if ($_POST['send']) {
//Neuen Avatar hochladen
if (is_uploaded_file($_FILES['avatar']['tmp_name'])) {
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$ext = $mm->getext($_FILES['avatar']['name']);
$newfile = 'avatar_' . $user->info['userid'] . '_' . time() . '.' . strtolower($ext);
//AVATARE AUTOMATISCH VERKLEINERN
if ($set['user']['avatar_resize']) {
require BASEDIR . 'lib/class.image.php';
$img = new image();
if (!in_array($ext, $extensions)) {
message($apx->lang->get('MSG_NOTALLOWED'), 'javascript:history.back()');
} else {
$tempname = 'avatar_' . md5(microtime()) . '.tmp';
$mm->uploadfile($_FILES['avatar'], 'temp', $tempname);
$info = getimagesize(BASEDIR . getpath('uploads') . 'temp/' . $tempname);
//Kein Bild => löschen und Ende
if ($info[0] == 0 || $info[1] == 0) {
$mm->deletefile('temp/' . $tempname);
message($apx->lang->get('MSG_MAXDIM'), 'javascript:history.back()');
require 'lib/_end.php';
}
//Bild zu groß => verkleinern
if ($info[0] > $set['user']['avatar_maxdim'] || $info[1] > $set['user']['avatar_maxdim']) {
if ($ext == 'GIF') {
$ext = 'jpg';
}
$newfile = 'avatar_' . $user->info['userid'] . '_' . time() . '.' . strtolower($ext);
list($picture, $picturetype) = $img->getimage('temp/' . $tempname);
$scaled = $img->resize($picture, $set['user']['avatar_maxdim'], $set['user']['avatar_maxdim'], 1, 0);
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
$info = $db->first("SELECT title,image,link FROM " . PRE . "_affiliates WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1");
if ($_POST['send'] == 1) {
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$ext = $mm->getext($_FILES['image']['name']);
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title'] || !$_POST['link']) {
infoNotComplete();
} elseif ($_FILES['image']['tmp_name'] && !in_array($ext, array('GIF', 'JPG', 'JPE', 'JPEG', 'PNG'))) {
info($apx->lang->get('INFO_NOIMAGE'));
} else {
//Bild aktualisieren
if ($_FILES['image']['tmp_name']) {
list($oldpic) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
if ($oldpic) {
$mm->deletefile($oldpic);
}
$newfile = 'affiliate-' . intval($_REQUEST['id']) . '.' . strtolower($ext);
$mm->uploadfile($_FILES['image'], 'affiliates', $newfile);
$_POST['image'] = 'affiliates/' . $newfile;
} elseif ($_POST['delimage']) {
list($oldpic) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$mm->deletefile($oldpic);
$_POST['image'] = '';
}
$db->dupdate(PRE . '_affiliates', 'title,link' . iif(isset($_POST['image']), ',image'), "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('AFFILIATES_EDIT', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('affiliates.show'));
}
} else {
$_POST['title'] = $info['title'];
$_POST['link'] = $info['link'];
$imageWidth = '';
if ($info['image']) {
$size = @getimagesize(BASEDIR . getpath('uploads') . $info['image']);
if ($size[0] && $size[0] > 300) {
$imageWidth = 300;
}
}
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('LINK', compatible_hsc($_POST['link']));
$apx->tmpl->assign('IMAGE', iif($info['image'], getpath('uploads') . $info['image']));
$apx->tmpl->assign('IMAGE_WIDTH', $imageWidth);
$apx->tmpl->assign('DELIMAGE', (int) $_POST['delimage']);
$apx->tmpl->parse('edit');
}
}
}
$message .= $apx->lang->get('MSG_NOUPLOAD', array('FILE' => $file['name'])) . ' ';
$message .= $apx->lang->get('MSG_WRONGTYPE');
continue;
} elseif ($file['size'] > $typeinfo[$ext][0]) {
if ($message) {
$message .= '<br />';
}
