function formProcess_bl($option)
{
$errorText = '';
if (!check_csrf_token()) {
zamgerlog("csrf token nije dobar", 3);
zamgerlog2("csrf token nije dobar");
return "Poslani podaci nisu ispravni. Vratite se nazad, ponovo popunite formu i kliknite na dugme Pošalji";
}
if (!in_array($option, array('add', 'edit'))) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
return $errorText;
}
$id = intval($_REQUEST['id']);
if ($option == 'edit' && $id <= 0) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
zamgerlog("pokusao urediti nepostojeci clanak {$id}, projekat {$projekat} (pp{$predmet})", 3);
zamgerlog2("pokusao urediti nepostojeci clanak", $id, $projekat);
return $errorText;
}
//get variables
$naslov = $_REQUEST['naslov'];
$tekst = $_REQUEST['tekst'];
$slika = $_FILES['image'];
$projekat = intval($_REQUEST['projekat']);
$predmet = intval($_REQUEST['predmet']);
global $userid;
if (empty($naslov)) {
$errorText = 'Unesite sva obavezna polja.';
return $errorText;
}
$naslov = trim($naslov);
$tekst = trim($tekst);
//process image
if ($option == 'edit') {
$entry = getArticle($id);
}
global $conf_files_path;
$lokacijaclanaka = "{$conf_files_path}/projekti/clanci/{$projekat}/{$userid}/";
if (!file_exists("{$conf_files_path}/projekti/clanci/{$projekat}")) {
mkdir("{$conf_files_path}/projekti/clanci/{$projekat}", 0777, true);
}
if (!file_exists($lokacijaclanaka)) {
mkdir($lokacijaclanaka, 0777, true);
}
if ($slika['error'] != 4) {
//cannot delete original image and preplace it with the new image so check this also
if (isset($_REQUEST['delete'])) {
$errorText .= 'Selektujte ili brisanje slike, ili zamjena slike, ne oboje!';
return $errorText;
}
//adding or replacing image - depends on the $option parameter(add, edit)
if ($slika['error'] > 0) {
if ($slika['error'] == 1 || $slika['error'] == 2) {
$errorText .= 'Pokušavate poslati fajl koji je veci od dozvoljene velicine. Probajte sa manjim fajlom.<br />';
} else {
$errorText .= 'Vaš fajl nije poslan korektno. Molimo pokušajte ponovo.<br />';
}
return $errorText;
} else {
//No error occured so far
$uploadDir = $lokacijaclanaka;
# Go to all lower case for consistency
$imageName = strtolower($slika["name"]);
$extension = preg_replace('/.+(\\..*)$/', '$1', $imageName);
$safeExtensions = array('.jpg', '.jpeg', '.gif', '.png');
if (!in_array($extension, $safeExtensions)) {
$errorText .= 'Format slike nije dozvoljen. <br />';
return $errorText;
}
if (getimagesize($slika['tmp_name']) == false) {
$errorText .= 'Format slike nije dozvoljen. <br />';
return $errorText;
}
//final file name
if ($option == 'add') {
$uniqueID = date('YmdHis', time());
$uploadFile = $uniqueID . "{$userid}" . $extension;
} else {
if ($entry['slika'] == '') {
$uniqueID = date('YmdHis', time());
$uploadFile = $uniqueID . "{$userid}" . $extension;
} else {
$uploadFile = $entry['slika'];
}
}
if (move_uploaded_file($slika['tmp_name'], $uploadDir . $uploadFile)) {
//transfered a file to upload directory from temp dir
//if edit option REPLACING the old image (overwrite)
chmod($uploadDir . $uploadFile, 0777);
} else {
$errorText .= 'Desila se greška prilikom uploada slike. Molimo kontaktirajte administratora.<br />';
return $errorText;
}
//else
}
//else
}
//if ($_FILES['slika']['error'] != 4)
if ($option == 'add') {
if ($slika['error'] != 4) {
$imageURL = $uploadFile;
} else {
$imageURL = '';
}
} else {
if ($entry['slika'] == '') {
$imageURL = $uploadFile;
} else {
if (isset($_REQUEST['delete'])) {
//delete image from server
unlink($lokacijaclanaka . $entry['slika']);
//reset image in the database
$imageURL = '';
} else {
$imageURL = $entry['slika'];
}
}
}
$data = array('naslov' => $naslov, 'tekst' => $tekst, 'slika' => $imageURL, 'osoba' => $userid, 'projekat' => $projekat);
if ($option == 'add') {
if (!insertArticle($data)) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
return $errorText;
}
} else {
if (!updateArticle($data, $id)) {
$errorText = 'Doslo je do greske prilikom spasavanja podataka. Molimo kontaktirajte administratora.';
return $errorText;
}
}
//option == edit
return $errorText;
}
videoDistributors();
break;
case 'video_new':
videoPremiere();
break;
case 'dvddistr':
dvdDistributors();
break;
case 'dvd_new':
dvdPremiere();
break;
case 'usa_new':
usaPremiere();
break;
case 'add_article':
insertArticle();
break;
case 'articles':
manageArticles();
break;
case 'logout':
adminLogout();
break;
case 'backup':
setBackup();
break;
case 'password':
adminPassword();
break;
case 'opt':
break;
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
include_once 'commons.php';
include_once 'db.php';
include_once 'log.php';
if ($_SERVER["REQUEST_METHOD"] == "GET") {
return getArticles();
} elseif ($_SERVER["REQUEST_METHOD"] == "POST") {
$json = file_get_contents('php://input');
$data = json_decode($json, true);
var_dump($data);
$tinyurl = "";
if (!empty($data["link"])) {
get_tiny_url($data["link"]);
}
return insertArticle($data["title"], $data["body"], $tinyurl);
} elseif ($_SERVER["REQUEST_METHOD"] == "DELETE") {
$json = file_get_contents('php://input');
$data = json_decode($json, true);
$articleID = $data["articleId"];
if (empty($articleID)) {
return;
}
deleteArticle($articleID);
log_info("Delete Article: " . $articleID);
} else {
error("unknown verb");
}
//Functions
//gets the data from a URL
function get_tiny_url($url)