function MG_saveMediaEdit($album_id, $media_id, $actionURL)
{
global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03;
$back = COM_applyFilter($_POST['rpath']);
if ($back != '') {
$actionURL = $back;
}
$queue = COM_applyFilter($_POST['queue'], true);
$replacefile = 0;
if (isset($_POST['replacefile'])) {
$replacefile = COM_applyFilter($_POST['replacefile']);
}
if ($replacefile == 1) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
$repfilename = $_FILES['repfilename'];
$filename = $repfilename['name'];
$file = $repfilename['tmp_name'];
$opt = array('replace' => $media_id);
list($rc, $msg) = MG_getFile($file, $filename, $album_id, $opt);
COM_errorLog($msg);
}
// see if we had an attached thumbnail before...
$thumb = $_FILES['attthumb'];
$thumbnail = $thumb['tmp_name'];
$att = isset($_POST['attachtn']) ? COM_applyFilter($_POST['attachtn'], true) : 0;
$attachtn = $att == 1 ? 1 : 0;
$table = $queue ? $_TABLES['mg_mediaqueue'] : $_TABLES['mg_media'];
$old_attached_tn = DB_getItem($table, 'media_tn_attached', 'media_id="' . addslashes($media_id) . '"');
if ($old_attached_tn == 0 && $att == 1 && $thumbnail == '') {
$attachtn = 0;
}
$remove_old_tn = 0;
if ($old_attached_tn == 1 && $attachtn == 0) {
$remove_old_tn = 1;
}
$remote_media = DB_getItem($table, 'remote_media', 'media_id="' . addslashes($media_id) . '"');
$remote_url = addslashes(COM_stripslashes($_POST['remoteurl']));
if ($_MG_CONF['htmlallowed']) {
$media_title = COM_checkWords(COM_stripslashes($_POST['media_title']));
$media_desc = COM_checkWords(COM_stripslashes($_POST['media_desc']));
} else {
$media_title = htmlspecialchars(strip_tags(COM_checkWords(COM_stripslashes($_POST['media_title']))));
$media_desc = htmlspecialchars(strip_tags(COM_checkWords(COM_stripslashes($_POST['media_desc']))));
}
$media_time_month = COM_applyFilter($_POST['media_month']);
$media_time_day = COM_applyFilter($_POST['media_day']);
$media_time_year = COM_applyFilter($_POST['media_year']);
$media_time_hour = COM_applyFilter($_POST['media_hour']);
$media_time_minute = COM_applyFilter($_POST['media_minute']);
$original_filename = COM_applyFilter(COM_stripslashes($_POST['original_filename']));
if ($replacefile == 1) {
$original_filename = $filename;
}
$cat_id = COM_applyFilter($_POST['cat_id'], true);
$media_keywords = COM_stripslashes($_POST['media_keywords']);
$media_keywords_safe = substr($media_keywords, 0, 254);
$media_keywords = addslashes(htmlspecialchars(strip_tags(COM_checkWords($media_keywords_safe))));
$artist = addslashes(COM_applyFilter(COM_stripslashes($_POST['artist'])));
$musicalbum = addslashes(COM_applyFilter(COM_stripslashes($_POST['musicalbum'])));
$genre = addslashes(COM_applyFilter(COM_stripslashes($_POST['genre'])));
$media_time = mktime($media_time_hour, $media_time_minute, 0, $media_time_month, $media_time_day, $media_time_year, 1);
$owner_sql = '';
if (isset($_POST['owner_name'])) {
$owner_id = COM_applyFilter($_POST['owner_name'], true);
$owner_sql = ',media_user_id=' . $owner_id . ' ';
}
$sql = "UPDATE " . $table . "\n SET media_title='" . addslashes($media_title) . "',\n media_desc='" . addslashes($media_desc) . "',\n media_original_filename='" . addslashes($original_filename) . "',\n media_time=" . $media_time . ",\n media_tn_attached=" . $attachtn . ",\n media_category=" . intval($cat_id) . ",\n media_keywords='" . $media_keywords . "',\n artist='" . $artist . "',\n album='" . $musicalbum . "',\n genre='" . $genre . "',\n remote_url='" . $remote_url . "' " . $owner_sql . "WHERE media_id='" . addslashes($media_id) . "'";
DB_query($sql);
if (DB_error() != 0) {
echo COM_errorLog("Media Gallery: ERROR Updating image in media database");
}
PLG_itemSaved($media_id, 'mediagallery');
// process playback options if any...
if (isset($_POST['autostart'])) {
// asf
$opt['autostart'] = COM_applyFilter($_POST['autostart'], true);
$opt['enablecontextmenu'] = COM_applyFilter($_POST['enablecontextmenu'], true);
$opt['stretchtofit'] = isset($_POST['stretchtofit']) ? COM_applyFilter($_POST['stretchtofit'], true) : 0;
$opt['showstatusbar'] = COM_applyFilter($_POST['showstatusbar'], true);
$opt['uimode'] = COM_applyFilter($_POST['uimode']);
$opt['height'] = isset($_POST['height']) ? COM_applyFilter($_POST['height'], true) : 0;
$opt['width'] = isset($_POST['width']) ? COM_applyFilter($_POST['width'], true) : 0;
$opt['bgcolor'] = isset($_POST['bgcolor']) ? COM_applyFilter($_POST['bgcolor']) : 0;
$opt['playcount'] = isset($_POST['playcount']) ? COM_applyFilter($_POST['playcount'], true) : 0;
$opt['loop'] = isset($_POST['loop']) ? COM_applyFilter($_POST['loop'], true) : 0;
if ($opt['playcount'] < 1) {
$opt['playcount'] = 1;
}
MG_savePBOption($media_id, 'autostart', $opt['autostart'], true);
MG_savePBOption($media_id, 'enablecontextmenu', $opt['enablecontextmenu'], true);
if ($opt['stretchtofit'] != '') {
MG_savePBOption($media_id, 'stretchtofit', $opt['stretchtofit'], true);
}
MG_savePBOption($media_id, 'showstatusbar', $opt['showstatusbar'], true);
MG_savePBOption($media_id, 'uimode', $opt['uimode']);
MG_savePBOption($media_id, 'height', $opt['height'], true);
MG_savePBOption($media_id, 'width', $opt['width'], true);
MG_savePBOption($media_id, 'bgcolor', $opt['bgcolor']);
MG_savePBOption($media_id, 'playcount', $opt['playcount'], true);
MG_savePBOption($media_id, 'loop', $opt['loop'], true);
}
if (isset($_POST['play'])) {
// swf
$opt['play'] = COM_applyFilter($_POST['play'], true);
$opt['menu'] = isset($_POST['menu']) ? COM_applyFilter($_POST['menu'], true) : 0;
$opt['quality'] = isset($_POST['quality']) ? COM_applyFilter($_POST['quality']) : '';
$opt['flashvars'] = isset($_POST['flashvars']) ? COM_applyFilter($_POST['flashvars']) : '';
$opt['height'] = COM_applyFilter($_POST['height'], true);
$opt['width'] = COM_applyFilter($_POST['width'], true);
$opt['loop'] = isset($_POST['loop']) ? COM_applyFilter($_POST['loop'], true) : 0;
$opt['scale'] = isset($_POST['scale']) ? COM_applyFilter($_POST['scale']) : '';
$opt['wmode'] = isset($_POST['wmode']) ? COM_applyFilter($_POST['wmode']) : '';
$opt['allowscriptaccess'] = isset($_POST['allowscriptaccess']) ? COM_applyFilter($_POST['allowscriptaccess']) : '';
$opt['bgcolor'] = isset($_POST['bgcolor']) ? COM_applyFilter($_POST['bgcolor']) : '';
$opt['swf_version'] = isset($_POST['swf_version']) ? COM_applyFilter($_POST['swf_version'], true) : 9;
MG_savePBOption($media_id, 'play', $opt['play'], true);
if ($opt['menu'] != '') {
MG_savePBOption($media_id, 'menu', $opt['menu'], true);
}
MG_savePBOption($media_id, 'quality', $opt['quality']);
MG_savePBOption($media_id, 'flashvars', $opt['flashvars']);
MG_savePBOption($media_id, 'height', $opt['height'], true);
MG_savePBOption($media_id, 'width', $opt['width'], true);
MG_savePBOption($media_id, 'loop', $opt['loop'], true);
MG_savePBOption($media_id, 'scale', $opt['scale']);
MG_savePBOption($media_id, 'wmode', $opt['wmode']);
MG_savePBOption($media_id, 'allowscriptaccess', $opt['allowscriptaccess']);
MG_savePBOption($media_id, 'bgcolor', $opt['bgcolor']);
MG_savePBOption($media_id, 'swf_version', $opt['swf_version'], true);
}
if (isset($_POST['autoplay'])) {
// quicktime
$opt['autoplay'] = COM_applyFilter($_POST['autoplay'], true);
$opt['autoref'] = COM_applyFilter($_POST['autoref'], true);
$opt['controller'] = COM_applyFilter($_POST['controller'], true);
$opt['kioskmode'] = COM_applyFilter($_POST['kioskmode'], true);
$opt['scale'] = COM_applyFilter($_POST['scale']);
$opt['height'] = COM_applyFilter($_POST['height'], true);
$opt['width'] = COM_applyFilter($_POST['width'], true);
$opt['bgcolor'] = COM_applyFilter($_POST['bgcolor']);
$opt['loop'] = COM_applyFilter($_POST['loop'], true);
MG_savePBOption($media_id, 'autoref', $opt['autoref'], true);
MG_savePBOption($media_id, 'autoplay', $opt['autoplay'], true);
MG_savePBOption($media_id, 'controller', $opt['controller'], true);
MG_savePBOption($media_id, 'kioskmode', $opt['kioskmode'], true);
MG_savePBOption($media_id, 'scale', $opt['scale']);
MG_savePBOption($media_id, 'height', $opt['height'], true);
MG_savePBOption($media_id, 'width', $opt['width'], true);
MG_savePBOption($media_id, 'bgcolor', $opt['bgcolor'], true);
MG_savePBOption($media_id, 'loop', $opt['loop'], true);
}
if ($attachtn == 1 && $thumbnail != '') {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
$media_filename = DB_getItem($_TABLES['mg_media'], 'media_filename', 'media_id="' . addslashes($media_id) . '"');
$thumbFilename = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($album_id, $thumbnail, $thumbFilename);
}
if ($remove_old_tn == 1) {
$media_filename = DB_getItem($_TABLES['mg_media'], 'media_filename', 'media_id="' . addslashes($media_id) . '"');
$tmpstr = 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
$ext = Media::getMediaExt($_MG_CONF['path_mediaobjects'] . $tmpstr);
if (!empty($ext)) {
@unlink($_MG_CONF['path_mediaobjects'] . $tmpstr . $ext);
}
}
if ($queue) {
echo COM_refresh($actionURL);
} else {
require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php';
MG_buildAlbumRSS($album_id);
echo COM_refresh($actionURL);
}
exit;
}
function MG_saveMediaEdit($album_id, $media_id, $actionURL)
{
global $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $LANG_MG03, $_POST, $_FILES;
$back = COM_applyFilter($_POST['rpath']);
if ($back != '') {
$sLength = strlen($_CONF['site_url']);
if (substr($back, 0, $sLength) != $_CONF['site_url']) {
$back = $_CONF['site_url'];
}
$actionURL = $back;
}
$queue = COM_applyFilter($_POST['queue'], true);
if (isset($_POST['replacefile'])) {
$replacefile = COM_applyFilter($_POST['replacefile']);
} else {
$replacefile = 0;
}
if ($replacefile == 1) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
$repfilename = $_FILES['repfilename'];
$filename = $repfilename['name'];
$file = $repfilename['tmp_name'];
list($rc, $msg) = MG_getFile($file, $filename, $album_id, '', '', 1, 0, '', 0, '', '', 0, 0, $media_id);
COM_errorLog($msg);
}
// see if we had an attached thumbnail before...