$message .= $apx->lang->get('MSG_NOUPLOAD', array('FILE' => $file['name'])) . ' ';
$message .= $apx->lang->get('MSG_TOOBIG', array('MAXSIZE' => $typeinfo[$ext][0]));
continue;
}
$fileid = str_replace(' ', '_', $mm->getname($file['name'])) . '_' . time();
$newname = $fileid . '.' . $ext;
$thumbnailPath = '';
$mm->uploadfile($_FILES['file' . $i], 'forum', $newname);
//Thumbnail erzeugen
if (in_array($ext, array('gif', 'jpg', 'jpe', 'jpeg', 'png'))) {
require_once BASEDIR . 'lib/class.image.php';
$img = new image();
$thumbnailPath = 'forum/' . $fileid . '_thumb.' . $ext;
list($picture, $picturetype) = $img->getimage('forum/' . $newname);
//////// THUMBNAIL
$thumbnail = $img->resize($picture, 120, 90, true);
$img->saveimage($thumbnail, $picturetype, $thumbnailPath);
//Cleanup
imagedestroy($picture);
imagedestroy($thumbnail);
unset($picture, $thumbnail);
}
$db->query("INSERT INTO " . PRE . "_forum_attachments (hash,postid,file,thumbnail,name,size,mime,time) VALUES ('" . addslashes($_REQUEST['hash']) . "','" . $_REQUEST['postid'] . "','" . addslashes('forum/' . $newname) . "','" . addslashes($thumbnailPath) . "','" . addslashes($file['name']) . "','" . intval($file['size']) . "','" . addslashes($file['type']) . "','" . time() . "')");
if ($captchafailed) {
message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()');
} elseif (!$_POST['send_username'] && !$user->info['userid'] || !$_POST['catid'] || !$_POST['title'] || !$_POST['text'] || !$_FILES['file']['tmp_name']) {
message('back');
} elseif ($spam + $set['downloads']['spamprot'] * 60 > time()) {
message($apx->lang->get('MSG_BLOCKSPAM', array('SEC' => $spam + $set['downloads']['spamprot'] * 60 - time())), 'back');
} else {
$ext = substr(strrchr($_FILES['file']['name'], '.'), 1);
list($special) = $db->first("SELECT special FROM " . PRE . "_mediarules WHERE extension='" . strtoupper($ext) . "' LIMIT 1");
if ($special == 'block') {
message($apx->lang->get('MSG_NOTALLOWED'), 'back');
}
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$stamp = md5(microtime());
$mm->uploadfile($_FILES['file'], 'downloads/uploads', $stamp . '-' . $_FILES['file']['name']);
if ($user->info['userid']) {
$_POST['userid'] = $user->info['userid'];
$_POST['send_username'] = $_POST['send_email'] = '';
} else {
$_POST['userid'] = 0;
}
$_POST['file'] = $_FILES['file']['name'];
$_POST['tempfile'] = 'downloads/uploads/' . $stamp . '-' . $_FILES['file']['name'];
$_POST['addtime'] = time();
$_POST['send_ip'] = get_remoteaddr();
$_POST['local'] = 1;
$_POST['secid'] = 'all';
$_POST['text'] = strtr(strip_tags($_POST['text']), array("\r\n" => "<br />\r\n", "\n" => "<br />\n"));
if ($set['downloads']['coms']) {
$_POST['allowcoms'] = 1;
function edit()
{
global $set, $db, $apx;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
//Sektions-Liste
if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') {
$_POST['secid'] = array('all');
}
$info = $db->first("SELECT secid,`group`,title,text,image,link,starttime,endtime FROM " . PRE . "_teaser WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1");
if ($_POST['send'] == 1) {
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$ext = $mm->getext($_FILES['image']['name']);
if (!checkToken()) {
infoInvalidToken();
} elseif (!$_POST['title'] || !$_POST['link']) {
infoNotComplete();
} elseif ($_FILES['image']['tmp_name'] && !in_array($ext, array('GIF', 'JPG', 'JPE', 'JPEG', 'PNG'))) {
info($apx->lang->get('INFO_NOIMAGE'));
} else {
//Bild aktualisieren
if ($_FILES['image']['tmp_name']) {
