private function setPhotoTitle()
{
Module::dependencies(isset($_POST['photoIDs'], $_POST['title']));
$photo = new Photo($this->database, $this->plugins, null, $_POST['photoIDs']);
echo $photo->setTitle($_POST['title']);
}
/**
* Run method with main page logic
*
* Populate template and display form for creating a new photo entry. For POST request,
* validate form data and save information to database. Available to admins only
* @access public
*/
public function run()
{
$session = Session::getInstance();
$user = $session->getUser();
if (!$user || !$user->isAdmin()) {
$session->setMessage("Do not have permission to access", Session::MESSAGE_ERROR);
header("Location: " . BASE_URL);
return;
}
$photoDAO = PhotoDAO::getInstance();
$albumDAO = AlbumDAO::getInstance();
$photo = null;
$form_errors = array();
$form_values = array("albumid" => "", "title" => "", "description" => "");
if (!empty($_POST)) {
$form_values["albumid"] = isset($_POST["albumid"]) && is_numeric($_POST["albumid"]) ? intval($_POST["albumid"]) : "";
$form_values["title"] = isset($_POST["title"]) ? trim($_POST["title"]) : "";
$form_values["description"] = isset($_POST["description"]) ? trim($_POST["description"]) : "";
if (empty($form_values["albumid"])) {
$form_errors["albumid"] = "No albumid specified";
} else {
if (!$albumDAO->load($form_values["albumid"])) {
$form_errors["albumid"] = "Album does not exist";
}
}
if (empty($form_values["title"])) {
$form_errors["title"] = "No title specified";
}
if (empty($form_values["description"])) {
$form_errors["description"] = "No description specified";
}
$upload_path = "";
if (empty($_FILES["imagefile"]) || $_FILES["imagefile"]["error"] == UPLOAD_ERR_NO_FILE) {
$form_errors["imagefile"] = "No image file chosen";
} else {
if ($_FILES["imagefile"]["error"] != UPLOAD_ERR_OK) {
$form_errors["imagefile"] = "File upload failed";
} else {
$info = getimagesize($_FILES["imagefile"]["tmp_name"]);
$path = pathinfo($_FILES["imagefile"]["name"]);
$upload_path = joinPath(Photo::UPLOAD_DIR, strftime("%Y_%m"), basename($_FILES['imagefile']['name']));
$thumbLoc = joinPath(Photo::THUMBNAIL_DIR, strftime("%Y_%m"), $path["filename"] . "_thumb.jpg");
$smallThumbLoc = joinPath(Photo::THUMBNAIL_DIR, strftime("%Y_%m"), $path["filename"] . "_thumb_small.jpg");
if (!$info || !(strtolower($path["extension"]) != ".png" && strtolower($path["extension"]) != ".jpg" && strtolower($path["extension"]) != ".jpeg")) {
$form_errors["imagefile"] = "An invalid file was uploaded";
} else {
if (file_exists($upload_path)) {
unlink($upload_path);
if (file_exists($thumbLoc)) {
unlink($thumbLoc);
}
if (file_exists($smallThumbLoc)) {
unlink($smallThumbLoc);
}
//$form_errors["imagefile"] = "Filename already exists. Please choose different name or delete file first";
}
}
}
}
if (empty($form_errors)) {
$photo = new Photo();
$photo->setAlbumId($form_values["albumid"]);
$photo->setTitle($form_values["title"]);
$photo->setDescription($form_values["description"]);
if (!file_exists(dirname($upload_path))) {
mkdir(dirname($upload_path));
}
if (move_uploaded_file($_FILES["imagefile"]["tmp_name"], $upload_path)) {
$photo->setFileLoc($upload_path);
// Create thumbnail
if ($info[0] > Photo::MAX_WIDTH) {
$phpThumb = new phpThumb();
$phpThumb->setSourceFilename($photo->getFileLoc());
$phpThumb->setParameter('w', Photo::MAX_WIDTH);
$phpThumb->setParameter('config_output_format', 'jpeg');
if (!file_exists(dirname($thumbLoc))) {
mkdir(dirname($thumbLoc));
}
if ($phpThumb->GenerateThumbnail() && $phpThumb->RenderToFile($thumbLoc)) {
$photo->setThumbLoc($thumbLoc);
$phpThumb = new phpThumb();
$phpThumb->setSourceFilename($photo->getFileLoc());
$phpThumb->setParameter('h', Photo::SMALL_THUMB_HEIGHT);
$phpThumb->setParameter('config_output_format', 'jpeg');
$phpThumb->GenerateThumbnail();
} else {
if (file_exists($photo->getFileLoc())) {
unlink($photo->getFileLoc());
}
$form_errors["imagefile"] = "Image larger than " . Photo::MAX_WIDTH . "x" . Photo::MAX_HEIGHT . " and thumbnail generation failed";
}
}
} else {
$form_errors["imagefile"] = "File could not be moved";
}
if (empty($form_errors["imagefile"])) {
if ($photoDAO->insert($photo)) {
$session->setMessage("Photo saved");
header("Location: edit_photo.php?id={$photo->getId()}");
return;
} else {
$session->setMessage("Photo not saved");
}
}
}
}
$album_array = $albumDAO->all();
$this->template->render(array("title" => "Create Photo", "session" => $session, "main_page" => "create_photo_tpl.php", "photo" => $photo, "form_values" => $form_values, "form_errors" => $form_errors, "album_array" => $album_array));
}
/**
*@Route("/add")
*/
public function Add(Request $request)
{