$thumb = $_FILES['attthumb'];
$thumbnail = $thumb['tmp_name'];
$att = isset($_POST['attachtn']) ? COM_applyFilter($_POST['attachtn'], true) : 0;
if ($att == 1) {
$attachtn = 1;
} else {
$attachtn = 0;
}
if ($queue) {
$old_attached_tn = DB_getItem($_TABLES['mg_mediaqueue'], 'media_tn_attached', 'media_id="' . DB_escapeString($media_id) . '"');
} else {
$old_attached_tn = DB_getItem($_TABLES['mg_media'], 'media_tn_attached', 'media_id="' . DB_escapeString($media_id) . '"');
}
if ($old_attached_tn == 0 && $att == 1 && $thumbnail == '') {
$attachtn = 0;
}
if ($old_attached_tn == 1 && $attachtn == 0) {
$remove_old_tn = 1;
} else {
$remove_old_tn = 0;
}
if ($queue) {
$remote_media = DB_getItem($_TABLES['mg_mediaqueue'], 'remote_media', 'media_id="' . DB_escapeString($media_id) . '"');
} else {
$remote_media = DB_getItem($_TABLES['mg_media'], 'remote_media', 'media_id="' . DB_escapeString($media_id) . '"');
}
if ($remote_media) {
$remote_url = isset($_POST['remoteurl']) ? DB_escapeString($_POST['remoteurl']) : '';
} else {
$remote_url = '';
}
if ($_MG_CONF['htmlallowed']) {
$media_title = COM_checkWords($_POST['media_title']);
$media_desc = COM_checkWords($_POST['media_desc']);
} else {
$media_title = htmlspecialchars(strip_tags(COM_checkWords($_POST['media_title'])));
$media_desc = htmlspecialchars(strip_tags(COM_checkWords($_POST['media_desc'])));
}
$media_time_month = COM_applyFilter($_POST['media_month']);
$media_time_day = COM_applyFilter($_POST['media_day']);
$media_time_year = COM_applyFilter($_POST['media_year']);
$media_time_hour = COM_applyFilter($_POST['media_hour']);
$media_time_minute = COM_applyFilter($_POST['media_minute']);
$original_filename = COM_applyFilter($_POST['original_filename']);
if ($replacefile == 1) {
$original_filename = $filename;
}
$cat_id = COM_applyFilter($_POST['cat_id'], true);
$media_keywords = $_POST['media_keywords'];
$media_keywords_safe = substr($media_keywords, 0, 254);
$media_keywords = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords($media_keywords_safe))));
$artist = isset($_POST['artist']) ? DB_escapeString(COM_applyFilter($_POST['artist'])) : '';
$musicalbum = isset($_POST['musicalbum']) ? DB_escapeString(COM_applyFilter($_POST['musicalbum'])) : '';
$genre = isset($_POST['genre']) ? DB_escapeString(COM_applyFilter($_POST['genre'])) : '';
$dtObject = new Date('now', $_USER['tzid']);
$dtObject->setDateTimestamp($media_time_year, $media_time_month, $media_time_day, $media_time_hour, $media_time_minute, 0);
$media_time = $dtObject->toUnix();
if (isset($_POST['owner_name'])) {
$owner_id = COM_applyFilter($_POST['owner_name'], true);
$owner_sql = ',media_user_id=' . $owner_id . ' ';
} else {
$owner_sql = '';
}
$sql = "UPDATE " . ($queue ? $_TABLES['mg_mediaqueue'] : $_TABLES['mg_media']) . "\n SET media_title='" . DB_escapeString($media_title) . "',\n media_desc='" . DB_escapeString($media_desc) . "',\n media_original_filename='" . DB_escapeString($original_filename) . "',\n media_time=" . $media_time . ",\n media_tn_attached=" . $attachtn . ",\n media_category=" . intval($cat_id) . ",\n media_keywords='" . $media_keywords . "',\n artist='" . $artist . "',\n album='" . $musicalbum . "',\n genre='" . $genre . "',\n remote_url='" . $remote_url . "' " . $owner_sql . "WHERE media_id='" . DB_escapeString($media_id) . "'";
DB_query($sql);
if (DB_error() != 0) {
echo COM_errorLog("Media Gallery: ERROR Updating image in media database");
}
PLG_itemSaved($media_id, 'mediagallery');
$media_id_db = DB_escapeString($media_id);
// process playback options if any...
if (isset($_POST['autostart'])) {
// asf
$playback_option['autostart'] = intval(COM_applyFilter($_POST['autostart'], true));
$playback_option['enablecontextmenu'] = intval(COM_applyFilter($_POST['enablecontextmenu'], true));
$playback_option['stretchtofit'] = isset($_POST['stretchtofit']) ? intval(COM_applyFilter($_POST['stretchtofit'], true)) : 0;
$playback_option['showstatusbar'] = COM_applyFilter($_POST['showstatusbar'], true);
$playback_option['uimode'] = COM_applyFilter($_POST['uimode']);
$playback_option['height'] = isset($_POST['height']) ? COM_applyFilter($_POST['height'], true) : 0;
$playback_option['width'] = isset($_POST['width']) ? COM_applyFilter($_POST['width'], true) : 0;
$playback_option['bgcolor'] = isset($_POST['bgcolor']) ? COM_applyFilter($_POST['bgcolor']) : 0;
$playback_option['playcount'] = isset($_POST['playcount']) ? COM_applyFilter($_POST['playcount'], true) : 0;
$playback_option['loop'] = isset($_POST['loop']) ? COM_applyFilter($_POST['loop'], true) : 0;
if ($playback_option['playcount'] < 1) {
$playback_option['playcount'] = 1;
}
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','autostart',{$playback_option['autostart']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','enablecontextmenu',{$playback_option['enablecontextmenu']}");
if ($playback_option['stretchtofit'] != '') {
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','stretchtofit',{$playback_option['stretchtofit']}");
}
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','showstatusbar',{$playback_option['showstatusbar']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','uimode', '{$playback_option['uimode']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','height',{$playback_option['height']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','width',{$playback_option['width']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','bgcolor','{$playback_option['bgcolor']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','playcount','{$playback_option['playcount']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','loop','{$playback_option['loop']}'");
}
if (isset($_POST['play'])) {
//swf
$playback_option['play'] = COM_applyFilter($_POST['play'], true);
$playback_option['menu'] = isset($_POST['menu']) ? COM_applyFilter($_POST['menu'], true) : '';
$playback_option['quality'] = isset($_POST['quality']) ? DB_escapeString(COM_applyFilter($_POST['quality'])) : '';
$playback_option['flashvars'] = isset($_POST['flashvars']) ? DB_escapeString(COM_applyFilter($_POST['flashvars'])) : '';
$playback_option['height'] = COM_applyFilter($_POST['height'], true);
$playback_option['width'] = COM_applyFilter($_POST['width'], true);
$playback_option['loop'] = isset($_POST['loop']) ? COM_applyFilter($_POST['loop'], true) : 0;
$playback_option['scale'] = isset($_POST['scale']) ? DB_escapeString(COM_applyFilter($_POST['scale'])) : '';
$playback_option['wmode'] = isset($_POST['wmode']) ? DB_escapeString(COM_applyFilter($_POST['wmode'])) : '';
$playback_option['allowscriptaccess'] = isset($_POST['allowscriptaccess']) ? DB_escapeString(COM_applyFilter($_POST['allowscriptaccess'])) : '';
$playback_option['bgcolor'] = isset($_POST['bgcolor']) ? DB_escapeString(COM_applyFilter($_POST['bgcolor'])) : '';
$playback_option['swf_version'] = isset($_POST['swf_version']) ? COM_applyFilter($_POST['swf_version'], true) : 9;
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','play', {$playback_option['play']}");
if ($playback_option['menu'] != '') {
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','menu', {$playback_option['menu']}");
}
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','quality', '{$playback_option['quality']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','height', {$playback_option['height']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','width', {$playback_option['width']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','flashvars', '{$playback_option['flashvars']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','scale', '{$playback_option['scale']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','wmode', '{$playback_option['wmode']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','loop', '{$playback_option['loop']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','allowscriptaccess','{$playback_option['allowscriptaccess']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','bgcolor', '{$playback_option['bgcolor']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id}','swf_version', '{$playback_option['swf_version']}'");
}
if (isset($_POST['autoplay'])) {
//quicktime
$playback_option['autoplay'] = COM_applyFilter($_POST['autoplay'], true);
$playback_option['autoref'] = COM_applyFilter($_POST['autoref'], true);
$playback_option['controller'] = COM_applyFilter($_POST['controller'], true);
$playback_option['kioskmode'] = COM_applyFilter($_POST['kioskmode'], true);
$playback_option['scale'] = DB_escapeString(COM_applyFilter($_POST['scale']));
$playback_option['height'] = COM_applyFilter($_POST['height'], true);
$playback_option['width'] = COM_applyFilter($_POST['width'], true);
$playback_option['bgcolor'] = COM_applyFilter($_POST['bgcolor']);
$playback_option['loop'] = COM_applyFilter($_POST['loop'], true);
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','autoref',{$playback_option['autoref']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','autoplay',{$playback_option['autoplay']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','controller',{$playback_option['controller']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','kioskmode',{$playback_option['kioskmode']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','scale','{$playback_option['scale']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','height',{$playback_option['height']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','width',{$playback_option['width']}");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','bgcolor','{$playback_option['bgcolor']}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$media_id_db}','loop','{$playback_option['loop']}'");
}
if ($attachtn == 1 && $thumbnail != '') {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
$media_filename = DB_getItem($_TABLES['mg_media'], 'media_filename', 'media_id="' . $media_id . '"');
$thumbFilename = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($album_id, $thumbnail, $thumbFilename);
}
if ($remove_old_tn == 1) {
$media_filename = DB_getItem($_TABLES['mg_media'], 'media_filename', 'media_id="' . $media_id . '"');
foreach ($_MG_CONF['validExtensions'] as $ext) {
if (file_exists($_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename . $ext)) {
@unlink($_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename . $ext);
break;
}
}
}
if ($queue) {
echo COM_refresh($_MG_CONF['site_url'] . '/admin.php?album_id=' . $album_id . '&mode=moderate');
} else {
require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php';
MG_buildAlbumRSS($album_id);
CACHE_remove_instance('whatsnew');
echo COM_refresh($actionURL);
}
exit;
}
function MG_getFile($filename, $file, $album_id, $opt = array())
{
global $_CONF, $_MG_CONF, $_USER, $_TABLES, $LANG_MG00, $LANG_MG01, $LANG_MG02, $_SPECIAL_IMAGES_MIMETYPE, $new_media_id;
$caption = isset($opt['caption']) ? $opt['caption'] : '';
$description = isset($opt['description']) ? $opt['description'] : '';
$upload = isset($opt['upload']) ? $opt['upload'] : 1;
$purgefiles = isset($opt['purgefiles']) ? $opt['purgefiles'] : 0;
$filetype = isset($opt['filetype']) ? $opt['filetype'] : '';
$atttn = isset($opt['atttn']) ? $opt['atttn'] : 0;
$thumbnail = isset($opt['thumbnail']) ? $opt['thumbnail'] : '';
$keywords = isset($opt['keywords']) ? $opt['keywords'] : '';
$category = isset($opt['category']) ? $opt['category'] : 0;
$dnc = isset($opt['dnc']) ? $opt['dnc'] : 0;
$replace = isset($opt['replace']) ? $opt['replace'] : 0;
$artist = '';
$musicAlbum = '';
$genre = '';
$video_attached_thumbnail = 0;
$successfulWatermark = 0;
$dnc = 1;
// What is this?
$errors = 0;
$errMsg = '';
require_once $_CONF['path'] . 'plugins/mediagallery/include/classAlbum.php';
$album = new mgAlbum($album_id);
$root_album = new mgAlbum(0);
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: *********** Beginning media upload process...");
COM_errorLog("Filename to process: " . $filename);
COM_errorLog("UID=" . $_USER['uid']);
COM_errorLog("album access=" . $album->access);
COM_errorLog("album owner_id=" . $album->owner_id);
COM_errorLog("member_uploads=" . $album->member_uploads);
}
clearstatcache();
if (!file_exists($filename)) {
$errMsg = $LANG_MG02['upload_not_found'];
return array(false, $errMsg);
}
if (!is_readable($filename)) {
$errMsg = $LANG_MG02['upload_not_readable'];
return array(false, $errMsg);
}
// make sure we have the proper permissions to upload to this album....
if (!isset($album->id)) {
$errMsg = $LANG_MG02['album_nonexist'];
// "Album does not exist, unable to process uploads";
return array(false, $errMsg);
}
if ($album->access != 3 && !$root_album->owner_id && $album->member_uploads == 0) {
COM_errorLog("Someone has tried to illegally upload to an album in Media Gallery. " . "User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: " . $_SERVER['REMOTE_ADDR'], 1);
return array(false, $LANG_MG00['access_denied_msg']);
}
sleep(0.1);
// We do this to make sure we don't get dupe sid's
/*
* The following section of code will generate a unique name for a temporary
* file and copy the uploaded file to the Media Gallery temp directory.
* We do this to prevent any SAFE MODE issues when we later open the
* file to determine the mime type.