list($oldpic) = $db->first("SELECT image FROM " . PRE . "_teaser WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
if ($oldpic) {
$mm->deletefile($oldpic);
}
$newfile = 'teaser-' . intval($_REQUEST['id']) . '.' . strtolower($ext);
$mm->uploadfile($_FILES['image'], 'teaser', $newfile);
$_POST['image'] = 'teaser/' . $newfile;
} elseif ($_POST['delimage']) {
list($oldpic) = $db->first("SELECT image FROM " . PRE . "_teaser WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
$mm->deletefile($oldpic);
$_POST['image'] = '';
}
$_POST['secid'] = serialize_section($_POST['secid']);
//Veröffentlichung
$addfields = '';
if ($apx->user->has_right('teaser.enable') && isset($_POST['t_day_1'])) {
$_POST['starttime'] = maketime(1);
$_POST['endtime'] = maketime(2);
if ($_POST['starttime']) {
if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) {
$_POST['endtime'] = 3000000000;
}
$addfields = ',starttime,endtime';
}
}
$db->dupdate(PRE . '_teaser', 'secid,group,title,text,link' . iif(isset($_POST['image']), ',image') . $addfields, "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
logit('TEASER_EDIT', 'ID #' . $_REQUEST['id']);
printJSRedirect(get_index('teaser.show'));
}
} else {
$_POST['group'] = $info['group'];
$_POST['title'] = $info['title'];
$_POST['text'] = $info['text'];
$_POST['link'] = $info['link'];
$_POST['starttime'] = $info['starttime'];
$_POST['endtime'] = $info['endtime'];
$_POST['secid'] = unserialize_section($info['secid']);
$imageWidth = '';
if ($info['image']) {
$size = @getimagesize(BASEDIR . getpath('uploads') . $info['image']);
if ($size[0] && $size[0] > 300) {
$imageWidth = 300;
}
}
//Bannergruppen auflisten
$grouplist = '';
foreach ($set['teaser']['groups'] as $id => $title) {
$grouplist .= '<option value="' . $id . '"' . iif($id == $_POST['group'], ' selected="selected"') . '>' . replace($title) . '</option>';
}
//Veröffentlichung
if ($_POST['starttime']) {
maketimepost(1, $_POST['starttime']);
if ($_POST['endtime'] < 2147483647) {
maketimepost(2, $_POST['endtime']);
}
}
//Veröffentlichung
if ($apx->user->has_right('teaser.enable') && isset($_POST['t_day_1'])) {
$apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1)));
$apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2)));
}
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('SECID', $_POST['secid']);
$apx->tmpl->assign('GROUPS', $grouplist);
$apx->tmpl->assign('TITLE', compatible_hsc($_POST['title']));
$apx->tmpl->assign('TEXT', compatible_hsc($_POST['text']));
$apx->tmpl->assign('LINK', compatible_hsc($_POST['link']));
$apx->tmpl->assign('IMAGE', iif($info['image'], getpath('uploads') . $info['image']));
$apx->tmpl->assign('IMAGE_WIDTH', $imageWidth);
$apx->tmpl->assign('DELIMAGE', (int) $_POST['delimage']);
$apx->tmpl->parse('edit');
}
}
function misc_mailform()
{
global $set, $db, $apx, $user;
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
return;
}
if (!isset($set['formmailer']['sendto'][$_POST['sendto']])) {
die('sendto is not a valid mail-ID!');
}
$apx->lang->drop('sendform', 'formmailer');
//Zusätzliche Felder prüfen ob ausgefüllt
$addnl_failed = false;
foreach ($_POST as $key => $value) {
if (in_array($key, array('subject', 'sendto', 'copytome'))) {
continue;
}
if (substr($key, -9) != '_required') {
continue;
}
if (!$value) {
$addnl_failed = true;
}
}
//Absenden
if ($addnl_failed) {
message('back');
} else {
//Text erstellen
$text = '';
foreach ($_POST as $key => $value) {
