$DataLancamento = "";
$Imagem = "";
$Autor = 0;
$Categoria = 0;
$Localizacao = 0;
if (isset($_POST['titulo']) && $_POST['titulo'] != "") {
$Titulo = addslashes($_POST['titulo']);
}
if (isset($_POST['sinopse']) && $_POST['sinopse'] != "") {
$Sinopse = addslashes($_POST['sinopse']);
}
if (isset($_POST['data_lancamento']) && $_POST['data_lancamento'] != "") {
$DataLancamento = addslashes($_POST['data_lancamento']);
}
if (isset($_FILES['input-image']) && $_FILES['input-image']['name'] != "") {
$Imagem = UploadImage($_FILES['input-image']);
}
if (isset($_POST['select_autor']) && $_POST['select_autor'] != "") {
$Autor = addslashes($_POST['select_autor']);
}
if (isset($_POST['select_categoria']) && $_POST['select_categoria'] != "") {
$Categoria = addslashes($_POST['select_categoria']);
}
if (isset($_POST['select_localizacao']) && $_POST['select_localizacao'] != "") {
$Localizacao = addslashes($_POST['select_localizacao']);
}
$LivroDB = new LivroDB();
$Livro = new Livro($_POST['codlivro'], $Titulo, $Sinopse, $DataLancamento, $Imagem, $Autor, $Categoria, $Localizacao);
$execute = $LivroDB->Editar($conexao, $Livro);
$retorno = $execute ? 'editado' : 'erro';
header("Location: ../views/GerenciaLivros.php?retorno=" . $retorno);
function CompanyInsert()
{
global $URL;
if (isset($_POST['MF']) && isset($_POST['RC']) && isset($_POST['RS']) && isset($_POST['Activity']) && isset($_POST['Adress']) && isset($_POST['Phone1'])) {
//Recup variable
$MF = addslashes($_POST['MF']);
$RC = addslashes($_POST['RC']);
$RS = addslashes($_POST['RS']);
$Activity = addslashes($_POST['Activity']);
$Adress = addslashes($_POST['Adress']);
$Phone1 = addslashes($_POST['Phone1']);
if (isset($_POST['Phone2'])) {
$Phone2 = $_POST['Phone2'];
} else {
$Phone2 = '';
}
if (isset($_POST['Fax'])) {
$Fax = $_POST['Fax'];
} else {
$Fax = '';
}
if (isset($_POST['Email'])) {
$Email = $_POST['Email'];
} else {
$Email = '';
}
if (isset($_POST['WebSite'])) {
$WebSite = $_POST['WebSite'];
} else {
$WebSite = '';
}
if (isset($_POST['BankAccount1'])) {
$BankAccount1 = $_POST['BankAccount1'];
} else {
$BankAccount1 = '';
}
if (isset($_POST['BankAccount2'])) {
$BankAccount2 = $_POST['BankAccount2'];
} else {
$BankAccount2 = '';
}
UploadImage();
QueryExcute("", "INSERT INTO `company` VALUES ('1', '{$MF}', '{$RC}', '{$RS}', '{$Activity}', '{$Adress}', '{$Phone1}', '{$Phone2}', '{$Fax}', '{$Email}', '{$WebSite}', '{$BankAccount1}', '{$BankAccount2}' );");
echo '<script language="Javascript">document.location.href="' . $URL . 'login"</script>';
}
}
if ($tipe_file != "image/jpeg" and $tipe_file != "image/pjpeg") {
echo "<script>window.alert('Upload Gagal, Pastikan File yang di Upload bertipe *.JPG');\n window.location=('../../media.php?module=produk)</script>";
} else {
UploadImage($nama_file_unik);
mysql_query("INSERT INTO produk(nama_produk,\n id_kategori,\n berat,\n harga,\n diskon,\n stok,\n deskripsi,\n tgl_masuk,\n gambar) \n VALUES('{$_POST['nama_produk']}',\n '{$_POST['kategori']}',\n '{$_POST['berat']}',\n '{$_POST['harga']}',\n '{$_POST['diskon']}',\n '{$_POST['stok']}',\n '{$_POST['deskripsi']}',\n '{$tgl_sekarang}',\n '{$nama_file_unik}')");
header('location:../../media.php?module=' . $module);
}
} else {
mysql_query("INSERT INTO produk(nama_produk,\n id_kategori,\n berat,\n harga,\n diskon,\n stok,\n deskripsi,\n tgl_posting) \n VALUES('{$_POST['nama_produk']}',\n '{$_POST['kategori']}',\n '{$_POST['berat']}', \n '{$_POST['harga']}',\n '{$_POST['harga']}',\n '{$_POST['stok']}',\n '{$_POST['deskripsi']}',\n '{$tgl_sekarang}')");
header('location:../../media.php?module=' . $module);
}
} elseif ($module == 'produk' and $act == 'update') {
$lokasi_file = $_FILES['fupload']['tmp_name'];
$tipe_file = $_FILES['fupload']['type'];
$nama_file = $_FILES['fupload']['name'];
$acak = rand(1, 99);
$nama_file_unik = $acak . $nama_file;
// Apabila gambar tidak diganti
if (empty($lokasi_file)) {
