if (isset($_POST["upd"])) { $id = intval($_POST["id"]); $name = strclean($_POST["name"]); $info = strclean($_POST["info"]); $upd = $con->update("videos", "name='{$name}', info ='{$info}'", "id={$id}"); if ($upd) { exit("<div {$style}>Successfully updated {$name}</div>"); } else { exit("<div {$style}>Error updating {$name}</div>"); } } if (isset($_POST["add"])) { $img = $_FILES["upl"]["tmp_name"]; $video = $_FILES["vid"]["tmp_name"]; if (is_uploaded_file($video) && preg_match('/mp4|avi|mpeg|3gp|mkv|flv|mov/', extension($_FILES["vid"]["name"]))) { $_300x300 = is_uploaded_file($img) ? upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 300, 300) : DEF_VID_IMG; $vid = md5($video . " " . date("U")) . rand(0, 9) . extension($_FILES["vid"]["name"]); if ($_300x300 && copy($video, "../video/{$vid}")) { $name = strclean($_POST["name"]); $name = strlen($name) < 2 ? $_SESSION["user"] . "'s video " . rand(10, 999) : $name; $name = _hstr_($name, false); $info = _hstr_($_POST["info"], false); $q = $con->insertInto("videos", array($user, $name, $info, $_300x300, $vid, 1, date("U"), 0)); if ($q) { $q = mysqli_query($conc, "SELECT id FROM videos WHERE user = '******' AND name = '{$name}' AND vid = '{$vid}'"); $r = mysqli_fetch_array($q); $q = $con->insertInto("hist", array(6, 0, $user, $name . "::__::__::" . $r[0], date("U"))); $q = NULL; $con->close_db_con($conc); exit("<div {$style}>{$name} has been successfully added.</div>"); } else {
$t_id = $cgi[t_id]; $d_id = $cgi[d_id]; if ($p_id == "" || $t_id == "" || $d_id == "") { sys_exit("参数错误"); } conProjDB($p_id, $t_id); $p_cname = $proj_data[p_cname]; $t_cname = $temp_data[$t_id][cname]; $t_name = $temp_data[$t_id][t_name]; $nav_str .= " > <a href=templist.php?p_id={$p_id}>{$p_cname}</a> > <a href=doclist.php?p_id={$p_id}&t_id={$t_id} >{$t_cname}</a> > 修改文档({$d_id})"; if ($cgi[edit] != "") { //sys_jmp("doclist.php?p_id=$p_id&t_id=$t_id"); if (check_priv($p_id, $t_id, $d_id) < 0) { sys_exit("对不起,你没有操作权限", $error_message); } upload_pic(); $t_name = $temp_data[$t_id][t_name]; $t_cname = $temp_data[$t_id][cname]; $nav_buf = sprintf("/<a href=\"projlist.php\">网站管理中心</a> > <a href=\"templist.php?p_id=%s\">%s</a> > %s(<a href=\"doclist.php?t_id=%s&p_id=%s\">文档</a>) (<a href=\"temp_edit.php?t_id=%s&p_id=%s\">模板</a>) (<a href=\"tempdeflist.php?t_id=%s&p_id=%s\">模板域</a>) > 更新文档", $p_id, $proj_data[p_cname], $t_cname, $t_id, $p_id, $t_id, $p_id, $t_id, $p_id); print_html("更新文档", $nav_buf); printf("更新数据库记录...."); $sqlstr = sprintf("update %s set savedatetime=now(), mu_id=%s,", $t_name, $ck_u_id); foreach ($cgi as $this_name => $this_value) { if ($this_name == "") { continue; } $pos = strpos($this_name, $pre_field); if ($pos !== 0) { continue; } $radio_value = $cgi["radio_{$this_name}"];
<?php require_once "../comm/utils.php"; function upload_pic() { //上传照片的接口地址, 不要更改!! $url = "https://graph.qq.com/photo/upload_pic"; $params["access_token"] = $_SESSION["access_token"]; $params["oauth_consumer_key"] = $_SESSION["appid"]; $params["openid"] = $_SESSION["openid"]; $params["photodesc"] = urlencode($_POST["photodesc"]); $params["title"] = urlencode($_POST["title"]); $params["albumid"] = urlencode($_POST["albumid"]); $params["x"] = $_POST["x"]; $params["y"] = $_POST["y"]; $params["format"] = $_POST["format"]; //处理上传图片 foreach ($_FILES as $filename => $filevalue) { $tmpfile = dirname($filevalue["tmp_name"]) . "/" . $filevalue["name"]; move_uploaded_file($filevalue["tmp_name"], $tmpfile); $params[$filename] = "@{$tmpfile}"; } $ret = do_post($url, $params); unlink($tmpfile); //echo $tmpfile; return $ret; } //接口调用示例: $ret = upload_pic(); echo $ret;
