Ejemplo n.º 1
0
function flag_ajax_operation()
{
    global $wpdb;
    // if nonce is not correct it returns -1
    check_ajax_referer("flag-ajax");
    // check for correct capability
    if (!is_user_logged_in()) {
        die('-1');
    }
    // check for correct FlAG capability
    if (!current_user_can('FlAG Upload images') || !current_user_can('FlAG Manage gallery')) {
        die('-1');
    }
    // include the flag function
    include_once dirname(__FILE__) . '/functions.php';
    // Get the image id
    if (isset($_POST['image'])) {
        $id = (int) $_POST['image'];
        // let's get the image data
        $picture = flagdb::find_image($id);
        // what do you want to do ?
        switch ($_POST['operation']) {
            case 'create_thumbnail':
                $result = flagAdmin::create_thumbnail($picture);
                break;
            case 'resize_image':
                $result = flagAdmin::resize_image($picture);
                break;
            case 'webview_image':
                $result = flagAdmin::webview_image($picture);
                break;
            case 'import_metadata':
                $result = flagAdmin::import_MetaData($id);
                break;
            case 'copy_metadata':
                $result = flagAdmin::copy_MetaData($id);
                break;
            case 'get_image_ids':
                $result = flagAdmin::get_image_ids($id);
                break;
            default:
                do_action('flag_ajax_' . sanitize_key($_POST['operation']));
                die('-1');
                break;
        }
        // A success should return a '1'
        die($result);
    }
    // The script should never stop here
    die('0');
}
Ejemplo n.º 2
0
     // Open temp file
     if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $file)) {
         $alttext = esc_sql($account->alttext);
         $description = esc_sql($account->description);
         $exclude = intval($account->exclude);
         $location = esc_sql($account->location);
         $wpdb->query("INSERT INTO {$wpdb->flagpictures} (galleryid, filename, alttext, description, exclude, location) VALUES ('{$gid}', '{$filename}', '{$alttext}', '{$description}', '{$exclude}', '{$location}')");
         // and give me the new id
         $pic_id = (int) $wpdb->insert_id;
         @(require_once dirname(dirname(__FILE__)) . '/admin/functions.php');
         // add the metadata
         flagAdmin::import_MetaData($pic_id);
         // action hook for post process after the image is added to the database
         $image = array('id' => $pic_id, 'filename' => $filename, 'galleryID' => $gid);
         do_action('flag_added_new_image', $image);
         $thumb = flagAdmin::create_thumbnail($pic_id);
         if ($thumb != '1') {
             die('{"status":"thumb_error: ' . $thumb . '"}');
         }
     } else {
         @unlink($_FILES['userfile']['tmp_name']);
         die('{"status":"fwrite_error"}');
     }
 }
 $r['data'] = $wpdb->get_results("SELECT pid, galleryid, filename, description, alttext, link, UNIX_TIMESTAMP(imagedate) AS imagedate, UNIX_TIMESTAMP(modified) AS modified, sortorder, exclude, location, hitcounter, total_value, total_votes, meta_data FROM {$wpdb->flagpictures} WHERE galleryid = '{$gid}' ORDER BY pid DESC");
 $r['data'] = stripslashes_deep($r['data']);
 $i = 0;
 foreach ($r['data'] as $image_data) {
     $meta = maybe_unserialize($image_data->meta_data);
     if (isset($meta['webview']) && !empty($meta['webview'])) {
         $r['data'][$i]->webviewfilename = '/webview/' . $image_data->filename;
Ejemplo n.º 3
0
 /**
  * Upload function will be called via the Flash uploader
  * 
  * @class flagAdmin
  * @param integer $galleryID
  * @return string $result
  */
 static function swfupload_image($galleryID = 0)
 {
     global $wpdb;
     if ($galleryID == 0) {
         //@unlink($temp_file);
         return __('No gallery selected!', 'flag');
     }
     // WPMU action
     if (flagAdmin::check_quota()) {
         return '0';
     }
     // Check the upload
     if (!isset($_FILES['file']) || !is_uploaded_file($_FILES["file"]["tmp_name"]) || $_FILES["file"]["error"] === UPLOAD_ERR_OK) {
         flagAdmin::file_upload_error_message($_FILES['file']['error']);
     }
     // get the filename and extension
     $temp_file = $_FILES["file"]['tmp_name'];
     $filepart = flagGallery::fileinfo($_FILES['file']['name']);
     $filename = $filepart['basename'];
     // check for allowed extension
     $ext = array('jpeg', 'jpg', 'png', 'gif');
     if (!in_array($filepart['extension'], $ext)) {
         return $filename . ' ' . __('is no valid image file!', 'flag');
     }
     // get the path to the gallery
     $gallerypath = $wpdb->get_var($wpdb->prepare("SELECT path FROM {$wpdb->flaggallery} WHERE gid = %d ", $galleryID));
     if (!$gallerypath) {
         @unlink($temp_file);
         return __('Failure in database, no gallery path set !', 'flag');
     }
     // read list of images
     $imageslist = flagAdmin::scandir(WINABSPATH . $gallerypath);
     // check if this filename already exist
     $i = 0;
     while (in_array($filename, $imageslist)) {
         $filename = sanitize_title($filepart['filename']) . '_' . $i++ . '.' . $filepart['extension'];
     }
     $dest_file = WINABSPATH . $gallerypath . '/' . $filename;
     // save temp file to gallery
     if (!@move_uploaded_file($temp_file, $dest_file)) {
         flagAdmin::check_safemode(WINABSPATH . $gallerypath);
         return __('Error, the file could not moved to : ', 'flag') . $dest_file;
     }
     if (!flagAdmin::chmod($dest_file)) {
         return __('Error, the file permissions could not set', 'flag');
     }
     // add images to database
     $image_ids = flagAdmin::add_Images($galleryID, array($filename));
     $return = '';
     //create thumbnails
     foreach ($image_ids as $picture) {
         $return = flagAdmin::create_thumbnail($picture);
     }
     //add the preview image if needed
     if (intval($_POST['last']) == 1) {
         flagAdmin::set_gallery_preview($galleryID);
     }
     return intval($return) == 1 ? '' : $return;
 }