$ndir = $gpc->get('newdir', none);
if ($qdir == '#') {
if (!preg_match('/[^\\w\\d\\-\\.]/i', $qdir) || empty($ndir)) {
$error = $lang->phrase('admin_wysiwyg_folder_restrictions');
} else {
if ($filesystem->mkdir($leadon . $ndir, 0777)) {
$path = $leadon . $ndir;
}
}
}
if ($error === null) {
require "classes/class.upload.php";
$my_uploader = new uploader();
$my_uploader->max_filesize(ini_maxupload());
$my_uploader->file_types($supportedextentions);
$my_uploader->set_path($path);
if ($my_uploader->upload('file')) {
$my_uploader->save_file();
}
if ($my_uploader->upload_failed()) {
$error = $my_uploader->get_error();
}
$image_file = $path . $my_uploader->fileinfo('filename');
if (!file_exists($image_file)) {
$error = $lang->phrase('admin_cms_file_does_not_exist');
}
$image_file = str_replace(realpath($config['fpath']) . DIRECTORY_SEPARATOR, '', $image_file);
$image_file = str_replace(DIRECTORY_SEPARATOR, '/', $image_file);
}
}
$filesize = formatFilesize(ini_maxupload());
echo foot();
} elseif ($job == 'query2') {
echo head();
$type = $gpc->get('type', int);
if ($type == 1) {
$filetypes = array('zip', 'sql');
$dir = 'temp/';
$inserterrors = array();
require "classes/class.upload.php";
if (empty($_FILES['upload']['name'])) {
$inserterrors[] = 'No file specified.';
}
$my_uploader = new uploader();
$my_uploader->max_filesize(ini_maxupload());
$my_uploader->file_types($filetypes);
$my_uploader->set_path($dir);
if ($my_uploader->upload('upload')) {
if ($my_uploader->save_file()) {
$file = $dir . $my_uploader->fileinfo('filename');
if (!file_exists($file)) {
$inserterrors[] = 'File (' . $file . ') does not exist.';
}
}
}
if ($my_uploader->upload_failed()) {
array_push($inserterrors, $my_uploader->get_error());
}
if (count($inserterrors) > 0) {
error('admin.php?action=db&job=query', $inserterrors);
} else {
$ext = get_extension($file);
$db->query("UPDATE {$db->pre}user SET pic = '' WHERE id = '{$my->id}' LIMIT 1");
($code = $plugins->load('editprofile_pic3_end')) ? eval($code) : null;
ok($lang->phrase('editprofile_pic_success'), "editprofile.php?action=pic" . SID2URL_x);
} elseif ($_GET['action'] == "pic2") {
$pic = $gpc->get('pic', none);
if ($my->p['usepic'] == 0) {
errorLogin($lang->phrase('not_allowed'), "editprofile.php");
}
$error = array();
if (isset($_FILES) && is_array($_FILES['upload']) && !empty($_FILES['upload']['name'])) {
require "classes/class.upload.php";
$my_uploader = new uploader();
$my_uploader->max_filesize($config['avfilesize']);
$my_uploader->max_image_size($config['avwidth'], $config['avheight']);
$my_uploader->file_types(explode(',', $config['avfiletypes']));
$my_uploader->set_path('uploads/pics/');
$my_uploader->rename_file($my->id);
if ($my_uploader->upload('upload')) {
removeOldImages('uploads/pics/', $my->id);
if ($my_uploader->save_file()) {
$my->pic = 'uploads/pics/' . $my_uploader->fileinfo('filename');
}
}
if ($my_uploader->upload_failed()) {
$error[] = $my_uploader->get_error();
}
} elseif (!empty($pic) && preg_match(URL_REGEXP, $pic)) {
$my->pic = checkRemotePic($pic, $my->id);
switch ($my->pic) {
case REMOTE_INVALID_URL:
$error[] = $lang->phrase('editprofile_pic_error1');
if (empty($value)) {
unset($filetypes[$key]);
}
}
$insertuploads = array();
$inserterrors = array();
require "classes/class.upload.php";
$success = 0;
for ($i = 0; $i < $ups; $i++) {
if (empty($_FILES['upload_' . $i]['name'])) {
continue;
}
$my_uploader = new uploader();
$my_uploader->max_filesize($filesize);
$my_uploader->file_types($filetypes);
$my_uploader->set_path($dir . DIRECTORY_SEPARATOR);
if (isset($imgwidth) && isset($imgheight)) {
$my_uploader->max_image_size($imgwidth, $imgheight);
}
if ($my_uploader->upload('upload_' . $i)) {
$my_uploader->save_file();
}
if ($my_uploader->upload_failed()) {
array_push($inserterrors, $my_uploader->get_error());
}
$file = $dir . DIRECTORY_SEPARATOR . $my_uploader->fileinfo('filename');
if (!file_exists($file)) {
$inserterrors[] = $lang->phrase('admin_explorer_file_does_not_exist');
} else {
$success++;
}
$dirok = false;
}
if ($dirok) {
$leadon .= $dir;
} else {
$dir = '';
}
}
// upload file
$error = null;
if (!empty($_FILES['file']['name'])) {
require "classes/class.upload.php";
$my_uploader = new uploader();
$my_uploader->max_filesize(ini_maxupload());
$my_uploader->file_types($supportedextentions);
$my_uploader->set_path($leadon);
if ($my_uploader->upload('file')) {
$my_uploader->save_file();
}
if ($my_uploader->upload_failed()) {
$error = $my_uploader->get_error();
}
$file = $leadon . $my_uploader->fileinfo('filename');
if (!file_exists($file)) {
$error = $lang->phrase('admin_cms_file_does_not_exist');
}
}
$htmlhead .= '<script type="text/javascript" src="templates/editor/wysiwyg-popup.js"></script>';
$htmlhead .= '<script type="text/javascript" src="templates/editor/wysiwyg-color.js"></script>';
$htmlhead .= '<script type="text/javascript"> function onloader() { WYSIWYG_ColorInst.init(); loadImage(); } </script>';
echo head(' onLoad="onloader();"');