$set[idf_escape($cols[$i])] = $col == "" && $fields[$cols[$i]]["null"] ? "NULL" : q(str_replace('""', '"', preg_replace('~^"|"$~', '', $col)));
}
$result = insert_update($TABLE, $set, $primary);
if (!$result) {
break;
}
}
}
if ($result) {
queries("COMMIT");
}
queries_redirect(remove_from_uri("page"), lang('%d row(s) have been imported.', $affected), $result);
queries("ROLLBACK");
// after queries_redirect() to not overwrite error
} else {
$error = upload_error($file);
}
}
}
$table_name = $adminer->tableName($table_status);
if (is_ajax()) {
// needs to send headers
ob_start();
}
page_header(lang('Select') . ": {$table_name}", $error);
$set = null;
if (isset($rights["insert"])) {
$set = "";
foreach ((array) $_GET["where"] as $val) {
if (count($foreign_keys[$val["col"]]) == 1 && ($val["op"] == "=" || !$val["op"] && !ereg('[_%]', $val["val"]))) {
$set .= "&set" . urlencode("[" . bracket_escape($val["col"]) . "]") . "=" . urlencode($val["val"]);
function attach_upload($varname = 'attach', $multi = 0)
{
global $db, $tablepre, $extension, $typemaxsize, $allowsetattachperm, $attachperm, $maxprice, $attachprice, $attachdesc, $attachsave, $attachdir, $thumbstatus, $thumbwidth, $thumbheight, $maxattachsize, $maxsizeperday, $maxattachnum, $attachextensions, $watermarkstatus, $watermarktype, $watermarktrans, $watermarkquality, $watermarktext, $_FILES, $discuz_uid, $imageexists;
$attachments = $attacharray = array();
$imageexists = 0;
static $safeext = array('jpg', 'jpeg', 'gif', 'png', 'swf', 'bmp', 'txt', 'zip', 'rar', 'doc', 'mp3');
static $imgext = array('jpg', 'jpeg', 'gif', 'png', 'bmp');
if ($multi) {
if (isset($_FILES[$varname]) && is_array($_FILES[$varname])) {
foreach ($_FILES[$varname] as $key => $var) {
foreach ($var as $id => $val) {
$attachments[$id][$key] = $val;
}
}
}
} else {
$attachments[0] = $_FILES[$varname];
}
if (empty($attachments)) {
return FALSE;
}
$allowuploadnum = count($attachments);
if ($maxattachnum) {
$allowuploadnum = $maxattachnum - $db->result_first("SELECT count(*) FROM {$tablepre}attachments WHERE uid='{$GLOBALS['discuz_uid']}' AND dateline>'{$GLOBALS['timestamp']}'-86400");
$allowuploadnum = $allowuploadnum < 0 ? 0 : $allowuploadnum;
}
foreach ($attachments as $key => $attach) {
$attach_saved = false;
$attach['uid'] = $discuz_uid;
if ($allowuploadnum == 0 || !disuploadedfile($attach['tmp_name']) || !($attach['tmp_name'] != 'none' && $attach['tmp_name'] && $attach['name'])) {
continue;
}
$filename = daddslashes($attach['name']);
$attach['ext'] = strtolower(fileext($attach['name']));
$extension = in_array($attach['ext'], $safeext) ? $attach['ext'] : 'attach';
if (in_array($attach['ext'], $imgext)) {
$attach['isimage'] = $attach['isimage'] ? $attach['isimage'] : 1;
$imageexists = 1;
} else {
$attach['isimage'] = 0;
}
$attach['thumb'] = 0;
$attach['name'] = htmlspecialchars($attach['name'], ENT_QUOTES);
if (strlen($attach['name']) > 90) {
$attach['name'] = 'abbr_' . md5($attach['name']) . '.' . $attach['ext'];
}
if ($attachextensions && (!preg_match("/(^|\\s|,)" . preg_quote($attach['ext'], '/') . "(\$|\\s|,)/i", $attachextensions) || !$attach['ext'])) {
if ($multi) {
upload_error('post_attachment_ext_notallowed', $attacharray);
} else {
return 1;
}
}
if (empty($attach['size'])) {
if ($multi) {
upload_error('post_attachment_size_invalid', $attacharray);
} else {
return 2;
}
}
if ($maxattachsize && $attach['size'] > $maxattachsize) {
if ($multi) {
upload_error('post_attachment_toobig', $attacharray);
} else {
return 3;
}
}
if ($type = $db->fetch_first("SELECT maxsize FROM {$tablepre}attachtypes WHERE extension='" . addslashes($attach['ext']) . "'")) {
if ($type['maxsize'] == 0) {
if ($multi) {
upload_error('post_attachment_ext_notallowed', $attacharray);
} else {
return 4;
}
} elseif ($attach['size'] > $type['maxsize']) {
require_once DISCUZ_ROOT . './include/attachment.func.php';