if (in_array($key, array('subject', 'sendto', 'copytome'))) {
continue;
}
//Bei required-Feldern Namen kürzen
if (substr($key, -9) == '_required') {
$key = substr($key, 0, strlen($key) - 9);
}
$text .= $key . ': ' . $value . "\n";
}
//Betreff
if ($_POST['subject']) {
$subject = $_POST['subject'];
} else {
$subject = 'apexx Formmailer';
}
//Mediamanger initialisieren
$attachments = array();
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$temphash = md5(microtime());
//Dateien hochladen
if (is_array($_FILES) && count($_FILES)) {
foreach ($_FILES as $fileinfo) {
if (!$fileinfo['tmp_name']) {
continue;
}
if (!is_uploaded_file($fileinfo['tmp_name'])) {
continue;
}
$tempname = 'contact_' . $temphash . '_' . $fileinfo['name'] . '.tmp';
$mm->uploadfile($fileinfo, 'temp', $tempname);
$attachments[] = array('filename' => $fileinfo['name'], 'source' => $tempname, 'type' => $fileinfo['type']);
}
}
//Normale eMail senden
if (!count($attachments)) {
if ($set['main']['mailbotname']) {
$from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>';
} else {
$from = 'From:' . $set['main']['mailbot'];
}
$sendtomail = $set['formmailer']['sendto'][$_POST['sendto']];
mail($sendtomail, $subject, $text, $from);
} else {
$boundary = md5(uniqid(time()));
if ($set['main']['mailbotname']) {
$from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>';
} else {
$from = 'From:' . $set['main']['mailbot'];
}
$header = "MIME-Version: 1.0\n";
$header .= $from . "\n";
$header .= "Content-Type: multipart/mixed; boundary=\"" . $boundary . "\"\n";
$body = "--" . $boundary . "\n";
$body .= "Content-Type: text/plain\n";
$body .= "Content-Transfer-Encoding: 7bit\n\n";
$body .= $text . "\n\n";
//Dateianhänge codieren
$filedata = '';
foreach ($attachments as $source) {
$sourcepath = BASEDIR . getpath('uploads') . 'temp/' . $source['source'];
$filedata = fread(fopen($sourcepath, 'r'), filesize($sourcepath));
$body .= "--" . $boundary . "\n";
$body .= "Content-Type: " . $source['type'] . "; name=\"" . $source['filename'] . "\"\n";
$body .= "Content-Transfer-Encoding: base64\n";
$body .= "Content-Disposition: attachment; filename=\"" . $source['filename'] . "\"\n\n";
$body .= chunk_split(base64_encode($filedata));
$body .= "\n";
}
$body .= "--{$boundary}--\n";
//eMail abschicken
$sendtomail = $set['formmailer']['sendto'][$_POST['sendto']];
mail($sendtomail, $_POST['subject'], $body, $header);
//Anhänge vom Server löschen
foreach ($attachments as $tempfile) {
$mm->deletefile('temp/' . $tempfile['source']);
}
}
message($apx->lang->get('MSG_OK'), mklink('index.php', 'index.html'));
}
}
function pictures()
{
global $set, $db, $apx;
//Notwendig weil 1.7.0 beim Kopieren ein Bild mit ID 0 erzeugt hatte :/
if (isset($_REQUEST['delpic'])) {
$_REQUEST['delpic'] = (int) $_REQUEST['delpic'];
} else {
$_REQUEST['delpic'] = null;
}
//Bilder auslesen
list($pictures, $nextid) = $db->first("SELECT pictures,pictures_nextid FROM " . PRE . "_articles WHERE id='" . $_REQUEST['id'] . "'");
$pictures = unserialize($pictures);
if (!is_array($pictures)) {
$pictures = array();
}
//Bild löschen
if (isset($_REQUEST['delpic']) && isset($pictures[$_REQUEST['delpic']])) {
if ($_POST['delpic']) {
if (!checkToken()) {
printInvalidToken();
} else {
$picinfo = $pictures[$_REQUEST['delpic']];
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
if ($picinfo['thumbnail'] && file_exists(BASEDIR . getpath('uploads') . $picinfo['thumbnail'])) {
$mm->deletefile($picinfo['thumbnail']);
