mysql_connect(HostName,UserName,Password) or die("<html><body>Can not connect to MySql server!<br></body></html>");
mysql_select_db (DBName) or die ("<html><body>Could not select database ".DBName."<br></body></html>");
//login process
if ($act=='1') {
$res=mysql_query("SELECT * FROM `gal_student` WHERE login='".$flogin."' AND password='".$fpassword."'") or die (mysql_error());
if (mysql_num_rows($res)>0) {
$_SESSION['logged'] = 'yes';
} else {
$error = '<font color="#ff0000">Incorrect login or password!</font>';
};};
//creation of new gallery
if ($act=='2') {
$ftitle=addslashes($ftitle);
$res=mysql_query("INSERT INTO `gal_cats` (`title`, `approved`) VALUES ('$ftitle', '0')") or die (mysql_error());
$id=mysql_insert_id();
$filename=$_FILES['ffile']['tmp_name'];
if ($filename!="") {
if (file_exists('back/cats/photo_'.$id.'.jpg')) {unlink ('back/cats/photo_'.$id.'.jpg');};
copy ($filename, 'back/cats/photo_'.$id.'.jpg');
};
$error = '<font color="#ff0000">New gallery has been successfully created and waits for admin\'s approval!</font>';
};
//creation of new photo
if ($act=='3') {
$ftitle=addslashes($ftitle);
$fvideo=addslashes($fvideo);
$query=mysql_query("INSERT INTO `gal_photos` (`cat_id`, `title`, `approved`, `video`) VALUES ('$fcat_id', '$ftitle', '0', '$fvideo')") or die (mysql_error());
$photo_id=mysql_insert_id();
$filename=$_FILES['ffile']['tmp_name'];
if ($filename!="") {
if (file_exists('back/photos/photo_'.$photo_id.'.jpg')) {unlink ('back/photos/photo_'.$photo_id.'.jpg');};