mysql_query("UPDATE produk SET nama_produk = '{$_POST['nama_produk']}',\n id_kategori = '{$_POST['kategori']}',\n berat = '{$_POST['berat']}',\n harga = '{$_POST['harga']}',\n diskon = '{$_POST['diskon']}',\n stok = '{$_POST['stok']}',\n deskripsi = '{$_POST['deskripsi']}'\n WHERE id_produk = '{$_POST['id']}'");
header('location:../../media.php?module=' . $module);
} else {
if ($tipe_file != "image/jpeg" and $tipe_file != "image/pjpeg") {
echo "<script>window.alert('Upload Gagal, Pastikan File yang di Upload bertipe *.JPG');\n window.location=('../../media.php?module=produk)</script>";
} else {
UploadImage($nama_file_unik);
mysql_query("UPDATE produk SET nama_produk = '{$_POST['nama_produk']}',\n id_kategori = '{$_POST['kategori']}',\n berat = '{$_POST['berat']}',\n harga = '{$_POST['harga']}',\n diskon = '{$_POST['diskon']}',\n stok = '{$_POST['stok']}',\n deskripsi = '{$_POST['deskripsi']}',\n gambar = '{$nama_file_unik}' \n WHERE id_produk = '{$_POST['id']}'");
header('location:../../media.php?module=' . $module);
}
}
}
// print_r($profile);
/*
echo "After: Location: ".$profile['Location']."<br/>";
echo "After: Habit: ".$profile['Habit']."<br/>";
echo "After: BOD: ".$profile['BOD']."<br/>";
*/
//update image;
if (isset($_FILES['pic'])) {
//error happens
if ($_FILES['pic']['error'] != 0) {
//header("Location: http://localhost/546Final/pages/profile.php");
}
$allowed = array('gif', 'png', 'jpg', 'bmp');
$filename = $_FILES['pic']['name'];
$ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));
// echo $ext;
if (!in_array($ext, $allowed)) {
//echo "extension name error";
//header("Location: http://localhost/546Final/pages/profile.php");
}
$upload_file_name = $userID . "." . $ext;
$upload_full_file_name = "upload/" . $upload_file_name;
//echo getcwd().$upload_full_file_name;
$pwd = getcwd();
chdir("../upload");
if (move_uploaded_file($_FILES['pic']['tmp_name'], $upload_file_name)) {
UploadImage($userID, $upload_file_name);
}
chdir($pwd);
}
header("Location: http://localhost/546Final/pages/profile.php");
/**
* Обработчик действия: Добавление товара.
*/
function AddItem()
{
$_REQUEST['date'] = time();
$_REQUEST['name'] = strip_tags($_REQUEST['name']);
$_REQUEST['idcat'] = (int) $_REQUEST['idcat'];
$_REQUEST['idcat1'] = isset($_REQUEST['idcat1']) ? (int) $_REQUEST['idcat1'] : 0;
$_REQUEST['idcat2'] = isset($_REQUEST['idcat2']) ? (int) $_REQUEST['idcat2'] : 0;
$_REQUEST['art'] = trim($_REQUEST['art']);
if (!empty($_REQUEST['art']) && A::$DB->existsRow("SELECT id FROM " . SECTION . "_catalog WHERE art=?", $_REQUEST['art'])) {
$this->errors['doubleart'] = true;
return false;
}
if (empty($_REQUEST['urlname']) && !empty(A::$OPTIONS['idrule'])) {
$data = $_REQUEST;
prepareValues(SECTION, $data);
$litems = array();
$idrule = A::$OPTIONS['idrule'];
$idrule = explode("+", $idrule);
foreach ($idrule as $fname) {
if (!empty($data[$fname])) {
$litems[] = getURLName($data[$fname]);
}
}
$_REQUEST['urlname'] = implode(!empty($GLOBALS['A_URL_SEPARATOR']) ? $GLOBALS['A_URL_SEPARATOR'] : "_", $litems);
}
$_REQUEST['urlname'] = getURLName($_REQUEST['name'], $_REQUEST['urlname'], SECTION . "_catalog", "idcat=" . (int) $_REQUEST['idcat']);
$_REQUEST['price'] = (double) str_replace(',', '.', $_REQUEST['price']);
$_REQUEST['oldprice'] = (double) str_replace(',', '.', $_REQUEST['oldprice']);
$_REQUEST['iscount'] = (int) $_REQUEST['iscount'];
$_REQUEST['active'] = isset($_REQUEST['active']) ? "Y" : "N";
$_REQUEST['favorite'] = isset($_REQUEST['favorite']) ? "Y" : "N";
$_REQUEST['new'] = isset($_REQUEST['new']) ? "Y" : "N";
$_REQUEST['sort'] = A::$DB->getOne("SELECT MAX(sort) FROM " . SECTION . "_catalog") + 1;
$_REQUEST['keywords'] = getkeywords($_REQUEST['content']);
if (A::$OPTIONS['autoanons']) {
$_REQUEST['description'] = truncate($_REQUEST['content'], A::$OPTIONS['anonslen']);
}
$dataset = new A_DataSet(SECTION . "_catalog", true);
$dataset->fields = array("date", "idcat", "idcat1", "idcat2", "name", "art", "tags", "urlname", "description", "keywords", "content", "price", "oldprice", "iscount", "favorite", "new", "active", "sort");