$message = [];
$repository = $this->getDoctrine()->getRepository('AppBundle:categories');
$query = $repository->createQueryBuilder('p')->getQuery();
$category = $query->getResult();
$user = $this->get('security.token_storage')->getToken()->getUser();
$title = $request->get('title');
$description = $request->get('description');
$categories = $request->get('categories');
$image = $request->get('image');
function is_valid_type($file)
{
$valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif", "image/png");
if (in_array($file['type'], $valid_types)) {
return 1;
}
return 0;
}
if (isset($_FILES['image'])) {
if (!empty($_FILES['image'])) {
if (is_valid_type($_FILES['image'])) {
if (!file_exists($_FILES['image']['name'])) {
$extension = strtolower(substr(strrchr($_FILES['image']['name'], '.'), 1));
$filename = DFileHelper::getRandomFileName($extension);
$target = 'img/' . $filename . '.' . $extension;
if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) {
$photo = new Photo();
$em = $this->getDoctrine()->getManager();
$photo->setUsername($user);
$photo->setDescription($description);
$photo->setTitle($title);
$photo->setCategories($em->getRepository("AppBundle:categories")->find($categories));
$photo->setImage('img/' . $filename . '.' . $extension);
$em->persist($photo);
$em->flush();
$message['success'] = "Photo added";
} else {
$message['danger'] = "You can not download the file. Check permissions to the directory ( read / write)";
}
} else {
$message['danger'] = "File with this name already exists";
}
} else {
$message['danger'] = "You can upload files : JPEG, GIF, BMP, PNG";
}
}
}
$user = $this->get('security.token_storage')->getToken()->getUser();
if ($user) {
$repo = $this->getDoctrine()->getManager()->getRepository('AppBundle:photo');
$qb = $repo->createQueryBuilder('a');
$qb->select('COUNT(a)');
$qb->where('a.username = :usernameId');
$qb->setParameter('usernameId', $user);
$photos = $qb->getQuery()->getSingleScalarResult();
}
return $this->render('site/img_add.html.twig', array('title' => 'Add photo', 'url' => 'add', 'message' => $message, 'photos' => $photos, 'var' => $image, 'category' => $category, 'base_dir' => realpath($this->container->getParameter('kernel.root_dir') . '/..')));
}
$dbConn = new DbConnection();
$connection = $dbConn->connectToDB();
$userDao = new UserDAO();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$upload_dir_url = "/photo/user";
$uploaddir = DIR_LOC . $upload_dir_url . "/";
//$uploaddir = '/smart2015/smart-restoran/photo/user/';
$uploadfile = $uploaddir . basename($_FILES['pic_1']['name']);
//if(isset($_POST['pic_1'])){
if (move_uploaded_file($_FILES['pic_1']['tmp_name'], $uploadfile)) {
//echo "File is valid, and was successfully uploaded.\n";
$target_file = basename($_FILES['pic_1']['name']);
$file_name = $target_file;
$target_file_url = URL_PROJECT . $upload_dir_url . "/" . $target_file;
$photo = new Photo();
$photo->setTitle($file_name);
$sql = "INSERT INTO photo SET title = '" . $photo->getTitle() . "';";
echo "File name je sada: " . $file_name;
if (!($results = $connection->query($sql))) {
die('Ne mogu da izvrsim upit zbog [' . $connection->error . "]");
}
$photo_id = mysqli_insert_id($connection);
echo "Photo ID posle inserta iznosi: {$photo_id}";
} else {
echo "Postoji problem ili niste odabrali sliku za svoj profil.<br />";
echo "Možete upload-ovati fotku kada to budete želeli.<br />";
/*echo '<pre>';
echo "Possible file upload attack!\n";
echo 'Here is some more debugging info:';
print_r($_FILES);
private function setPhotoTitle()
{
Module::dependencies(isset($_POST['photoIDs'], $_POST['title']));
$photo = new Photo(null, $_POST['photoIDs']);
echo $photo->setTitle($_POST['title']);
}
// Sinon le fichier sera transferer
} else {
if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) {
// ajouter la photo dans le dossier PHOTOS
echo "L'image " . basename($_FILES["fileToUpload"]["name"]) . " a été ajouté. ";
// Insérer un nouveau enregistrement dans la table PHOTO
$category = "no category";
$season = "no season";
$title = basename($_FILES["fileToUpload"]["name"]);
$description = "no description";
$link = $target_file;
$unePhoto = new Photo();
//$unePhoto->setId( $_REQUEST['id'] );
$unePhoto->setCategory($category);
$unePhoto->setSeason($season);
$unePhoto->setTitle($title);
$unePhoto->setDescription($description);
$unePhoto->setLink($link);
$unePhoto->setHidden(0);
$dao = new PhotoDao();
$dao->create($unePhoto);
} else {
echo "Désolé, une erreur s'est produite.";
}
}
// Source de : http://www.w3schools.com/
?>
<br/>
<br/>
<a href="./admin.php?what=photo"><b><u>Retourner à la gestion des photos</u></b></a>