*/
if (empty($_USER['username'])) {
$_USER['username'] = '******';
}
$tmpPath = $_MG_CONF['tmp_path'] . $_USER['username'] . COM_makesid() . '.tmp';
if ($upload) {
$rc = @move_uploaded_file($filename, $tmpPath);
} else {
$rc = @copy($filename, $tmpPath);
$importSource = $filename;
}
if ($rc != 1) {
COM_errorLog("Media Upload - Error moving uploaded file in generic processing....");
COM_errorLog("Media Upload - Unable to copy file to: " . $tmpPath);
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
@unlink($tmpPath);
COM_errorLog("MG Upload: Problem uploading a media object");
return array(false, $errMsg);
}
$filename = $tmpPath;
$new_media_id = $replace > 0 ? $replace : COM_makesid();
$media_time = time();
$media_upload_time = $media_time;
if (!isset($_USER['uid']) || $_USER['uid'] < 1) {
$media_user_id = 1;
} else {
$media_user_id = $_USER['uid'];
}
$mimeInfo = MG_getMediaMetaData($filename);
$mimeExt = strtolower(substr(strrchr($file, '.'), 1));
$mimeInfo['type'] = $mimeExt;
// override the determination for some filetypes
$filetype = MG_getFileTypeFromExt($mimeExt, $filetype);
if (empty($mimeInfo['mime_type'])) {
COM_errorLog("MG Upload: getID3 was unable to detect mime type - using PHP detection");
$mimeInfo['mime_type'] = $filetype;
}
$gotTN = 0;
if ($mimeInfo['id3v2']['APIC'][0]['mime'] == 'image/jpeg') {
$mp3AttachdedThumbnail = $mimeInfo['id3v2']['APIC'][0]['data'];
$gotTN = 1;
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: found mime type of " . $mimeInfo['type']);
}
if ($mimeExt == '' || $mimeInfo['mime_type'] == 'application/octet-stream' || $mimeInfo['mime_type'] == '') {
// assume format based on file upload info...
switch ($filetype) {
case 'audio/mpeg':
$mimeInfo['type'] = 'mp3';
$mimeInfo['mime_type'] = 'audio/mpeg';
$mimeExt = 'mp3';
break;
case 'image/tga':
$mimeInfo['type'] = 'tga';
$mimeInfo['mime_type'] = 'image/tga';
$mimeExt = 'tga';
break;
case 'image/psd':
$mimeInfo['type'] = 'psd';
$mimeInfo['mime_type'] = 'image/psd';
$mimeExt = 'psd';
break;
case 'image/gif':
$mimeInfo['type'] = 'gif';
$mimeInfo['mime_type'] = 'image/gif';
$mimeExt = 'gif';
break;
case 'image/jpeg':
case 'image/jpg':
$mimeInfo['type'] = 'jpg';
$mimeInfo['mime_type'] = 'image/jpeg';
$mimeExt = 'jpg';
break;
case 'image/png':
$mimeInfo['type'] = 'png';
$mimeInfo['mime_type'] = 'image/png';
$mimeExt = 'png';
break;
case 'image/bmp':
$mimeInfo['type'] = 'bmp';
$mimeInfo['mime_type'] = 'image/bmp';
$mimeExt = 'bmp';
break;
case 'application/x-shockwave-flash':
$mimeInfo['type'] = 'swf';
$mimeInfo['mime_type'] = 'application/x-shockwave-flash';
$mimeExt = 'swf';
break;
case 'application/zip':
$mimeInfo['type'] = 'zip';
$mimeInfo['mime_type'] = 'application/zip';
$mimeExt = 'zip';
break;
case 'audio/mpeg':
$mimeInfo['type'] = 'mp3';
$mimeInfo['mime_type'] = 'audio/mpeg';
$mimeExt = 'mp3';
break;
case 'video/quicktime':
$mimeInfo['type'] = 'mov';
$mimeInfo['mime_type'] = 'video/quicktime';
$mimeExt = 'mov';
break;
case 'video/x-m4v':
$mimeInfo['type'] = 'mov';
$mimeInfo['mime_type'] = 'video/x-m4v';
$mimeExt = 'mov';
break;
case 'video/x-flv':
$mimeInfo['type'] = 'flv';
$mimeInfo['mime_type'] = 'video/x-flv';
$mimeExt = 'flv';
break;
case 'audio/x-ms-wma':
$mimeInfo['type'] = 'wma';
$mimeInfo['mime_type'] = 'audio/x-ms-wma';
$mimeExt = 'wma';
break;
default:
switch ($mimeExt) {
case 'flv':
$mimeInfo['type'] = 'flv';
$mimeInfo['mime_type'] = 'video/x-flv';
break;
case 'wma':
$mimeInfo['type'] = 'wma';
$mimeInfo['mime_type'] = 'audio/x-ms-wma';
break;
default:
$mimeInfo['type'] = 'file';
$mimeInfo['mime_type'] = 'application/octet-stream';
if ($filetype != '') {
$mimeInfo['mime_type'] = $filetype;
}
break;
}
break;
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: override mime type to: " . $mimeInfo['type'] . ' based upon file extension of: ' . $filetype);
}
}
switch ($mimeInfo['mime_type']) {
case 'audio/mpeg':
$format_type = MG_MP3;
break;
case 'image/gif':
$format_type = MG_GIF;
break;
case 'image/jpeg':
case 'image/jpg':
$format_type = MG_JPG;
break;
case 'image/png':
$format_type = MG_PNG;
break;
case 'image/bmp':
$format_type = MG_BMP;
break;
case 'application/x-shockwave-flash':
$format_type = MG_SWF;
break;
case 'application/zip':
$format_type = MG_ZIP;
break;
case 'video/mpeg':
case 'video/x-motion-jpeg':
case 'video/quicktime':
case 'video/mpeg':
case 'video/x-mpeg':
case 'video/x-mpeq2a':
case 'video/x-qtc':
case 'video/x-m4v':
$format_type = MG_MOV;
break;
case 'video/x-flv':
$format_type = MG_FLV;
break;
case 'image/tiff':
$format_type = MG_TIF;
break;
case 'image/x-targa':
case 'image/tga':
$format_type = MG_TGA;
break;
case 'image/psd':
$format_type = MG_PSD;
break;
case 'application/ogg':
$format_type = MG_OGG;
break;
case 'audio/x-ms-wma':
case 'audio/x-ms-wax':
case 'audio/x-ms-wmv':
case 'video/x-ms-asf':
case 'video/x-ms-asf-plugin':
case 'video/avi':
case 'video/msvideo':
case 'video/x-msvideo':
case 'video/avs-video':
case 'video/x-ms-wmv':
case 'video/x-ms-wvx':
case 'video/x-ms-wm':
case 'application/x-troff-msvideo':
case 'application/x-ms-wmz':
case 'application/x-ms-wmd':
$format_type = MG_ASF;
break;
case 'application/pdf':
$format_type = MG_OTHER;
break;
default:
$format_type = MG_OTHER;
break;
}
if (!($album->valid_formats & $format_type)) {
return array(false, $LANG_MG02['format_not_allowed']);
}
$mimeType = $mimeInfo['mime_type'];
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: PHP detected mime type is : " . $filetype);
}
if ($filetype == 'video/x-m4v') {
$mimeType = 'video/x-m4v';
$mimeInfo['mime_type'] = 'video/x-m4v';
}
if ($replace > 0) {
$sql = "SELECT * FROM {$_TABLES['mg_media']} WHERE media_id='" . addslashes($replace) . "'";
$result = DB_query($sql);
$row = DB_fetchArray($result);
$media_filename = $row['media_filename'];
} else {
if ($_MG_CONF['preserve_filename'] == 1) {
$loopCounter = 0;
$digitCounter = 1;
$file_name = stripslashes($file);
$file_name = MG_replace_accents($file_name);
$file_name = preg_replace("#[ ]#", "_", $file_name);
// change spaces to underscore
$file_name = preg_replace('#[^\\.\\-,\\w]#', '_', $file_name);
//only parenthesis, underscore, letters, numbers, comma, hyphen, period - others to underscore
$file_name = preg_replace('#(_)+#', '_', $file_name);
//eliminate duplicate underscore
$pos = strrpos($file_name, '.');
if ($pos === false) {
$basefilename = $file_name;
} else {
$basefilename = strtolower(substr($file_name, 0, $pos));
}
do {
clearstatcache();
$media_filename = substr(md5(uniqid(rand())), 0, $digitCounter) . '_' . $basefilename;
$loopCounter++;
if ($loopCounter > 16) {
$digitCounter++;
$loopCounter = 0;
}
} while (MG_file_exists($media_filename));
} else {
do {
clearstatcache();
$media_filename = md5(uniqid(rand()));
} while (MG_file_exists($media_filename));
}
}
// replace a few mime extentions here...
//
if ($mimeExt == 'php') {
$mimeExt = 'phps';
}
if (in_array($mimeExt, array('pl', 'cgi', 'py', 'sh', 'rb'))) {
$mimeExt = 'txt';
}
$disp_media_filename = $media_filename . '.' . $mimeExt;
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Stored filename is : " . $disp_media_filename);
COM_errorLog("MG Upload: Mime Type: " . $mimeType);
}
switch ($mimeType) {
case 'image/psd':
case 'image/x-targa':
case 'image/tga':
case 'image/photoshop':
case 'image/x-photoshop':
case 'image/psd':
case 'application/photoshop':
case 'application/psd':
case 'image/tiff':
case 'image/gif':
case 'image/jpeg':
case 'image/jpg':
case 'image/png':
case 'image/bmp':
$dispExt = $mimeExt;
if (in_array($mimeType, $_SPECIAL_IMAGES_MIMETYPE)) {
$dispExt = 'jpg';
}
$media_orig = MG_getFilePath('orig', $media_filename, $mimeExt);
$media_disp = MG_getFilePath('disp', $media_filename, $dispExt);
$media_tn = MG_getFilePath('tn', $media_filename, $dispExt);
$mimeType = $mimeInfo['mime_type'];
// process image file
$media_time = getOriginationTimestamp($filename);
if ($media_time == null || $media_time < 0) {
$media_time = time();
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: About to move/copy file");
}
$rc = @copy($filename, $media_orig);
if ($rc != 1) {
COM_errorLog("Media Upload - Error moving uploaded file....");
COM_errorLog("Media Upload - Unable to copy file to: " . $media_orig);
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
if ($purgefiles) {
@unlink($importSource);
}
@chmod($media_orig, 0644);
list($rc, $msg) = MG_convertImage($media_orig, $media_tn, $media_disp, $mimeExt, $mimeType, $album_id, $media_filename, $dnc);
if ($rc == false) {
$errors++;
$errMsg .= $msg;
// sprintf($LANG_MG02['convert_error'],$filename);
} else {
$mediaType = 0;
if ($_MG_CONF['discard_original'] == 1 && ($mimeType == 'image/jpeg' || $mimeType == 'image/jpg' || $mimeType == 'image/png' || $mimeType == 'image/bmp' || $mimeType == 'image/gif')) {
if ($_MG_CONF['jhead_enabled'] && ($mimeType == 'image/jpeg' || $mimeType == 'image/jpg')) {
$rc = MG_execWrapper('"' . $_MG_CONF['jhead_path'] . "/jhead" . '"' . " -te " . $media_orig . " " . $media_disp);
}
@unlink($media_orig);
}
if ($album->wm_auto) {
if ($_MG_CONF['discard_original'] == 1) {
$rc = MG_watermark($media_disp, $album_id, 1);
if ($rc == true) {
$successfulWatermark = 1;
}
} else {
$rc1 = MG_watermark($media_orig, $album_id, 1);
$rc2 = MG_watermark($media_disp, $album_id, 0);
if ($rc1 == ture && $rc2 == true) {
$successfulWatermark = 1;
}
}
}
if ($dnc != 1) {
if (!in_array($mimeType, $_SPECIAL_IMAGES_MIMETYPE)) {
$mimeExt = 'jpg';
$mimeType = 'image/jpeg';
}
}
}
}
break;
case 'video/quicktime':
case 'video/mpeg':
case 'video/x-flv':
case 'video/x-ms-asf':
case 'video/x-ms-asf-plugin':
case 'video/avi':
case 'video/msvideo':
case 'video/x-msvideo':
case 'video/avs-video':
case 'video/x-ms-wmv':
case 'video/x-ms-wvx':
case 'video/x-ms-wm':
case 'application/x-troff-msvideo':
case 'application/x-shockwave-flash':
case 'video/mp4':
case 'video/x-m4v':
$mimeType = $mimeInfo['mime_type'];
if ($filetype == 'video/mp4') {
$mimeExt = 'mp4';
}
// process video format
$media_orig = MG_getFilePath('orig', $media_filename, $mimeExt);
$rc = @copy($filename, $media_orig);
if ($rc != 1) {
COM_errorLog("MG Upload: Error moving uploaded file in video processing....");
COM_errorLog("Media Upload - Unable to copy file to: " . $media_orig);
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
if ($purgefiles) {
@unlink($importSource);
}
@chmod($media_orig, 0644);
$mediaType = 1;
}
$video_attached_thumbnail = MG_videoThumbnail($album_id, $media_orig, $media_filename);
break;
case 'application/ogg':
case 'audio/mpeg':
case 'audio/x-ms-wma':
case 'audio/x-ms-wax':
case 'audio/x-ms-wmv':
$mimeType = $mimeInfo['mime_type'];
// process audio format
$media_orig = MG_getFilePath('orig', $media_filename, $mimeExt);
$rc = @copy($filename, $media_orig);
COM_errorLog("MG Upload: Extracting audio meta data");
if (isset($mimeInfo['tags']['id3v1']['title'][0])) {
if ($caption == '') {
$caption = $mimeInfo['tags']['id3v1']['title'][0];
}
}
if (isset($mimeInfo['tags']['id3v1']['artist'][0])) {
$artist = addslashes($mimeInfo['tags']['id3v1']['artist'][0]);
}
if (isset($mimeInfo['tags']['id3v2']['genre'][0])) {
$genre = addslashes($mimeInfo['tags']['id3v2']['genre'][0]);
}
if (isset($mimeInfo['tags']['id3v1']['album'][0])) {
$musicAlbum = addslashes($mimeInfo['tags']['id3v1']['album'][0]);
}
if ($rc != 1) {
COM_errorLog("Media Upload - Error moving uploaded file in audio processing....");
COM_errorLog("Media Upload - Unable to copy file to: " . $media_orig);
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
if ($purgefiles) {
@unlink($importSource);
}
$mediaType = 2;
}
break;
case 'zip':
case 'application/zip':
if ($_MG_CONF['zip_enabled']) {
$errMsg .= MG_processZip($filename, $album_id, $purgefiles, $media_filename);
break;
}
// NO BREAK HERE, fall through if enable zip isn't allowed
// NO BREAK HERE, fall through if enable zip isn't allowed
default:
$media_orig = MG_getFilePath('orig', $media_filename, $mimeExt);
$mimeType = $mimeInfo['mime_type'];
$rc = @copy($filename, $media_orig);
if ($rc != 1) {
COM_errorLog("Media Upload - Error moving uploaded file in generic processing....");
COM_errorLog("Media Upload - Unable to copy file to: " . $media_orig);
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
if ($purgefiles) {
@unlink($importSource);
}
$mediaType = 4;
}
$mediaType = 4;
break;
}
// update quota
$quota = $album->album_disk_usage;
$quota += @filesize(MG_getFilePath('orig', $media_filename, $mimeExt));
if ($_MG_CONF['discard_original'] == 1) {
$quota += @filesize(MG_getFilePath('disp', $media_filename, 'jpg'));
}
DB_change($_TABLES['mg_albums'], 'album_disk_usage', $quota, 'album_id', intval($album_id));
if ($errors) {
@unlink($tmpPath);
COM_errorLog("MG Upload: Problem uploading a media object");
return array(false, $errMsg);
}
if (($mimeType != 'application/zip' || $_MG_CONF['zip_enabled'] == 0) && $errors == 0) {
// Now we need to process an uploaded thumbnail
if ($gotTN == 1) {
$mp3TNFilename = $_MG_CONF['tmp_path'] . 'mp3tn' . time() . '.jpg';
$fn = fopen($mp3TNFilename, "w");
fwrite($fn, $mp3AttachdedThumbnail);
fclose($fn);
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($album_id, $mp3TNFilename, $saveThumbnailName);
@unlink($mp3TNFilename);
$atttn = 1;
} else {
if ($atttn == 1) {
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($album_id, $thumbnail, $saveThumbnailName);
}
}
if ($video_attached_thumbnail) {
$atttn = 1;
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Building SQL and preparing to enter database");
}
if ($_MG_CONF['htmlallowed'] != 1) {
$media_desc = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($description)))));
$media_caption = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($caption)))));
$media_keywords = addslashes(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($keywords)))));
} else {
$media_desc = addslashes(COM_checkHTML(COM_killJS($description)));
$media_caption = addslashes(COM_checkHTML(COM_killJS($caption)));
$media_keywords = addslashes(COM_checkHTML(COM_killJS($keywords)));
}
// Check and see if moderation is on. If yes, place in mediasubmission
if ($album->moderate == 1 && !$root_album->owner_id) {
$tableMedia = $_TABLES['mg_mediaqueue'];
$tableMediaAlbum = $_TABLES['mg_media_album_queue'];
$queue = 1;
} else {
$tableMedia = $_TABLES['mg_media'];
$tableMediaAlbum = $_TABLES['mg_media_albums'];
$queue = 0;
}
$original_filename = addslashes($file);
if ($album->filename_title) {
if ($media_caption == '') {
$pos = strrpos($original_filename, '.');
if ($pos === false) {
$media_caption = $original_filename;
} else {
$media_caption = substr($original_filename, 0, $pos);
}
}
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Inserting media record into mg_media");
}
$resolution_x = 0;
$resolution_y = 0;
// try to find a resolution if video...