if (A::$OPTIONS['modprices']) {
$mprices = array();
for ($i = 1; $i <= 10; $i++) {
if (!empty($_REQUEST["mprice{$i}_text"]) && !empty($_REQUEST["mprice{$i}_price"])) {
$mprices[] = array('name' => $_REQUEST["mprice{$i}_text"], 'price' => (double) $_REQUEST["mprice{$i}_price"]);
}
}
if (count($mprices) > 0) {
$_REQUEST['price'] = $mprices[0]['price'];
$_REQUEST['mprices'] = serialize($mprices);
$dataset->fields[] = 'mprices';
}
}
if ($id = $dataset->Insert()) {
for ($i = 1; $i <= 5; $i++) {
if (isset($_REQUEST["imagedescription{$i}"])) {
UploadImage("image{$i}", $_REQUEST["imagedescription{$i}"], 0, $id, $i);
}
}
for ($i = 1; $i <= 5; $i++) {
if (isset($_REQUEST["filedescription{$i}"])) {
UploadFile("file{$i}", $_REQUEST["filedescription{$i}"], 0, $id, $i);
}
}
$path = getTreePath(SECTION . "_categories", $_REQUEST['idcat'], " - ");
$name = !empty($path) ? $path . ' - ' . $_REQUEST['name'] : $_REQUEST['name'];
if ($_REQUEST['active'] == 'Y') {
A::$OBSERVER->Event('searchIndexUpdate', SECTION, array('id' => $id, 'name' => $name, 'content' => $_REQUEST['content'], 'tags' => $_REQUEST['tags']));
}
self::updateCategoryItems($_REQUEST['idcat']);
self::updateCategoryItems($_REQUEST['idcat1']);
self::updateCategoryItems($_REQUEST['idcat2']);
unset($_POST['idcat']);
return $id;
} else {
return false;
}
}
if (!defined('IN_ET')) {
exit('Access Denied');
}
if (!$user['user_id']) {
showmessage("<div class='showmag'><p>您还没有登录,不能执行此操作!</p><p><a href='index.php?op=login'>现在登陆</a></p></div>");
exit;
}
if ($action == "upload") {
$phototitle = daddslashes(trim($_POST['phototitle']));
if (StrLenW($phototitle) > 20) {
showmessage("<div class='showmag'><p>相片名称要不能大于20字符!</p><p><a href='index.php?op=sendphoto'>重新上传</a></p></div>");
exit;
}
if ($_FILES['photo']['name']) {
include "include/uploadpic.func.php";
$ptname = date(YmdHms);
$upname = UploadImage("photo", 1, 200, 0, "../attachments/photo/user_" . $user[user_id] . "/", "../attachments/photo/user_" . $user[user_id] . "/", $ptname, $ptname . "_thumb");
$phototitle = $phototitle ? $phototitle : "{$ptname}";
$suffix = getsubstrutf8($upname, -3, 3, false);
$content = "{$phototitle}<br/>[img link=" . $webaddr . "/attachments/photo/user_" . $user[user_id] . "/" . $ptname . "." . $suffix . "]" . $webaddr . "/attachments/photo/user_" . $user[user_id] . "/" . $upname . "[/img]";
$db->query("INSERT INTO et_content (user_id,user_name,user_nickname,user_head,content_body,posttime,type,conttype) VALUES ('{$user['user_id']}','{$user['user_name']}','{$user['nickname']}','{$user['user_head']}','{$content}','{$addtime}','手机','photo')");
showmessage("<div class='showmag'><p>照片上传成功了!</p><p><a href='{$refer}'>返回上一页</a></p></div>");
exit;
} else {
showmessage("<div class='showmag'><p>照片上传失败!</p><p><a href='index.php?op=sendphoto'>重新上传</a></p></div>");
exit;
}
}
wapheader();
echo "<h2>发照片</h2>" . "<form enctype='multipart/form-data' action='index.php?op=sendphoto' method='post'>" . "建议照片大小不超过500K。照片文件名不要包含中文。如果照片太大,建议压缩后再上传。" . "<p>相片名称:<input type='text' name='phototitle' value='我分享了照片'/></p>" . "<p>选择照片:<input type='file' name='photo'/></p>" . "<p><input type='hidden' name='action' value='upload' /><input type='submit' value='上传' /></p>" . "</form>";
echo "<script>alert('很抱歉,修改相册名失败,可能因为您没有修改的权限!');location.href='{$webaddr}/op/viewalbum/{$alid}'</script>";
exit;
}
}
}
if ($action == "upload") {
$phototitle = daddslashes(trim($_POST['phototitle']));
if (StrLenW($phototitle) > 20) {
echo "<script>alert('相片名称要不能大于20字符!');location.href='{$webaddr}/op/viewalbum/{$alid}&act=upload'</script>";
exit;
}
if ($_FILES['photo']['name']) {
$refer = $webaddr . "/op/viewalbum/" . $alid;
include ET_ROOT . "/include/uploadpic.func.php";
$ptname = date(YmdHms);
$upname = UploadImage("photo", 1, 130, 130, ET_ROOT . "/attachments/photo/user_" . $my[user_id] . "/", ET_ROOT . "/attachments/photo/user_" . $my[user_id] . "/", $ptname, $ptname . "_thumb");
$phototitle = $phototitle ? $phototitle : "{$ptname}";