public function edit_action() { if ($this->ion_auth->logged_in()) { $this->load->library('form_validation'); $this->load->model('ads_model'); $this->load->helper('wall_mapdb'); $this->load->helper('wall_type'); $uid = $this->get_uid(); $owner = $this->get_adsOwner($_POST['id']); $admin = ($this->ion_auth->is_admin() or $this->ion_auth->in_group(3) && $this->permission(2)); $ads_id = $_POST['id']; if ($owner == $uid or $admin) { $this->form_validation->set_rules('title', 'Title', 'required'); $this->form_validation->set_rules('cat', 'cat', 'callback_checkCat|required'); $this->form_validation->set_rules('state', 'state', 'callback_checkState|required'); $this->form_validation->set_rules('city', 'city', 'callback_checkCity|required'); $this->form_validation->set_rules('street', 'street', 'required'); $this->form_validation->set_rules('description', 'description', 'required'); $this->form_validation->set_rules('price', 'price', 'required'); $this->form_validation->set_rules('name', 'name', 'required'); $this->form_validation->set_rules('phone', 'phone', 'required'); $catFields = $this->ads_model->get_catFields($_POST['cat']); foreach ($catFields as $field) { $this->form_validation->set_rules("custom_" . $field['field_'], 'custom field', 'required'); } // check form validation if ($this->form_validation->run()) { $this->ads_model->delete_customFields($ads_id); // get cat pic info $_POST['cat_pic'] = get_cat_pic($_POST['cat']); $this->ads_model->update($_POST); // get custom fields of ads and insert to db if ($ads_id != 0 && $ads_id !== false) { $offset = 0; foreach ($catFields as $field) { $customs[$offset]['ads_'] = $ads_id; $customs[$offset]['value'] = $this->security->xss_clean($_POST['custom_' . $field['field_']]); $customs[$offset]['field_'] = $field['field_']; $offset++; } if ($offset != 0) { $this->ads_model->add_fields($customs); } } // upload ads pics and add pics names to db $this->load->helper('wall_upload'); $pics = upload_pic($_FILES['userfile'], $ads_id, "adspic", 10, true); $ctr = 0; foreach ($pics as $key => $pic) { $ctr++; $ads_pic[$key]['ads_'] = $ads_id; $ads_pic[$key]['pic'] = $pic; } if ($ctr != 0) { $this->ads_model->add_pics($ads_pic); } $msg = "آگهی با موفقیت ویرایش شد."; $this->session->set_userdata('msg', $msg); if ($admin) { redirect(site_url('admin/manage_ads')); exit; } else { redirect(site_url('dashboard/myads')); exit; } } else { // form validation failed and reset ads edit page redirect(site_url("ads/edit/{$ads_id}")); } } else { $msg = "عدم دسترسی، لطفا وارد شوید."; $this->session->set_userdata('error', $msg); $this->session->set_userdata('redirect', "ads/edit/{$ads_id}"); redirect(site_url('user/login')); exit; } } else { $msg = "عدم دسترسی، لطفا وارد شوید."; $this->session->set_userdata('error', $msg); $this->session->set_userdata('redirect', "ads/edit/{$ads_id}"); redirect(site_url('user/login')); exit; } }
$edu = strclean($_POST["edu"]); $bday = $_POST["bday"]; $sex = intval($_POST["sex"]); // if(!preg_match('-(\d{2})/(\d{2})/(\d{4})-',$bday)) // { // exit("<div $style>Your birthday should be in this format {MM/DD/YYYY}</div>"); // } $status = strclean($_POST["status"]); $status2 = $status == 4 ? _hstr_($_POST["status_"], 2) : ""; list($img1, $img2, $img3) = explode("____", $_POST["imgs"]); $img = $_FILES["upl"]["tmp_name"]; if (is_uploaded_file($img)) { $mdir = "{$pth}/profile_pic/"; $_50x50 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 70, 70, $mdir); $_150x150 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 150, 150, $mdir); $_400x400 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 500, 500, $mdir); $_50x50 = str_replace($pth, "", $_50x50); $_150x150 = str_replace($pth, "", $_150x150); $_400x400 = str_replace($pth, "", $_400x400); if ($_50x50 && $_150x150 && $_400x400) { $q = mysqli_query($conc, "SELECT img1,img2,img3 FROM users WHERE id={$uid}"); $r = NULL; $r = mysqli_fetch_array($q); if (!stristr($r[0], "/img/")) { unlink($pth . $r[0]); unlink($pth . $r[1]); unlink($pth . $r[2]); } $r = NULL; $q = NULL; $q = mysqli_query($conc, "UPDATE users SET name= '{$name}', web = '{$web}', bio = '{$bio}', loc = '{$loc}',img1='{$_50x50}',img2='{$_150x150}',img3='{$_400x400}',edu='{$edu}',work='{$work}',status ='{$status}',status_ = '{$status2}',bday='{$bday}',sex='{$sex}' WHERE id = {$uid}");