if ($mediaType == 1) {
switch ($mimeType) {
case 'application/x-shockwave-flash':
case 'video/quicktime':
case 'video/mpeg':
case 'video/x-m4v':
$resolution_x = -1;
$resolution_y = -1;
if (isset($mimeInfo['video']['resolution_x']) && isset($mimeInfo['video']['resolution_x'])) {
$resolution_x = $mimeInfo['video']['resolution_x'];
$resolution_y = $mimeInfo['video']['resolution_y'];
}
break;
case 'video/x-flv':
if ($mimeInfo['video']['resolution_x'] < 1 || $mimeInfo['video']['resolution_y'] < 1) {
$resolution_x = -1;
$resolution_y = -1;
if (isset($mimeInfo['meta']['onMetaData']['width']) && isset($mimeInfo['meta']['onMetaData']['height'])) {
$resolution_x = $mimeInfo['meta']['onMetaData']['width'];
$resolution_y = $mimeInfo['meta']['onMetaData']['height'];
}
} else {
$resolution_x = $mimeInfo['video']['resolution_x'];
$resolution_y = $mimeInfo['video']['resolution_y'];
}
break;
case 'video/x-ms-asf':
case 'video/x-ms-asf-plugin':
case 'video/avi':
case 'video/msvideo':
case 'video/x-msvideo':
case 'video/avs-video':
case 'video/x-ms-wmv':
case 'video/x-ms-wvx':
case 'video/x-ms-wm':
case 'application/x-troff-msvideo':
$resolution_x = -1;
$resolution_y = -1;
if (isset($mimeInfo['video']['streams']['2']['resolution_x']) && isset($mimeInfo['video']['streams']['2']['resolution_y'])) {
$resolution_x = $mimeInfo['video']['streams']['2']['resolution_x'];
$resolution_y = $mimeInfo['video']['streams']['2']['resolution_y'];
}
break;
}
}
if ($replace > 0) {
$sql = "UPDATE " . $tableMedia . " SET " . "media_filename='" . addslashes($media_filename) . "'," . "media_original_filename='" . $original_filename . "'," . "media_mime_ext='" . addslashes($mimeExt) . "'," . "mime_type='" . addslashes($mimeType) . "'," . "media_time='" . addslashes($media_time) . "'," . "media_user_id='" . addslashes($media_user_id) . "'," . "media_type='" . addslashes($mediaType) . "'," . "media_upload_time='" . addslashes($media_upload_time) . "'," . "media_watermarked='" . addslashes($successfulWatermark) . "'," . "media_resolution_x='" . intval($resolution_x) . "'," . "media_resolution_y='" . intval($resolution_y) . "' " . "WHERE media_id='" . addslashes($replace) . "'";
DB_query($sql);
} else {
$sql = "INSERT INTO " . $tableMedia . " (media_id,media_filename,media_original_filename,media_mime_ext," . "media_exif,mime_type,media_title,media_desc,media_keywords,media_time," . "media_views,media_comments,media_votes,media_rating,media_tn_attached," . "media_tn_image,include_ss,media_user_id,media_user_ip,media_approval," . "media_type,media_upload_time,media_category,media_watermarked,v100," . "maint,media_resolution_x,media_resolution_y,remote_media,remote_url," . "artist,album,genre) " . "VALUES ('" . addslashes($new_media_id) . "','" . addslashes($media_filename) . "','" . $original_filename . "','" . addslashes($mimeExt) . "','1','" . addslashes($mimeType) . "','" . addslashes($media_caption) . "','" . addslashes($media_desc) . "','" . addslashes($media_keywords) . "','" . addslashes($media_time) . "','0','0','0','0.00','" . addslashes($atttn) . "','','1','" . addslashes($media_user_id) . "','','0','" . addslashes($mediaType) . "','" . addslashes($media_upload_time) . "','" . addslashes($category) . "','" . addslashes($successfulWatermark) . "','0','0'," . intval($resolution_x) . "," . intval($resolution_y) . ",0,'','" . addslashes($artist) . "','" . addslashes($musicAlbum) . "','" . addslashes($genre) . "');";
DB_query($sql);
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Updating Album information");
}
$x = 0;
$sql = "SELECT MAX(media_order) + 10 AS media_seq FROM {$_TABLES['mg_media_albums']} WHERE album_id = " . intval($album_id);
$result = DB_query($sql);
$row = DB_fetchArray($result);
$media_seq = $row['media_seq'];
if ($media_seq < 10) {
$media_seq = 10;
}
$sql = "INSERT INTO " . $tableMediaAlbum . " (media_id, album_id, media_order) " . "VALUES ('" . addslashes($new_media_id) . "', " . intval($album_id) . ", " . intval($media_seq) . ")";
DB_query($sql);
if ($mediaType == 1 && $resolution_x > 0 && $resolution_y > 0 && $_MG_CONF['use_default_resolution'] == 0) {
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$new_media_id}','width', '{$resolution_x}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$new_media_id}','height','{$resolution_y}'");
}
PLG_itemSaved($new_media_id, 'mediagallery');
// update the media count for the album, only if no moderation...
if ($queue == 0) {
$album->media_count++;
DB_change($_TABLES['mg_albums'], 'media_count', $album->media_count, 'album_id', $album->id);
MG_updateAlbumLastUpdate($album->id);
if ($album->cover == -1 && ($mediaType == 0 || $atttn == 1)) {
if ($atttn == 1) {
$covername = 'tn_' . $media_filename;
} else {
$covername = $media_filename;
}
DB_change($_TABLES['mg_albums'], 'album_cover_filename', $covername, 'album_id', $album->id);
}
// MG_resetAlbumCover($album->id);
}
$x++;
}
}
if ($queue) {
$errMsg .= $LANG_MG01['successful_upload_queue'];
// ' successfully placed in Moderation queue';
} else {
$errMsg .= $LANG_MG01['successful_upload'];
// ' successfully uploaded to album';
}
if ($queue == 0) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php';
MG_buildFullRSS();
MG_buildAlbumRSS($album_id);
}
COM_errorLog("MG Upload: Successfully uploaded a media object");
@unlink($tmpPath);
return array(true, $errMsg);
}
function MG_getRemote($URL, $mimeType, $albumId, $caption, $description, $keywords, $category, $attachedThumbnail, $thumbnail, $resolution_x, $resolution_y)
{
global $MG_albums, $_CONF, $_MG_CONF, $_USER, $_TABLES, $LANG_MG00, $LANG_MG01, $LANG_MG02, $new_media_id;
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Entering MG_getRemote()");
COM_errorLog("MG Upload: URL to process: " . htmlentities($URL));
}
$resolution_x = 0;
$resolution_y = 0;
$urlArray = array();
$urlArray = parse_url($URL);
// make sure we have the proper permissions to upload to this album....
$sql = "SELECT * FROM {$_TABLES['mg_albums']} WHERE album_id=" . intval($albumId);
$aResult = DB_query($sql);
$aRows = DB_numRows($aResult);
if ($aRows != 1) {
$errMsg = $LANG_MG02['album_nonexist'];
// "Album does not exist, unable to process uploads";
return array(false, $errMsg);
}
$albumInfo = DB_fetchArray($aResult);
$access = SEC_hasAccess($albumInfo['owner_id'], $albumInfo['group_id'], $albumInfo['perm_owner'], $albumInfo['perm_group'], $albumInfo['perm_members'], $albumInfo['perm_anon']);
if ($access != 3 && !$MG_albums[0]->owner_id && $albumInfo['member_uploads'] == 0) {
COM_errorLog("Someone has tried to illegally upload to an album in Media Gallery. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$_SERVER['REMOTE_ADDR']}", 1);
return array(false, $LANG_MG00['access_denied_msg']);
}
$errors = 0;
$errMsg = '';
sleep(1);
// We do this to make sure we don't get dupe sid's
$new_media_id = COM_makesid();
$media_time = time();
$media_upload_time = time();
$media_user_id = $_USER['uid'];
// we expect the mime type (player type) to be passed to this function
// - Image
// - Video - Windows Media
// - Video - QuickTime
// - Video - Flash Video
// - Audio - Windows Media
// - Audio - QuickTime
// - Audio - MP3
// - Embed - YouTube/Google/etc...
switch ($mimeType) {
case 'embed':
$format_type = MG_EMB;
$mimeExt = 'flv';
$mediaType = 5;
break;
case 'image/gif':
$format_type = MG_GIF;
$mimeExt = 'gif';
$mediaType = 0;
break;
case 'image/jpg':
$format_type = MG_JPG;
$mimeExt = 'jpg';
$mediaType = 0;
break;
case 'image/png':
$format_type = MG_PNG;
$mimeExt = 'png';
$mediaType = 0;
break;
case 'image/bmp':
$format_type = MG_BMP;
$mimeExt = 'bmp';
$mediaType = 0;
break;
case 'application/x-shockwave-flash':
$format_type = MG_SWF;
$mimeExt = 'swf';
$mediaType = 1;
break;
case 'video/quicktime':
$format_type = MG_MOV;
$mimeExt = 'mov';
$mediaType = 1;
break;
case 'video/x-flv':
$format_type = MG_RFLV;
$mimeExt = 'flv';
$mediaType = 1;
break;
case 'video/x-ms-asf':
$format_type = MG_ASF;
$mimeExt = 'asf';
$mediaType = 1;
break;
case 'audio/mpeg':
$format_type = MG_MP3;
$mimeExt = 'mp3';
$mediaType = 2;
break;
case 'audio/x-ms-wma':
$format_type = MG_ASF;
$mimeExt = 'wma';
$mediaType = 2;
break;
}
if (!($MG_albums[$albumId]->valid_formats & $format_type)) {
return array(false, $LANG_MG02['format_not_allowed']);
}
// create the unique filename to store this under
do {
clearstatcache();
$media_filename = md5(uniqid(rand()));
} while (MG_file_exists($media_filename));
$disp_media_filename = $media_filename . '.' . $mimeExt;
// for remote files this will be a 0 byte file
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Stored filename is : " . $disp_media_filename);
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Mime Type: " . $mimeType);
}
// now we pretent to process the file
$media_orig = $_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . "." . $mimeExt;
$media_time = time();
// create a 0 byte file in the orig directory...