$db->query("INSERT INTO et_photos (al_id,user_id,pt_name,pt_title,uploadtime) VALUE ('{$alid}','{$my['user_id']}','{$upname}','{$phototitle}','{$addtime}')");
$upmsg = "[img link={$webaddr}/op/viewphoto/" . mysql_insert_id() . "]" . $webaddr . "/attachments/photo/user_" . $my[user_id] . "/" . $upname . "[/img]我在相册上传了一张照片:<a href=\"{$webaddr}/op/viewphoto/" . mysql_insert_id() . "\">{$phototitle}</a>!";
$db->query("INSERT INTO et_content (user_id,content_body,posttime) VALUE ('{$my['user_id']}','{$upmsg}','{$addtime}')");
$db->query("UPDATE et_users SET photo_num=photo_num+'1' where user_id='{$my['user_id']}'");
echo "<script>alert('照片上传成功了!');location.href='{$webaddr}/op/viewalbum/{$alid}'</script>";
exit;
}
}
$i = 0;
$start = ($page - 1) * 16;
$sql = "SELECT pt_id,user_id,pt_name,pt_title,uploadtime FROM et_photos where al_id='{$alid}' order by pt_id desc limit {$start},16";
$query = $db->query($sql);
while ($data = $db->fetch_array($query)) {
$i = $i + 1;
$strDate = date("Y-m-d");
// Upload Images
$folderName = "uploads/";
switch ($action) {
// Create User
case "AddUser":
// print_r($_FILES); die;
// Upload Image
$fileName = $_FILES["fileToUpload"]["name"];
if (!empty($fileName)) {
$random_no = generateRandomString(5);
$fileTempName = $_FILES["fileToUpload"]["tmp_name"];
$folderName = "images";
$Detail_images = "Detail_images";
$ImageName = $random_no . $fileName;
$ImageName = UploadImage($fileName, $fileTempName, $folderName);
//$img = new abeautifulsite\SimpleImage($fileTempName);
//$ImageName1 = $img->flip('y')->rotate(180)->best_fit(320, 200)->save("$folderName/$ImageName");
//$ImageName2 = $img->flip('y')->rotate(180)->best_fit(266, 381)->save("$Detail_images/$ImageName");
}
// var_dump($ImageName1); die;
$arr = array('user_name' => $_POST['user_name'], 'user_order' => $_POST['user_order'], 'user_type' => $_POST['user_type'], 'dob' => $_POST['dob'], 'death_date' => $_POST['death_date'], 'mother_id' => $_POST['mother_id'], 'father_id' => $_POST['father_id'], 'spous_id' => $_POST['spous_id'], 'urdu_text' => $_POST['urdu_text'], 'user_image' => $ImageName, 'date_created' => date("Y-m-d H:i:s"));
if (empty($_POST['nUserID'])) {
$nLastID = InsertRec("our_family", $arr);
} else {
$nLastID = UpdateRec('our_family', "user_id = '" . $_POST['nUserID'] . "'", $arr);
$nLastID = $_POST['nUserID'];
}
header("Location: view_users");
//}
break;
<?php
if (!defined('IN_ET')) {
exit('Access Denied');
}
tologin();
if ($action == "upload") {
$syshead = daddslashes($_POST["syshead"]);
$sysphoto = array("{$webaddr}/attachments/head/syshead/01.jpg", "{$webaddr}/attachments/head/syshead/02.jpg", "{$webaddr}/attachments/head/syshead/03.jpg", "{$webaddr}/attachments/head/syshead/04.jpg", "{$webaddr}/attachments/head/syshead/05.jpg", "{$webaddr}/attachments/head/syshead/06.jpg", "{$webaddr}/attachments/head/syshead/07.jpg", "{$webaddr}/attachments/head/syshead/08.jpg", "{$webaddr}/attachments/head/syshead/09.jpg", "{$webaddr}/attachments/head/syshead/10.jpg");
if ($_FILES['picture']['name']) {
$refer = $webaddr . "/op/setting";
include ET_ROOT . "/include/uploadpic.func.php";
$upname = UploadImage("picture", 1, 96, 96, ET_ROOT . "/attachments/head/", ET_ROOT . "/attachments/head/", $my['user_id']);
$db->query("UPDATE et_users SET user_head = '{$upname}' WHERE user_id='{$my['user_id']}'");
}
if (in_array($syshead, $sysphoto) && !$_FILES['picture']['name']) {
$user_syshead = get_substr($syshead, -14, 0);
$db->query("UPDATE et_users SET user_head = '{$user_syshead}' WHERE user_id='{$my['user_id']}'");
}
echo "<script>location.href='{$webaddr}/op/setting&tip=30'</script>";
exit;
}
if ($action == "setting") {
$gender = $_POST["gender"];
$musicaddr = daddslashes(trim($_POST["musicaddr"]));
$homesf = $_POST["homesf"];
$homecity = $_POST["homecity"];
$livesf = $_POST["livesf"];
$livecity = $_POST["livecity"];
$homeprovince = "{$homesf} {$homecity}";
$liveprovince = "{$livesf} {$livecity}";
/**
* Обработчик действия: Добавление записи.
