Hallo bin dabei ein Auktionscript umzuschreiben GNU Version

leider habe ich Fehler beim Bilder Upload

das Script verlangt immer alle 3 Bilder, dabei soll mann wählen ob man 1, 2, 3 Bilder oder auch gar keins nimmt.

Wenn mann dann 3 Bilder gewählt hat kommt folgende Fehler Meldung im Browser :

Warning: copy(http://www.xn--hhnerhofgirls-wob.de/...aded/30176.gif) [function.copy]: failed to create stream: HTTP wrapper does not support writeable connections. in /home/www/htdocs/xn--hhnerhofgirls-wob.de/gumod/sell.php on line 285

Warning: copy(http://www.xn--hhnerhofgirls-wob.de/...ed/30176_2.gif) [function.copy]: failed to create stream: HTTP wrapper does not support writeable connections. in /home/www/htdocs/xn--hhnerhofgirls-wob.de/gumod/sell.php on line 297

Warning: copy(http://www.xn--hhnerhofgirls-wob.de/...ed/30176_3.gif) [function.copy]: failed to create stream: HTTP wrapper does not support writeable connections. in /home/www/htdocs/xn--hhnerhofgirls-wob.de/gumod/sell.php on line 310


Die Datei sell.php hat folgenden Inhalt:

*/


require('./includes/messages.inc.php');
require('./includes/config.inc.php');
require('./includes/auction_types.inc.php');
require('./includes/countries.inc.php');
require('./includes/datacheck.inc.php');

function generate_id()
{
global $title, $description;
$continue = true;

// Datenbankgestützte Artikel-Nummern-Verwaltung
$num_query = "select * from numbers where id='1'"; // 1 = Nummernkreis für Auktions-Nummern
$num_result = mysql_query($num_query);
$auction_id = mysql_result($num_result,0,"value");
$next_num = intval($auction_id) + 1;
mysql_query("update numbers set value='$next_num'");

return $auction_id;
}

if(empty($action))
{
$action = "login";
}

if (($REQUEST_METHOD=="GET" && $action=="login") && !$HTTP_COOKIE_VARS["$LOGGED_IN_COOKIE"])
{
include "header.php";
include "templates/template_sell_login_php.html";
include "footer.php";
exit;
}


// Keine Aktion gewählt / Erstaufruf ++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++

if ($action=="login")
$action = "";

if (empty($action))
{
// Preise für Features holen
$my_result = mysql_query("select * from features order by id");
$fett_preis = print_money(mysql_result($my_result,0,"value"));
$marker_preis = print_money(mysql_result($my_result,1,"value"));
$topkat_preis = print_money(mysql_result($my_result,2,"value"));
$bild2_preis = print_money(mysql_result($my_result,3,"value"));
$bild3_preis = print_money(mysql_result($my_result,4,"value"));
$TPL_fett_preis = $fett_preis;
$TPL_marker_preis = $marker_preis;
$TPL_topkat_preis = $topkat_preis;
$TPL_bild2_preis = $bild2_preis;
$TPL_bild3_preis = $bild3_preis;

if ($mode=="recall")
{
if (isset($sessionVars["SELL_file_uploaded"]))
{

if ($sessionVars["SELL_pict_url"] <> "")
{
$userfile = "none";
if (file_exists($image_upload_path.$sessionVars["SELL_pict_url"]))
{
unlink($image_upload_path.$sessionVars["SELL_pict_url"]);
}
}

if ($sessionVars["SELL_pict_url2"] <> "")
{
$userfile2 = "none";
if (file_exists($image_upload_path.$sessionVars["SELL_pict_url2"]))
{
unlink($image_upload_path.$sessionVars["SELL_pict_url2"]);
}
}

if ($sessionVars["SELL_pict_url3"] <> "")
{
$userfile3 = "none";
if (file_exists($image_upload_path.$sessionVars["SELL_pict_url3"]))
{
unlink($image_upload_path.$sessionVars["SELL_pict_url3"]);
}
}

unset($sessionVars["SELL_file_uploaded"]);
$sessionVars["SELL_pict_url"] = $sessionVars["SELL_pict_url_original"];
putSessionVars();
}


$title = $sessionVars["SELL_title"];
$description = $sessionVars["SELL_description"];
$pict_url = $sessionVars["SELL_pict_url_original"];
$atype = $sessionVars["SELL_atype"];
$iquantity = $sessionVars["SELL_iquantity"];
$minimum_bid = $sessionVars["SELL_minimum_bid"];
$with_reserve = ($sessionVars["SELL_with_reserve"])?"ja":"nein";
$payment = $sessionVars["SELL_payment"];
$duration = $sessionVars["SELL_duration"];
$country = $sessionVars["SELL_country"];
$location_zip = $sessionVars["SELL_location_zip"];
$shipping = $sessionVars["SELL_shipping"];
$international = ($sessionVars["SELL_international"])?"ja":"nein";
$category1 = $sessionVars["SELL_category"];
$imgtype = $sessionVars["SELL_imgtype"];
$zustand = $sessionVars["SELL_zustand"];
$fett = $sessionVars["SELL_fett"];
$marker = $sessionVars["SELL_marker"];
$topkat = $sessionVars["SELL_topkat"];
$bild2 = $sessionVars["SELL_bild2"];
$bild3 = $sessionVars["SELL_bild3"];
$artnr = $sessionVars["SELL_artnr"];
$fett_preis = $sessionVars["SELL_fettpreis"];
$marker_preis = $sessionVars["SELL_markerpreis"];
$topkat_preis = $sessionVars["SELL_topkatpreis"];
$bild2_preis = $sessionVars["SELL_bild2preis"];
$bild3_preis = $sessionVars["SELL_bild3preis"];
$buy_now = $sessionVars["SELL_buy_now"];
}
else
{
// auction type
reset($auction_types);
list($atype,) = each($auction_types);