$typemaxsize = sizecount($type['maxsize']);
if ($multi) {
upload_error('post_attachment_type_toobig', $attacharray);
} else {
return 5;
}
}
}
if ($attach['size'] && $maxsizeperday) {
if (!isset($todaysize)) {
$todaysize = intval($db->result_first("SELECT SUM(filesize) FROM {$tablepre}attachments\r\n\t\t\t\t\tWHERE uid='{$GLOBALS['discuz_uid']}' AND dateline>'{$GLOBALS['timestamp']}'-86400"));
}
$todaysize += $attach['size'];
if ($todaysize >= $maxsizeperday) {
$maxsizeperday = $maxsizeperday / 1048576 >= 1 ? round($maxsizeperday / 1048576, 1) . 'MB' : round($maxsizeperday / 1024) . 'KB';
if ($multi) {
upload_error('post_attachment_quota_exceed', $attacharray);
} else {
return 6;
}
}
}
if ($attachsave) {
if ($multi) {
switch ($attachsave) {
case 1:
$attach_subdir = 'forumid_' . $GLOBALS['fid'];
break;
case 2:
$attach_subdir = 'ext_' . $extension;
break;
case 3:
$attach_subdir = 'month_' . date('ym');
break;
case 4:
$attach_subdir = 'day_' . date('ymd');
break;
}
} else {
$attach_subdir = 'swfupload';
}
$attach_dir = $attachdir . '/' . $attach_subdir;
if (!is_dir($attach_dir)) {
@mkdir($attach_dir, 0777);
@fclose(fopen($attach_dir . '/index.htm', 'w'));
}
$attach['attachment'] = $attach_subdir . '/';
} else {
$attach['attachment'] = '';
}
$attach['attachment'] .= preg_replace("/(php|phtml|php3|php4|jsp|exe|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\\.|\$)/i", "_\\1\\2", date('ymdHi') . substr(md5($filename . microtime() . random(6)), 8, 16) . '.' . $extension);
$target = $attachdir . '/' . $attach['attachment'];
if (@copy($attach['tmp_name'], $target) || function_exists('move_uploaded_file') && @move_uploaded_file($attach['tmp_name'], $target)) {
@unlink($attach['tmp_name']);
$attach_saved = true;
}
if (!$attach_saved && @is_readable($attach['tmp_name'])) {
@($fp = fopen($attach['tmp_name'], 'rb'));
@flock($fp, 2);
@($attachedfile = fread($fp, $attach['size']));
@fclose($fp);
@($fp = fopen($target, 'wb'));
@flock($fp, 2);
if (@fwrite($fp, $attachedfile)) {
@unlink($attach['tmp_name']);
$attach_saved = true;
}
@fclose($fp);
}
if ($attach_saved) {
@chmod($target, 0644);
$width = $height = $type = 0;
if ($attach['isimage'] || $attach['ext'] == 'swf') {
$imagesize = @getimagesize($target);
list($width, $height, $type) = (array) $imagesize;
$size = $width * $height;
if ($size > 16777216 || $size < 4 || empty($type) || $attach['isimage'] && !in_array($type, array(1, 2, 3, 6, 13))) {
@unlink($target);
if ($multi) {
upload_error('post_attachment_image_checkerror', $attacharray);
} else {
return 7;
}
}
}
if ($attach['isimage'] && ($thumbstatus || $watermarkstatus)) {
require_once DISCUZ_ROOT . './include/image.class.php';
$image = new Image($target, $attach);
if ($image->imagecreatefromfunc && $image->imagefunc) {
$image->Thumb($thumbwidth, $thumbheight);
$multi && $image->Watermark();
$attach = $image->attach;
}
}
$attach['width'] = 0;
if ($attach['isimage'] || $attach['ext'] == 'swf') {
$imagesize = @getimagesize($target);
list($width) = (array) $imagesize;
$attach['width'] = $width;
}
$attach['remote'] = $multi ? ftpupload($target, $attach) : 0;
$attach['perm'] = $allowsetattachperm ? intval($attachperm[$key]) : 0;
$attach['description'] = cutstr(dhtmlspecialchars($attachdesc[$key]), 100);
$attach['price'] = $maxprice ? intval($attachprice[$key]) <= $maxprice ? intval($attachprice[$key]) : $maxprice : 0;
$attacharray[$key] = $attach;
$allowuploadnum--;
} else {
if ($multi) {
upload_error('post_attachment_save_error', $attacharray);
} else {
return 8;
}
}
}
return !empty($attacharray) ? $attacharray : false;
}
$offset = 0;
}
}
}
}
if ($empty) {
echo "<p class='message'>" . lang('No commands to execute.') . "\n";
} elseif ($_POST["only_errors"]) {
echo "<p class='message'>" . lang('%d query(s) executed OK.', $commands - count($errors));
echo " <span class='time'>(" . format_time($total_start) . ")</span>\n";
} elseif ($errors && $commands > 1) {