touch($media_orig);
if ($errors) {
COM_errorLog("MG Upload: Problem uploading a media object");
return array(false, $errMsg);
}
// Now we need to process an uploaded thumbnail
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: attachedThumbnail: " . $attachedThumbnail);
COM_errorLog("MG Upload: thumbnail: " . $thumbnail);
}
if ($attachedThumbnail == 1 && $thumbnail != '') {
// see if it is remote, if yes go get it...
if (preg_match("/http/i", $thumbnail)) {
$tmp_thumbnail = $_MG_CONF['tmp_path'] . '/' . $media_filename . '.jpg';
$rc = MG_getRemoteThumbnail($thumbnail, $tmp_thumbnail);
$tmp_image_size = @getimagesize($tmp_thumbnail);
if ($tmp_image_size != false) {
$resolution_x = $tmp_image_size[0];
$resolution_y = $tmp_image_size[1];
}
$thumbnail = $tmp_thumbnail;
} else {
$rc = true;
}
if ($rc == true) {
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($albumId, $thumbnail, $saveThumbnailName);
}
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Building SQL and preparing to enter database");
}
if ($_MG_CONF['htmlallowed'] != 1) {
$media_desc = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($description)))));
$media_caption = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($caption)))));
$media_keywords = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($keywords)))));
} else {
$media_desc = DB_escapeString(COM_checkHTML(COM_killJS($description)));
$media_caption = DB_escapeString(COM_checkHTML(COM_killJS($caption)));
$media_keywords = DB_escapeString(COM_checkHTML(COM_killJS($keywords)));
}
// Check and see if moderation is on. If yes, place in mediasubmission
if ($albumInfo['moderate'] == 1 && !$MG_albums[0]->owner_id) {
// && !SEC_hasRights('mediagallery.create')) {
$tableMedia = $_TABLES['mg_mediaqueue'];
$tableMediaAlbum = $_TABLES['mg_media_album_queue'];
$queue = 1;
} else {
$tableMedia = $_TABLES['mg_media'];
$tableMediaAlbum = $_TABLES['mg_media_albums'];
$queue = 0;
}
$pathParts = array();
$pathParts = explode('/', $urlArray['path']);
$ppCount = count($pathParts);
$pPath = '';
for ($i = 1; $i < $ppCount - 1; $i++) {
$pPath .= '/' . $pathParts[$i];
}
$videoFile = $pathParts[$ppCount - 1];
if ($mediaType != 5) {
$original_filename = $videoFile;
} else {
$original_filename = '';
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Inserting media record into mg_media");
}
if (($resolution_x == 0 || $resolution_y == 0) && $mediaType != 0) {
$resolution_x = 320;
$resolution_y = 240;
}
$remoteURL = DB_escapeString($URL);
$sql = "INSERT INTO " . $tableMedia . " (media_id,media_filename,media_original_filename,media_mime_ext,media_exif,mime_type,media_title,media_desc,media_keywords,media_time,media_views,media_comments,media_votes,media_rating,media_tn_attached,media_tn_image,include_ss,media_user_id,media_user_ip,media_approval,media_type,media_upload_time,media_category,media_watermarked,v100,maint,media_resolution_x,media_resolution_y,remote_media,remote_url)\n VALUES ('" . DB_escapeString($new_media_id) . "','" . DB_escapeString($media_filename) . "','" . DB_escapeString($original_filename) . "','" . DB_escapeString($mimeExt) . "','1','" . DB_escapeString($mimeType) . "','{$media_caption}','{$media_desc}','{$media_keywords}','" . DB_escapeString($media_time) . "','0','0','0','0.00','" . DB_escapeString($attachedThumbnail) . "','','1','" . intval($media_user_id) . "','','0','" . DB_escapeString($mediaType) . "','" . DB_escapeString($media_upload_time) . "','" . DB_escapeString($category) . "','0','0','0',{$resolution_x},{$resolution_y},1,'{$remoteURL}');";
DB_query($sql);
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Updating Album information");
}
$sql = "SELECT MAX(media_order) + 10 AS media_seq FROM " . $_TABLES['mg_media_albums'] . " WHERE album_id = " . intval($albumId);
$result = DB_query($sql);
$row = DB_fetchArray($result);
$media_seq = $row['media_seq'];
if ($media_seq < 10) {
$media_seq = 10;
}
$sql = "INSERT INTO " . $tableMediaAlbum . " (media_id, album_id, media_order) VALUES ('" . DB_escapeString($new_media_id) . "', " . intval($albumId) . ", {$media_seq} )";
DB_query($sql);
if ($mediaType == 1 && $resolution_x > 0 && $resolution_y > 0) {
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$new_media_id}','width', '{$resolution_x}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$new_media_id}','height', '{$resolution_y}'");
}
// update the media count for the album, only if no moderation...
if ($queue == 0) {
$media_count = $albumInfo['media_count'] + 1;
DB_query("UPDATE " . $_TABLES['mg_albums'] . " SET media_count=" . $media_count . ",last_update=" . $media_upload_time . " WHERE album_id='" . $albumInfo['album_id'] . "'");
if ($albumInfo['album_cover'] == -1 && ($mediaType == 0 || $attachedThumbnail == 1)) {
if ($attachedThumbnail == 1) {
$covername = 'tn_' . $media_filename;
} else {
$covername = $media_filename;
}
if ($_MG_CONF['verbose']) {
COM_errorLog("MG Upload: Setting album cover filename to " . $covername);
}
DB_query("UPDATE {$_TABLES['mg_albums']} SET album_cover_filename='" . $covername . "'" . " WHERE album_id='" . $albumInfo['album_id'] . "'");
}
}
if ($queue) {
$errMsg .= $LANG_MG01['successful_upload_queue'];
// ' successfully placed in Moderation queue';
} else {
$errMsg .= $LANG_MG01['successful_upload'];
// ' successfully uploaded to album';
}
if ($queue == 0) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php';
MG_buildFullRSS();
MG_buildAlbumRSS($albumId);
}
COM_errorLog("MG Upload: Successfully uploaded a media object");
return array(true, $errMsg);
}
/**
* saves the specified album information
*
* @param int album_id album_id to edit
* @return string HTML
*
*/
function MG_saveAlbum($album_id, $actionURL = '')
{
global $_DB_dbms, $MG_albums, $_USER, $_CONF, $_TABLES, $_MG_CONF, $LANG_MG00, $LANG_MG01, $_POST;
$update = 0;
if (isset($_POST['album_id'])) {
$aid = COM_applyFilter($_POST['album_id'], true);
} else {
$aid = 0;
}
if (isset($_POST['force_child_update'])) {
$forceChildPermUpdate = COM_applyFilter($_POST['force_child_update'], true);
} else {
$forceChildPermUpdate = 0;
}
$thumb = $_FILES['thumbnail'];
$thumbnail = $thumb['tmp_name'];
if (isset($_POST['attach_tn'])) {
$att = COM_applyFilter($_POST['attach_tn']);
} else {
$att = 0;
}
if ($aid > 0) {
// should be 0 or negative 1 for create
$album = $MG_albums[$aid];
$oldparent = $album->parent;
$old_tn_attached = $album->tn_attached;
$old_featured = $album->featured;
$update = 1;
} else {
$album = new mgAlbum();
$album->id = $aid;
$update = 0;
$old_tn_attached = 0;
}
if ($_MG_CONF['htmlallowed'] == 1) {
$album->title = COM_checkHTML(COM_killJS($_POST['album_name']));
$album->description = COM_checkHTML(COM_killJS($_POST['album_desc']));
} else {
$album->title = htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['album_name']))));
$album->description = htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($_POST['album_desc']))));
}
if ($album->title == "") {
return MG_errorHandler("You must enter an Album Name");
}
$album->parent = COM_applyFilter($_POST['parentaid'], true);
// we should not need this
if (isset($_POST['hidden'])) {
$album->hidden = COM_applyFilter($_POST['hidden'], true);
} else {
$album->hidden = 0;
}
$album->cover = COM_applyFilter($_POST['cover']);
$album->cover_filename = COM_applyFilter($_POST['album_cover_filename']);
if (isset($_POST['enable_album_views'])) {
$album->enable_album_views = COM_applyFilter($_POST['enable_album_views'], true);
} else {
$album->enable_album_views = 0;
}
$album->image_skin = COM_applyFilter($_POST['skin']);
$album->album_skin = COM_applyFilter($_POST['askin']);
$album->display_skin = COM_applyFilter($_POST['dskin']);
if (isset($_POST['display_album_desc'])) {
$album->display_album_desc = COM_applyFilter($_POST['display_album_desc'], true);
} else {
$album->display_album_desc = 0;
}
if (isset($_POST['enable_comments'])) {
$album->enable_comments = COM_applyFilter($_POST['enable_comments'], true);
} else {
$album->enable_comments = 0;
}
$album->exif_display = COM_applyFilter($_POST['enable_exif'], true);
if (isset($_POST['enable_rating'])) {
$album->enable_rating = COM_applyFilter($_POST['enable_rating'], true);
} else {
$album->enable_rating = 0;
}
$album->playback_type = COM_applyFilter($_POST['playback_type'], true);
$album->tn_attached = isset($_POST['attach_tn']) ? COM_applyFilter($_POST['attach_tn'], true) : 0;
$album->enable_slideshow = COM_applyFilter($_POST['enable_slideshow'], true);
if (isset($_POST['enable_random'])) {
$album->enable_random = COM_applyFilter($_POST['enable_random'], true);
} else {
$album->enable_random = 0;
}
if (isset($_POST['enable_shutterfly'])) {
$album->enable_shutterfly = COM_applyFilter($_POST['enable_shutterfly'], true);
} else {
$album->enable_shutterfly = 0;
}
if (isset($_POST['enable_views'])) {
$album->enable_views = COM_applyFilter($_POST['enable_views'], true);
} else {
$album->enable_views = 0;
}
if (isset($_POST['enable_keywords'])) {
$album->enable_keywords = COM_applyFilter($_POST['enable_keywords'], true);
} else {
$album->enable_keywords = 0;
}
if (isset($_POST['enable_sort'])) {
$album->enable_sort = COM_applyFilter($_POST['enable_sort'], true);
} else {
$album->enable_sort = 0;
}
if (isset($_POST['enable_rss'])) {
$album->enable_rss = COM_applyFilter($_POST['enable_rss'], true);
} else {
$album->enable_rss = 0;
}
$album->enable_postcard = COM_applyFilter($_POST['enable_postcard'], true);
if (isset($_POST['albums_first'])) {
$album->albums_first = COM_applyFilter($_POST['albums_first'], true);
} else {
$album->albums_first = 0;
}
if (isset($_POST['allow_download'])) {
$album->allow_download = COM_applyFilter($_POST['allow_download'], true);
} else {
$album->allow_download = 0;
}
if (isset($_POST['usealternate'])) {
$album->useAlternate = COM_applyFilter($_POST['usealternate'], true);
} else {
$album->useAlternate = 0;
}
$album->full = COM_applyFilter($_POST['full_display'], true);
$album->tn_size = COM_applyFilter($_POST['tn_size'], true);
$album->max_image_height = COM_applyFilter($_POST['max_image_height'], true);
$album->max_image_width = COM_applyFilter($_POST['max_image_width'], true);
$album->max_filesize = COM_applyFilter($_POST['max_filesize'], true);
if ($album->max_filesize != 0) {
$album->max_filesize = $album->max_filesize * 1024;
}
$album->display_image_size = COM_applyFilter($_POST['display_image_size'], true);
$album->display_rows = COM_applyFilter($_POST['display_rows'], true);
$album->display_columns = COM_applyFilter($_POST['display_columns'], true);
$album->skin = COM_applyFilter($_POST['album_theme']);
if (isset($_POST['filename_title'])) {
$album->filename_title = COM_applyFilter($_POST['filename_title'], true);
} else {
$album->filename_title = 0;
}
$album->shopping_cart = 0;
if (isset($_POST['wm_auto'])) {
$album->wm_auto = COM_applyFilter($_POST['wm_auto'], true);
} else {
$album->wm_auto = 0;
}
$album->wm_id = COM_applyFilter($_POST['wm_id']);
$album->wm_opacity = COM_applyFilter($_POST['wm_opacity'], true);
$album->wm_location = COM_applyFilter($_POST['wm_location'], true);
$album->album_sort_order = COM_applyFilter($_POST['album_sort_order'], true);
if (isset($_POST['uploads'])) {
$album->member_uploads = COM_applyFilter($_POST['uploads'], true);
} else {
$album->member_uploads = 0;
}
if (isset($_POST['moderate'])) {
$album->moderate = COM_applyFilter($_POST['moderate'], true);
} else {
$album->moderate = 0;
}
if (isset($_POST['email_mod'])) {
$album->email_mod = COM_applyFilter($_POST['email_mod'], true);
} else {
$album->email_mod = 0;
}
if (isset($_POST['podcast'])) {
$album->podcast = COM_applyFilter($_POST['podcast'], true);
} else {
$album->podcast = 0;
}
if (isset($_POST['mp3ribbon'])) {
$album->mp3ribbon = COM_applyFilter($_POST['mp3ribbon'], true);
} else {
$album->mp3ribbon = 0;
}
if (isset($_POST['rsschildren'])) {
$album->rssChildren = COM_applyFilter($_POST['rsschildren'], true);
} else {
$album->rssChildren = 0;
}
if (isset($_POST['tnheight'])) {
$album->tnHeight = COM_applyFilter($_POST['tnheight'], true);
if ($album->tnHeight == 0) {
$album->tnHeight = 200;
}
} else {
