escape($_POST['textar']);
$safe_synt = $db->escape($_POST['synt']);
$db->query("INSERT INTO pastebin (pid,timest,expire,payload,syntax,pub) VALUES
('{$file_id}','".time()."','{$expire}','{$safe_string}','{$safe_synt}',
'{$pub}')");
header("Location: {$_SERVER['PHP_SELF']}?fileid=".$file_id);
}
else {
header("Location: {$_SERVER['PHP_SELF']}?code=2");
}
}
}
else if(isset($_GET['fileid'])) {
include("include/header.php");
$spid = $db->escape($_GET['fileid']);
$result = $db->query("SELECT * FROM pastebin WHERE pid = '{$spid}'");
if($db->num_rows($result)) {
$row = $db->fetch_assoc($result);
echo "Hier die gewünschte Datei:
";
$com_path = dirname($_SERVER['SCRIPT_NAME']);
if($com_path == "/") $com_path = "";
$compatible_url = $base_url."a/{$_GET['fileid']}";
echo "{$compatible_url}";
}
else {
echo "Datei nicht gefunden!";
}
include("include/footer.php");
}
elseif(isset($_GET['download'])) {
include("include/header.php");
$spid = $db->escape($_GET['download']);
$result = $db->query("SELECT * FROM pastebin WHERE pid = '{$spid}'");
if($db->num_rows($result)) {
$row = $db->fetch_assoc($result);
$db->query("UPDATE pastebin SET downloads = '".($row['downloads']+1)."' WHERE id = '{$row['id']}'");
echo "";
$language = $row['syntax'];
$geshi = new GeSHi(stripslashes($row['payload']), $language, "geshi/");
echo $geshi->parse_code();
echo "
\n";
}
else {
echo "Datei nicht gefunden!";
}
include("include/footer.php");
}
else {
include("include/header.php");
switch($_GET['code']) {
case "1":
echo "fehler 1
";
break;
case "2":
echo "fehler 2
";
break;
}
?>