}
if ($picinfo['picture'] && file_exists(BASEDIR . getpath('uploads') . $picinfo['picture'])) {
$mm->deletefile($picinfo['picture']);
}
unset($pictures[$_REQUEST['delpic']]);
$db->query("UPDATE " . PRE . "_articles SET pictures='" . addslashes(serialize($pictures)) . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics');
}
} else {
tmessageOverlay('picdel', array('ID' => $_REQUEST['id'], 'DELPIC' => $_REQUEST['delpic']));
}
} elseif ($_POST['send']) {
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
require_once BASEDIR . 'lib/class.image.php';
$img = new image();
//Bilder abarbeiten
for ($i = 1; $i <= 5; $i++) {
if (!$_FILES['upload' . $i]['tmp_name']) {
continue;
}
$ext = strtolower($mm->getext($_FILES['upload' . $i]['name']));
if ($ext == 'gif') {
$ext = 'jpg';
}
$newname = 'pic' . '-' . $_POST['id'] . '-' . $nextid . '.' . $ext;
$newfile = 'articles/gallery/' . $newname;
$thumbname = 'pic' . '-' . $_POST['id'] . '-' . $nextid . '-thumb.' . $ext;
$thumbfile = 'articles/gallery/' . $thumbname;
//Erfolgreichen Upload prüfen
if (!$mm->uploadfile($_FILES['upload' . $i], 'articles/gallery', $newname)) {
continue;
}
//Bild einlesen
list($picture, $picturetype) = $img->getimage($newfile);
//////// THUMBNAIL
$thumbnail = $img->resize($picture, $set['articles']['thumbwidth'], $set['articles']['thumbheight'], $set['articles']['artpic_quality']);
$img->saveimage($thumbnail, $picturetype, $thumbfile);
//////// BILD
//Bild skalieren
if ($picture !== false && !$_POST['noresize' . $i] && $set['articles']['picwidth'] && $set['articles']['picheight']) {
$scaled = $img->resize($picture, $set['articles']['picwidth'], $set['articles']['picheight'], $set['articles']['artpic_quality'], 0);
if ($scaled != $picture) {
imagedestroy($picture);
}
$picture = $scaled;
}
//Wasserzeichen einfügen
if ($picture !== false && $set['articles']['watermark'] && $_POST['watermark' . $i]) {
$watermarked = $img->watermark($picture, $set['articles']['watermark'], $set['articles']['watermark_position'], $set['articles']['watermark_transp']);
if ($watermarked != $picture) {
imagedestroy($picture);
}
$picture = $watermarked;
}
//Bild erstellen
$img->saveimage($picture, $picturetype, $newfile);
//Cleanup
imagedestroy($picture);
imagedestroy($thumbnail);
unset($picture, $thumbnail);
$pictures[$nextid] = array('picture' => $newfile, 'thumbnail' => $thumbfile);
++$nextid;
}
//Bilder eintragen
$db->query("UPDATE " . PRE . "_articles SET pictures='" . addslashes(serialize($pictures)) . "',pictures_nextid='" . intval($nextid) . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1");
//Artikel beenden
if ($_POST['submit_finish']) {
$this->finish_article();
return;
} else {
printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics');
}
} else {
echo '<h2>' . $apx->lang->get(iif($this->type == 'normal', 'ARTICLE', strtoupper($this->type))) . ': ' . $this->title . '</h2>';
//Bilderserie auflisten
foreach ($pictures as $id => $res) {
++$i;
$picdata[$i]['ID'] = $id;
$picdata[$i]['IMAGE'] = HTTPDIR . getpath('uploads') . $res['thumbnail'];
$picdata[$i]['LINK'] = HTTPDIR . getpath('uploads') . $res['picture'];
$picdata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', $_REQUEST['action'], 'id=' . $_REQUEST['id'] . '&pageid=pics&delpic=' . $id . '&pubnow=' . $_REQUEST['pubnow'], $apx->lang->get('CORE_DEL'));
}
$apx->tmpl->assign('SET_WATERMARK', iif($set['articles']['watermark'], 1, 0));
