function getFolder($path)
{
global $database, $resource, $dateFormat, $thumbnailPrefix;
userPermissions();
$output = '';
jsonStart();
$path = mysql_escape_string($path);
// Get virtual directories ===============================================
if ($path == '' || $path == '/') {
/*
* Legacy code weirdness.
* Explicitly filtered out all v.dirs not named same as user.
* Then explicitly filtered out v.dirs named same as user.
*/
// ???
// $query = "select * from $GLOBALS[tablePrefix]permissions inner join $GLOBALS[tablePrefix]clients on $GLOBALS[tablePrefix]permissions.clientid=$GLOBALS[tablePrefix]clients.id where userid=\"$_SESSION[userid]\" and $GLOBALS[tablePrefix]clients.name =\"$_SESSION[user]\" order by display";
// $result = mysql_query($query,$database);
// ???
// $query = "select * from $GLOBALS[tablePrefix]permissions inner join $GLOBALS[tablePrefix]clients on $GLOBALS[tablePrefix]permissions.clientid=$GLOBALS[tablePrefix]clients.id where userid=\"$_SESSION[userid]\" and $GLOBALS[tablePrefix]clients.name !=\"$_SESSION[user]\" order by display";
// $result = mysql_query($query,$database);
$query = "select * from {$GLOBALS['tablePrefix']}permissions inner join {$GLOBALS['tablePrefix']}clients on {$GLOBALS['tablePrefix']}permissions.clientid={$GLOBALS['tablePrefix']}clients.id where userid=\"{$_SESSION['userid']}\" order by display";
$result = mysql_query($query, $database);
$vdcount = mysql_num_rows($result);
if ($vdcount >= 1) {
// If user has multiple virtual directorys display them all
if ($vdcount > 2) {
$virtual = "closed";
} else {
if ($vdcount == 1) {
$virtual = "true";
} else {
$virtual = "false";
}
}
while ($clients = mysql_fetch_assoc($result)) {
$displayName = $clients['display'];
$scheme = $clients['scheme'];
$name = $clients['name'];
$q = "select * from {$GLOBALS['tablePrefix']}clients where id=" . $clients[id];
$res = mysql_query($q, $database);
$path = '';
while ($c = mysql_fetch_assoc($res)) {
$path = $c['path'];
}
$output .= jsonAdd("\"displayname\":\"{$displayName}\",\"scheme\":\"{$scheme}\",\"type\": \"directory\", \"name\": \"{$name}\", \"path\": \"{$path}\",\"virtual\":\"{$virtual}\"");
}
}
$output .= jsonReturn('getFolder');
}
if ($output > '') {
if ($resource != true) {
echo $output;
die;
} else {
return $output;
}
}
// Non Virtual Directories ===============================================
$fullpath = getUserPath($path) . $path;
if (is_dir($fullpath)) {
if (!permForPath($path, 'read')) {
jsonStart();
error('You do not have permission for this action.');
return false;
}
if ($dh = opendir($fullpath)) {
while (($file = readdir($dh)) !== false) {
if ($file != '.' && $file != '..') {
if (is_dir($fullpath . '/' . $file)) {
jsonAdd("\"type\": \"directory\", \"name\": \"{$file}\", \"path\": \"{$path}\"");
} else {
// Ignore hidden .files
if (!startsWith($file, '.') && !startsWith($file, $thumbnailPrefix)) {
// id is only for providing the HTML elements a unique id.