$album->tnHeight = 200;
}
if (isset($_POST['tnwidth'])) {
$album->tnWidth = COM_applyFilter($_POST['tnwidth'], true);
if ($album->tnWidth == 0) {
$album->tnWidth = 200;
}
} else {
$album->tnWidth = 200;
}
if (SEC_hasRights('mediagallery.admin')) {
$format_jpg = isset($_POST['format_jpg']) ? COM_applyFilter($_POST['format_jpg'], true) : 0;
$format_png = isset($_POST['format_png']) ? COM_applyFilter($_POST['format_png'], true) : 0;
$format_tif = isset($_POST['format_tif']) ? COM_applyFilter($_POST['format_tif'], true) : 0;
$format_gif = isset($_POST['format_gif']) ? COM_applyFilter($_POST['format_gif'], true) : 0;
$format_bmp = isset($_POST['format_bmp']) ? COM_applyFilter($_POST['format_bmp'], true) : 0;
$format_tga = isset($_POST['format_tga']) ? COM_applyFilter($_POST['format_tga'], true) : 0;
$format_psd = isset($_POST['format_psd']) ? COM_applyFilter($_POST['format_psd'], true) : 0;
$format_mp3 = isset($_POST['format_mp3']) ? COM_applyFilter($_POST['format_mp3'], true) : 0;
$format_ogg = isset($_POST['format_ogg']) ? COM_applyFilter($_POST['format_ogg'], true) : 0;
$format_asf = isset($_POST['format_asf']) ? COM_applyFilter($_POST['format_asf'], true) : 0;
$format_swf = isset($_POST['format_swf']) ? COM_applyFilter($_POST['format_swf'], true) : 0;
$format_mov = isset($_POST['format_mov']) ? COM_applyFilter($_POST['format_mov'], true) : 0;
$format_mp4 = isset($_POST['format_mp4']) ? COM_applyFilter($_POST['format_mp4'], true) : 0;
$format_mpg = isset($_POST['format_mpg']) ? COM_applyFilter($_POST['format_mpg'], true) : 0;
$format_zip = isset($_POST['format_zip']) ? COM_applyFilter($_POST['format_zip'], true) : 0;
$format_other = isset($_POST['format_other']) ? COM_applyFilter($_POST['format_other'], true) : 0;
$format_flv = isset($_POST['format_flv']) ? COM_applyFilter($_POST['format_flv'], true) : 0;
$format_rflv = isset($_POST['format_rflv']) ? COM_applyFilter($_POST['format_rflv'], true) : 0;
$format_emb = isset($_POST['format_emb']) ? COM_applyFilter($_POST['format_emb'], true) : 0;
$album->valid_formats = $format_jpg + $format_png + $format_tif + $format_gif + $format_bmp + $format_tga + $format_psd + $format_mp3 + $format_ogg + $format_asf + $format_swf + $format_mov + $format_mp4 + $format_mpg + $format_zip + $format_other + $format_flv + $format_rflv + $format_emb;
if (isset($_POST['featured'])) {
$album->featured = COM_applyFilter($_POST['featured'], true);
// admin only
} else {
$album->featured = 0;
}
$album->cbposition = COM_applyFilter($_POST['featureposition'], true);
// admin only
$album->cbpage = COM_applyFilter($_POST['featurepage']);
// admin only
$album->group_id = isset($_POST['group_id']) ? COM_applyFilter($_POST['group_id']) : 0;
// admin only
$album->mod_group_id = isset($_POST['mod_id']) ? COM_applyFilter($_POST['mod_id'], true) : 0;
// admin only
$perm_owner = isset($_POST['perm_owner']) ? $_POST['perm_owner'] : 0;
// admin only
$perm_group = isset($_POST['perm_group']) ? $_POST['perm_group'] : 0;
// admin only
$perm_members = isset($_POST['perm_members']) ? $_POST['perm_members'] : 0;
$perm_anon = isset($_POST['perm_anon']) ? $_POST['perm_anon'] : 0;
list($album->perm_owner, $album->perm_group, $album->perm_members, $album->perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
} else {
$perm_owner = $album->perm_owner;
// already set by existing album?
$perm_group = $album->perm_group;
// already set by existing album?
if ($update == 0) {
if (isset($MG_albums[$album->parent]->group_id)) {
$grp_id = $MG_albums[$album->parent]->group_id;
$album->group_id = $grp_id;
} else {
$gresult = DB_query("SELECT grp_id FROM {$_TABLES['groups']} WHERE grp_name LIKE 'mediagallery Admin'");
$grow = DB_fetchArray($gresult);
$grp_id = $grow['grp_id'];
$album->group_id = $grp_id;
// only do these two if create....
}
$album->mod_group_id = $_MG_CONF['member_mod_group_id'];
if ($album->mod_group_id == '' || $album->mod_group_id < 1) {
$album->mod_group_id = $grp_id;
}
}
$perm_members = $_POST['perm_members'];
$perm_anon = $_POST['perm_anon'];
list($junk1, $junk2, $album->perm_members, $album->perm_anon) = SEC_getPermissionValues($perm_owner, $perm_group, $perm_members, $perm_anon);
}
if (isset($_POST['owner_id'])) {
$album->owner_id = COM_applyFilter($_POST['owner_id']);
} else {
$album->owner_id = 2;
}
// simple check to see if we can create off the album root...
if (!SEC_hasRights('mediagallery.admin')) {
if ($album->parent == $_MG_CONF['member_album_root'] && $update == 0) {
if ($_MG_CONF['member_create_new'] == 0) {
return MG_errorHandler("Cannot create a new album off the member root, please select a new parent album");
}
}
}
// final permission check to make sure we have the proper rights to create here....
if ($album->parent == 0 && $update == 0 && !$_MG_CONF['member_albums'] == 1 && !$_MG_CONF['member_album_root'] == 0) {
// see if we are mediagallery.admin
if (!SEC_hasRights('mediagallery.admin')) {
COM_errorLog("MediaGallery: Someone has tried to illegally save a Media Gallery Album in Root. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
return MG_genericError($LANG_MG00['access_denied_msg']);
}
} elseif ($album->parent != 0) {
if (!isset($MG_albums[$album->parent]->id)) {
// does not exist...
COM_errorLog("MediaGallery: Someone has tried to save a album to non-existent parent album. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
return MG_genericError($LANG_MG00['access_denied_msg']);
} else {
if ($MG_albums[$album->parent]->access != 3 && !SEC_hasRights('mediagallery.admin') && !$_MG_CONF['member_albums'] && !($_MG_CONF['member_album_root'] == $MG_album[$album->parent]->id)) {
COM_errorLog("MediaGallery: Someone has tried to illegally save a Media Gallery Album. User id: {$_USER['uid']}, Username: {$_USER['username']}, IP: {$REMOTE_ADDR}", 1);
return MG_genericError($LANG_MG00['access_denied_msg']);
}
}
}
if ($old_tn_attached == 0 && $album->tn_attached == 1 && $thumb['tmp_name'] == '') {
$album->tn_attached = 0;
}
if ($old_tn_attached == 1 && $album->tn_attached == 0) {
$remove_old_tn = 1;
} else {
$remove_old_tn = 0;
}
if ($thumb['tmp_name'] != '' && $album->tn_attached == 1) {
$thumbnail = $thumb['tmp_name'];
$attachtn = 1;
} else {
$attachtn = 0;
}
// pull the watermark id associated with the filename...
if ($album->wm_id == 'blank.png') {
$wm_id = 0;
} else {
$wm_id = DB_getItem($_TABLES['mg_watermarks'], 'wm_id', 'filename="' . DB_escapeString($album->wm_id) . '"');
}
if ($wm_id == '') {
$wm_id = 0;
}
if ($wm_id == 0) {
$album->wm_auto = 0;
}
$album->wm_id = $wm_id;
// handle new featured albums
if (SEC_hasRights('mediagallery.admin')) {
if ($album->featured) {
// check for other featured albums, we can only have one
$sql = "SELECT album_id FROM {$_TABLES['mg_albums']} WHERE featured=1 AND cbpage='" . DB_escapeString($album->cbpage) . "'";
$result = DB_query($sql);
$nRows = DB_numRows($result);
if ($nRows > 0) {
$row = DB_fetchArray($result);
$sql = "UPDATE {$_TABLES['mg_albums']} SET featured=0 WHERE album_id=" . $row['album_id'];
DB_query($sql);
}
}
} else {
// if a new album, set the member album defaults since we are a non-admin
if ($album->isMemberAlbum() && update == 0) {
$album->perm_owner = $_MG_CONF['member_perm_owner'];
$album->perm_group = $_MG_CONF['member_perm_group'];
$album->enable_random = $_MG_CONF['member_enable_random'];
$album->max_image_height = $_MG_CONF['member_max_height'];
$album->max_image_width = $_MG_CONF['member_max_width'];
$album->max_filesize = $_MG_CONF['member_max_filesize'];
$album->member_uploads = $_MG_CONF['member_uploads'];
$album->moderate = $_MG_CONF['member_moderate'];
$album->email_mod = $_MG_CONF['member_email_mod'];
$album->valid_formats = $_MG_CONF['member_valid_formats'];
}
}
$album->title = substr($album->title, 0, 254);
if ($_DB_dbms == "mssql") {
$album->description = substr($album->description, 0, 1500);
}
if ($album->last_update == '') {
$album->last_update = 0;
}
$album->last_update = intval($album->last_update);
if ($album->id < 1) {
$album->id = $album->createAlbumID();
$aid = $album->id;
$album->order = $album->getNextSortOrder();
}
if ($album->id == 0) {
COM_errorLog("MediaGallery: Internal Error - album_id = 0 - Contact mark@glfusion.org ");
return MG_genericError($LANG_MG00['access_denied_msg']);
}
$album->saveAlbum();
$album->updateChildPermissions($forceChildPermUpdate);
// now handle the attached cover...
if ($attachtn == 1) {
if (!function_exists('MG_getFile')) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/lib-upload.php';
}
$media_filename = $_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $album->id;
MG_attachThumbnail($album->id, $thumbnail, $media_filename);
}
if ($remove_old_tn == 1) {
foreach ($_MG_CONF['validExtensions'] as $ext) {
if (file_exists($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $album->id . $ext)) {
@unlink($_MG_CONF['path_mediaobjects'] . 'covers/cover_' . $album->id . $ext);
break;
}
}
}
MG_initAlbums(1);
// do any album sorting here...
if (isset($MG_albums[$aid]) && $MG_albums[$aid]->parent == 0) {
switch ($MG_albums[$aid]->album_sort_order) {
case 0:
break;
case 3:
// upload, asc
MG_staticSortAlbum($aid, 2, 1, 0);
break;
case 4:
// upload, desc
MG_staticSortAlbum($aid, 2, 0, 0);
break;
case 5:
// title, asc
MG_staticSortAlbum($aid, 0, 1, 0);
break;
case 6:
// title, desc
MG_staticSortAlbum($aid, 0, 0, 0);
break;
case 7:
// rating, desc
MG_staticSortAlbum($aid, 3, 0, 0);
break;
case 8:
// rating, desc
MG_staticSortAlbum($aid, 3, 1, 0);
break;
default:
// skip it...
break;
}
} else {
// not a root album...
switch ($MG_albums[$MG_albums[$aid]->parent]->album_sort_order) {
case 0:
break;
case 3:
// upload, asc
MG_staticSortAlbum($MG_albums[$aid]->parent, 2, 1, 0);
break;
case 4:
// upload, desc
MG_staticSortAlbum($MG_albums[$aid]->parent, 2, 0, 0);
break;
case 5:
// title, asc
MG_staticSortAlbum($MG_albums[$aid]->parent, 0, 1, 0);
break;
case 6:
// title, desc
MG_staticSortAlbum($MG_albums[$aid]->parent, 0, 0, 0);
break;
case 7:
// rating, desc
MG_staticSortAlbum($MG_albums[$aid]->parent, 3, 0, 0);
break;
case 8:
// rating, desc
MG_staticSortAlbum($MG_albums[$aid]->parent, 3, 1, 0);
break;
default:
// skip it...
break;
}
// now call it for myself to sort my subs
switch ($MG_albums[$aid]->album_sort_order) {
case 0:
break;
case 3:
// upload, asc
MG_staticSortAlbum($aid, 2, 1, 0);
break;
case 4:
// upload, desc
MG_staticSortAlbum($aid, 2, 0, 0);
break;
case 5:
// title, asc
MG_staticSortAlbum($aid, 0, 1, 0);
break;
case 6:
// title, desc
MG_staticSortAlbum($aid, 0, 0, 0);
break;
case 7:
// rating, desc
MG_staticSortAlbum($aid, 3, 0, 0);
break;
case 8:
// rating, desc
MG_staticSortAlbum($aid, 3, 1, 0);
break;
default:
// skip it...
break;
}
}
if (!function_exists('MG_buildFullRSS')) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php';
}
MG_buildFullRSS();
MG_buildAlbumRSS($album->id);
$actionURL = $_MG_CONF['site_url'] . '/album.php?aid=' . $album->id;
echo COM_refresh($actionURL);
exit;
}
function _MG_getFile($filename, $file, $albums, $caption = '', $description = '', $upload = 1, $purgefiles = 0, $filetype, $atttn, $thumbnail, $keywords = '', $category = 0, $dnc = 0, $replace = 0, $userid)
{
global $MG_albums, $_CONF, $_MG_CONF, $_USER, $_TABLES, $LANG_MG00, $LANG_MG01, $LANG_MG02, $new_media_id;
$artist = '';
$musicAlbum = '';
$genre = '';
$video_attached_thumbnail = 0;
$successfulWatermark = 0;
$dnc = 1;
$errors = 0;
$errMsg = '';
clearstatcache();
if (!file_exists($filename)) {
$errMsg = $LANG_MG02['upload_not_found'];
return array(false, $errMsg);
}
clearstatcache();
if (!is_readable($filename)) {
$errMsg = $LANG_MG02['upload_not_readable'];
return array(false, $errMsg);
}
// make sure we have the proper permissions to upload to this album....
if (!isset($MG_albums[$albums]->id)) {
$errMsg = $LANG_MG02['album_nonexist'];
// "Album does not exist, unable to process uploads";
return array(false, $errMsg);
}
sleep(1);
// We do this to make sure we don't get dupe sid's
/*
* The following section of code will generate a unique name for a temporary
* file and copy the uploaded file to the Media Gallery temp directory.
