//cpg_die(ERROR, sprintf($lang_db_input_php['allowed_img_types'], $CONFIG['allowed_img_types']), __FILE__, __LINE__); // Check that picture size (in pixels) is lower than the maximum allowed } elseif (max($imginfo[0], $imginfo[1]) > $CONFIG['max_upl_width_height']) { if (USER_IS_ADMIN && $CONFIG['auto_resize'] == 1 || !USER_IS_ADMIN && $CONFIG['auto_resize'] > 0) { //resize_image($uploaded_pic, $uploaded_pic, $CONFIG['max_upl_width_height'], $CONFIG['thumb_method'], $imginfo[0] > $CONFIG['max_upl_width_height'] ? 'wd' : 'ht'); resize_image($uploaded_pic, $uploaded_pic, $CONFIG['max_upl_width_height'], $CONFIG['thumb_method'], $CONFIG['thumb_use']); } else { @unlink($uploaded_pic); cpg_die(ERROR, sprintf($lang_db_input_php['err_fsize_too_large'], $CONFIG['max_upl_width_height'], $CONFIG['max_upl_width_height']), __FILE__, __LINE__); } } // Image is ok } // Upload is ok // Create thumbnail and internediate image and add the image into the DB $result = add_picture($album, $filepath, $picture_name, 0, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category, $raw_ip, $hdr_ip, (int) $_POST['width'], (int) $_POST['height']); if (!$result) { @unlink($uploaded_pic); cpg_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_insert_pic'], $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true); } elseif ($PIC_NEED_APPROVAL) { pageheader($lang_info); msg_box($lang_info, $lang_db_input_php['upload_success'], $lang_continue, 'index.php'); // start: send admin approval mail added by gaugau: 03-11-09 if ($CONFIG['upl_notify_admin_email']) { include_once 'include/mailer.inc.php'; cpg_mail('admin', sprintf($lang_db_input_php['notify_admin_email_subject'], $CONFIG['gallery_name']), sprintf($lang_db_input_php['notify_admin_email_body'], USER_NAME, $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . 'editpics.php?mode=upload_approval')); } // end: send admin approval mail ob_end_flush(); } else { $header_location = @preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE')) ? 'Refresh: 0; URL=' : 'Location: ';
require 'include/picmgmt.inc.php'; if (!GALLERY_ADMIN_MODE) { die('Access denied'); } $aid = (int) $HTTP_GET_VARS['aid']; $pic_file = base64_decode($HTTP_GET_VARS['pic_file']); $dir_name = dirname($pic_file) . "/"; $file_name = basename($pic_file); // Get the forbidden characters from the Config console string, and do any necessary translation. Return the translated string. $forbidden_chars = strtr($CONFIG['forbiden_fname_char'], array('&' => '&', '"' => '"', '<' => '<', '>' => '>')); // Create the holder $picture_name by translating the file name. Translate any forbidden character into an underscore. $sane_name = strtr($file_name, $forbidden_chars, str_repeat('_', strlen($CONFIG['forbiden_fname_char']))); $source = "./" . $CONFIG['fullpath'] . $dir_name . $file_name; rename($source, "./" . $CONFIG['fullpath'] . $dir_name . $sane_name); $sql = "SELECT pid " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE filepath='" . addslashes($dir_name) . "' AND filename='" . addslashes($file_name) . "' " . "LIMIT 1"; $result = db_query($sql); if (mysql_num_rows($result)) { $file_name = "images/up_dup.gif"; } elseif (add_picture($aid, $dir_name, $file_name)) { $file_name = "images/up_ok.gif"; } else { $file_name = "images/up_pb.gif"; echo $ERROR; } if (ob_get_length()) { ob_end_flush(); exit; } header('Content-type: image/gif'); echo fread(fopen($file_name, 'rb'), filesize($file_name)); ob_end_flush();
function add_image($album, $filename, $caption) { $filedat = $_FILES['userfile']; $albuminfo = get_album_by_name($album); $src = $filedat['tmp_name']; $result = add_picture($albuminfo['id'], $_FILES['userfile']['tmp_name'], $_FILES['userfile']['name'], $caption); global $debug_msgs; $debug_msgs .= print_r($result, true); // And this is the place where I need the image data global $response; if ($result['picture_id'] === false) { $response->set_key('status', GR_STAT_UPLOAD_PHOTO_FAIL); $response->set_key('status_text', 'Add photo failed.'); } else { $response->set_key('status', GR_STAT_SUCCESS); // galleryadd.pl looks for this exact status text and fails if it doesn't find it $response->set_key('status_text', 'Add photo successful.'); } }