<?php require_once "db_handler.php"; require_once "twitter_handler.php"; $ret = db_query("Twitter_Pool", array("PoolID", "Message", "PicPath", "MediaID"), "TweetID IS NULL ORDER BY AddTime LIMIT 1"); if (!$ret->{'Status'}) { $item = $ret->{'Results'}[0]; if (!empty($item)) { if ($item->{'MediaID'} == null) { if (!empty($item->{'PicPath'})) { $mediaID = upload_pic($item->{'PicPath'}); if ($mediaID) { $ret = db_update("Twitter_Pool", array("MediaID" => $mediaID), array("PoolID" => $item->{'PoolID'})); if ($ret->{'Status'}) { echo "[" . date('Y-m-d H:i:s') . "] Failed to update Twitter_Pool: MediaID = '" . $mediaID . "' while PoolID = " . $item->{'PoolID'} . "\n"; var_dump($ret); exit(1); } } } else { $mediaID = null; } } else { $mediaID = $item->{'MediaID'}; } $tweetID = tweet_with_pic($item->{'Message'}, $mediaID); if ($tweetID) { $ret = db_update("Twitter_Pool", array("TweetID" => $tweetID, "PubTime" => gmdate('Y-m-d H:i:s')), array("PoolID" => $item->{'PoolID'})); if (!$ret->{'Status'}) { echo "[" . date('Y-m-d H:i:s') . "] Published tweet successfully [" . $tweetID . ":" . $mediaID . "]: " . $item->{'Message'} . "\n"; } else {
<div class="container"> <div class="col-1"> <?php include "./content/side.php"; ?> <div class="big-col"> <div class="banner"> <a href=""><img src="./img/site/banner2.png" alt="MitraCollection.com" title="MitraCollection.com"></a> </div> <div class="produk-title"> <h1>Akun : <?php echo $result_user['nama']; ?> </h1> </div> <div class="list-p"> <div class="f-master"> <div class="bg-f"> <div class="b-h">UPLOAD PROFILE</div> <?php upload_pic($_GET); ?> </div> </div> </div> </div> </div> <!--end container !--> </div>
msg("失败了!"); exit(mysql_error()); mysql_close($conn); } mysql_close($conn); jump("banner_list.php"); } if (!empty($_POST["type"]) && $_POST["type"] == "pic") { //pic if (!empty($_FILES["pic"]["tmp_name"]) && !empty($_POST["name"])) { if ($_FILES["pic"]['size'] > 1000000) { msg("文件太大了,请控制在1MB内。"); echo "<script>history.back()</script>"; exit; } $hi = upload_pic("pic"); if ($hi == "type_error") { mysql_close($conn); msg("文件类型不正确,只允许jpg,gif,jpeg!"); jump("pic_add.php"); } if ($hi == "upload_error") { mysql_close($conn); msg("文件上传失败!"); jump("pic_add.php"); } $pic = $hi; $sql = "insert into wode_pic(name,pic,link)values('" . $_POST["name"] . "','" . $pic . "','" . $_POST["link"] . "')"; if (mysql_query($sql, $conn)) { msg("添加成功"); } else {
<?php /** * PHP SDK for QQ登录 OpenAPI * * @version 1.3 * @author connect@qq.com * @copyright © 2011, Tencent Corporation. All rights reserved. */ require_once "../comm/utils.php"; /** * @brief 登录用户上传照片到QQ空间的某一个相册. * 计算签名时参数名及其值不做URL编码,HTTP请求包的 body内容也不做URL编码 * * @param $appid * @param $appkey * @param $access_token * @param $access_token_secret * @param $openid */ function upload_pic($appid, $appkey, $access_token, $access_token_secret, $openid) { //上传照片的接口地址, 不要更改!! $url = "http://openapi.qzone.qq.com/photo/upload_pic"; echo do_multi_post($url, $appid, $appkey, $access_token, $access_token_secret, $openid); } //接口调用示例: upload_pic($_SESSION["appid"], $_SESSION["appkey"], $_SESSION["token"], $_SESSION["secret"], $_SESSION["openid"]);
$id = intval($_POST["id"]); $name = strclean($_POST["name"]); $info = strclean($_POST["info"]); $upd = $con->update("art", "name='{$name}', info ='{$info}'", "id={$id}"); if ($upd) { exit("<div {$style}>Successfully updated {$name}</div>"); } else { exit("<div {$style}>Error updating {$name}</div>"); } } if (isset($_POST["add"])) { $img = $_FILES["upl"]["tmp_name"]; if (is_uploaded_file($img)) { $_50x50 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 50, 50); $_100x100 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 100, 100); $_300x300 = upload_pic($img, $_FILES["upl"]["type"], $_FILES["upl"]["tmp_name"], 500, 400); if ($_50x50 && $_100x100 && $_300x300) { $_big = "../art/full_" . substr($_300x300, 5, strlen($_300x300)); copy($img, $_big); $name = $_POST["name"]; $name = strlen($name) < 2 ? $_SESSION["user"] . "'s art " . rand(10, 999) : $name; $name = _hstr_($name, false); $info = _hstr_($_POST["info"], false); $q = $con->insertInto("art", array($uid, $name, $info, $_50x50, $_100x100, $_300x300, date("U"), 0)); if ($q) { $q = mysqli_query($conc, "SELECT id FROM art WHERE user = '******' AND name = '{$name}' AND img1 = '{$_50x50}'"); $r = mysqli_fetch_array($q); $q = $con->insertInto("hist", array(4, 0, $uid, $name . "::__::__::" . $r[0], date("U"))); $q = NULL; $con->close_db_con($conc); if (isset($_POST["quick"])) {