case "save_mgr_settings_mgr":
foreach ($_POST as $key => $value) {
if (is_array($value)) {
foreach ($value as $key2 => $value2) {
//${$key}[$key2] = addslashes($value2);
${$key}[$key2] = quote_smart($value2);
}
} else {
${$key} = quote_smart($value);
}
}
// UPLOAD logo
if ($_FILES['logoFile']['name'] != "") {
$ext = substr($_FILES['logoFile']['name'], -3);
$logoFileName = $_FILES['logoFile']['name'];
upload_file_new($_FILES['logoFile'], $logoFileName, "../logo/");
}
$real_dir = realpath("../logo/");
$dir = opendir($real_dir);
# LOOP THROUGH THE DIRECTORY
while ($file1 = readdir($dir)) {
// MAKE SURE IT IS A IMAGE FILE
$isphp = explode(".", $file1);
if ($file1 != ".." && $file1 != "." && is_file("../logo/" . $file1) && @$isphp[count($isphp) - 1] == "jpg" or @$isphp[count($isphp) - 1] == "gif" or @$isphp[count($isphp) - 1] == "png" or @$isphp[count($isphp) - 1] == "swf" or @$isphp[count($isphp) - 1] == "flv") {
$replace_char = array(".", "+", "%", "(", ")", "'", "_", "!", "@", "#", "<", ">", "\$", "^", "&", "*", "-");
$post = str_replace($replace_char, "", $file1);
$post = trim($post);
if ($_POST[$post] == 1) {
if (file_exists("../logo/" . $file1)) {
unlink("../logo/" . $file1);
}
}
}
unlink($stock_video_path_manager . $mov_name1);
}
}
//Upload movie sample files attached
$movie2_result = mysql_query("SELECT id FROM uploaded_images", $db);
while ($movie2 = mysql_fetch_object($movie2_result)) {
$rs_mov2 = "sample_file_" . $movie2->id;
$fs_mov2 = "file_name_" . $movie2->id;
if ($_FILES[$rs_mov2]['name'] != "") {
$movie2_extension = $_FILES[$rs_mov2]['name'];
$movie2_ext = substr($_FILES[$rs_mov2]['name'], -3);
$movie2_name = strip_ext($_POST[$fs_mov2]);
$movie2_name = $movie2_name . "." . $movie2_ext;
upload_file_new($_FILES[$rs_mov2], $movie2_name, $sample_video_path_manager);
}
}
//Delete uploaded sample movie files attached
$movie3_result = mysql_query("SELECT id FROM uploaded_images", $db);
while ($movie3 = mysql_fetch_object($movie3_result)) {
$rs_mov3 = "delete_sample_" . $movie3->id;
$fs_mov3 = "file_name_" . $movie3->id;
if ($_POST[$rs_mov3] == 1) {
$movie_name3 = strip_ext($_POST[$fs_mov3]);
$movie_name3 = array($movie_name3 . ".mov", $movie_name3 . ".avi", $movie_name3 . ".mpg", $movie_name3 . ".flv", $movie_name3 . ".wmv");
foreach ($movie_name3 as $key => $value) {
if (is_file($sample_video_path_manager . $movie_name3[$key])) {
$mov_name3 = $movie_name3[$key];
}
}
$av = mysql_fetch_object($avresult);
// Clear out the previous avatar, or deleted it if requested
if ($deleteAv == "1" or $_FILES['avatarFile']['name'] != "") {
if ($av->link) {
if (file_exists("../gal_images/{$av->link}")) {
unlink("../gal_images/{$av->link}");
}
$sql = "UPDATE photo_galleries SET link = NULL WHERE id = '{$item_id}'";
$result = mysql_query($sql);
}
// UPLOAD Avatar
if ($_FILES['avatarFile']['name'] != "") {
$ext = substr($_FILES['avatarFile']['name'], -3);
//$avFileName = "av".time().".$ext";
$avFileName = "av-" . $id . ".{$ext}";
upload_file_new($_FILES['avatarFile'], $avFileName, "../gal_images/");
if ($file_result_code == 1) {
$sql = "UPDATE photo_galleries SET link='{$file_details['1']}' WHERE id = '{$item_id}'";
$result = mysql_query($sql);
}
}
}
// UPLOAD IMAGE
if ($image != "") {
upload_image_g($image, $image_name, $image_type, $image_path, "", "", "125", "95");
// returns $image_details[1] - $image_details[8]
// new image name(1),image type(2), image path(3), image bytes(4), image kb(5), width(6), heigth(7), time(8)
// $image_results returns results of upload
// $result_code returns 1,2,3 / results of upload... 1 Success, 2 Type Not Supported , 3 Empty
if ($result_code == 1) {
$added = date("Ymd");
}
} else {
${$key} = $value;
}
}
//ADDED IN PS350 TO CLEANUP UNWANTED CHARACTERS
$name = cleanup($name);
$price = price_cleanup($price);
//SAVE TO THE DATABASE
$publish_date = $s_year . $s_month . $s_day;
$sql = "UPDATE prints SET name='{$name}',article='{$article}',porder='{$porder}',price='{$price}',quan_avail='{$quan_avail}',ship_price1='{$ship_price1}',ship_price2='{$ship_price2}',bypass='******',visible='{$visible}',taxable='{$taxable}' WHERE id = '{$item_id}'";
$result = mysql_query($sql);
// UPLOAD FILE
if ($_FILES['fileup']['name'] != "") {
//echo $_FILES['fileup']['name']; exit;
upload_file_new($_FILES['fileup'], $_FILES['fileup']['name'], "../uploaded_files/");
$fname = $_FILES['fileup']['name'];
//echo $fname; exit;
$sql = "INSERT INTO uploaded_files (reference,reference_id,filename,file_text) VALUES ('{$_POST['reference']}','{$_POST['item_id']}','{$fname}','{$_POST['file_text']}')";
$result = mysql_query($sql);
}
// UPLOAD IMAGE
if ($_FILES['image']['name'] != "") {
upload_image($_FILES['image'], $_FILES['image']['name'], $_FILES['image']['type'], $_POST['image_path'], "", "", "125", "100");
// returns $image_details[1] - $image_details[8]
// new image name(1),image type(2), image path(3), image bytes(4), image kb(5), width(6), heigth(7), time(8)
// $image_results returns results of upload
// $result_code returns 1,2,3 / results of upload... 1 Success, 2 Type Not Supported , 3 Empty
$iname = $_FILES['image']['name'];
//echo $result_code; exit;
//echo $_POST['reference'] . "<br />" . $_POST['item_id'] . "<br />" . $image_details[1] . "<br />" . $_POST['image_caption'];