echo "<p class='error'>" . lang('Error in query') . ": " . implode("", $errors) . "\n";
}
//! MS SQL - SET SHOWPLAN_ALL OFF
} else {
echo "<p class='error'>" . upload_error($query) . "\n";
}
}
?>
<form action="" method="post" enctype="multipart/form-data" id="form">
<?php
$execute = "<input type='submit' value='" . lang('Execute') . "' title='Ctrl+Enter'>";
if (!isset($_GET["import"])) {
$q = $_GET["sql"];
// overwrite $q from if ($_POST) to save memory
if ($_POST) {
$q = $_POST["query"];
} elseif ($_GET["history"] == "all") {
$q = $history;
} elseif ($_GET["history"] != "") {
}
}
}
}
//Check file size
$file_size = @filesize($_FILES['Filedata']["tmp_name"]);
if (!$file_size || $file_size > $max_file_size_in_bytes) {
upload_error("File exceeds the maximum allowed size");
exit(0);
}
//Checking file type
$types_array = preg_replace('/,/', ' ', $types);
$types_array = explode(' ', $types_array);
$file_ext = strtolower(getExt($_FILES['Filedata']['name']));
if (!in_array($file_ext, $types_array)) {
upload_error("Invalid file extension");
exit(0);
}
move_uploaded_file($tempFile, $targetFile);
$Upload->add_conversion_queue($targetFileName, $file_directory);
//exec(php_path()." -q ".BASEDIR."/actions/video_convert.php &> /dev/null &");
if (stristr(PHP_OS, 'WIN')) {
exec(php_path() . " -q " . BASEDIR . "/actions/video_convert.php {$targetFileName}");
} else {
exec(php_path() . " -q " . BASEDIR . "/actions/video_convert.php {$targetFileName} &> /dev/null &");
}
$status_array['success'] = 'yes';
$status_array['file_name'] = $file_name;
echo json_encode($status_array);
//function used to display error
function upload_error($error)
<input name="search" type="text" size="40" maxlength="50" required/>
<input type="submit" name="Submit" value="Search"/><br><hr>
</form>
<!-- This is our logout button -->
<a href='logout.php' style="color:#000000;">Log Out</a>
<!-- This is our browse button
<a href='browse_category.php' style="color:#000000;">Browse</a>
**will be a dropdown listing all categories or something I assume-->
<!-- This is our upload media button -->
<a href='media_upload.php' style="color:#000000;">Upload File</a>
<div id='upload_result'>
<?php
if (isset($_REQUEST['result']) && $_REQUEST['result'] != 0) {
echo upload_error($_REQUEST['result']);
}
?>
</div>
<br/><br/>
<?php
$query = "SELECT * from media";
$result = mysql_query($query);
if (!$result) {
die("Could not query the media table in the database: <br />" . mysql_error());
}
?>
if (strcasecmp($extension, $ext) == 0) {
$valid_extension = true;
break;
}
}
if (!$valid_extension) {
upload_error("Invalid file extension");
exit(0);
}
$filename = $cbphoto->create_filename();
$date_dir = createDateFolder(PHOTOS_DIR) . '/';
//Now uploading the file
if (move_uploaded_file($_FILES[$form]['tmp_name'], $path . $date_dir . $filename . "." . $extension)) {
echo json_encode(array("success" => "yes", "filename" => $filename, "extension" => $extension));
} else {
upload_error("File could not be saved.");
exit(0);
}
break;
case 'upload_photo':
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
$targetDir = PHOTOS_DIR;
$date_folders = $_REQUEST['file_directory'];
$targetDir .= '/' . $date_folders;
$cleanupTargetDir = true;
// Remove old files
$maxFileAge = 5 * 3600;
// Called by APC plugin to get info on current upload
// Called by APC plugin to get info on current upload
case 'get_upload_progress':
get_upload_progress();
break;
case 'upload_init':
upload_init();
break;
case 'upload_chunk':
upload_chunk();
break;
case 'upload_finished':
upload_finished();
break;
case 'upload_error':
upload_error();
break;
case 'edit_asset':
asset_edit();
break;
case 'asset_downloadable_set':
asset_downloadable_set();
break;
case 'delete_asset':
asset_delete();
break;
case 'move_asset':
asset_move();
break;
//move asset from album -priv to -pub
//move asset from album -priv to -pub
