Ejemplo n.º 1
0
 } else {
     $_POST['name'] = str_replace("..", "", $_POST['name']);
     $_POST['name'] = str_replace(" ", "", $_POST['name']);
     $_POST['name'] = str_replace("/", "", $_POST['name']);
     if (!file_exists("../upload/{$_POST['tag']}/")) {
         mkdir("../upload/{$_POST['tag']}", 0777, True);
     }
     $filename = "../upload/{$_POST['tag']}/{$_POST['name']}";
     $relfilename = "{$_POST['tag']}/{$_POST['name']}";
     if ($_POST['price'] < 0) {
         $_POST['price'] = abs($_POST['price']);
     }
     if (file_exists($filename)) {
         $new_name = tempnam("../upload", $filename);
         move_uploaded_file($_FILES['pic']['tmp_name'], $new_name);
         $id = Pictures::add_conflict($filename, $new_name, $_POST['tag'], $_POST['title'], $_POST['price'], $user['id']);
         http_redirect(Pictures::$CONFLICT_URL . "?conflictid={$id}");
     } else {
         if (move_uploaded_file($_FILES['pic']['tmp_name'], $filename)) {
             if ($id = Pictures::create_picture($_POST['title'], 128, 128, $_POST['tag'], $relfilename, $_POST['price'], $user['id'])) {
                 $main = ".550.jpg";
                 $side = ".128.jpg";
                 $thumb = ".128_128.jpg";
                 Pictures::resize_image($filename, $filename . $main, 550, 10000000);
                 Pictures::resize_image($filename, $filename . $side, 128, 10000000);
                 Pictures::resize_image($filename, $filename . $thumb, 128, 128);
                 http_redirect(Pictures::$VIEW_PIC_URL . "?picid={$id}");
                 $file_uploaded = True;
             } else {
                 $flash['error'] = "Couldn't create your picture, something wrong with the database";
             }