$apx->tmpl->assign('SET_NORESIZE', iif($set['articles']['picwidth'] && $set['articles']['picheight'], 1, 0));
$apx->tmpl->assign('PIC', $picdata);
$apx->tmpl->assign('PUBNOW', (int) $_REQUEST['pubnow']);
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('ACTION', iif($_REQUEST['action'] == 'articles.add', 'add', 'edit'));
$apx->tmpl->parse('pictures');
}
}
//Mediamanger initialisieren
$attachments = array();
require BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$temphash = md5(microtime());
//Dateien hochladen
for ($i = 1; $i <= 5; $i++) {
$fileinfo = $_FILES['attach' . $i];
if (!$fileinfo['tmp_name']) {
continue;
}
if (!is_uploaded_file($fileinfo['tmp_name'])) {
continue;
}
$tempname = 'contact_' . $temphash . '_' . $fileinfo['name'] . '.tmp';
$mm->uploadfile($fileinfo, 'temp', $tempname);
$attachments[] = array('filename' => $fileinfo['name'], 'source' => $tempname, 'type' => $fileinfo['type']);
}
//Normale eMail senden
if (!count($attachments)) {
mail($sendtomail, $_POST['subject'], $text, 'From: ' . $_POST['name'] . '<' . $_POST['email'] . '>');
} else {
$boundary = md5(uniqid(time()));
$header = "MIME-Version: 1.0\n";
$header .= "From: " . $_POST['name'] . "<" . $_POST['email'] . ">\n";
$header .= "Content-Type: multipart/mixed; boundary=\"" . $boundary . "\"\n";
$body = "--" . $boundary . "\n";
$body .= "Content-Type: text/plain\n";
$body .= "Content-Transfer-Encoding: 7bit\n\n";
$body .= $text . "\n\n";
//Dateianhänge codieren
if (!$galid) {
die('access denied!');
}
//BILDER HOCHLADEN
if ($_REQUEST['do'] == 'add') {
if ($_POST['send']) {
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
//Dateien temporär hochladen
$files = array();
for ($i = 1; $i <= 3; $i++) {
if (!$_FILES['upload' . $i]['tmp_name']) {
continue;
}
//Erfolgreichen Upload prüfen
if (!$mm->uploadfile($_FILES['upload' . $i], 'temp', $mm->getfile($_FILES['upload' . $i]['tmp_name']))) {
continue;
}
$ext = strtolower($mm->getext($_FILES['upload' . $i]['name']));
if ($ext == 'gif') {
$ext = 'jpg';
}
$files[] = array('ext' => $ext, 'source' => 'temp/' . $mm->getfile($_FILES['upload' . $i]['tmp_name']), 'caption' => $_POST['caption' . $i]);
}
//Bilderzahl auslesen
$piccount = 0;
if ($set['user']['gallery_maxpics']) {
$data = $db->fetch("SELECT id FROM " . PRE . "_user_gallery WHERE owner='" . $user->info['userid'] . "'");
$galids = get_ids($data, 'id');
if (count($galids)) {
list($piccount) = $db->first("SELECT count(id) FROM " . PRE . "_user_pictures WHERE galid IN (" . implode(',', $galids) . ")");
function padd()
{
global $set, $db, $apx, $html;
$_REQUEST['id'] = (int) $_REQUEST['id'];
if (!$_REQUEST['id']) {
die('missing ID!');
}
@set_time_limit(600);
if ($_POST['send'] == 1) {
if (!checkToken()) {
infoInvalidToken();
} else {
$files = array();
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
//ZIP
if ($_REQUEST['what'] == 'zip' && $_FILES['zip']['tmp_name']) {
$mm->uploadfile($_FILES['zip'], 'gallery/uploads', $mm->getfile($_FILES['zip']['tmp_name']));
$zipfile = zip_open(BASEDIR . getpath('uploads') . 'gallery/uploads/' . $mm->getfile($_FILES['zip']['tmp_name']));
while ($zipentry = zip_read($zipfile)) {
if (zip_entry_open($zipfile, $zipentry, 'r')) {
if (substr(zip_entry_name($zipentry), -1) == '/') {
continue;
}
$content = zip_entry_read($zipentry, zip_entry_filesize($zipentry));
$zipname = str_replace('/', '%1%', zip_entry_name($zipentry));
$outfilepath = 'gallery/uploads/' . $zipname;
zip_entry_close($zipentry);
//Datei schreiben