// quantity of items
$iquantity = 1;


// country
// BM 28.2.
//reset($countries);
//list($country,) = each($countries);


// shipping
$shipping = 1;

// image type
$imgtype = 1;

$with_reserve = "nein";
}
}
// Oder Aktion = 'first' / Erstaufruf++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++
elseif ($action=='first')
{
unset($auction_id);
$ERR = "ERR_".CheckSellData();

// if no other errors - handle upload here
if (!$$ERR)
{
unset($file_uploaded);

// Auktions-ID generieren
$auction_id = generate_id();

if ( $userfile <> "none" )
{
$inf = GetImageSize ( $userfile );
if ($userfile2 <> "none")
$inf2 = GetImageSize ( $userfile2 );
if ($userfile3 <> "none")
$inf3 = GetImageSize ( $userfile3 );

$er = false;
// make a check
if ($inf)
{
$inf[2] = intval($inf[2]); // check for uploaded file type
if ($userfile2 <> "none")
$inf2[2] = intval($inf2[2]);
if ($userfile3 <> "none")
$inf3[2] = intval($inf3[2]);

if ( ($inf[2]!=1) && ($inf[2]!=2) )
{
$er = true;
$ERR = "ERR_602";
}
else
{
// check for file size
if ( intval($userfile_size)>$MAX_UPLOAD_SIZE )
{
$er = true;
$ERR = "ERR_603";
}
}

if ($userfile2 <> "none")
{
if ( ($inf2[2]!=1) && ($inf2[2]!=2) )
{
$er = true;
$ERR = "ERR_602_2";
}
else
{
// check for file size
if ( intval($userfile2_size)>$MAX_UPLOAD_SIZE )
{
$er = true;
$ERR = "ERR_603_2";
}
}
}

if ($userfile3 <> "none")
{
if ( ($inf2[2]!=1) && ($inf2[2]!=2) )
{
$er = true;
$ERR = "ERR_602_3";
}
else
{
// check for file size
if ( intval($userfile3_size)>$MAX_UPLOAD_SIZE )
{
$er = true;
$ERR = "ERR_603_3";
}
}
}

}
else
{
$er = true;
$ERR = "ERR_602";

}

if (!$er)
{
// Bild 1 wirklich speichern
$ext = ($inf[2]==1)?".gif":".jpg";
$fname = $image_upload_path.$auction_id.$ext;
if (file_exists($fname))
unlink ($fname);
copy ($userfile, $fname);
$uploaded_filename = $auction_id.$ext;
$file_uploaded = true;

// Bild 2 wirklich speichern
if ($userfile2 <> "none")
{
$ext = ($inf[2]==1)?".gif":".jpg";
$fname = $image_upload_path.$auction_id."_2".$ext;

if ( file_exists($fname) )
unlink ($fname);
copy ( $userfile2, $fname );
$uploaded_filename2 = $auction_id."_2".$ext;
$file_uploaded = true;
}

// Bild 3 wirklich speichern
if ($userfile3 <> "none")
{
$ext = ($inf[2]==1)?".gif":".jpg";
$fname = $image_upload_path.$auction_id."_3".$ext;

if ( file_exists($fname) )
unlink ($fname);
copy ( $userfile3, $fname );
$uploaded_filename3 = $auction_id."_3".$ext;
$file_uploaded = true;
}
}
else
{
// Fehler!!
unset($file_uploaded);
$userfile2 = "none";
$userfile3 = "none";
}

}
else
{
unset($file_uploaded);
$userfile2 = "none";
$userfile3 = "none";
}


}
}

/*
Erstaufruf oder Fehler in den Daten -> Eingabemaske nochmal anzeigen
*/
if ( empty($action) || (($action=='first')&&($$ERR)) )
{
include "header.php";

$titleH = htmlspecialchars($title);
$descriptionH = htmlspecialchars($description);
$pict_urlH = htmlspecialchars($pict_url);

// ------------------------------------- auction type
$T= "<SELECT NAME=\"atype\">\n";
reset($auction_types); while(list($key,$val)=each($auction_types)){
$T.=
" <OPTION VALUE=\"".
$key.
"\" ".
(($key==$atype)?"SELECTED":"")
.">".$val."</OPTION>\n";
}
$T.="</SELECT>\n";
$TPL_auction_type = $T;

// ------------------------------------- duration

//--
$query = "select * from durations order by days";
$res_durations = mysql_query($query);
if(!$res_durations)
{
print $ERR_001." - ".mysql_error();
}
$num_durations = mysql_num_rows($res_durations);
$i = 0;
$T= "<SELECT NAME=\"duration\">\n";
while($i < $num_durations){

