals{'galleryname'}." Image Upload help Username $username Choose a category $catdefault"; if (empty($subid)) $subid=""; $selected = $subid; catmoveopt(0); $output .= $catoptions; $imgdir = $Globals{'zipuploaddir'}."/$userid"; $skiphtml = " ADMIN OPTIONS FOR BULK OR ZIP UPLOADS help "; $output .= " $skiphtml Skip upload and process the files in your upload directory Files should already be in: $imgdir Show thumbnails during processing? yesno Number of thumbnails to process next? 102550100 Photo to upload: $maxfilesize Matching closeup to upload: $maxfilesize Enter a title for the photo To help users find your photo, please enter a few (up to 10) descriptive keywords (separated by spaces): Photo Description When you hit SUBMIT, the file you selected will be uploaded. (Depending on the size of the file and your connection, this may take some time. Please be patient.)

".$Globals{'cright'}."$footer"; print $output; } else { if (empty($skipupload)) $skipupload=""; if ( $category == "" ) { dieWell( "You must choose a category before uploading."); exit; } if ( $skipupload == "skipupload" ) { $deftitle = urlencode($title); $defdesc = urlencode($desc); $furl = $Globals{'zipuploadurl'}."/$userid"; forward( $Globals{'maindir'}."/bulkupload.php?ppaction=addphotos&do=preview&photopath=$userid&deftitle=$deftitle&defdesc=$defdesc&defcat=$category&keywords=$keywords&numprocess=$numprocess&dthumbs=$dthumbs&furl=$furl", "Preparing to process image list!" ); exit; } $realname = $HTTP_POST_FILES['theimage']['name']; if ( $realname == "" ) { dieWell( "You need to enter the name of a file to upload! $thevideo / $theimage" ); exit; } $realname = fixfilenames( $realname ); $theext = get_ext( $realname ); $filepath = $Globals{'datafull'}."$category/$userid$realname"; $outfilename = "$userid$realname"; $query = "SELECT userid,bigimage FROM photos where userid=$userid"; $resulta = ppmysql_query($query,$link); while( list( $uid, $bgimage ) = mysql_fetch_row($resulta) ) { if ($uid == $userid && $uid != 0) { if ( $bgimage == $realname ) { dieWell("Sorry, you already uploaded an image called $realname. Try a different name."); exit; } } } ppmysql_free_result($resulta); $title = fixmessage( $title ); $keywords = fixmessage( $keywords ); $desc = fixmessage( $desc ); if ( $category == "notcat" ) { $emessage = "The category you chose is a top level category.

Please go back and choose one of its subcategories to upload your image."; dieWell($emessage); } //####// Write the file to a directory ##### //#// Do you wish to allow all file types? yes/no (no capital letters) $allowall = "no"; //#// If the above = "no"; then which is the only extention to allow? //#// Remember to have the LAST 4 characters i.e. .ext if ($realname != "") { $isfilegood = "yes"; if ( $allowall != "yes" ) { if ( !is_image($outfilename) ) { $isfilegood = "no"; } } if ($isfilegood == "yes") { handleupload(); } // // ZIP Uploads for Users // if ( $Globals{'allowzip'} ) { if (strtolower(substr($outfilename,strlen($outfilename) - 4,4)) == ".zip" ) { $filepath = $Globals{'zipuploaddir'}."/$userid"; $filedir = "$filepath/$outfilename"; if ( !file_exists( $filepath ) ) { mkdir( $filepath, 0755 ); chmod( $filepath, 0777 ); } chdir( $filepath ); handleupload( $filedir ); $sys_cmd = $Globals{'zip_command'}." -qq $filedir"; system( $sys_cmd ); unlink( $filedir ); $deftitle = urlencode($title); $defdesc = urlencode($desc); $furl = $Globals{'zipuploadurl'}."/$userid"; if ( empty($numprocess) ) $numprocess = 10; if ( empty($dthumbs) ) $dthumbs = "yes"; forward( $Globals{'maindir'}."/bulkupload.php?ppaction=addphotos&do=preview&photopath=$userid&deftitle=$deftitle&defdesc=$defdesc&defcat=$category&keywords=$keywords&numprocess=$numprocess&dthumbs=$dthumbs&furl=$furl", "Preparing to process image list!" ); exit; } } } if ( file_exists($filepath) ) { $insize = filesize( $filepath ); } else { dieWell("File upload error. Cannot find uploaded file.
Path: [$filepath]"); exit; } if ( $isfilegood != "yes" ) { dieWell( "Image must be a .jpg, .gif, .tif or .png file." ); exit; } $thumbsize = create_thumb( $realname, $filepath, $category ); process_image( $realname, $filepath, $category ); $query = "SELECT id FROM photos WHERE userid=$userid AND bigimage='$realname'"; $resulta = ppmysql_query($query,$link); list( $forwardid ) = mysql_fetch_row($resulta); ppmysql_free_result($resulta); if ( empty($forwardid) ) { dieWell( "There was a problem processing your image: $realname.

Please notify the System Administrator." ); exit; } forward( $Globals{'maindir'}."/showphoto.php?photo=$forwardid", "Your image was uploaded successfully!" ); } ?>

Do Globals need to be on for this to work? Or is there another problem?

thanks

Paul

replace all instances of $HTTP_POST_FILES with $_POST
and $HTTP_GET_FILES with $_GET

also, while its doesn’t seem to affect your script (because it runs) but your script would work on more servers if you change <? to the full opening tag <?php

Hope that helps,

Red