require 'include/init.inc.php'; require 'include/picmgmt.inc.php'; if (!GALLERY_ADMIN_MODE) { die('Access denied'); } $aid = (int) $_GET['aid']; $pic_file = base64_decode($_GET['pic_file']); $dir_name = dirname($pic_file) . '/'; $file_name = basename($pic_file); # Create the holder $picture_name by translating the file name. # Translate any forbidden character into an underscore. $sane_name = replace_forbidden($file_name); $source = './' . $CONFIG['fullpath'] . $dir_name . $file_name; rename($source, './' . $CONFIG['fullpath'] . $dir_name . $sane_name); $sql = "SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath='" . addslashes($dir_name) . "' AND filename='" . addslashes($file_name) . "' LIMIT 1"; $result = cpg_db_query($sql); if (mysql_num_rows($result)) { $file_name = 'images/up_dup.gif'; } elseif (add_picture($aid, $dir_name, $sane_name)) { $file_name = 'images/up_ok.gif'; } else { $file_name = 'images/up_pb.gif'; echo $ERROR; } if (ob_get_length()) { ob_end_flush(); exit; } header('Content-type: image/gif'); echo fread(fopen($file_name, 'rb'), filesize($file_name)); ob_end_flush();
$sql = "SELECT `name` FROM " . PLOGGER_TABLE_PREFIX . "collections WHERE id = " . intval($_REQUEST['collections_menu']); $result = run_query($sql); $row = mysql_fetch_assoc($result); $output .= "\n\t" . '<p class="actions">' . sprintf(plog_tr('Album already exists. Uploading file to existing album %s in collection %s'), '<strong>' . $_REQUEST['new_album_name'] . '</strong>', '<strong>' . $row['name'] . '</strong>') . '</p>' . "\n"; } else { // Error has nothing to do with an existing album, show the returned error $album_id = ''; $output .= "\n\t" . '<p class="errors">' . $result['errors'] . '</p>' . "\n"; } } } else { // Use an existing album $album_id = $_REQUEST['albums_menu']; } if ($album_id) { $result = add_picture($album_id, $_FILES['userfile']['tmp_name'], $_FILES['userfile']['name'], $_REQUEST['caption'], $_REQUEST['description']); if (!$result['errors']) { // Added uploaded image successfully $output .= "\n\t" . '<p class="success">' . $result['output'] . '</p>' . "\n"; } else { // Errors adding the image, show the returned error $output .= "\n\t" . '<p class="errors">' . $result['errors'] . '</p>' . "\n"; } } } } } } } } }
} $aid = $superCage->get->getInt('aid'); /** * TODO: $_GET['pic_file'] cannot be cleaned sensibly with current methods available. Refactor. */ $matches = $superCage->get->getMatched('pic_file', '/^[0-9A-Za-z=\\+\\/]+$/'); $pic_file = base64_decode($matches[0]); $dir_name = dirname($pic_file) . '/'; $file_name = basename($pic_file); // Replace the windows directory separator with / $dir_name = str_replace('\\\\', '/', $dir_name); $dir_name = str_replace('\\', '/', $dir_name); // Create the holder $picture_name by translating the file name. // Translate any forbidden character into an underscore. $source = './' . $CONFIG['fullpath'] . $dir_name . $file_name; $file_name = CPGPluginAPI::filter('upload_file_name', $file_name); $sane_name = replace_forbidden($file_name); rename($source, './' . $CONFIG['fullpath'] . $dir_name . $sane_name); $sql = "SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath='" . addslashes($dir_name) . "' AND filename='" . addslashes($file_name) . "' LIMIT 1"; $result = cpg_db_query($sql); if (mysql_num_rows($result)) { $status = 'DUPE'; } elseif (($result = add_picture($aid, $dir_name, $sane_name)) === true) { $status = 'OK'; } else { $status = $result['error']; } if (ob_get_length()) { ob_end_clean(); } echo $status;
