function process_picture()
{
global $HTTP_POST_VARS, $HTTP_GET_VARS, $HTTP_POST_FILES, $CONFIG, $IMG_TYPES;
global $lang_db_input_php, $lang_errors;
@unlink(LOGFILE);
if (!USER_ID || !USER_CAN_UPLOAD_PICTURES) {
simple_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}
$album = (int) $HTTP_GET_VARS['album'];
$title = $HTTP_POST_VARS['title'];
$caption = $HTTP_POST_VARS['caption'];
$keywords = $HTTP_POST_VARS['keywords'];
$user1 = '';
$user2 = '';
$user3 = '';
$user4 = '';
// Check if the album id provided is valid
if (!USER_IS_ADMIN) {
$result = db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}' and category = '" . (USER_ID + FIRST_USER_CAT) . "'");
if (mysql_num_rows($result) == 0) {
simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__);
}
$row = mysql_fetch_array($result);
mysql_free_result($result);
$category = $row['category'];
} else {
$result = db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}'");
if (mysql_num_rows($result) == 0) {
simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__);
}
$row = mysql_fetch_array($result);
mysql_free_result($result);
$category = $row['category'];
}
// Test if the filename of the temporary uploaded picture is empty
if ($HTTP_POST_FILES['userpicture']['tmp_name'] == '') {
simple_die(ERROR, $lang_db_input_php['no_pic_uploaded'], __FILE__, __LINE__);
}
// Create destination directory for pictures
if (USER_ID && !defined('SILLY_SAFE_MODE')) {
if (USER_IS_ADMIN && $category != USER_ID + FIRST_USER_CAT) {
$filepath = 'wpw-' . date("Ymd");
} else {
$filepath = $CONFIG['userpics'] . (USER_ID + FIRST_USER_CAT);
}
$dest_dir = $CONFIG['fullpath'] . $filepath;
if (!is_dir($dest_dir)) {
mkdir($dest_dir, octdec($CONFIG['default_dir_mode']));
if (!is_dir($dest_dir)) {
simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_mkdir'], $dest_dir), __FILE__, __LINE__, true);
}
chmod($dest_dir, octdec($CONFIG['default_dir_mode']));
$fp = fopen($dest_dir . '/index.html', 'w');
fwrite($fp, ' ');
fclose($fp);
}
$dest_dir .= '/';
$filepath .= '/';
} else {
$filepath = $CONFIG['userpics'];
$dest_dir = $CONFIG['fullpath'] . $filepath;
}
// Check that target dir is writable
if (!is_writable($dest_dir)) {
simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['dest_dir_ro'], $dest_dir), __FILE__, __LINE__, true);
}
$matches = array();
if (get_magic_quotes_gpc()) {
$HTTP_POST_FILES['userpicture']['name'] = stripslashes($HTTP_POST_FILES['userpicture']['name']);
}
// Replace forbidden chars with underscores
$forbidden_chars = strtr($CONFIG['forbiden_fname_char'], array('&' => '&', '"' => '"', '<' => '<', '>' => '>'));
$picture_name = strtr($HTTP_POST_FILES['userpicture']['name'], $forbidden_chars, str_repeat('_', strlen($CONFIG['forbiden_fname_char'])));
// Check that the file uploaded has a valid extension
if (!preg_match("/(.+)\\.(.*?)\\Z/", $picture_name, $matches)) {
$matches[1] = 'invalid_fname';
$matches[2] = 'xxx';
}
if ($matches[2] == '' || !is_known_filetype($matches)) {
simple_die(ERROR, sprintf($lang_db_input_php['err_invalid_fext'], $CONFIG['allowed_file_extensions']), __FILE__, __LINE__);
}
// Create a unique name for the uploaded file
$nr = 0;
$picture_name = $matches[1] . '.' . $matches[2];
while (file_exists($dest_dir . $picture_name)) {
$picture_name = $matches[1] . '~' . $nr++ . '.' . $matches[2];
}
$uploaded_pic = $dest_dir . $picture_name;
// Move the picture into its final location
if (!move_uploaded_file($HTTP_POST_FILES['userpicture']['tmp_name'], $uploaded_pic)) {
simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_move'], $picture_name, $dest_dir), __FILE__, __LINE__, true);
}
// Change file permission
chmod($uploaded_pic, octdec($CONFIG['default_file_mode']));
// Check file size. Delete if it is excessive.