* We do this to prevent any SAFE MODE issues when we later open the
* file to determine the mime type.
*/
if (empty($_USER['username']) || $_USER['username'] == '') {
$_USER['username'] = '******';
}
$tmpPath = $_MG_CONF['tmp_path'] . '/' . $_USER['username'] . COM_makesid() . '.tmp';
if ($upload) {
$rc = @move_uploaded_file($filename, $tmpPath);
} else {
$rc = @copy($filename, $tmpPath);
$importSource = $filename;
}
if ($rc != 1) {
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
@unlink($tmpPath);
return array(false, $errMsg);
}
$filename = $tmpPath;
if ($replace > 0) {
$new_media_id = $replace;
} else {
$new_media_id = COM_makesid();
}
$media_time = time();
$media_upload_time = time();
$media_user_id = $userid;
$mimeInfo = IMG_getMediaMetaData($filename);
$mimeExt = strtolower(substr(strrchr($file, "."), 1));
$mimeInfo['type'] = $mimeExt;
if (!isset($mimeInfo['mime_type']) || $mimeInfo['mime_type'] == '') {
$mimeInfo['mime_type'] = $filetype;
}
$gotTN = 0;
if (isset($mimeInfo['id3v2']['APIC'][0]['mime']) && $mimeInfo['id3v2']['APIC'][0]['mime'] == 'image/jpeg') {
$mp3AttachdedThumbnail = $mimeInfo['id3v2']['APIC'][0]['data'];
$gotTN = 1;
}
if ($mimeExt == '' || $mimeInfo['mime_type'] == 'application/octet-stream' || $mimeInfo['mime_type'] == '') {
// assume format based on file upload info...
switch ($filetype) {
case 'audio/mpeg':
$mimeInfo['type'] = 'mp3';
$mimeInfo['mime_type'] = 'audio/mpeg';
$mimeExt = 'mp3';
break;
case 'image/tga':
$mimeInfo['type'] = 'tga';
$mimeInfo['mime_type'] = 'image/tga';
$mimeExt = 'tga';
break;
case 'image/psd':
$mimeInfo['type'] = 'psd';
$mimeInfo['mime_type'] = 'image/psd';
$mimeExt = 'psd';
break;
case 'image/gif':
$mimeInfo['type'] = 'gif';
$mimeInfo['mime_type'] = 'image/gif';
$mimeExt = 'gif';
break;
case 'image/jpeg':
case 'image/jpg':
$mimeInfo['type'] = 'jpg';
$mimeInfo['mime_type'] = 'image/jpeg';
$mimeExt = 'jpg';
break;
case 'image/png':
$mimeInfo['type'] = 'png';
$mimeInfo['mime_type'] = 'image/png';
$mimeExt = 'png';
break;
case 'image/bmp':
$mimeInfo['type'] = 'bmp';
$mimeInfo['mime_type'] = 'image/bmp';
$mimeExt = 'bmp';
break;
case 'application/x-shockwave-flash':
$mimeInfo['type'] = 'swf';
$mimeInfo['mime_type'] = 'application/x-shockwave-flash';
$mimeExt = 'swf';
break;
case 'application/zip':
$mimeInfo['type'] = 'zip';
$mimeInfo['mime_type'] = 'application/zip';
$mimeExt = 'zip';
break;
case 'audio/mpeg':
$mimeInfo['type'] = 'mp3';
$mimeInfo['mime_type'] = 'audio/mpeg';
$mimeExt = 'mp3';
break;
case 'video/quicktime':
$mimeInfo['type'] = 'mov';
$mimeInfo['mime_type'] = 'video/quicktime';
$mimeExt = 'mov';
break;
case 'video/x-m4v':
$mimeInfo['type'] = 'mov';
$mimeInfo['mime_type'] = 'video/x-m4v';
$mimeExt = 'mov';
break;
case 'video/x-flv':
$mimeInfo['type'] = 'flv';
$mimeInfo['mime_type'] = 'video/x-flv';
$mimeExt = 'flv';
break;
case 'audio/x-ms-wma':
$mimeInfo['type'] = 'wma';
$mimeInfo['mime_type'] = 'audio/x-ms-wma';
$mimeExt = 'wma';
break;
default:
$file_extension = strtolower(substr(strrchr($file, "."), 1));
switch ($file_extension) {
case 'flv':
$mimeInfo['type'] = 'flv';
$mimeInfo['mime_type'] = 'video/x-flv';
$mimeExt = 'flv';
break;
case 'wma':
$mimeInfo['type'] = 'wma';
$mimeInfo['mime_type'] = 'audio/x-ms-wma';
$mimeExt = 'wma';
break;
default:
$mimeInfo['type'] = 'file';
if ($filetype != '') {
$mimeInfo['mime_type'] = $filetype;
} else {
$mimeInfo['mime_type'] = 'application/octet-stream';
}
$mimeExt = $file_extension;
break;
}
}
}
switch ($mimeInfo['mime_type']) {
case 'audio/mpeg':
$format_type = MG_MP3;
break;
case 'image/gif':
$format_type = MG_GIF;
break;
case 'image/jpeg':
case 'image/jpg':
$format_type = MG_JPG;
break;
case 'image/png':
$format_type = MG_PNG;
break;
case 'image/bmp':
$format_type = MG_BMP;
break;
case 'application/x-shockwave-flash':
$format_type = MG_SWF;
break;
case 'application/zip':
$format_type = MG_ZIP;
break;
case 'video/mpeg':
case 'video/x-motion-jpeg':
case 'video/quicktime':
case 'video/mpeg':
case 'video/x-mpeg':
case 'video/x-mpeq2a':
case 'video/x-qtc':
case 'video/x-m4v':
$format_type = MG_MOV;
break;
case 'video/x-flv':
$format_type = MG_FLV;
break;
case 'image/tiff':
$format_type = MG_TIF;
break;
case 'image/x-targa':
case 'image/tga':
$format_type = MG_TGA;
break;
case 'image/psd':
$format_type = MG_PSD;
break;
case 'application/ogg':
$format_type = MG_OGG;
break;
case 'audio/x-ms-wma':
case 'audio/x-ms-wax':
case 'audio/x-ms-wmv':
case 'video/x-ms-asf':
case 'video/x-ms-asf-plugin':
case 'video/avi':
case 'video/msvideo':
case 'video/x-msvideo':
case 'video/avs-video':
case 'video/x-ms-wmv':
case 'video/x-ms-wvx':
case 'video/x-ms-wm':
case 'application/x-troff-msvideo':
case 'application/x-ms-wmz':
case 'application/x-ms-wmd':
$format_type = MG_ASF;
break;
case 'application/pdf':
$format_type = MG_OTHER;
break;
default:
$format_type = MG_OTHER;
break;
}
$mimeType = $mimeInfo['mime_type'];
if ($filetype == 'video/x-m4v') {
$mimeType = 'video/x-m4v';
$mimeInfo['mime_type'] = 'video/x-m4v';
}
if (!($MG_albums[$albums]->valid_formats & $format_type)) {
return array(false, $LANG_MG02['format_not_allowed']);
}
if ($replace > 0) {
$sql = "SELECT * FROM {$_TABLES['mg_media']} WHERE media_id='" . DB_escapeString($replace) . "'";
$result = DB_query($sql);
$row = DB_fetchArray($result);
$media_filename = $row['media_filename'];
} else {
if ($_MG_CONF['preserve_filename'] == 1) {
$loopCounter = 0;
$digitCounter = 1;
$file_name = stripslashes($file);
$file_name = MG_replace_accents($file_name);
$file_name = preg_replace("#[ ]#", "_", $file_name);
// change spaces to underscore
$file_name = preg_replace('#[^\\.\\-,\\w]#', '_', $file_name);
//only parenthesis, underscore, letters, numbers, comma, hyphen, period - others to underscore
$file_name = preg_replace('#(_)+#', '_', $file_name);
//eliminate duplicate underscore
$pos = strrpos($file_name, '.');
if ($pos === false) {
$basefilename = $file_name;
} else {
$basefilename = strtolower(substr($file_name, 0, $pos));
}
do {
clearstatcache();
$media_filename = substr(md5(uniqid(rand())), 0, $digitCounter) . '_' . $basefilename;
$loopCounter++;
if ($loopCounter > 16) {
$digitCounter++;
$loopCounter = 0;
}
} while (MG_file_exists($media_filename));
} else {
do {
clearstatcache();
$media_filename = md5(uniqid(rand()));
} while (MG_file_exists($media_filename));
}
}
// replace a few mime extentions here...
