function flag_ajax_operation()
{
global $wpdb;
// if nonce is not correct it returns -1
check_ajax_referer("flag-ajax");
// check for correct capability
if (!is_user_logged_in()) {
die('-1');
}
// check for correct FlAG capability
if (!current_user_can('FlAG Upload images') || !current_user_can('FlAG Manage gallery')) {
die('-1');
}
// include the flag function
include_once dirname(__FILE__) . '/functions.php';
// Get the image id
if (isset($_POST['image'])) {
$id = (int) $_POST['image'];
// let's get the image data
$picture = flagdb::find_image($id);
// what do you want to do ?
switch ($_POST['operation']) {
case 'create_thumbnail':
$result = flagAdmin::create_thumbnail($picture);
break;
case 'resize_image':
$result = flagAdmin::resize_image($picture);
break;
case 'webview_image':
$result = flagAdmin::webview_image($picture);
break;
case 'import_metadata':
$result = flagAdmin::import_MetaData($id);
break;
case 'copy_metadata':
$result = flagAdmin::copy_MetaData($id);
break;
case 'get_image_ids':
$result = flagAdmin::get_image_ids($id);
break;
default:
do_action('flag_ajax_' . sanitize_key($_POST['operation']));
die('-1');
break;
}
// A success should return a '1'
die($result);
}
// The script should never stop here
die('0');
}
// Open temp file
if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $file)) {
$alttext = esc_sql($account->alttext);
$description = esc_sql($account->description);
$exclude = intval($account->exclude);
$location = esc_sql($account->location);
$wpdb->query("INSERT INTO {$wpdb->flagpictures} (galleryid, filename, alttext, description, exclude, location) VALUES ('{$gid}', '{$filename}', '{$alttext}', '{$description}', '{$exclude}', '{$location}')");
// and give me the new id
$pic_id = (int) $wpdb->insert_id;
@(require_once dirname(dirname(__FILE__)) . '/admin/functions.php');
// add the metadata
flagAdmin::import_MetaData($pic_id);
// action hook for post process after the image is added to the database
$image = array('id' => $pic_id, 'filename' => $filename, 'galleryID' => $gid);
do_action('flag_added_new_image', $image);
$thumb = flagAdmin::create_thumbnail($pic_id);
if ($thumb != '1') {
die('{"status":"thumb_error: ' . $thumb . '"}');
}
} else {
@unlink($_FILES['userfile']['tmp_name']);
die('{"status":"fwrite_error"}');
}
}
$r['data'] = $wpdb->get_results("SELECT pid, galleryid, filename, description, alttext, link, UNIX_TIMESTAMP(imagedate) AS imagedate, UNIX_TIMESTAMP(modified) AS modified, sortorder, exclude, location, hitcounter, total_value, total_votes, meta_data FROM {$wpdb->flagpictures} WHERE galleryid = '{$gid}' ORDER BY pid DESC");
$r['data'] = stripslashes_deep($r['data']);
$i = 0;
foreach ($r['data'] as $image_data) {
$meta = maybe_unserialize($image_data->meta_data);
if (isset($meta['webview']) && !empty($meta['webview'])) {
$r['data'][$i]->webviewfilename = '/webview/' . $image_data->filename;
/**
* Upload function will be called via the Flash uploader
*
* @class flagAdmin
* @param integer $galleryID
* @return string $result
*/
static function swfupload_image($galleryID = 0)
{
global $wpdb;
if ($galleryID == 0) {
//@unlink($temp_file);
return __('No gallery selected!', 'flag');
}
// WPMU action
if (flagAdmin::check_quota()) {
return '0';
}
// Check the upload
if (!isset($_FILES['file']) || !is_uploaded_file($_FILES["file"]["tmp_name"]) || $_FILES["file"]["error"] === UPLOAD_ERR_OK) {
flagAdmin::file_upload_error_message($_FILES['file']['error']);
}
// get the filename and extension
$temp_file = $_FILES["file"]['tmp_name'];
$filepart = flagGallery::fileinfo($_FILES['file']['name']);
$filename = $filepart['basename'];
// check for allowed extension
$ext = array('jpeg', 'jpg', 'png', 'gif');
if (!in_array($filepart['extension'], $ext)) {
return $filename . ' ' . __('is no valid image file!', 'flag');
}
// get the path to the gallery
$gallerypath = $wpdb->get_var($wpdb->prepare("SELECT path FROM {$wpdb->flaggallery} WHERE gid = %d ", $galleryID));
if (!$gallerypath) {
@unlink($temp_file);
return __('Failure in database, no gallery path set !', 'flag');
}
// read list of images
$imageslist = flagAdmin::scandir(WINABSPATH . $gallerypath);
// check if this filename already exist
$i = 0;
while (in_array($filename, $imageslist)) {
$filename = sanitize_title($filepart['filename']) . '_' . $i++ . '.' . $filepart['extension'];
}
$dest_file = WINABSPATH . $gallerypath . '/' . $filename;
// save temp file to gallery
if (!@move_uploaded_file($temp_file, $dest_file)) {
flagAdmin::check_safemode(WINABSPATH . $gallerypath);
return __('Error, the file could not moved to : ', 'flag') . $dest_file;
}
if (!flagAdmin::chmod($dest_file)) {
return __('Error, the file permissions could not set', 'flag');
}
// add images to database
$image_ids = flagAdmin::add_Images($galleryID, array($filename));
$return = '';
//create thumbnails
foreach ($image_ids as $picture) {
$return = flagAdmin::create_thumbnail($picture);
}
//add the preview image if needed
if (intval($_POST['last']) == 1) {
flagAdmin::set_gallery_preview($galleryID);
}
return intval($return) == 1 ? '' : $return;
}