$days = mysql_result($res_durations,$i,"days");
$duration_descr = mysql_result($res_durations,$i,"description");
$T.= " <OPTION VALUE=\"$days\"";

if($days == $duration)
{
$T .= " SELECTED";
}
$T .= ">$duration_descr</OPTION>";

$i++;
}
$T.="</SELECT>\n";
$TPL_durations_list = $T;

// eigentlich der Ort
// -------------------------------------- country

$T = "<Input Type=\"Text\" Name=\"country\" value=\"$country\"";
$TPL_countries_list = $T;

// -------------------------------------- payment

$qurey = "select * from payments";
$res_payment = mysql_query($qurey);
if(!$res_payment)
{
print $ERR_001." - ".mysql_error();
exit;
}
$num_payments = mysql_num_rows($res_payment);
$T= "";

$i = 0;
while($i < $num_payments)
{
$payment_descr = mysql_result($res_payment,$i,"description");

$T.="<INPUT TYPE=CHECKBOX NAME=\"payment[]\" VALUE=\"$payment_descr\"";

//print "Desc.: ".$payment_descr." / Array: ".$payment[$i]."
";

if($payment_descr == $payment[$i])
{
$T .= " CHECKED";
}

$T .= "> $std_font $payment_descr</FONT>
";

$i++;
}
$TPL_payments_list = $T;


// -------------------------------------- category
$T= "<SELECT NAME=\"category\">\n";
$result = mysql_query("SELECT * FROM categories_plain");
if($result):
while($row=mysql_fetch_array($result)){
$T.=
" <OPTION VALUE=\"".
$row[cat_id].
"\" ".
(($row[cat_id]==$category)?"SELECTED":"")
.">".$row[cat_name]."</OPTION>\n";
}
endif;
$T.="</SELECT>\n";
$TPL_categories_list = $T;

// -------------------------------------- shipping
if ( intval($shipping)==1 )
$TPL_shipping1_value = "CHECKED";

if ( intval($shipping)==2 )
$TPL_shipping2_value = "CHECKED";

if ( !empty($international) )
$TPL_international_value = "CHECKED";

// -------------------------------------- reserved price
if ( $with_reserve=="ja" )
$TPL_with_reserve_selected = "CHECKED";
else
$TPL_without_reserve_selected = "CHECKED";

// -------------------------------------- photo source
if ( intval($imgtype)==1 )
$TPL_imgtype2_SELECTED = "CHECKED";
else
$TPL_imgtype1_SELECTED = "CHECKED";

// bm 05.12.2001 --------------------
// -------------------------------------- features

if ( !empty($fett) )
$TPL_fett_value = "CHECKED";

if ( !empty($marker) )
$TPL_marker_value = "CHECKED";

if ( !empty($topkat) )
$TPL_topkat_value = "CHECKED";

// ------------------------------------

$my_result = mysql_query("select * from features order by id");
$fett_preis = print_money(mysql_result($my_result,0,"value"));
$marker_preis = print_money(mysql_result($my_result,1,"value"));
$topkat_preis = print_money(mysql_result($my_result,2,"value"));
$bild2_preis = print_money(mysql_result($my_result,3,"value"));
$bild3_preis = print_money(mysql_result($my_result,4,"value"));

$TPL_fett_preis = $fett_preis;
$TPL_marker_preis = $marker_preis;
$TPL_topkat_preis = $topkat_preis;
$TPL_bild2_preis = $bild2_preis;
$TPL_bild3_preis = $bild3_preis;

$TPL_error_value = $$ERR;

// update current session
if ( isset($sessionVars["SELL_DATA_CORRECT"]) )
unset($sessionVars["SELL_DATA_CORRECT"]);
putSessionVars();

$user_nick = $HTTP_COOKIE_VARS["$LOGGED_IN_NICK"];
$user_query = "SELECT * FROM users WHERE nick='$user_nick'";
$user_result = mysql_query($user_query);
if ($user_result)
{
$location_zip = mysql_result($user_result,0,"zip");
$country = mysql_result($user_result,0,"city");
$frei = mysql_result($user_result,0,"suspended");
}

if ($frei == 1)
$TPL_suspended = "Achtung!
Sie haben Ihren Account noch nicht <a href=\"./help.php?topic=Verkaufen\">freigeschaltet</a> oder er wurde gesperrt.";
else
$TPL_suspended = "";


// include corresponding templates/template and exit
include "templates/template_sell_php.html";
include "footer.php";
exit;
}

// Erstaufruf und KEIN Fehler! ++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++

if ($action=="first" && !$$ERR)
{
$sessionVars["SELL_title"] = stripslashes($title);
$sessionVars["SELL_description"] = stripslashes($description);

// image URL
if (!isset($file_uploaded))
{
$sessionVars["SELL_pict_url"] = $pict_url;
unset($sessionVars["SELL_original_filename"]);
}
else
{
// the URL is uploaded image
$sessionVars["SELL_pict_url"] = $uploaded_filename;
$sessionVars["SELL_pict_url2"] = $uploaded_filename2;
$sessionVars["SELL_pict_url3"] = $uploaded_filename3;

$sessionVars["SELL_original_filename"] = $userfile_name;
}

// data from "picture URL" input field
$sessionVars["SELL_pict_url_original"] = $pict_url;