} if ($album_id) { foreach ($files as $file) { $file_key = md5($file); if (in_array($file_key, $selected)) { $file_name = SmartStripSlashes($file); // fully qualified file name //$fqfn = $config['basedir'].'plog-content/uploads/'.$file_name; $fqfn = $file; if (is_file($fqfn)) { if (in_array($file_key, $allow_comments)) { $allow_comment = 1; } else { $allow_comment = 0; } $result = add_picture($album_id, $fqfn, basename($file_name), $captions[$file_key], $descriptions[$file_key], $allow_comment); if ($result['picture_id'] !== false) { $imported++; // Delete thumbnail file if it exists $thumbpath = $config['basedir'] . 'plog-content/thumbs/uploads/import-' . substr($file_key, 0, 2) . '-' . basename($file_name); if (file_exists($thumbpath) && is_readable($thumbpath)) { kill_file($thumbpath); } } } $counter++; } } // Get album name for display $sql = "SELECT name FROM " . PLOGGER_TABLE_PREFIX . "albums WHERE id = {$album_id}"; $result = run_query($sql);
} // Create path for final location. $uploaded_pic = $dest_dir . $picture_name; // Form path to temporary image. $path_to_image = './' . $CONFIG['fullpath'] . 'edit/' . $file_set[1]; // prevent moving the edit directory... if (is_dir($path_to_image)) { cpg_die(CRITICAL_ERROR, $lang_upload_php['failure'] . " - '{$path_to_image}'", __FILE__, __LINE__, true); } // Move the picture into its final location if (rename($path_to_image, $uploaded_pic)) { // Change file permission @chmod($uploaded_pic, octdec($CONFIG['default_file_mode'])); //silence the output in case chmod is disabled // Create thumbnail and intermediate image and add the image into the DB $result = add_picture($album, $filepath, $picture_name, 0, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category, $raw_ip, $hdr_ip, $movie_wd, $movie_ht); if (!$result) { // The file could not be placed. $file_placement = 'no'; } else { // The file was placed successfully. $file_placement = 'yes'; } } else { // The file was not placed successfully. $file_placement = 'no'; } // Time for garbage cleanup. // First, we delete the preview image. if (!strstr($preview_path, 'thumb') and file_exists($preview_path)) { unlink($preview_path);
// Form path to temporary image. $path_to_image = './' . $CONFIG['fullpath'] . 'edit/' . $tempname; // prevent moving the edit directory... if (is_dir($path_to_image)) { echo 'error|' . $lang_upload_php['failure'] . " - '{$path_to_image}'|0"; exit; } CPGPluginAPI::action('upload_swf_pre_move', $path_to_image); // Move the picture into its final location if (rename($path_to_image, $uploaded_pic)) { // Change file permission @chmod($uploaded_pic, octdec($CONFIG['default_file_mode'])); //silence the output in case chmod is disabled $CURRENT_PIC_DATA = array(); // Create thumbnail and intermediate image and add the image into the DB $result = add_picture($album, $filepath, $picture_name, 0, '', '', '', '', '', '', '', $category); if ($result !== true) { // The file could not be placed. $file_placement = 'no'; } else { $CURRENT_PIC_DATA['url_prefix'] = 0; // The file was placed successfully. $file_placement = 'yes'; $thumb_url = get_pic_url($CURRENT_PIC_DATA, 'thumb'); } } else { // The file was not placed successfully. $file_placement = 'no'; } if ($file_placement == 'yes') { // The previous picture was placed successfully.
function process_picture() { global $CONFIG, $IMG_TYPES; global $lang_db_input_php, $lang_errors; $superCage = Inspekt::makeSuperCage(); @unlink(LOGFILE); if (!USER_ID || !USER_CAN_UPLOAD_PICTURES) { simple_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } //$album = (int)$_GET['album']; $album = $superCage->get->getInt('album'); $title = ''; $caption = ''; $keywords = ''; $user1 = ''; $user2 = ''; $user3 = ''; $user4 = ''; $position = 0; // Check if the album id provided is valid if (!USER_IS_ADMIN) { $result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}' and category = '" . (USER_ID + FIRST_USER_CAT) . "'"); if (mysql_num_rows($result) == 0) { simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__); } $row = mysql_fetch_array($result); mysql_free_result($result); $category = $row['category']; } else { $result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}'"); if (mysql_num_rows($result) == 0) { simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__); } $row = mysql_fetch_array($result); mysql_free_result($result); $category = $row['category']; } // Get position $result = cpg_db_query("SELECT position FROM {$CONFIG['TABLE_PICTURES']} WHERE aid='{$album}' order by position desc"); if (mysql_num_rows($result) == 0) { $position = 100; } else { $row = mysql_fetch_array($result); mysql_free_result($result); if ($row['position']) { $position = $row['position']; $position++; } } // Test if the filename of the temporary uploaded picture is empty // if ($_FILES['userpicture']['tmp_name'] == '') simple_die(ERROR, $lang_db_input_php['no_pic_uploaded'], __FILE__, __LINE__); if ($superCage->files->getRaw('/userpicture/tmp_name') == '') { simple_die(ERROR, $lang_db_input_php['no_pic_uploaded'], __FILE__, __LINE__); } // Create destination directory for pictures if (USER_ID && $CONFIG['silly_safe_mode'] != 1) { if (USER_IS_ADMIN && $category != USER_ID + FIRST_USER_CAT) { $filepath = 'wpw-' . date("Ymd"); } else { $filepath = $CONFIG['userpics'] . (USER_ID + FIRST_USER_CAT); } $dest_dir = $CONFIG['fullpath'] . $filepath; if (!is_dir($dest_dir)) { mkdir($dest_dir, octdec($CONFIG['default_dir_mode'])); if (!is_dir($dest_dir)) { simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_mkdir'], $dest_dir), __FILE__, __LINE__, true); } chmod($dest_dir, octdec($CONFIG['default_dir_mode'])); $fp = fopen($dest_dir . '/index.php', 'w'); fwrite($fp, ' '); fclose($fp); } $dest_dir .= '/'; $filepath .= '/'; } else { $filepath = $CONFIG['userpics']; $dest_dir = $CONFIG['fullpath'] . $filepath; } // Check that target dir is writable if (!is_writable($dest_dir)) { simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['dest_dir_ro'], $dest_dir), __FILE__, __LINE__, true); } $matches = array(); //if (get_magic_quotes_gpc()) $_FILES['userpicture']['name'] = stripslashes($_FILES['userpicture']['name']); //using getRaw as it will be sanitized in the code below in the preg_match. {SaWey} $filename = $superCage->files->getRaw('/userpicture/name'); if (get_magic_quotes_gpc()) { $filename = stripslashes($filename); } // Replace forbidden chars with underscores //$picture_name = replace_forbidden($_FILES['userpicture']['name']); $picture_name = replace_forbidden($filename); // Check that the file uploaded has a valid extension if (!preg_match("/(.+)\\.(.*?)\\Z/", $picture_name, $matches)) { $matches[1] = 'invalid_fname'; $matches[2] = 'xxx'; } if ($matches[2] == '' || !is_known_filetype($matches)) { simple_die(ERROR, sprintf($lang_db_input_php['err_invalid_fext'], $CONFIG['allowed_file_extensions']), __FILE__, __LINE__); } // Create a unique name for the uploaded file $nr = 0; $picture_name = $matches[1] . '.' . $matches[2]; while (file_exists($dest_dir . $picture_name)) { $picture_name = $matches[1] . '~' . $nr++ . '.' . $matches[2]; } $uploaded_pic = $dest_dir . $picture_name; // Move the picture into its final location if (!move_uploaded_file($superCage->files->getRaw('/userpicture/tmp_name'), $uploaded_pic)) { simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_move'], $picture_name, $dest_dir), __FILE__, __LINE__, true); } // Change file permission chmod($uploaded_pic, octdec($CONFIG['default_file_mode'])); // Check file size. Delete if it is excessive. if (filesize($uploaded_pic) > $CONFIG['max_upl_size'] << 10) { @unlink($uploaded_pic); simple_die(ERROR, sprintf($lang_db_input_php['err_imgsize_too_large'], $CONFIG['max_upl_size']), __FILE__, __LINE__); } elseif (is_image($picture_name)) { // Get picture information $imginfo = getimagesize($uploaded_pic); // cpg_getimagesize does not recognize the file as a picture if ($imginfo == null) { @unlink($uploaded_pic); simple_die(ERROR, $lang_db_input_php['err_invalid_img'], __FILE__, __LINE__, true); } // JPEG