$id = str_replace("/", "_", $path . '/' . $file);
$id = str_replace(".", "_", $id);
// Folders don't use flags or date but client side expects the key:values anyway. - future implementation?
jsonAdd("\"id\": \"{$id}\", \"path\":\"{$path}\", \"type\": \"file\", \"name\": \"{$file}\",\"date\":\"\",\"flags\": \"normal\"");
}
}
}
}
closedir($dh);
}
} else {
error("directory doesnt exist {$fullpath}");
}
$output .= jsonReturn('getFolder');
if ($resource != true) {
echo $output;
} else {
return $output;
}
}
function uploadSmart()
{
global $uploadDir;
if (!file_exists($uploadDir . "stats_" . session_id() . ".txt")) {
jsonStart();
jsonAdd("\"percent\": 0, \"percentSec\": 0, \"speed\": \"0\", \"secondsLeft\": \"0\", \"done\": \"false\"");
echo jsonReturn("bindings");
exit;
}
$lines = file($uploadDir . "stats_" . session_id() . ".txt");
jsonStart();
$percent = round($lines[0] / 100, 3);
$percentSec = round($lines[1] / 100, 4);
$speed = filesize_format($lines[2]) . 's';
$secondsLeft = secs_to_string(round($lines[3]));
$size = filesize_format($lines[4]) . 's';
if ($percent == 1) {
// cleanup time
if (isset($_SESSION['uploadPath'])) {
$path = $_SESSION['uploadPath'];
$userpath = getUserPath($path) . $path;
$sessionid = session_id();
$dh = opendir($uploadDir);
while (($file = readdir($dh)) !== false) {
$sessionlen = strlen(session_id());
if (substr($file, 0, $sessionlen) == session_id()) {
$filename = substr($file, $sessionlen + 1);
$uploadfile = $filename;
$i = 1;
while (file_exists($userpath . '/' . $uploadfile)) {
$uploadfile = $i . '_' . $filename;
$i++;
}
if (file_exists("{$uploadDir}{$file}") && !rename("{$uploadDir}{$file}", "{$userpath}/{$uploadfile}")) {
echo "Error";
}
}
}
closedir($dh);
if (file_exists($uploadDir . "stats_" . session_id() . ".txt")) {
unlink($uploadDir . "stats_" . session_id() . ".txt");
}
if (file_exists($uploadDir . "temp_" . session_id())) {
unlink($uploadDir . "temp_" . session_id());
}
}
$done = "true";
} else {
$done = "false";
}
jsonAdd("\"percent\": {$percent}, \"size\": \"{$size}\",\"percentSec\": {$percentSec}, \"speed\": \"{$speed}\", \"secondsLeft\": \"{$secondsLeft}\", \"done\": \"{$done}\"");
echo jsonReturn("bindings");
}
* @param string $lstrPath
* @return string
*/
function getRadioButtons($lstrPath)
{
//$lstrHTML = "<input name=\"but\" type=\"radio\" value=\"\" checked=\"checked\" />" . _("Never mind") . "<br />";
$lstrHTML = '';
$lobjAllFiles = array();
//open directory and store all file names in an array
$lrscDirectory = opendir($lstrPath);
while (false !== ($lstrFile = readdir($lrscDirectory))) {
if ($lstrFile != ".." && $lstrFile != ".") {
$lobjAllFiles[] = $lstrFile;
}
}
//sort the array
sort($lobjAllFiles);
foreach ($lobjAllFiles as $lstrFile) {
$lobjTemp = explode(DIRECTORY_SEPARATOR, $lstrPath);
$lstrToken = "{{fil},{" . $lobjTemp[count($lobjTemp) - 1] . "/" . $lstrFile . "}, {" . $lstrFile . "}}";
$lstrChanged = date("F d Y H:i:s.", filectime($lstrPath . "/" . $lstrFile));
$lstrHTML .= "<input name=\"but\" type=\"radio\" value=\"{$lstrToken}\" ><strong> {$lstrFile}</strong> ({$lstrChanged})<br />";
}
return $lstrHTML;
}
//get user path
$lstrUserPath = getUserPath();
//based on the user's path, generate radio buttons list
$lstrRadioButtonsHTML = getRadioButtons($lstrUserPath);
//echo out radio buttons list
echo $lstrRadioButtonsHTML;
*/
function moveFile($lstrDesiredPath)
{