// flag if file is uploaded
if (!isset($file_uploaded))
unset($sessionVars["SELL_file_uploaded"]);
else
$sessionVars["SELL_file_uploaded"] = true;

// auction type
$sessionVars["SELL_atype"] = $atype;

// quantity of items for sale
$sessionVars["SELL_iquantity"] = $iquantity;

// minimum bid
$sessionVars["SELL_minimum_bid"] = $minimum_bid;

// reserved price flag
$sessionVars["SELL_with_reserve"] = ($with_reserve=="ja")?true:false;

// reserved price value
$sessionVars["SELL_reserve_price"] = $reserve_price;

// auction duration
$sessionVars["SELL_duration"] = $duration;

// country
$sessionVars["SELL_country"] = $country;

// zip code
$sessionVars["SELL_location_zip"] = $location_zip;

// shipping method
$sessionVars["SELL_shipping"] = $shipping;

// international shipping
$sessionVars["SELL_international"] = (strlen($international)==0)?false:true;

// payment methods: text and index
reset($payment);
while(list($key,$val) = each($payment))
{
$sessionVars["SELL_payment".$key] = $payment[$key];
//print "Session_var: ".$sessionVars["SELL_payment".$key]."
";
}

// category ID
$sessionVars["SELL_category"] = $category1;

// auction id
if (isset($auction_id))
$sessionVars["SELL_auction_id"] = $auction_id;
else
$sessionVars["SELL_auction_id"] = generate_id();

// image type
$sessionVars["SELL_imgtype"] = $imgtype;

// set that first step is passed
$sessionVars["SELL_DATA_CORRECT"] = true;

// bm 05.12.2001 ----------

// fett
$sessionVars["SELL_fett"] = (strlen($fett)==0)?false:true;

// marker
$sessionVars["SELL_marker"] = (strlen($marker)==0)?false:true;

// topkat
$sessionVars["SELL_topkat"] = (strlen($topkat)==0)?false:true;

// bild2
$sessionVars["SELL_bild2"] = ($userfile2 <> "none")?true:false;

// bild3
$sessionVars["SELL_bild3"] = ($userfile3 <> "none")?true:false;

// zustand
$sessionVars["SELL_zustand"] = $zustand;

// Art.-Nr.
$sessionVars["SELL_artnr"] = $artnr;

$sessionVars["SELL_fettpreis"] = $fett_preis;

$sessionVars["SELL_markerpreis"] = $marker_preis;

$sessionVars["SELL_topkatpreis"] = $topkat_preis;

$sessionVars["SELL_bild2preis"] = $bild2_preis;

$sessionVars["SELL_bild3preis"] = $bild3_preis;

// Einstellgebühren ermitteln
$my_query = "SELECT * FROM insertfees WHERE".
"((min_val<=$minimum_bid AND max_val>=$minimum_bid) OR".
"(min_val<$minimum_bid AND max_val<$minimum_bid)) ORDER BY id DESC";
$my_result = mysql_query($my_query);
$fee_value = mysql_result($my_result,0,"fee");
$sessionVars["SELL_fee_value"] = $fee_value;

// ------------------------

$sessionVars["SELL_buy_now"] = $buy_now;

putSessionVars();
# print "Sessions vars are put";
}

// Preview wurde angezeigt -> Auktion jetzt einstellen ++++++++++++++++++++++++++++++++++++++++++++++++++ +++

// Login und Passwort prüfen
if ( $action=="second")
{
$nickH = htmlspecialchars($nick);

$result = mysql_query("SELECT * FROM users WHERE nick='".AddSlashes($nick)."'");
if ($result)
$num = mysql_num_rows($result);
else
$num = 0;

if ($num==0)
$ERR = "ERR_025";

if ($num>0)
{
$pass = mysql_result ($result,0,"password");
$user_id = mysql_result ($result,0,"id");
if (md5($MD5_PREFIX.$password) != $pass)
{
$ERR = "ERR_026";
}
else
{
if(mysql_result($result,0,"suspended") > 0)
{
$ERR = "ERR_618";
}
}
}
}

// Erstaufruf und KEIN Fehler oder Fehler nach dem Preview absenden ++++++++++++++++++++++++++++++++++++++++++++++++++ ++

if ( ($action=="first" && !$$ERR) || ($action=="second" && $$ERR) )
{

// Fehlertext
$TPL_error = $$ERR;

// Titel
$TPL_title_value = htmlspecialchars($sessionVars["SELL_title"]);

// description text
$TPL_description_shown_value = stripslashes(nl2br($sessionVars["SELL_description"]));

// picture URL
if( intval($sessionVars["SELL_imgtype"])==0 )
{
// print "URL";
// URL specified
if ( strlen($sessionVars["SELL_pict_url_original"])==0 )
$TPL_pict_URL_value = $MSG_114;
else
$TPL_pict_URL_value = "<IMG SRC=\"".$sessionVars["SELL_pict_url_original"]."\">";
}
else
{
// a file uploaded
if ( empty($sessionVars["SELL_file_uploaded"]) )
$TPL_pict_URL_value = $MSG_114;
else
$TPL_pict_URL_value = $sml_font."Bild 1:</Font>
<IMG SRC=\"".$uploaded_path.$sessionVars["SELL_pict_url"]."\">