*/
function AddItem()
{
$_REQUEST['name'] = strip_tags($_REQUEST['name']);
$_REQUEST['idcat'] = (int) $_REQUEST['idcat'];
$_REQUEST['urlname'] = getURLName($_REQUEST['name'], $_REQUEST['urlname'], SECTION . "_catalog", "idcat=" . (int) $_REQUEST['idcat']);
$_REQUEST['active'] = isset($_REQUEST['active']) ? "Y" : "N";
$_REQUEST['sort'] = A::$DB->getOne("SELECT MAX(sort) FROM " . SECTION . "_catalog") + 1;
$_REQUEST['keywords'] = getkeywords($_REQUEST['content']);
if (A::$OPTIONS['autoanons']) {
$_REQUEST['description'] = truncate($_REQUEST['content'], A::$OPTIONS['anonslen']);
}
if (!A::$OPTIONS['usedate']) {
$_REQUEST['date'] = time();
}
$_REQUEST['mdate'] = time();
$dataset = new A_DataSet(SECTION . "_catalog", true);
$dataset->fields = array("date", "mdate", "idcat", "name", "urlname", "description", "keywords", "content", "tags", "active", "sort");
if ($id = $dataset->Insert()) {
for ($i = 1; $i <= 5; $i++) {
if (isset($_REQUEST["imagedescription{$i}"])) {
UploadImage("image{$i}", $_REQUEST["imagedescription{$i}"], 0, $id, $i);
}
}
for ($i = 1; $i <= 5; $i++) {
if (isset($_REQUEST["filedescription{$i}"])) {
UploadFile("file{$i}", $_REQUEST["filedescription{$i}"], 0, $id, $i);
}
}
if ($_REQUEST['active'] == 'Y') {
$path = getTreePath(SECTION . "_categories", $_REQUEST['idcat'], " - ");
$name = !empty($path) ? $path . ' - ' . $_REQUEST['name'] : $_REQUEST['name'];
A::$OBSERVER->Event('searchIndexUpdate', SECTION, array('id' => $id, 'name' => $name, 'content' => $_REQUEST['content'], 'tags' => $_REQUEST['tags']));
}
self::updateCategoryItems($_REQUEST['idcat']);
unset($_POST['idcat']);
return $id;
} else {
return false;
}
}
return false;
}
function del()
{
global $file;
$file = $_REQUEST["file"];
$upload_dir = "avatar/";
unlink($upload_dir . $file);
}
switch ($action) {
case 'upload':
$allowed_types = array(IMAGETYPE_GIF, IMAGETYPE_JPEG, IMAGETYPE_PNG);
$allowed_ext = array("jpg", "png", "gif", "jpeg");
$path = "avatar/";
$global = $_FILES["objUpload"];
if ($filename = UploadImage($global, $path, $allowed_types, $allowed_ext)) {
$url = sqlesc($BASEURL . "/" . $path . $global["name"]);
do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `avatar_upload`='yes', `avatar`={$url} WHERE `id` = {$uid}", true);
redirect("index.php?page=usercp&do=avatar&action=read&what=success&uid=" . $uid . "");
} else {
redirect("index.php?page=usercp&do=avatar&action=read&what=failure&uid=" . $uid . "");
}
break;
case 'delete':
del();
do_sqlquery("UPDATE `{$TABLE_PREFIX}users` SET `avatar_upload`='no', `avatar_upload_name`='',`avatar`='' WHERE `id`={$uid}");
redirect("index.php?page=usercp&do=avatar&action=read&uid=" . $uid . "");
break;
default:
case 'read':
$query = do_sqlquery("SELECT `avatar_upload`, `avatar_upload_name` FROM `{$TABLE_PREFIX}users` WHERE `id` = {$uid}", true);
}
header('location:../../master.php?module=artikel');
} elseif ($module == 'artikel' and $act == 'update') {
$lokasi_file = $_FILES['fupload']['tmp_name'];
$tipe_file = $_FILES['fupload']['type'];
$nama_file = $_FILES['fupload']['name'];
$acak = date('Ymd-his');
$namaGambar = $acak . $nama_file;
$judulSeo = seo_title($_POST['judul']);
// Apabila gambar tidak diganti
if (empty($lokasi_file)) {
mysql_query("UPDATE tartikel SET id_grup\t\t= '{$_POST['groupId']}',\r\n\t\t\t\t\t\t\t\t\t\tid_kategori\t= '{$_POST['kategoriId']}',\r\n\t\t\t\t\t\t\t\t\t\tjudul = '{$_POST['judul']}',\r\n\t\t\t\t\t\t\t\t\t\tjudul_seo = '{$judulSeo}', \r\n\t\t\t\t\t\t\t\t\t\taktif\t\t= '{$_POST['aktif']}',\r\n\t\t\t\t\t\t\t\t\t\tisi\t\t\t= '{$_POST['isi']}',\r\n\t\t\t\t\t\t\t\t\t\tlastUpdate\t= '{$_SESSION['idUser']}'\r\n\t\t\t\t\t\t\t\t\t\tWHERE id_artikel = '{$_POST['id']}'");
} else {
$data = mysql_fetch_array(mysql_query("SELECT gambar FROM tartikel WHERE id_artikel = '{$_POST['id']}'"));
if ($data[gambar] == '') {
UploadImage($namaGambar);
mysql_query("UPDATE tartikel SET id_grup\t\t= '{$_POST['groupId']}',\r\n\t\t\t\t\t\t\t\t\t\t\tid_kategori\t= '{$_POST['kategoriId']}',\r\n\t\t\t\t\t\t\t\t\t\t\tjudul = '{$_POST['judul']}',\r\n\t\t\t\t\t\t\t\t\t\t\tjudul_seo = '{$judulSeo}', \r\n\t\t\t\t\t\t\t\t\t\t\taktif\t\t= '{$_POST['aktif']}',\r\n\t\t\t\t\t\t\t\t\t\t\tisi\t\t\t= '{$_POST['isi']}',\r\n\t\t\t\t\t\t\t\t\t\t\tgambar\t\t= '{$namaGambar}',\r\n\t\t\t\t\t\t\t\t\t\t\tlastUpdate\t= '{$_SESSION['idUser']}'\r\n\t\t\t\t\t\t\t\t\t\t\tWHERE id_artikel = '{$_POST['id']}'");
} else {
$gambar = $data[gambar];
$hapusGambar = unlink("../../../gambar/articles/{$gambar}");
if ($hapusGambar) {
$hapusGambarThumbs = unlink("../../../gambar/articles/thumbs/thumb_{$gambar}");
}
if ($hapusGambarThumbs) {
UploadImage($namaGambar);
mysql_query("UPDATE tartikel SET id_grup\t\t= '{$_POST['groupId']}',\r\n\t\t\t\t\t\t\t\t\t\t\t\tid_kategori\t= '{$_POST['kategoriId']}',\r\n\t\t\t\t\t\t\t\t\t\t\t\tjudul = '{$_POST['judul']}',\r\n\t\t\t\t\t\t\t\t\t\t\t\tjudul_seo = '{$judulSeo}', \r\n\t\t\t\t\t\t\t\t\t\t\t\taktif\t\t= '{$_POST['aktif']}',\r\n\t\t\t\t\t\t\t\t\t\t\t\tisi\t\t\t= '{$_POST['isi']}',\r\n\t\t\t\t\t\t\t\t\t\t\t\tgambar\t\t= '{$namaGambar}',\r\n\t\t\t\t\t\t\t\t\t\t\t\tlastUpdate\t= '{$_SESSION['idUser']}'\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE id_artikel = '{$_POST['id']}'");
}
}
}
header('location:../../master.php?module=artikel');
}
/**
* Обработчик действия: Добавление изображений в альбом.