$outfile = fopen(BASEDIR . getpath('uploads') . $outfilepath, 'w');
fwrite($outfile, $content);
fclose($outfile);
$ext = strtolower($mm->getext($outfilepath));
if ($ext == 'gif') {
$ext = 'jpg';
}
$files[] = array('ext' => $ext, 'source' => $outfilepath, 'watermark' => $_POST['watermark'], 'noresize' => $_POST['noresize'], 'allowcoms' => $_POST['allowcoms'], 'allowrating' => $_POST['allowrating'], 'caption' => $_POST['caption']);
}
}
zip_close($zipfile);
$mm->deletefile('gallery/uploads/' . $mm->getfile($_FILES['zip']['tmp_name']));
} elseif ($_REQUEST['what'] == 'ftp') {
if (!is_array($_POST['ftp'])) {
$_POST['ftp'] = array();
}
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
foreach ($_POST['ftp'] as $key => $file) {
$file = $mm->securefile($file);
$ext = strtolower($mm->getext($file));
if ($ext == 'gif') {
$ext = 'jpg';
}
$files[] = array('ext' => $ext, 'source' => 'gallery/uploads/' . $file, 'watermark' => $_POST['watermark' . $key], 'noresize' => $_POST['noresize' . $key], 'allowcoms' => $_POST['allowcoms' . $key], 'allowrating' => $_POST['allowrating' . $key], 'caption' => $_POST['caption' . $key]);
}
} else {
for ($i = 1; $i <= $set['gallery']['addpics']; $i++) {
if (!$_FILES['upload' . $i]['tmp_name']) {
continue;
}
//Erfolgreichen Upload prüfen
if (!$mm->uploadfile($_FILES['upload' . $i], 'gallery/uploads', $mm->getfile($_FILES['upload' . $i]['tmp_name']))) {
continue;
}
$ext = strtolower($mm->getext($_FILES['upload' . $i]['name']));
if ($ext == 'gif') {
$ext = 'jpg';
}
$files[] = array('ext' => $ext, 'source' => 'gallery/uploads/' . $mm->getfile($_FILES['upload' . $i]['tmp_name']), 'watermark' => $_POST['watermark' . $i], 'noresize' => $_POST['noresize' . $i], 'allowcoms' => $_POST['allowcoms' . $i], 'allowrating' => $_POST['allowrating' . $i], 'caption' => $_POST['caption' . $i]);
}
}
$this->process_files($files);
//Gallery Updatetime
$this->setGalleryUpdatetime($_REQUEST['id']);
//Weitere Bilder anfügen
if ($_POST['addnext']) {
printJSRedirect('action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&updateparent=' . $_REQUEST['updateparent']);
} else {
if ($_REQUEST['updateparent']) {
printJSUpdateObject($_REQUEST['updateparent'], get_gallery_list($_REQUEST['id']));
} else {
printJSRedirect('action.php?action=gallery.pshow&id=' . $_REQUEST['id']);
}
}
}
} else {
//Layer
$layerdef[] = array('LAYER_UPLOAD', 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&updateparent=' . $_REQUEST['updateparent'], !$_REQUEST['what']);
$layerdef[] = array('LAYER_ZIP', 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&what=zip&updateparent=' . $_REQUEST['updateparent'], $_REQUEST['what'] == 'zip');
$layerdef[] = array('LAYER_FTP', 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&what=ftp&updateparent=' . $_REQUEST['updateparent'], $_REQUEST['what'] == 'ftp');
if (!function_exists('zip_open')) {
unset($layerdef[1]);
}
$html->layer_header($layerdef);
//ZIP
if ($_REQUEST['what'] == 'zip') {
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('SET_OPTIONS', $apx->is_module('comments') && $set['gallery']['coms'] || $apx->is_module('ratings') && $set['gallery']['ratings'] || $set['gallery']['watermark'] || $set['gallery']['picwidth'] && $set['gallery']['picheight']);
$apx->tmpl->assign('SET_COMS', $apx->is_module('comments') && $set['gallery']['coms']);
$apx->tmpl->assign('SET_RATING', $apx->is_module('ratings') && $set['gallery']['ratings']);
$apx->tmpl->assign('SET_WATERMARK', iif($set['gallery']['watermark'], 1, 0));