";
if ($sessionVars["SELL_pict_url2"] <> "")
$TPL_pict_URL_value .= $sml_font."Bild 2:</Font>
<IMG SRC=\"".$uploaded_path.$sessionVars["SELL_pict_url2"]."\">

";
if ($sessionVars["SELL_pict_url3"] <> "")
$TPL_pict_URL_value .= $sml_font."Bild 3:</Font>
<IMG SRC=\"".$uploaded_path.$sessionVars["SELL_pict_url3"]."\">";
}

// minimum bid
$TPL_minimum_bid_value = print_money($sessionVars["SELL_minimum_bid"]);

$TPL_buy_now = print_money($sessionVars["SELL_buy_now"]);

// reserved price
if ($sessionVars["SELL_with_reserve"])
$TPL_reserve_price_displayed = "$std_font ".print_money($sessionVars["SELL_reserve_price"])."</FONT>";
else
$TPL_reserve_price_displayed = "$std_font nein </FONT>";

// auction duration

//--
$query = "select description from durations where days=".$sessionVars["SELL_duration"];
$res_duration_descr = mysql_query($query);
$duration_descr = mysql_result($res_duration_descr,0,"description");
$TPL_durations_list = $duration_descr;

// auction type
$TPL_auction_type = $auction_types[$sessionVars["SELL_atype"]];
if ( intval($sessionVars["SELL_atype"])==2 )
$TPL_auction_type .= "</TD></TR><TR><TD ALIGN=RIGHT> $std_font Quantity: </FONT></TD><TD>$std_font".$sessionVars["SELL_iquantity"]."</TD></TR>";

// country
//$TPL_countries_list = $countries[$sessionVars["SELL_country"]];
$TPL_countries_list = $sessionVars["SELL_country"];

// zip code
$TPL_location_zip = $sessionVars["SELL_location_zip"];

// shipping
if ( intval($sessionVars["SELL_shipping"]) == 1 )
{
$TPL_shipping_value = $MSG_038;
}
else
{
$TPL_shipping_value = $MSG_032;
}
if ( $sessionVars["SELL_international"] )
{
$TPL_international_value = "
";
$TPL_international_value .= $MSG_033;
}
else
{
$TPL_international_value = "
";
$TPL_international_value .= $MSG_043;
}

// payment methods

//--
$query = "select * from payments";
$res_payments = mysql_query($query);
if(!$res_payments)
{
print $ERR_001." - ".mysql_error();
exit;
}

$num_payments = mysql_num_rows($res_payments);
$i = 0;
while($i < $num_payments){

if(isset($sessionVars["SELL_payment".$i]))
{
$TPL_payment_methods .= "$std_font".$sessionVars["SELL_payment".$i]."</FONT>
";
}
$i++;
}

// category name
$cat_id = intval($sessionVars["SELL_category"]);
$result = mysql_query("SELECT * FROM categories WHERE cat_id=$cat_id");
$parent_id = mysql_result($result,0,"parent_id");
$category_name = mysql_result($result,0,"cat_name");

$T = "";
while($parent_id!=0)
{
// get info about this parent
$result = mysql_query("SELECT * FROM categories WHERE cat_id=$parent_id");
$pparent_id = intval(mysql_result($result,0,"parent_id"));
$pcat_id = mysql_result($result,0,"cat_id");
$pcat_name = mysql_result($result,0,"cat_name");

$T = "$pcat_name &gt; ".$T;

// get parent of this parent
if ($pparent_id!=0)
$parent_id = mysql_result( mysql_query("SELECT * FROM categories WHERE cat_id=$pparent_id"),0,"parent_id" );
else
$parent_id = 0;
}
$T .= $category_name;
$TPL_categories_list = $T;

if ( $sessionVars["SELL_fett"] )
{
$TPL_fett_value .= "Fettschrift";
}

if ( $sessionVars["SELL_marker"] )
{
$TPL_marker_value = "
";
$TPL_marker_value .= "Textmarker";
}

if ( $sessionVars["SELL_topkat"] )
{
$TPL_topkat_value = "
";
$TPL_topkat_value .= "Top-Kategorie";
}

if ( $sessionVars["SELL_bild2"] )
{
$TPL_bild_2_value = "
";
$TPL_bild_2_value .= "Upload 2. Bild";
}

if ( $sessionVars["SELL_bild3"] )
{
$TPL_bild_3_value = "
";
$TPL_bild_3_value .= "Upload 3. Bild";
}

if ( $sessionVars["SELL_zustand"] == 0 )
{
$TPL_zustand_value = "Siehe Beschreibung";
}

if ( $sessionVars["SELL_zustand"] == 1 )
{
$TPL_zustand_value = "Neuwertig";
}

if ( $sessionVars["SELL_zustand"] == 2 )
{
$TPL_zustand_value = "Bestzustand";
}

if ( $sessionVars["SELL_zustand"] == 3 )
{
$TPL_zustand_value = "Leichte Gebrauchsspuren";
}

if ( $sessionVars["SELL_zustand"] == 4 )
{
$TPL_zustand_value = "Gebrauchsspuren";
}

if ( $sessionVars["SELL_zustand"] == 5 )
{
$TPL_zustand_value = "Starke Gebrauchsspuren";
}

if ( $sessionVars["SELL_zustand"] == 6 )
{
$TPL_zustand_value = "Defekt";
}

$TPL_artnr_value = htmlspecialchars($sessionVars["SELL_artnr"]);