and PNG only are allowed with GD //if ($imginfo[2] != GIS_JPG && $imginfo[2] != GIS_PNG && ($CONFIG['thumb_method'] == 'gd1' || $CONFIG['thumb_method'] == 'gd2')) { if ($imginfo[2] != GIS_JPG && $imginfo[2] != GIS_PNG && $CONFIG['GIF_support'] == 0) { @unlink($uploaded_pic); simple_die(ERROR, $lang_errors['gd_file_type_err'], __FILE__, __LINE__, true); } // Check that picture size (in pixels) is lower than the maximum allowed if (max($imginfo[0], $imginfo[1]) > $CONFIG['max_upl_width_height']) { if (USER_IS_ADMIN && $CONFIG['auto_resize'] == 1 || !USER_IS_ADMIN && $CONFIG['auto_resize'] > 0) { //resize_image($uploaded_pic, $uploaded_pic, $CONFIG['max_upl_width_height'], $CONFIG['thumb_method'], $imginfo[0] > $CONFIG['max_upl_width_height'] ? 'wd' : 'ht'); resize_image($uploaded_pic, $uploaded_pic, $CONFIG['max_upl_width_height'], $CONFIG['thumb_method'], $CONFIG['thumb_use']); } else { @unlink($uploaded_pic); simple_die(ERROR, sprintf($lang_db_input_php['err_fsize_too_large'], $CONFIG['max_upl_width_height'], $CONFIG['max_upl_width_height']), __FILE__, __LINE__); } } } // Create thumbnail and internediate image and add the image into the DB $result = add_picture($album, $filepath, $picture_name, $position, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category); if ($result !== true) { @unlink($uploaded_pic); simple_die(CRITICAL_ERROR, isset($result['error']) ? $result['error'] : sprintf($lang_db_input_php['err_insert_pic'], $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true); } else { echo "SUCCESS"; exit; } }
@unlink($path_to_image); // The file upload has failed -- the image dimensions exceed the allowed amount. $file_failure_array[] = array('failure_ordinal' => $failure_ordinal, 'file_name' => $file_name, 'error_code' => $lang_upload_php['pixel_allowance']); $_SESSION['fileUpload'][$counter]['error'] = $lang_upload_php['pixel_allowance']; $_SESSION['fileUpload'][$counter]['actualName'] = $file_name; // There is no need for further tests or action, so skip the remainder of the iteration. continue; } } // Image is ok } $aid = (int) $_POST['aid']; $title = empty($_POST['title']) ? '' : $_POST['title']; $caption = empty($_POST['description']) ? '' : $_POST['description']; $keywords = empty($_POST['keywords']) ? '' : $_POST['keywords']; $user1 = ''; $user2 = ''; $user3 = ''; $user4 = ''; $raw_ip = ''; $hdr_ip = ''; $result = add_picture($aid, $filepath, $uniqueName, 0, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category, $raw_ip, $hdr_ip); if ($result) { print '<?xml version="1.0" encoding="' . $CONFIG['charset'] . '" ?> <uploader> <status>ok</status> <pid>' . $result . '</pid> </uploader>'; } else { cpg_die(17); }
// Create path for final location. $uploaded_pic = $dest_dir . $picture_name; // Form path to temporary image. $path_to_image = './' . $CONFIG['fullpath'] . 'edit/' . $tempname; // prevent moving the edit directory... if (is_dir($path_to_image)) { errorOut($lang_upload_php['failure'] . " - '{$path_to_image}'", 0, __FILE__, __LINE__); } // Move the picture into its final location if (rename($path_to_image, $uploaded_pic)) { // Change file permission @chmod($uploaded_pic, octdec($CONFIG['default_file_mode'])); //silence the output in case chmod is disabled $CURRENT_PIC_DATA = array(); // Create thumbnail and intermediate image and add the image into the DB $result = add_picture($album, $filepath, $picture_name, 0, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category); if ($result !== true) { // The file could not be placed. $file_placement = 'no'; } else { $CURRENT_PIC_DATA['url_prefix'] = 0; // The file was placed successfully. $file_placement = 'yes'; $thumb_url = get_pic_url($CURRENT_PIC_DATA, 'thumb'); } } else { // The file was not placed successfully. $file_placement = 'no'; } if ($file_placement == 'yes') { // The previous picture was placed successfully.