//
$mimeExtLower = strtolower($mimeExt);
if ($mimeExtLower == 'php') {
$mimeExt = 'phps';
} else {
if ($mimeExtLower == 'pl') {
$mimeExt = 'txt';
} else {
if ($mimeExtLower == 'cgi') {
$mimeExt = 'txt';
} else {
if ($mimeExtLower == 'py') {
$mimeExt = 'txt';
} else {
if ($mimeExtLower == 'sh') {
$mimeExt = 'txt';
} else {
if ($mimeExtLower == 'rb') {
$mimeExt = 'txt';
}
}
}
}
}
}
$disp_media_filename = $media_filename . '.' . $mimeExt;
switch ($mimeType) {
case 'image/psd':
case 'image/x-targa':
case 'image/tga':
case 'image/photoshop':
case 'image/x-photoshop':
case 'image/psd':
case 'application/photoshop':
case 'application/psd':
case 'image/tiff':
case 'image/gif':
case 'image/jpeg':
case 'image/jpg':
case 'image/png':
case 'image/bmp':
if ($mimeType == 'image/psd' || $mimeType == 'image/x-targa' || $mimeType == 'image/tga' || $mimeType == 'image/photoshop' || $mimeType == 'image/x-photoshop' || $mimeType == 'image/psd' || $mimeType == 'application/photoshop' || $mimeType == 'application/psd' || $mimeType == 'image/tiff') {
$media_orig = $_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . "." . $mimeExt;
$media_disp = $_MG_CONF['path_mediaobjects'] . 'disp/' . $media_filename[0] . '/' . $media_filename . ".jpg";
$media_tn = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/' . $media_filename . ".jpg";
} else {
$media_orig = $_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . "." . $mimeExt;
$media_disp = $_MG_CONF['path_mediaobjects'] . 'disp/' . $media_filename[0] . '/' . $media_filename . "." . $mimeExt;
$media_tn = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/' . $media_filename . "." . $mimeExt;
}
$mimeType = $mimeInfo['mime_type'];
// process image file
$media_time = getOriginationTimestamp($filename);
if ($media_time == null || $media_time < 0) {
$media_time = time();
}
$rc = @copy($filename, $media_orig);
if ($rc != 1) {
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
if ($purgefiles) {
@unlink($importSource);
}
@chmod($media_orig, 0644);
list($rc, $msg) = MG_convertImage($media_orig, $media_tn, $media_disp, $mimeExt, $mimeType, $albums, $media_filename, $dnc);
if ($rc == false) {
$errors++;
$errMsg .= $msg;
// sprintf($LANG_MG02['convert_error'],$filename);
} else {
$mediaType = 0;
if ($_MG_CONF['discard_original'] == 1 && ($mimeType == 'image/jpeg' || $mimeType == 'image/jpg' || $mimeType == 'image/png' || $mimeType == 'image/bmp' || $mimeType == 'image/gif')) {
if ($_MG_CONF['jhead_enabled'] && ($mimeType == 'image/jpeg' || $mimeType == 'image/jpg')) {
$rc = MG_execWrapper('"' . $_MG_CONF['jhead_path'] . "/jhead" . '"' . " -te " . $media_orig . " " . $media_disp);
}
@unlink($media_orig);
}
if ($MG_albums[$albums]->wm_auto) {
if ($_MG_CONF['discard_original'] == 1) {
$rc = MG_watermark($media_disp, $albums, 1);
if ($rc == TRUE) {
$successfulWatermark = 1;
}
} else {
$rc1 = MG_watermark($media_orig, $albums, 1);
$rc2 = MG_watermark($media_disp, $albums, 0);
if ($rc1 == TRUE && $rc2 == TRUE) {
$successfulWatermark = 1;
}
}
}
if ($dnc != 1) {
if ($mimeType != 'image/tga' && $mimeType != 'image/x-targa' && $mimeType != 'image/tiff') {
if ($mimeType != 'image/photoshop' && $mimeType != 'image/x-photoshop' && $mimeType != 'image/psd' && $mimeType != 'application/photoshop' && $mimeType != 'application/psd') {
$mimeExt = 'jpg';
$mimeType = 'image/jpeg';
}
}
}
}
}
break;
case 'video/quicktime':
case 'video/mpeg':
case 'video/x-flv':
case 'video/x-ms-asf':
case 'video/x-ms-asf-plugin':
case 'video/avi':
case 'video/msvideo':
case 'video/x-msvideo':
case 'video/avs-video':
case 'video/x-ms-wmv':
case 'video/x-ms-wvx':
case 'video/x-ms-wm':
case 'application/x-troff-msvideo':
case 'application/x-shockwave-flash':
case 'video/mp4':
case 'video/x-m4v':
$mimeType = $mimeInfo['mime_type'];
if ($filetype == 'video/mp4') {
$mimeExt = 'mp4';
}
// process video format
$media_orig = $_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . '.' . $mimeExt;
$rc = @copy($filename, $media_orig);
if ($rc != 1) {
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
if ($purgefiles) {
@unlink($importSource);
}
@chmod($media_orig, 0644);
$mediaType = 1;
}
$video_attached_thumbnail = MG_videoThumbnail($albums, $media_orig, $media_filename);
break;
case 'application/ogg':
case 'audio/mpeg':
case 'audio/x-ms-wma':
case 'audio/x-ms-wax':
case 'audio/x-ms-wmv':
$mimeType = $mimeInfo['mime_type'];
// process audio format
$media_orig = $_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . '.' . $mimeExt;
$rc = @copy($filename, $media_orig);
if (isset($mimeInfo['tags']['id3v1']['title'][0])) {
if ($caption == '') {
$caption = $mimeInfo['tags']['id3v1']['title'][0];
}
}
if (isset($mimeInfo['tags']['id3v1']['artist'][0])) {
$artist = DB_escapeString($mimeInfo['tags']['id3v1']['artist'][0]);
}
if (isset($mimeInfo['tags']['id3v2']['genre'][0])) {
$genre = DB_escapeString($mimeInfo['tags']['id3v2']['genre'][0]);
}
if (isset($mimeInfo['tags']['id3v1']['album'][0])) {
$musicAlbum = DB_escapeString($mimeInfo['tags']['id3v1']['album'][0]);
}
if ($rc != 1) {
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
if ($purgefiles) {
@unlink($importSource);
}
$mediaType = 2;
}
break;
case 'zip':
case 'application/zip':
if ($_MG_CONF['zip_enabled']) {
$errMsg .= MG_processZip($filename, $albums, $purgefiles, $media_filename);
break;
}
// NO BREAK HERE, fall through if enable zip isn't allowed
// NO BREAK HERE, fall through if enable zip isn't allowed
default:
$media_orig = $_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . "." . $mimeExt;
$mimeType = $mimeInfo['mime_type'];
$rc = @copy($filename, $media_orig);
if ($rc != 1) {
$errors++;
$errMsg .= sprintf($LANG_MG02['move_error'], $filename);
} else {
if ($purgefiles) {
@unlink($importSource);
}
$mediaType = 4;
}
$mediaType = 4;
break;
}
// update quota
$quota = $MG_albums[$albums]->album_disk_usage;
if ($_MG_CONF['discard_original'] == 1) {
$quota += @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . '.' . $mimeExt);
$quota += @filesize($_MG_CONF['path_mediaobjects'] . 'disp/' . $media_filename[0] . '/' . $media_filename . '.jpg');
} else {
$quota += @filesize($_MG_CONF['path_mediaobjects'] . 'orig/' . $media_filename[0] . '/' . $media_filename . '.' . $mimeExt);
}
DB_query("UPDATE {$_TABLES['mg_albums']} SET album_disk_usage=" . $quota . " WHERE album_id=" . $albums);
if ($errors) {
@unlink($tmpPath);
return array(false, $errMsg);
}
if (($mimeType != 'application/zip' || $_MG_CONF['zip_enabled'] == 0) && $errors == 0) {
// Now we need to process an uploaded thumbnail
if ($gotTN == 1) {
$mp3TNFilename = $_MG_CONF['tmp_path'] . '/mp3tn' . time() . '.jpg';
$fn = fopen($mp3TNFilename, "w");
fwrite($fn, $mp3AttachdedThumbnail);
fclose($fn);
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($albums, $mp3TNFilename, $saveThumbnailName);
@unlink($mp3TNFilename);
$atttn = 1;
} else {
if ($atttn == 1) {
$saveThumbnailName = $_MG_CONF['path_mediaobjects'] . 'tn/' . $media_filename[0] . '/tn_' . $media_filename;
MG_attachThumbnail($albums, $thumbnail, $saveThumbnailName);
}
}
if ($video_attached_thumbnail) {
$atttn = 1;
}
if ($MG_albums[$albums]->enable_html != 1) {
// if ($_MG_CONF['htmlallowed'] != 1 ) {
$media_desc = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($description)))));
$media_caption = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($caption)))));
$media_keywords = DB_escapeString(htmlspecialchars(strip_tags(COM_checkWords(COM_killJS($keywords)))));
} else {
$media_desc = DB_escapeString(COM_checkHTML(COM_killJS($description)));
$media_caption = DB_escapeString(COM_checkHTML(COM_killJS($caption)));
$media_keywords = DB_escapeString(COM_checkHTML(COM_killJS($keywords)));
}
// Check and see if moderation is on. If yes, place in mediasubmission
if ($MG_albums[$albums]->moderate == 1 && !$MG_albums[0]->owner_id) {
$tableMedia = $_TABLES['mg_mediaqueue'];
$tableMediaAlbum = $_TABLES['mg_media_album_queue'];
$queue = 1;
} else {
$tableMedia = $_TABLES['mg_media'];
$tableMediaAlbum = $_TABLES['mg_media_albums'];
$queue = 0;
}
$original_filename = DB_escapeString($file);
if ($MG_albums[$albums]->filename_title) {
if ($media_caption == '') {
$pos = strrpos($original_filename, '.');
if ($pos === false) {
$media_caption = $original_filename;
} else {
$media_caption = substr($original_filename, 0, $pos);
}
}
}
$resolution_x = 0;
$resolution_y = 0;
// try to find a resolution if video...
if ($mediaType == 1) {
switch ($mimeType) {
case 'application/x-shockwave-flash':
case 'video/quicktime':
case 'video/mpeg':
case 'video/x-m4v':
if (isset($mimeInfo['video']['resolution_x']) && isset($mimeInfo['video']['resolution_x'])) {
$resolution_x = $mimeInfo['video']['resolution_x'];
$resolution_y = $mimeInfo['video']['resolution_y'];
} else {
$resolution_x = -1;
$resolution_y = -1;
}
break;
case 'video/x-flv':
if ($mimeInfo['video']['resolution_x'] < 1 || $mimeInfo['video']['resolution_y'] < 1) {
if (isset($mimeInfo['meta']['onMetaData']['width']) && isset($mimeInfo['meta']['onMetaData']['height'])) {
$resolution_x = $mimeInfo['meta']['onMetaData']['width'];
$resolution_y = $mimeInfo['meta']['onMetaData']['height'];
} else {
$resolution_x = -1;
$resolution_y = -1;
}
} else {
$resolution_x = $mimeInfo['video']['resolution_x'];
$resolution_y = $mimeInfo['video']['resolution_y'];
}
break;
case 'video/x-ms-asf':
case 'video/x-ms-asf-plugin':
case 'video/avi':
case 'video/msvideo':
case 'video/x-msvideo':
case 'video/avs-video':
case 'video/x-ms-wmv':
case 'video/x-ms-wvx':
case 'video/x-ms-wm':
case 'application/x-troff-msvideo':
if (isset($mimeInfo['video']['streams']['2']['resolution_x']) && isset($mimeInfo['video']['streams']['2']['resolution_y'])) {
$resolution_x = $mimeInfo['video']['streams']['2']['resolution_x'];
$resolution_y = $mimeInfo['video']['streams']['2']['resolution_y'];
} else {
$resolution_x = -1;
$resolution_y = -1;
}
break;
}
}
if ($replace > 0) {
$sql = "UPDATE " . $tableMedia . " SET\n\t \t\t\t\t\tmedia_filename='" . DB_escapeString($media_filename) . "',\n\t \t\t\t\t\tmedia_original_filename='{$original_filename}',\n\t \t\t\t\t\tmedia_mime_ext='" . DB_escapeString($mimeExt) . "',\n\t \t\t\t\t\tmime_type='" . DB_escapeString($mimeType) . "',\n\t \t\t\t\t\tmedia_time='" . DB_escapeString($media_time) . "',\n\t \t\t\t\t\tmedia_user_id='" . DB_escapeString($media_user_id) . "',\n\t \t\t\t\t\tmedia_type='" . DB_escapeString($mediaType) . "',\n\t \t\t\t\t\tmedia_upload_time='" . DB_escapeString($media_upload_time) . "',\n\t \t\t\t\t\tmedia_watermarked='" . DB_escapeString($successfulWatermark) . "',\n\t \t\t\t\t\tmedia_resolution_x='" . DB_escapeString($resolution_x) . "',\n\t \t\t\t\t\tmedia_resolution_y='" . DB_escapeString($resolution_y) . "'\n\t \t\t\t\t\tWHERE media_id='" . DB_escapeString($replace) . "'";
DB_query($sql);
} else {
$sql = "INSERT INTO " . $tableMedia . " (media_id,media_filename,media_original_filename,media_mime_ext,media_exif,mime_type,media_title,media_desc,media_keywords,media_time,media_views,media_comments,media_votes,media_rating,media_tn_attached,media_tn_image,include_ss,media_user_id,media_user_ip,media_approval,media_type,media_upload_time,media_category,media_watermarked,v100,maint,media_resolution_x,media_resolution_y,remote_media,remote_url,artist,album,genre)\n\t VALUES ('{$new_media_id}','{$media_filename}','{$original_filename}','{$mimeExt}','1','{$mimeType}','{$media_caption}','{$media_desc}','{$media_keywords}','{$media_time}','0','0','0','0.00','{$atttn}','','1','{$media_user_id}','','0','{$mediaType}','{$media_upload_time}','{$category}','{$successfulWatermark}','0','0',{$resolution_x},{$resolution_y},0,'','{$artist}','{$musicAlbum}','{$genre}');";
DB_query($sql);
$x = 0;
$sql = "SELECT MAX(media_order) + 10 AS media_seq FROM " . $_TABLES['mg_media_albums'] . " WHERE album_id = " . $albums;
$result = DB_query($sql);
$row = DB_fetchArray($result);
$media_seq = $row['media_seq'];
if ($media_seq < 10) {
$media_seq = 10;
}
$sql = "INSERT INTO " . $tableMediaAlbum . " (media_id, album_id, media_order) VALUES ('{$new_media_id}', {$albums}, {$media_seq} )";
DB_query($sql);
if ($mediaType == 1 && $resolution_x > 0 && $resolution_y > 0 && $_MG_CONF['use_default_resolution'] == 0) {
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$new_media_id}','width', '{$resolution_x}'");
DB_save($_TABLES['mg_playback_options'], 'media_id,option_name,option_value', "'{$new_media_id}','height', '{$resolution_y}'");
}
// update the media count for the album, only if no moderation...
if ($queue == 0) {
$MG_albums[$albums]->media_count++;
DB_query("UPDATE " . $_TABLES['mg_albums'] . " SET media_count=" . $MG_albums[$albums]->media_count . ",last_update=" . $media_upload_time . " WHERE album_id='" . $MG_albums[$albums]->id . "'");
if ($_MG_CONF['update_parent_lastupdated'] == 1) {
$currentAID = $MG_albums[$albums]->parent;
while ($MG_albums[$currentAID]->id != 0) {
DB_query("UPDATE " . $_TABLES['mg_albums'] . " SET last_update=" . $media_upload_time . " WHERE album_id='" . $MG_albums[$currentAID]->id . "'");
$currentAID = $MG_albums[$currentAID]->parent;
}
}
if ($MG_albums[$albums]->cover == -1 && ($mediaType == 0 || $atttn == 1)) {
if ($atttn == 1) {
$covername = 'tn_' . $media_filename;
} else {
$covername = $media_filename;
}
DB_query("UPDATE {$_TABLES['mg_albums']} SET album_cover_filename='" . $covername . "'" . " WHERE album_id='" . $MG_albums[$albums]->id . "'");
}
}
$x++;
}
}
if ($queue) {
$errMsg .= $LANG_MG01['successful_upload_queue'];
// ' successfully placed in Moderation queue';
} else {
$errMsg .= $LANG_MG01['successful_upload'];
// ' successfully uploaded to album';
}
if ($queue == 0) {
require_once $_CONF['path'] . 'plugins/mediagallery/include/rssfeed.php';
MG_buildFullRSS();
MG_buildAlbumRSS($albums);
CACHE_remove_instance('whatsnew');
}
@unlink($tmpPath);
return array(true, $errMsg);
}