if (move_uploaded_file($_FILES['upload']['tmp_name'], $lstrDesiredPath)) {
$lobjTemp = explode(DIRECTORY_SEPARATOR, $lstrDesiredPath);
return getRewriteBase("ckeditor") . 'assets/users/' . $lobjTemp[count($lobjTemp) - 2] . '/' . $lobjTemp[count($lobjTemp) - 1];
} else {
return false;
}
}
//begin by converting any non utf8 character to uft8 chracter and removing any bad characters
$lstrFile = makeValidFileName($_FILES['upload']['name']);
//determine whether the file extension is valid
if (validExtension($lstrFile)) {
//get the user's assets folder path
$lobjPath = getUserPath();
//if no errors (first element is boolean determining whether there is a error
if ($lobjPath[0]) {
//second element is user assets folder path
$lstrPath = $lobjPath[1];
//move uploaded file to user assets folder path and store url of uploaded to temp string
if ($lstrTemp = moveFile($lstrPath . DIRECTORY_SEPARATOR . $lstrFile)) {
//if no error, store as url
$lstrUrl = getUserURL() . "/" . $lstrFile;
} else {
//create error message
$lstrMessage = _('Could not upload file to user\\\'s assets folder.');
}
} else {
//create error message
$lstrMessage = _($lobjPath[1]);
<?php
session_start();
if (!isset($_SESSION['userid'])) {
header("location:/login/?go_url=" . $_SERVER['REQUEST_URI']);
exit;
}
$userid = $_SESSION['userid'];
$photoid = intval($_GET['pid']);
require LIBRARY_PATH . "function.php";
$picAry = getPicInfo($photoid);
$abs_filename = getUserPath($userid) . USER_MAX_SETID . "/{$photoid}.jpg";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xmlns:v="urn:schemas-microsoft-com:vml">
<head>
<meta http-equiv="content-type" content="text/html; charset=utf-8"/>
<title>Hoogle</title>
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/3.0.0pr2/build/cssreset/reset-min.css">
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/3.0.0pr2/build/cssfonts/fonts-min.css">
<link rel="stylesheet" type="text/css" href="http://yui.yahooapis.com/3.0.0pr2/build/cssgrids/grids.css">
<link rel="stylesheet" type="text/css" href="/static/css/layout.css" />
<style type="text/css">
/* 為了地圖 370px 而做的調整 */
.yui-gc div.first {
width:62%;
}
.yui-gc .yui-u {
width:36%;
}
.nearby-info {
require LIBRARY_PATH . "function.php";
// $db = Mysql::getInstance('localhost');
$userid = $_POST['userid'];
$title = urldecode($_POST['title']);
$desc = urldecode($_POST['desc']);
$lat = $_POST['lat'];
$lng = $_POST['lng'];
$address = urldecode($_POST['address']);
$new_point_ary = array("userid" => $userid, "lat" => $lat, "lng" => $lng, "address" => $address, "curr_time" => date("Y-m-d H:i:s"));
insertData("web3.map_point", $new_point_ary, $pid);
$userPicAry = getListData("web3.photo", $acnt, array("userid" => $userid));
if (!$acnt) {
initAlbum($userid);
}
$target_set_path = getUserPath($userid) . USER_MAX_SETID;
if (!is_dir($target_set_path)) {
mkdir($target_set_path);
}
$target_thumb_path = "{$target_set_path}/thumb";
if (!is_dir($target_thumb_path)) {
mkdir($target_thumb_path);
}
$target_org_img = "{$target_set_path}/{$pid}.jpg";
$target_thumb_img = "{$target_thumb_path}/t{$pid}.jpg";
$target_tile_img = TILE_UPLOAD_PATH . "t{$pid}.jpg";
foreach ($_FILES as $fieldName => $file) {
$tmp_file = $file['tmp_name'];
$file_name = str_replace('..', '', $file['name']);
$file_name = str_replace('/', '', $file_name);
$cmd = sprintf("/usr/local/bin/convert %s -thumbnail '90x90^' -gravity center -extent 90x90 %s", $tmp_file, $target_thumb_img);