$output .= '<p class="errors">' . plog_tr('File does not exist!') . '</p>'; } else { if (!isset($_REQUEST["destination_radio"])) { $output .= '<p class="errors">' . plog_tr('No destination album specified!') . '</p>'; } else { if ($_REQUEST["destination_radio"] == "new" && $_REQUEST["new_album_name"] == "") { $output .= '<p class="errors">' . plog_tr('New album name not specified!') . '</p>'; } else { if ($_REQUEST["destination_radio"] == "new") { // Create the new album $result = add_album(mysql_escape_string($_REQUEST["new_album_name"]), NULL, $_REQUEST["collections_menu"]); $album_id = $result["id"]; } else { $album_id = $_REQUEST["albums_menu"]; } $result = add_picture($album_id, $_FILES["userfile"]["tmp_name"], $_FILES["userfile"]["name"], $_REQUEST["caption"], $_REQUEST["description"]); $output .= '<p class="actions">' . $result["output"] . '</p>'; } } } } } } } $output .= ' <h1>' . plog_tr('Upload Photos') . '</h1> <form id="uploadForm" action="' . $_SERVER["PHP_SELF"] . '" method="post" enctype="multipart/form-data"> <table><tr><td valign="top" style="padding-right: 20px"> <div class="cssbox"> <div class="cssbox_head"><h2>' . plog_tr('Choose an Image or ZIP Archive') . '</h2></div> <div class="cssbox_body"><p>
$max = $CONFIG['max_upl_width_height']; } // Setup a textual watermark ? if ($CONFIG['watermark']) { $tolocal = L10NTime::tolocal(time(), $userinfo['user_dst'], $userinfo['user_timezone']); $watermark = '(c)' . date('Y', $tolocal) . ' ' . CPG_USERNAME . ' & ' . (!empty($MAIN_CFG['server']['domain']) ? $MAIN_CFG['server']['domain'] : $MAIN_CFG['global']['sitename']); } else { $watermark = false; } // Create the "big" image if (!resize_image($tmpfile, $imginfo, $uploaded_pic, $max, $CONFIG['thumb_method'], '', $watermark)) { unlink($tmpfile); cpg_die(_ERROR, $ERROR, __FILE__, __LINE__); } // Create thumbnail and intermediate image and add the image into the DB if (!add_picture($album, $dest_dir, basename($uploaded_pic), $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category, $watermark, $tmpfile)) { unlink($uploaded_pic); unlink($tmpfile); cpg_die(_CRITICAL_ERROR, sprintf(ERR_INSERT_PIC, $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true); } unlink($tmpfile); $redirect = $PIC_NEED_APPROVAL ? URL::index() : URL::index("&file=displayimage&pid=" . $db->sql_nextid('pid')); pageheader(INFO, $redirect); msg_box(INFO, UPLOAD_SUCCESS, CONTINU, $redirect); pagefooter(); break; // Unknown event // Unknown event default: cpg_die(_CRITICAL_ERROR, $_GET['event'] . PARAM_MISSING, __FILE__, __LINE__); }
function process_picture() { global $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_POST_FILES, $CONFIG, $IMG_TYPES; global $lang_db_input_php, $lang_errors; @unlink(LOGFILE); if (!USER_ID || !USER_CAN_UPLOAD_PICTURES) { simple_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__); } $album = (int) $HTTP_GET_VARS['album']; $title = $HTTP_POST_VARS['title']; $caption = $HTTP_POST_VARS['caption']; $keywords = $HTTP_POST_VARS['keywords']; $user1 = ''; $user2 = ''; $user3 = ''; $user4 = ''; // Check if the album id provided is valid if (!USER_IS_ADMIN) { $result = db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}' and category = '" . (USER_ID + FIRST_USER_CAT) . "'"); if (mysql_num_rows($result) == 0) { simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__); } $row = mysql_fetch_array($result); mysql_free_result($result); $category = $row['category']; } else { $result = db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}'"); if (mysql_num_rows($result) == 0) { simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__); } $row = mysql_fetch_array($result); mysql_free_result($result); $category = $row['category']; } // Test if the filename of the temporary uploaded picture is empty if ($HTTP_POST_FILES['userpicture']['tmp_name'] == '') { simple_die(ERROR, $lang_db_input_php['no_pic_uploaded'], __FILE__, __LINE__); } // Create destination directory for pictures if (USER_ID && !defined('SILLY_SAFE_MODE')) { if (USER_IS_ADMIN && $category != USER_ID + FIRST_USER_CAT) { $filepath = 'wpw-' . date("Ymd"); } else { $filepath = $CONFIG['userpics'] . (USER_ID + FIRST_USER_CAT); } $dest_dir = $CONFIG['fullpath'] . $filepath; if (!is_dir($dest_dir)) { mkdir($dest_dir, octdec($CONFIG['default_dir_mode'])); if (!is_dir($dest_dir)) { simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_mkdir'], $dest_dir), __FILE__, __LINE__, true); } chmod($dest_dir, octdec($CONFIG['default_dir_mode'])); $fp = fopen($dest_dir . '/index.html', 'w'); fwrite($fp, ' '); fclose($fp); } $dest_dir .