function flag_ajax_operation()
{
global $wpdb;
// if nonce is not correct it returns -1
check_ajax_referer("flag-ajax");
// check for correct capability
if (!is_user_logged_in()) {
die('-1');
}
// check for correct FlAG capability
if (!current_user_can('FlAG Upload images') || !current_user_can('FlAG Manage gallery')) {
die('-1');
}
// include the flag function
include_once dirname(__FILE__) . '/functions.php';
// Get the image id
if (isset($_POST['image'])) {
$id = (int) $_POST['image'];
// let's get the image data
$picture = flagdb::find_image($id);
// what do you want to do ?
switch ($_POST['operation']) {
case 'create_thumbnail':
$result = flagAdmin::create_thumbnail($picture);
break;
case 'resize_image':
$result = flagAdmin::resize_image($picture);
break;
case 'webview_image':
$result = flagAdmin::webview_image($picture);
break;
case 'import_metadata':
$result = flagAdmin::import_MetaData($id);
break;
case 'copy_metadata':
$result = flagAdmin::copy_MetaData($id);
break;
case 'get_image_ids':
$result = flagAdmin::get_image_ids($id);
break;
default:
do_action('flag_ajax_' . sanitize_key($_POST['operation']));
die('-1');
break;
}
// A success should return a '1'
die($result);
}
// The script should never stop here
die('0');
}
while (file_exists($file)) {
$filename = sanitize_title($filepart['filename']) . '_' . $i++ . '.' . $filepart['extension'];
}
$file = ABSPATH . trailingslashit($path) . $filename;
// Open temp file
if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $file)) {
$alttext = esc_sql($account->alttext);
$description = esc_sql($account->description);
$exclude = intval($account->exclude);
$location = esc_sql($account->location);
$wpdb->query("INSERT INTO {$wpdb->flagpictures} (galleryid, filename, alttext, description, exclude, location) VALUES ('{$gid}', '{$filename}', '{$alttext}', '{$description}', '{$exclude}', '{$location}')");
// and give me the new id
$pic_id = (int) $wpdb->insert_id;
@(require_once dirname(dirname(__FILE__)) . '/admin/functions.php');
// add the metadata
flagAdmin::import_MetaData($pic_id);
// action hook for post process after the image is added to the database
$image = array('id' => $pic_id, 'filename' => $filename, 'galleryID' => $gid);
do_action('flag_added_new_image', $image);
$thumb = flagAdmin::create_thumbnail($pic_id);
if ($thumb != '1') {
die('{"status":"thumb_error: ' . $thumb . '"}');
}
} else {
@unlink($_FILES['userfile']['tmp_name']);
die('{"status":"fwrite_error"}');
}
}
$r['data'] = $wpdb->get_results("SELECT pid, galleryid, filename, description, alttext, link, UNIX_TIMESTAMP(imagedate) AS imagedate, UNIX_TIMESTAMP(modified) AS modified, sortorder, exclude, location, hitcounter, total_value, total_votes, meta_data FROM {$wpdb->flagpictures} WHERE galleryid = '{$gid}' ORDER BY pid DESC");
$r['data'] = stripslashes_deep($r['data']);
$i = 0;
/**
* Add images to database
*
* @class flagAdmin
* @param int $galleryID
* @param array $imageslist
* @param bool $name2alt
* @return array $image_ids Id's which are sucessful added
*/
function add_Images($galleryID, $imageslist, $name2alt = false)
{
global $wpdb;
$alttext = '';
$image_ids = array();
if (is_array($imageslist)) {
foreach ($imageslist as $picture) {
if ($name2alt) {
// strip off the extension of the filename
$path_parts = pathinfo($picture);
$alttext = !isset($path_parts['filename']) ? substr($path_parts['basename'], 0, strpos($path_parts['basename'], '.')) : $path_parts['filename'];
}
// save it to the database
$result = $wpdb->query($wpdb->prepare("INSERT INTO {$wpdb->flagpictures} (galleryid, filename, alttext, exclude) VALUES (%s, %s, %s, 0)", $galleryID, $picture, $alttext));
// and give me the new id
$pic_id = (int) $wpdb->insert_id;
if ($result) {
$image_ids[] = $pic_id;
}
// add the metadata
flagAdmin::import_MetaData($pic_id);
// action hook for post process after the image is added to the database
$image = array('id' => $pic_id, 'filename' => $picture, 'galleryID' => $galleryID);
do_action('flag_added_new_image', $image);
}
}
// is_array
return $image_ids;
}