*/
function AddImage()
{
if ($album = A::$DB->getRowById($_REQUEST['idalb'], SECTION . "_albums")) {
$sort = A::$DB->getOne("SELECT MAX(sort) FROM " . DOMAIN . "_images WHERE idsec=" . SECTION_ID . " AND iditem=" . $album['id']);
for ($i = 1; $i <= 6; $i++) {
$idimg = UploadImage("image{$i}", $_REQUEST["name{$i}"], 0, $album['id'], $sort + $i);
if (empty($album['idimg'])) {
A::$DB->Update(SECTION . "_albums", array('idimg' => $idimg), "id=" . $album['id']);
$album['idimg'] = $idimg;
}
}
if (extension_loaded('zip') && isset($_FILES['archzip']['tmp_name']) && file_exists($_FILES['archzip']['tmp_name'])) {
delDir("files/" . DOMAIN . "/tmp");
mk_dir("files/" . DOMAIN . "/tmp");
$zip = new ZipArchive();
$zip->open($_FILES['archzip']['tmp_name']);
if ($zip->extractTo("files/" . DOMAIN . "/tmp")) {
$images = scandir("files/" . DOMAIN . "/tmp");
$i = 1;
foreach ($images as $file) {
if ($file != '.' && $file != '..') {
$idimg = RegisterImage("files/" . DOMAIN . "/tmp/{$file}", '', 0, $album['id'], $sort + $i++, A::$OPTIONS['img_resize'], A::$OPTIONS['img_x'], A::$OPTIONS['img_y']);
if (empty($album['idimg'])) {
A::$DB->Update(SECTION . "_albums", array('idimg' => $idimg), "id=" . $album['id']);
$album['idimg'] = $idimg;
}
}
}
}
$zip->close();
delDir("files/" . DOMAIN . "/tmp");
}
if (!empty($_REQUEST['path']) && A::$AUTH->isSuperAdmin()) {
$_path = preg_replace("/^[.\\/]+/i", "", $_REQUEST['path']);
if (empty($_path)) {
return true;
}
if (A::$AUTH->isSuperAdmin()) {
if (is_dir($_path)) {
$path = $_path;
} elseif (is_file($_path)) {
$file = $_path;
} elseif (is_dir("files/" . DOMAIN . "/" . $_path)) {
$path = "files/" . DOMAIN . "/" . $_path;
} elseif (is_file("files/" . DOMAIN . "/" . $_path)) {
$file = "files/" . DOMAIN . "/" . $_path;
}
} elseif (is_dir("files/" . DOMAIN . "/" . $_path)) {
$path = "files/" . DOMAIN . "/" . $_path;
} elseif (is_file("files/" . DOMAIN . "/" . $_path)) {
$file = "files/" . DOMAIN . "/" . $_path;
}
if (!empty($file) && extension_loaded('zip')) {
delDir("files/" . DOMAIN . "/tmp");
mk_dir("files/" . DOMAIN . "/tmp");
$zip = new ZipArchive();
$zip->open($file);
if ($zip->extractTo("files/" . DOMAIN . "/tmp")) {
$path = "files/" . DOMAIN . "/tmp";
}
$zip->close();
}
if (!empty($path)) {
$images = scandir($path);
$i = 1;
foreach ($images as $file) {
if ($file != '.' && $file != '..') {
$idimg = RegisterImage("{$path}/{$file}", '', 0, $album['id'], $sort + $i++, A::$OPTIONS['img_resize'], A::$OPTIONS['img_x'], A::$OPTIONS['img_y']);
if (empty($album['idimg'])) {
A::$DB->Update(SECTION . "_albums", array('idimg' => $idimg), "id=" . $album['id']);
$album['idimg'] = $idimg;
}
}
}
}
}
}
return true;
}
function fcategory_dataset_prepare($dataset)
{
if ($structure = getStructureByPlugin('fcategory')) {
A::$DB->query("SELECT * FROM {$structure} WHERE idsec=" . SECTION_ID . " ORDER BY sort");
while ($row = A::$DB->fetchRow()) {
switch ($row['type']) {
case "int":
$_REQUEST[$row['field']] = isset($_REQUEST[$row['field']]) ? (int) $_REQUEST[$row['field']] : 0;
$dataset->fields[] = $row['field'];
break;
case "select":
$_REQUEST[$row['field']] = isset($_REQUEST[$row['field']]) ? (int) $_REQUEST[$row['field']] : 0;
$options = loadList($row['property']);
if (!isset($options[$_REQUEST[$row['field']]]) && !empty($_REQUEST[$row['field'] . "_txt"])) {
if ($string = trim($_REQUEST[$row['field'] . "_txt"])) {
if ($plugin = getPluginByStructure($row['property'])) {
if (function_exists("{$plugin}_add")) {
$_REQUEST[$row['field']] = call_user_func("{$plugin}_add", $row['property'], $string);
}
}
}
}
$dataset->fields[] = $row['field'];
break;
case "mselect":