// Benutzergruppe feststellen
$benutzername = $TPL_nick = $HTTP_COOKIE_VARS["$LOGGED_IN_NICK"];
$status_query = "SELECT * FROM users WHERE nick='$benutzername'";
$status_result = mysql_query($status_query);
if (!$status_result)
{
print "<H1>Fehler beim Bestimmen der Benutzergruppe!</H1>";
exit;
}
else
{
$benutzergruppe = mysql_result($status_result,0,"status");
}

// Wer wird berechnet? Private und/oder Gewerbliche?
$bill_query = "SELECT * FROM settings";
$bill_result = mysql_query($bill_query);
if (!$bill_result)
{
print "<H1>Fehler beim Lesen von Tabelle Settings!</H1>";
exit;
}
else
{
$bill_privat = mysql_result($bill_result,0,"privat");
$bill_gewerbe = mysql_result($bill_result,0,"gewerbe");
}

// Wird der User berechnet?
if (intval($benutzergruppe) == 0)
{
if ($bill_privat == 1)
$berechnen = 1;
else
$berechnen = 0;
}

if (intval($benutzergruppe) == 1)
{
if ($bill_gewerbe == 1)
$berechnen = 1;
else
$berechnen = 0;
}

// Preise für Features holen
$my_result = mysql_query("select * from features order by id");
$fett_preis = mysql_result($my_result,0,"value");
$marker_preis = mysql_result($my_result,1,"value");
$topkat_preis = mysql_result($my_result,2,"value");
$bild2_preis = mysql_result($my_result,3,"value");
$bild3_preis = mysql_result($my_result,4,"value");

$TPL_fett_preis = $fett_preis;
$TPL_marker_preis = $marker_preis;
$TPL_topkat_preis = $topkat_preis;
$TPL_bild2_preis = $bild2_preis;
$TPL_bild3_preis = $bild3_preis;

// ************************************************** ************************************************** **************


// Einstellgebühr anzeigen
$fee_summe = 0;
if ($berechnen == 1)
{
$TPL_Account .= $std_font."Einstellgebühr: ".print_money($sessionVars["SELL_fee_value"])."</Font>
"; // nur 'n Test
$fee_summe = $sessionVars["SELL_fee_value"];
}

// Zusatz-Features anzeigen
if ( $sessionVars["SELL_fett"] )
{
$TPL_Account .= $std_font."Hervorhebung durch Fettschrift: ".print_money($TPL_fett_preis)."</Font>
";
$fee_summe = $fee_summe + $fett_preis;
}
if ( $sessionVars["SELL_marker"] )
{
$TPL_Account .= $std_font."Hervorhebung durch Textmarker: ".print_money($TPL_marker_preis)."</Font>
";
$fee_summe = $fee_summe + $marker_preis;
}
if ( $sessionVars["SELL_topkat"] )
{
$TPL_Account .= $std_font."Darstellung in Top-Kategorie: ".print_money($TPL_topkat_preis)."</Font>
";
$fee_summe = $fee_summe + $topkat_preis;
}
if ( $sessionVars["SELL_bild2"] )
{
$TPL_Account .= $std_font."Upload 2. Bild: ".print_money($TPL_bild2_preis)."</Font>
";
$fee_summe = $fee_summe + $bild2_preis;
}
if ( $sessionVars["SELL_bild3"] )
{
$TPL_Account .= $std_font."Upload 3. Bild: ".print_money($TPL_bild3_preis)."</Font>
";
$fee_summe = $fee_summe + $bild3_preis;
}

// Summe anzeigen
$TPL_Account .= "
[b]".$err_font."Gesamtgebühr: ".print_money($fee_summe)."</Font>";


// ************************************************** ************************************************** **************

include "header.php";
include "templates/template_sell_preview_php.html";
include "footer.php";
exit;
}

if ($action=='second' && !$$ERR)
{

//-- If a suggested category is present send an e-mail
//-- to the site administrator
if($suggested_category)
{
$to = $adminEmail;
$subject = $MSG_254;
$message = $suggested_category."\n".
$MSG_255.
$sessionVars["SELL_auction_id"];

mail($to,$subject,$message,"From:Kategorievorschla g auf".$SITE_NAME."<$adminEmail>\nReplyTo:$adminEmai l");

}



$payment_text = "";
//--
$query = "select * from payments";
$res_payments = mysql_query($query);
if(!$res_payments)
{
print $ERR_001." - ".mysql_error();
exit;
}

$num_payments = mysql_num_rows($res_payments);
$i = 0;
while($i < $num_payments)
{
$val = mysql_result($res_payments,$i,"description");
if ( isset($sessionVars["SELL_payment".$i]) )
$payment_text .= $sessionVars["SELL_payment".$i]." \n";

$i++;
}
// auction starts
$time = time();
$a_starts = date("Y-m-d H:i:s",$time);
//$a_starts = date("d.m.Y H:i:s",$time);