= '/'; $filepath .= '/'; } else { $filepath = $CONFIG['userpics']; $dest_dir = $CONFIG['fullpath'] . $filepath; } // Check that target dir is writable if (!is_writable($dest_dir)) { simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['dest_dir_ro'], $dest_dir), __FILE__, __LINE__, true); } $matches = array(); if (get_magic_quotes_gpc()) { $HTTP_POST_FILES['userpicture']['name'] = stripslashes($HTTP_POST_FILES['userpicture']['name']); } // Replace forbidden chars with underscores $forbidden_chars = strtr($CONFIG['forbiden_fname_char'], array('&' => '&', '"' => '"', '<' => '<', '>' => '>')); $picture_name = strtr($HTTP_POST_FILES['userpicture']['name'], $forbidden_chars, str_repeat('_', strlen($CONFIG['forbiden_fname_char']))); // Check that the file uploaded has a valid extension if (!preg_match("/(.+)\\.(.*?)\\Z/", $picture_name, $matches)) { $matches[1] = 'invalid_fname'; $matches[2] = 'xxx'; } if ($matches[2] == '' || !is_known_filetype($matches)) { simple_die(ERROR, sprintf($lang_db_input_php['err_invalid_fext'], $CONFIG['allowed_file_extensions']), __FILE__, __LINE__); } // Create a unique name for the uploaded file $nr = 0; $picture_name = $matches[1] . '.' . $matches[2]; while (file_exists($dest_dir . $picture_name)) { $picture_name = $matches[1] . '~' . $nr++ . '.' . $matches[2]; } $uploaded_pic = $dest_dir . $picture_name; // Move the picture into its final location if (!move_uploaded_file($HTTP_POST_FILES['userpicture']['tmp_name'], $uploaded_pic)) { simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_move'], $picture_name, $dest_dir), __FILE__, __LINE__, true); } // Change file permission chmod($uploaded_pic, octdec($CONFIG['default_file_mode'])); // Check file size. Delete if it is excessive. if (filesize($uploaded_pic) > $CONFIG['max_upl_size'] << 10) { @unlink($uploaded_pic); simple_die(ERROR, sprintf($lang_db_input_php['err_imgsize_too_large'], $CONFIG['max_upl_size']), __FILE__, __LINE__); } elseif (is_image($picture_name)) { // Get picture information $imginfo = getimagesize($uploaded_pic); // getimagesize does not recognize the file as a picture if ($imginfo == null) { @unlink($uploaded_pic); simple_die(ERROR, $lang_db_input_php['err_invalid_img'], __FILE__, __LINE__, true); } // JPEG and PNG only are allowed with GD if ($imginfo[2] != GIS_JPG && $imginfo[2] != GIS_PNG && ($CONFIG['thumb_method'] == 'gd1' || $CONFIG['thumb_method'] == 'gd2')) { @unlink($uploaded_pic); simple_die(ERROR, $lang_errors['gd_file_type_err'], __FILE__, __LINE__, true); } // Check that picture size (in pixels) is lower than the maximum allowed if (max($imginfo[0], $imginfo[1]) > $CONFIG['max_upl_width_height']) { @unlink($uploaded_pic); simple_die(ERROR, sprintf($lang_db_input_php['err_fsize_too_large'], $CONFIG['max_upl_width_height'], $CONFIG['max_upl_width_height']), __FILE__, __LINE__); } } // Create thumbnail and internediate image and add the image into the DB $result = add_picture($album, $filepath, $picture_name, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category); if (!$result) { @unlink($uploaded_pic); simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_insert_pic'], $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true); } else { echo "SUCCESS"; exit; } }
$imginfo = cpg_getimagesize($uploaded_pic); if ($imginfo == null) { // getimagesize does not recognize the file as a picture @unlink($uploaded_pic); cpg_die(ERROR, $lang_db_input_php['err_invalid_img'], __FILE__, __LINE__, true); } elseif ($imginfo[2] != GIS_JPG && $imginfo[2] != GIS_PNG && $CONFIG['GIF_support'] == 0) { // JPEG and PNG only are allowed with GD @unlink($uploaded_pic); cpg_die(ERROR, $lang_errors['gd_file_type_err'], __FILE__, __LINE__, true); // Check that picture size (in pixels) is lower than the maximum allowed } // Image is ok } // Upload is ok // Create thumbnail and internediate image and add the image into the DB $result = add_picture($album, $filepath, $picture_name, 0, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category, $raw_ip, $hdr_ip, $superCage->post->getInt('width'), $superCage->post->getInt('height')); if ($result !