if (!empty($_REQUEST[$row['field']]) && is_array($_REQUEST[$row['field']])) {
$values = array();
foreach ($_REQUEST[$row['field']] as $sid) {
$values[] = sprintf("%04d", (int) $sid);
}
$_REQUEST[$row['field']] = implode(",", $values);
} else {
$_REQUEST[$row['field']] = "";
}
$dataset->fields[] = $row['field'];
break;
case "float":
$_REQUEST[$row['field']] = isset($_REQUEST[$row['field']]) ? (double) $_REQUEST[$row['field']] : 0;
$dataset->fields[] = $row['field'];
break;
case "bool":
$_REQUEST[$row['field']] = isset($_REQUEST[$row['field']]) ? "Y" : "N";
$dataset->fields[] = $row['field'];
break;
case "date":
$_REQUEST[$row['field']] = isset($_REQUEST[$row['field']]) ? (int) $_REQUEST[$row['field']] : mktime(0, 0, 0, (int) $_REQUEST[$row['field'] . 'Month'], (int) $_REQUEST[$row['field'] . 'Day'], (int) $_REQUEST[$row['field'] . 'Year']);
$dataset->fields[] = $row['field'];
break;
case "string":
case "text":
case "format":
$_REQUEST[$row['field']] = isset($_REQUEST[$row['field']]) ? trim($_REQUEST[$row['field']]) : "";
$dataset->fields[] = $row['field'];
break;
case "image":
if (empty(A::$REGFILES)) {
A::$REGFILES = getSectionByModule('pages');
}
if (empty($dataset->data) || empty($_REQUEST['parent_id'])) {
$_REQUEST[$row['field']] = UploadImage($row['field'], !empty($_REQUEST['name']) ? $_REQUEST['name'] : "");
} else {
$_REQUEST[$row['field']] = UploadImage($row['field'], !empty($_REQUEST['name']) ? $_REQUEST['name'] : "", $dataset->data[$row['field']]);
if (isset($_REQUEST[$row['field'] . '_del'])) {
DelRegImage($dataset->data[$row['field']]);
$_REQUEST[$row['field']] = 0;
}
}
$dataset->fields[] = $row['field'];
break;
case "file":
if (empty(A::$REGFILES)) {
A::$REGFILES = getSectionByModule('pages');
}
if (empty($dataset->data) || empty($_REQUEST['parent_id'])) {
$_REQUEST[$row['field']] = UploadFile($row['field'], !empty($_REQUEST['name']) ? $_REQUEST['name'] : "");
} else {
$_REQUEST[$row['field']] = UploadFile($row['field'], !empty($_REQUEST['name']) ? $_REQUEST['name'] : "", $dataset->data[$row['field']]);
if (isset($_REQUEST[$row['field'] . '_del'])) {
DelRegFile($dataset->data[$row['field']]);
$_REQUEST[$row['field']] = 0;
}
}
$dataset->fields[] = $row['field'];
break;
}
}
A::$DB->free();
}
}
} else {
if ($tipe_file != "image/jpeg" and $tipe_file != "image/jpg") {
echo "<script>window.alert('Tipe File tidak di ijinkan.');\r\n window.location=(href='../../media_admin.php?module=home')</script>";
} else {
$cek = mysql_query("SELECT * FROM pengajar WHERE id_pengajar = '{$_POST['id']}'");
$r = mysql_fetch_array($cek);
if (!empty($r[foto])) {
$img = "../../../foto_pengajar/{$r['foto']}";
unlink($img);
$img2 = "../../../foto_pengajar/medium_{$r['foto']}";
unlink($img2);
$img3 = "../../../foto_pengajar/small_{$r['foto']}";
unlink($img3);
UploadImage($nama_file);
$pass = md5($_POST[password]);
mysql_query("UPDATE pengajar SET nip = '{$_POST['nip']}',\r\n nama_lengkap = '{$_POST['nama_lengkap']}',\r\n username_login = '******'username']}',\r\n password_login = '******',\r\n alamat = '{$_POST['alamat']}',\r\n tempat_lahir = '{$_POST['tempat_lahir']}',\r\n tgl_lahir = '{$tgl_lahir}',\r\n jenis_kelamin = '{$_POST['jk']}',\r\n agama = '{$_POST['agama']}',\r\n no_telp = '{$_POST['no_telp']}',\r\n email = '{$_POST['email']}',\r\n website = '{$_POST['website']}',\r\n foto = '{$nama_file}',\r\n jabatan = '{$_POST['jabatan']}'\r\n WHERE id_pengajar = '{$_POST['id']}'");
} else {
UploadImage($nama_file);
$pass = md5($_POST[password]);