// auction ends
$a_ends = $time+$sessionVars["SELL_duration"]*24*60*60;
$a_ends = date("Y-m-d H:i:s", $a_ends);
//$a_ends = date("d.m.Y H:i:s", $a_ends);

// picture URL
$pcURL = "";
if ( ($sessionVars["SELL_file_uploaded"]) && (strlen($sessionVars["SELL_original_filename"])>0) )
{
$pcURL = $sessionVars["SELL_pict_url"];
$pcURL2 = $sessionVars["SELL_pict_url2"];
$pcURL3 = $sessionVars["SELL_pict_url3"];
}
else
$pcURL = $sessionVars["SELL_pict_url_original"];

$result = mysql_query("SELECT * FROM auctions WHERE id=".$sessionVars["SELL_auction_id"]);
if ($result)
$nr = mysql_num_rows($result);
else
$nr = 0;

if ($nr>0)
{
header ( "Location: item.php?mode=1&id=".$sessionVars["SELL_auction_id"]."&SESSION_ID=$sessionIDU" );
exit;
}

include "header.php";

$query =
"INSERT INTO auctions VALUES ('".$sessionVars["SELL_auction_id"]."', '". // auction id
$user_id."', '".
addslashes($sessionVars["SELL_title"])."', '". // auction title
$a_starts."', '". // auction starts
addslashes($sessionVars["SELL_description"])."', '". // auction description
addslashes($pcURL)."', ". // picture URL
$sessionVars["SELL_category"].", '". // category
$sessionVars["SELL_minimum_bid"]."', '".// minimum bid
(($sessionVars["SELL_with_reserve"])?$sessionVars["SELL_reserve_price"]:"0")."', '".// reserve price
$sessionVars["SELL_atype"]."', '".// auction type
$sessionVars["SELL_duration"]."', '".// duration
$sessionVars["SELL_country"]."', '".// country
$sessionVars["SELL_location_zip"]."', '".// zip code
$sessionVars["SELL_shipping"]."', '".// shipping method
$payment_text."', '".// payment method
(($sessionVars["SELL_international"])?"1":"0")."', '".// international shipping
$a_ends."', '".// ends
"0', '".// current bid
"0', ".// closed
(($sessionVars["SELL_file_uploaded"])?"1":"0").", ".
$sessionVars["SELL_iquantity"].", ".// quantity
"'0' ".", ".//suspended
(($sessionVars["SELL_fett"])?"1":"0").", ".
(($sessionVars["SELL_marker"])?"1":"0").", ".
(($sessionVars["SELL_topkat"])?"1":"0").", ".
$sessionVars["SELL_zustand"].", '".
$sessionVars["SELL_artnr"]."', '".
$sessionVars["SELL_buy_now"]."', ".
"'0', ". // seller_rate
"'0', '". // buyer_rate
addslashes($pcURL2)."', '". // Bild 2
addslashes($pcURL3)."'". // Bild 3
")";


if (!mysql_query($query))
print $ERR_001.mysql_error()."
$query";
else
{
//-- Update COUNTERS table

$query = "select auctions from counters";
$result_counters = mysql_query($query);
if($result_counters){
$auction_counter = mysql_result($result_counters,0,"auctions") + 1;
$query = "update counters set auctions = $auction_counter";
$result = mysql_query($query);
}

$TPL_auction_id = $sessionVars["SELL_auction_id"];
include "templates/template_sell_result_php.html";
}

// Rechnungsposten schreiben ************************************************** ****

// Benutzergruppe feststellen
$benutzername = $TPL_nick = $HTTP_COOKIE_VARS["$LOGGED_IN_NICK"];
$status_query = "SELECT * FROM users WHERE nick='$benutzername'";
$status_result = mysql_query($status_query);
if (!$status_result)
{
print "<H1>Fehler beim Bestimmen der Benutzergruppe!</H1>";
exit;
}
else
{
$benutzergruppe = mysql_result($status_result,0,"status");
}

// Wer wird berechnet? Private und/oder Gewerbliche?
$bill_query = "SELECT * FROM settings";
$bill_result = mysql_query($bill_query);
if (!$bill_result)
{
print "<H1>Fehler beim Lesen von Tabelle Settings!</H1>";
exit;
}
else
{
$bill_privat = mysql_result($bill_result,0,"privat");
$bill_gewerbe = mysql_result($bill_result,0,"gewerbe");
}

// Wird der User berechnet?
if (intval($benutzergruppe) == 0)
{
if ($bill_privat == 1)
$berechnen = 1;
else
$berechnen = 0;
}

if (intval($benutzergruppe) == 1)
{
if ($bill_gewerbe == 1)
$berechnen = 1;
else
$berechnen = 0;
}

// Preise für Features holen
$my_result = mysql_query("select * from features order by id");
$fett_preis = mysql_result($my_result,0,"value");
$marker_preis = mysql_result($my_result,1,"value");
$topkat_preis = mysql_result($my_result,2,"value");
$bild2_preis = mysql_result($my_result,3,"value");
$bild3_preis = mysql_result($my_result,4,"value");

