1024) { getOut($postType,$postId); } if (is_uploaded_file($_FILES['file']['tmp_name'])) { $fid = bin2hex(random_bytes(16)); $type = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION); $type = strtolower($type); $mime = mime_content_type('test' . $type); $legal = ['png','gif','jpeg','jpg','mp4','webm','mp3','wav']; if (in_array($type, $legal)) { move_uploaded_file($_FILES['file']['tmp_name'], $_SERVER["DOCUMENT_ROOT"] . '/../docs/pic/' . $fid . '.' . $type); $postie .= "\nhttps://" . $_SERVER['HTTP_HOST'] . '/pic/' . $fid . '.' . $type; } } $stmt = $db->prepare("INSERT INTO main.comment (username, targetType, targetId, date, content, id) VALUES (?,?,?,?,?,?)"); $stmt->execute([$username,$postType,$postId,microtime(true) - $ref,$postie,bin2hex(random_bytes(16))]); getOut($postType,$postId); } post_handler(); page_header(); ?>