mysql_query("UPDATE pengajar SET nip = '{$_POST['nip']}',\r\n nama_lengkap = '{$_POST['nama_lengkap']}',\r\n username_login = '******'username']}',\r\n password_login = '******',\r\n alamat = '{$_POST['alamat']}',\r\n tempat_lahir = '{$_POST['tempat_lahir']}',\r\n tgl_lahir = '{$tgl_lahir}',\r\n jenis_kelamin = '{$_POST['jk']}',\r\n agama = '{$_POST['agama']}',\r\n no_telp = '{$_POST['no_telp']}',\r\n email = '{$_POST['email']}',\r\n website = '{$_POST['website']}',\r\n foto = '{$nama_file}',\r\n jabatan = '{$_POST['jabatan']}'\r\n WHERE id_pengajar = '{$_POST['id']}'");
}
}
}
}
header('location:../../media_admin.php?module=home');
} else {
echo "<script>window.alert('Nip sudah pernah digunakan.');\r\n window.location=(href='../../media_admin.php?module=home')</script>";
}
}
}
}
</tbody>
</table>
</ul>
</div>
</form>
<div class="span4">
<center><img src="<?php
echo $URL;
?>
/ili-upload/logo.png" width="300px" height="300px"/></center>
<form action="" method="post" name="form2" enctype="multipart/form-data">
<input type="hidden" name="UploadImage">
<input type="file" name="fileToUpload" id="fileToUpload" onChange="this.form.submit();">
</form>
<?php
UploadImage();
?>
</div>
<div class="space5"></div>
</div>
</div>
<!-- END EXAMPLE TABLE widget-->
</div>
</div>
<!-- END PAGE CONTENT-->
</div>
<!-- END PAGE CONTAINER-->
</div>
<!-- END PAGE -->
</div>
$textcolor = trim($_POST['text']);
$links = trim($_POST['links']);
$sidebarcl = trim($_POST['sidebarcl']);
$sidebox = trim($_POST['sidebox']);
$pictype = $_POST['pictype'];
$newbgurl = $_POST['newbgurl'];
$uppictype = array("image/jpg", "image/pjpeg", "image/jpeg", "image/gif", "image/png", "image/x-png", "image/bmp");
if ($_FILES['bgpicture']['name']) {
if (!in_array($_FILES['bgpicture']['type'], $uppictype)) {
echo "<script>alert('很抱歉,您上传的图片过大或者类型不正确!');location.href='{$webaddr}/op/theme'</script>";
exit;
}
@unlink(ET_ROOT . "/attachments/photo/user_" . $my[user_id] . "/themebg.jpg");
@unlink(ET_ROOT . "/attachments/photo/user_" . $my[user_id] . "/themebg_thumb.jpg");
include ET_ROOT . "/include/uploadpic.func.php";
UploadImage("bgpicture", 1, 112, 72, ET_ROOT . "/attachments/photo/user_" . $my[user_id] . "/", ET_ROOT . "/attachments/photo/user_" . $my[user_id] . "/", "themebg", "themebg_thumb", "jpg");
$pictype = $pictype ? $pictype : "center";
$bgurl = "attachments/photo/user_" . $my[user_id];
//不需要添加 $webaddr
}
$newbgurl = $bgurl ? $bgurl : $newbgurl;
$newbgurl = daddslashes($newbgurl);
$db->query("UPDATE et_users SET theme_bgcolor='{$bgcolor}',theme_pictype = '{$pictype}',theme_text='{$textcolor}',\n theme_link='{$links}',theme_sidebar='{$sidebarcl}',theme_sidebox='{$sidebox}',theme_bgurl='{$newbgurl}' WHERE user_id='{$my['user_id']}'");
dsetcookie('setok', 'theme1');
header("location:{$webaddr}/op/theme");
exit;
}
$query = $db->query("SELECT * FROM et_usertemplates WHERE isopen='1' ORDER BY ut_id");
while ($data = $db->fetch_array($query)) {
$ut_id = $data['ut_id'];
$theme_bgcolor = $data['theme_bgcolor'];
function RunImport()
{
if (!empty($_FILES)) {
if (basename($_FILES['importFile']['name']) == "import_0945.csv") {
Import_PRICE_ROST();
} elseif (basename($_FILES['importFile']['name']) == "DC_IMS.csv") {
Import_DC_IMS();
} elseif (basename($_FILES['importFile']['name']) == "PRICE_KROSS.csv") {
Import_PRICE_KROSS();
} elseif (basename($_FILES['importFile']['name']) == "FILIAL.csv") {
Import_Filial();
} elseif (basename($_FILES['importFile']['name']) == "DOSTAVKA.csv") {
Import_DOSTAVKA();
} elseif (basename($_FILES['importFile']['name']) == "FILTR.csv") {
ImportFILTR();
} else {
UploadImage();
}
} elseif (isset($_GET['action']) and $_GET['action'] == "GetOrders") {
GetOrders();
} elseif (isset($_GET['action']) and $_GET['action'] == "GetUsers") {
GetUsers();
} else {
EmptyAction();
}
}