$time = time();
$pos_time = date("Y-m-d H:i:s",$time);


if ($berechnen == 1)
{
if ($sessionVars["SELL_fee_value"] > 0)
{
// Einstellgebühr schreiben
$query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
$user_id."','".$sessionVars["SELL_auction_id"]."','".
$sessionVars["SELL_title"].
"','Einstellgebühr','".
$sessionVars["SELL_fee_value"].
"','0')";
$result = mysql_query($query);
}
}


// wenn Fettschrift, dann RE-Posten
if ( $sessionVars["SELL_fett"] )
{
if ($fett_preis > 0)
{
$query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
$user_id."','".$sessionVars["SELL_auction_id"]."','".
$sessionVars["SELL_title"].
"','Hervorhebung: Fettschrift','".
$fett_preis.
"','0')";
$result = mysql_query($query);
}
}

// wenn Textmarker, dann RE-Posten
if ( $sessionVars["SELL_marker"] )
{
if ($marker_preis > 0)
{
$query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
$user_id."','".$sessionVars["SELL_auction_id"]."','".
$sessionVars["SELL_title"].
"','Hervorhebung: Textmarker','".
$marker_preis.
"','0')";
$result = mysql_query($query);
}
}

// wenn Top-Kategorie, dann RE-Posten
if ( $sessionVars["SELL_topkat"] )
{
if ($topkat_preis > 0)
{
$query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
$user_id."','".$sessionVars["SELL_auction_id"]."','".
$sessionVars["SELL_title"].
"','Hervorhebung: Top-Kategorie','".
$topkat_preis.
"','0')";
$result = mysql_query($query);
}
}

// wenn Bild 2, dann RE-Posten
if ( $sessionVars["SELL_bild2"])
{
if ($bild2_preis > 0)
{
$query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
$user_id."','".$sessionVars["SELL_auction_id"]."','".
$sessionVars["SELL_title"].
"','Upload 2. Bild','".
$bild2_preis.
"','0')";
$result = mysql_query($query);
}
}

// wenn Bild 3, dann RE-Posten
if ($sessionVars["SELL_bild3"])
{
if ($bild3_preis > 0)
{
$query = "INSERT INTO accountpos VALUES ('','','".$pos_time."','".
$user_id."','".$sessionVars["SELL_auction_id"]."','".
$sessionVars["SELL_title"].
"','Upload 3. Bild','".
$bild3_preis.
"','0')";
$result = mysql_query($query);
}
}


// Ende Rechnungsposten ************************************************** ***************

include "footer.php";

// and increase category counters
$ct = intval($sessionVars["SELL_category"]);
$row = mysql_fetch_array(mysql_query("SELECT * FROM categories WHERE cat_id=$ct"));
$counter = $row[counter]+1;
$subcoun = $row[sub_counter]+1;
$parent_id = $row[parent_id];
mysql_query("UPDATE categories SET counter=$counter, sub_counter=$subcoun WHERE cat_id=$ct");

// update recursive categories
while ( $parent_id!=0 )
{
// update this parent's subcounter
$rw = mysql_fetch_array(mysql_query("SELECT * FROM categories WHERE cat_id=$parent_id"));
$subcoun = $rw[sub_counter]+1;
mysql_query("UPDATE categories SET sub_counter=$subcoun WHERE cat_id=$parent_id");
// get next parent
$parent_id = intval($rw[parent_id]);
}
// Send confirmation email
$result = mysql_query("SELECT * FROM users WHERE nick='".AddSlashes($nick)."'");
$user_name = mysql_result ($result,0,"name");
$user_email = mysql_result ($result,0,"email");
$user_address = mysql_result ($result,0,"address");
$user_city = mysql_result ($result,0,"city");
$user_country = mysql_result ($result,0,"country");
$user_zip = mysql_result ($result,0,"zip");
$title = $sessionVars["SELL_title"];
$auction_id = $sessionVars["SELL_auction_id"];
$description = $sessionVars["SELL_description"];
$pict_url = $pcURL;
$minimum_bid = $sessionVars["SELL_minimum_bid"];
$reserve_price = $sessionVars["SELL_reserve_price"];
$duration = $sessionVars["SELL_duration"];
$cat_name = $sessionVars["SELL_category"];
$ends = substr($a_ends,8,2).".";
$ends .= substr($a_ends,5,2).".";
$ends .= substr($a_ends,0,4).".";
$auction_url = $SITE_URL . "item.php?mode=1&id=".$sessionVars["SELL_auction_id"];
$buy_now = $sessionVars["SELL_buy_now"];

include('./includes/auction_confirmation.inc.php');

}

reset($sessionVars); while(list($key,$val)=each($sessionVars)){
if ( strpos($key,"SELL_")==0 )
unset($sessionVars[$key]);
}
putSessionVars();

exit;
?>


Wer kann mir da weiterhelfen, ich raffs einfach nicht mehr.

Mister Ad

sonst noch alles fitt bei dir oder? ich werd mir jetzt sicher nicht deinen ganzen
krempel da rein ziehen .. tz ..

ich tipp mal auf - was auch sonst - die heise news .. dein provider hat deswegen
vielleicht allow_url_open auf off gesetzt und deswegen kannst du nix mehr von
"extern" kopieren.

nun ja zwingt dich ja keiner alles zu lesen, währe aber dennoch nett.

die Zugriffs rechte von aussen sind frei mit anderen Scripts klappt es ja auch.