== true) { @unlink($uploaded_pic); cpg_die(CRITICAL_ERROR, isset($result['error']) ? $result['error'] : sprintf($lang_db_input_php['err_insert_pic'], $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true); } elseif ($PIC_NEED_APPROVAL) { pageheader($lang_common['information']); msg_box($lang_common['information'], $lang_db_input_php['upload_success'], $lang_common['continue'], 'index.php'); if ($CONFIG['upl_notify_admin_email']) { include_once 'include/mailer.inc.php'; cpg_mail('admin', sprintf($lang_db_input_php['notify_admin_email_subject'], $CONFIG['gallery_name']), make_clickable(sprintf($lang_db_input_php['notify_admin_email_body'], USER_NAME, $CONFIG['ecards_more_pic_target'] . (substr($CONFIG["ecards_more_pic_target"], -1) == '/' ? '' : '/') . 'editpics.php?mode=upload_approval'))); } pagefooter(); } else { if (cpg_pw_protected_album_access($CURRENT_PIC_DATA['aid']) === 1) { $redirect = "thumbnails.php?album=" . $CURRENT_PIC_DATA['aid']; } else {
function addpic($aid, $pic_file) { global $CONFIG, $db_query_wrapper, $lang_plugin_mass_import, $output_array, $mass_import_icon_array; $pic_file = str_replace('./' . $CONFIG['fullpath'], '', $pic_file); $dir_name = dirname($pic_file) . "/"; $dir_name = substr($dir_name, 0, 1) == "/" ? substr($dir_name, 1) : $dir_name; $file_name = basename($pic_file); $sane_name = str_replace('%20', '_', $file_name); $sane_name = preg_replace('/[^a-zA-Z0-9\\.\\-_]/', '_', $sane_name); $sane_name = preg_replace('/[^a-zA-Z0-9\\.\\-_]/', '_', $sane_name); while (strpos($sane_name, '__') !== FALSE) { $sane_name = str_replace('__', '_', $sane_name); } $c = 0; $sane_name2 = $sane_name; $sql = "SELECT pid " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE filepath='" . addslashes($dir_name) . "' AND filename='" . addslashes($sane_name) . "' " . "LIMIT 1"; $result = $db_query_wrapper($sql); $extra = strstr($pic_file, $sane_name) ? '' : " (as {$sane_name})"; if (mysql_num_rows($result)) { echo $output_array['row_start'] . $mass_import_icon_array['cancel'] . $lang_plugin_mass_import['file_already_in_database'] . ': ' . $output_array['row_separator'] . $pic_file . $output_array['row_end']; } else { while ($sane_name != $file_name && file_exists("./" . $CONFIG['fullpath'] . $dir_name . $sane_name)) { $c++; $sane_name = $c . '_' . $sane_name2; } $source = "./" . $CONFIG['fullpath'] . $dir_name . $file_name; rename($source, "./" . $CONFIG['fullpath'] . $dir_name . $sane_name); if (add_picture($aid, $dir_name, $sane_name, $file_name)) { echo $output_array['row_start'] . $mass_import_icon_array['ok'] . $lang_plugin_mass_import['file_added_to_database'] . ': ' . $output_array['row_separator'] . $pic_file . $output_array['row_end']; } else { echo $output_array['row_start'] . $mass_import_icon_array['stop'] . $lang_plugin_mass_import['failed_to_add_file_to_database'] . ': ' . $output_array['row_separator'] . $pic_file . $output_array['row_end']; } } flush(); }
if (!GALLERY_ADMIN_MODE) { die('Access denied'); } /** * TODO: $_GET['pic_file'] cannot be cleaned sensibly with current methods available. Refactor. */ $pic_file = base64_decode($_GET['pic_file']); $dir_name = dirname($pic_file) . '/'; $file_name = basename($pic_file); # Create the holder $picture_name by translating the file name. # Translate any forbidden character into an underscore. $sane_name = replace_forbidden($file_name); $source = './' . $CONFIG['fullpath'] . $dir_name . $file_name; rename($source, './' . $CONFIG['fullpath'] . $dir_name . $sane_name); $sql = "SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath='" . addslashes($dir_name) . "' AND filename='" . addslashes($file_name) . "' LIMIT 1"; $result = cpg_db_query($sql); if (mysql_num_rows($result)) { $file_name = 'images/up_dup.gif'; } elseif (add_picture($CLEAN['aid'], $dir_name, $sane_name)) { $file_name = 'images/up_ok.gif'; } else { $file_name = 'images/up_pb.gif'; echo $ERROR; } if (ob_get_length()) { ob_end_flush(); exit; } header('Content-type: image/gif'); echo fread(fopen($file_name, 'rb'), filesize($file_name)); ob_end_flush();