function generate_imagename($image_file_path)
{
global $ERROR_MESSAGE;
LOG_MSG('INFO', "generate_imagename(): START image_file_path=[{$image_file_path}]");
/**********************************************************************/
/* Validate and clean up the filename */
/**********************************************************************/
// Step 3: Get the base filename
$ext = pathinfo($image_file_path, PATHINFO_EXTENSION);
$uploaded_image_name = basename($image_file_path, "." . $ext);
// Extract image name
// step 4. Check image extension type
$image_extension = make_clean_url(pathinfo($image_file_path, PATHINFO_EXTENSION));
// Extract image extension
if ($image_extension != 'jpg' && $image_extension != 'jpeg' && $image_extension != 'png' && $image_extension != 'gif') {
return false;
}
// Step 5: Clean the filename
$new_image_name = substr(make_clean_url($uploaded_image_name), 0, 130) . "." . date('YmdHis') . "." . $image_extension;
// New image name
LOG_MSG('INFO', "generate_imagename(): END");
return $new_image_name;
}
function do_page_save($mode = "ADD")
{
if (!has_user_permission(__FUNCTION__, $mode)) {
return;
}
global $GO, $ROW;
LOG_MSG('INFO', "do_page_save(): START (mode={$mode})");
if ($mode == 'ADD') {
$GO = 'list';
}
// Get all the args from $_POST
$page_id = get_arg($_POST, "page_id");
$name = make_clean_url(get_arg($_POST, "name"));
$title = get_arg($_POST, "title");
$content = get_arg($_POST, "content");
$type = get_arg($_POST, "type");
LOG_MSG('DEBUG', "do_page_save(): Got args");
if ($type != 'HTML' && $type != 'CODE') {
$type = 'HTML';
}
// Validate parameters
if (!validate("Name", $name, 1, 100, "varchar") || !validate("Title", $title, 1, 100, "varchar") || !validate("Content", $content, 0, 65536, "text") || !validate("Type", $type, 1, 20, "varchar")) {
LOG_MSG('ERROR', "do_page_save(): Validate args failed!");
return;
}
LOG_MSG('DEBUG', "do_page_save(): Validated args");
##################################################
# DB INSERT #
##################################################
switch ($mode) {
case "ADD":
$ROW = db_page_insert($name, $title, $content, $type);
if ($ROW['STATUS'] != "OK") {
switch ($ROW["SQL_ERROR_CODE"]) {
case 1062:
// unique key
add_msg("ERROR", "The Page <strong>{$name}</strong> is already in use. Please enter a different Page");
break;
default:
add_msg("ERROR", "There was an error adding the Page <strong>{$name}</strong>.");
break;
}
LOG_MSG('ERROR', "do_page_save(): Add args failed!");
return;
}
add_msg("SUCCESS", "New Page <strong>{$name}</strong> added successfully");
break;
case "UPDATE":
// Validate page_id
if (!validate("Page Id", $page_id, 1, 11, "int")) {
LOG_MSG('ERROR', "do_page_save(): Validate arguments failed");
return;
}
$ROW = db_page_update($page_id, $name, $title, $content, $type);
if ($ROW['STATUS'] != "OK") {
add_msg("ERROR", "There was an error updating the Page <strong>{$name}</strong> .");
return;
}
add_msg("SUCCESS", "Page <strong>{$name}</strong> updated successfully");
break;
}
// on success show the list
//$GO="list";
LOG_MSG('INFO', "do_page_save(): END");
}