$apx->tmpl->assign('SET_NORESIZE', iif($set['gallery']['picwidth'] && $set['gallery']['picheight'], 1, 0));
$apx->tmpl->assign('UPDATEPARENT', (int) $_REQUEST['updateparent']);
$apx->tmpl->parse('padd_zip');
} elseif ($_REQUEST['what'] == 'ftp') {
require_once BASEDIR . 'lib/class.mediamanager.php';
$mm = new mediamanager();
$extensions = array('jpg', 'jpeg', 'jpe', 'png', 'gif');
$files = array();
$dirs = array();
if (is_dir(BASEDIR . getpath('uploads') . 'gallery/uploads/' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/'))) {
$dir = opendir(BASEDIR . getpath('uploads') . 'gallery/uploads/' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/'));
while ($file = readdir($dir)) {
if ($file == '.' || $file == '..') {
continue;
}
//Ordner
if (is_dir(BASEDIR . getpath('uploads') . 'gallery/uploads/' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/') . $file)) {
$dirs[] = $file;
continue;
}
//Datei
if (!in_array(strtolower($mm->getext($file)), $extensions)) {
continue;
}
$files[] = $file;
}
closedir($dir);
}
sort($files);
sort($dirs);
//Ordner auflisten
foreach ($dirs as $dir) {
++$i;
$subdir[$i]['NAME'] = $dir;
$subdir[$i]['LINK'] = 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&what=ftp&dir=' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/') . $dir;
}
//Dateien auflisten
foreach ($files as $file) {
++$i;
$upload[$i]['FILE'] = $file;
$upload[$i]['FILEID'] = iif($_REQUEST['dir'], $_REQUEST['dir'] . '/') . $file;
$upload[$i]['LINK'] = HTTPDIR . getpath('uploads') . 'gallery/uploads/' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/') . $file;
}
//Pfad erstellen
$pp = explode('/', $_REQUEST['dir']);
if ($_REQUEST['dir'] && count($pp)) {
foreach ($pp as $dirname) {
++$i;
$path .= iif($path, '/') . $dirname;
$pathdata[$i]['NAME'] = $dirname;
$pathdata[$i]['LINK'] = 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&what=ftp&dir=' . $path;
}
}
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('FTP', $upload);
$apx->tmpl->assign('DIR', $subdir);
$apx->tmpl->assign('PATH', $pathdata);
$apx->tmpl->assign('SET_OPTIONS', $apx->is_module('comments') && $set['gallery']['coms'] || $apx->is_module('ratings') && $set['gallery']['ratings'] || $set['gallery']['watermark'] || $set['gallery']['picwidth'] && $set['gallery']['picheight']);
$apx->tmpl->assign('SET_COMS', $apx->is_module('comments') && $set['gallery']['coms']);
$apx->tmpl->assign('SET_RATING', $apx->is_module('ratings') && $set['gallery']['ratings']);
$apx->tmpl->assign('SET_WATERMARK', iif($set['gallery']['watermark'], 1, 0));
$apx->tmpl->assign('SET_NORESIZE', iif($set['gallery']['picwidth'] && $set['gallery']['picheight'], 1, 0));
$apx->tmpl->assign('UPDATEPARENT', (int) $_REQUEST['updateparent']);
$apx->tmpl->parse('padd_ftp');
} else {
for ($i = 1; $i <= $set['gallery']['addpics']; $i++) {
$upload[$i]['ASD'] = 1;
}
$apx->tmpl->assign('ID', $_REQUEST['id']);
$apx->tmpl->assign('UPLOAD', $upload);
$apx->tmpl->assign('SET_COMS', $apx->is_module('comments') && $set['gallery']['coms']);
$apx->tmpl->assign('SET_RATING', $apx->is_module('ratings') && $set['gallery']['ratings']);
$apx->tmpl->assign('SET_WATERMARK', iif($set['gallery']['watermark'], 1, 0));
$apx->tmpl->assign('SET_NORESIZE', iif($set['gallery']['picwidth'] && $set['gallery']['picheight'], 1, 0));
$apx->tmpl->assign('UPDATEPARENT', (int) $_REQUEST['updateparent']);
$apx->tmpl->parse('padd_upload');
}
//Layer Ende
$html->layer_footer();
}
}