if (filesize($uploaded_pic) > $CONFIG['max_upl_size'] << 10) {
@unlink($uploaded_pic);
simple_die(ERROR, sprintf($lang_db_input_php['err_imgsize_too_large'], $CONFIG['max_upl_size']), __FILE__, __LINE__);
} elseif (is_image($picture_name)) {
// Get picture information
$imginfo = getimagesize($uploaded_pic);
// getimagesize does not recognize the file as a picture
if ($imginfo == null) {
@unlink($uploaded_pic);
simple_die(ERROR, $lang_db_input_php['err_invalid_img'], __FILE__, __LINE__, true);
}
// JPEG and PNG only are allowed with GD
if ($imginfo[2] != GIS_JPG && $imginfo[2] != GIS_PNG && ($CONFIG['thumb_method'] == 'gd1' || $CONFIG['thumb_method'] == 'gd2')) {
@unlink($uploaded_pic);
simple_die(ERROR, $lang_errors['gd_file_type_err'], __FILE__, __LINE__, true);
}
// Check that picture size (in pixels) is lower than the maximum allowed
if (max($imginfo[0], $imginfo[1]) > $CONFIG['max_upl_width_height']) {
@unlink($uploaded_pic);
simple_die(ERROR, sprintf($lang_db_input_php['err_fsize_too_large'], $CONFIG['max_upl_width_height'], $CONFIG['max_upl_width_height']), __FILE__, __LINE__);
}
}
// Create thumbnail and internediate image and add the image into the DB
$result = add_picture($album, $filepath, $picture_name, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category);
if (!$result) {
@unlink($uploaded_pic);
simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_insert_pic'], $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true);
} else {
echo "SUCCESS";
exit;
}
}
function process_picture()
{
global $CONFIG, $IMG_TYPES;
global $lang_db_input_php, $lang_errors;
$superCage = Inspekt::makeSuperCage();
@unlink(LOGFILE);
if (!USER_ID || !USER_CAN_UPLOAD_PICTURES) {
simple_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}
//$album = (int)$_GET['album'];
$album = $superCage->get->getInt('album');
$title = '';
$caption = '';
$keywords = '';
$user1 = '';
$user2 = '';
$user3 = '';
$user4 = '';
$position = 0;
// Check if the album id provided is valid
if (!USER_IS_ADMIN) {
$result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}' and category = '" . (USER_ID + FIRST_USER_CAT) . "'");
if (mysql_num_rows($result) == 0) {
simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__);
}
$row = mysql_fetch_array($result);
mysql_free_result($result);
$category = $row['category'];
} else {
$result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid='{$album}'");
if (mysql_num_rows($result) == 0) {
simple_die(ERROR, $lang_db_input_php['unknown_album'], __FILE__, __LINE__);
}
$row = mysql_fetch_array($result);
mysql_free_result($result);
$category = $row['category'];
}
// Get position
$result = cpg_db_query("SELECT position FROM {$CONFIG['TABLE_PICTURES']} WHERE aid='{$album}' order by position desc");
if (mysql_num_rows($result) == 0) {
$position = 100;
} else {
$row = mysql_fetch_array($result);
mysql_free_result($result);
if ($row['position']) {
$position = $row['position'];
$position++;
}
}
// Test if the filename of the temporary uploaded picture is empty
// if ($_FILES['userpicture']['tmp_name'] == '') simple_die(ERROR, $lang_db_input_php['no_pic_uploaded'], __FILE__, __LINE__);
if ($superCage->files->getRaw('/userpicture/tmp_name') == '') {
simple_die(ERROR, $lang_db_input_php['no_pic_uploaded'], __FILE__, __LINE__);
}
// Create destination directory for pictures
if (USER_ID && $CONFIG['silly_safe_mode'] != 1) {
if (USER_IS_ADMIN && $category != USER_ID + FIRST_USER_CAT) {
$filepath = 'wpw-' . date("Ymd");
} else {
$filepath = $CONFIG['userpics'] . (USER_ID + FIRST_USER_CAT);
}
$dest_dir = $CONFIG['fullpath'] . $filepath;
if (!is_dir($dest_dir)) {
mkdir($dest_dir, octdec($CONFIG['default_dir_mode']));
if (!is_dir($dest_dir)) {
simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_mkdir'], $dest_dir), __FILE__, __LINE__, true);
}
chmod($dest_dir, octdec($CONFIG['default_dir_mode']));
$fp = fopen($dest_dir . '/index.php', 'w');
fwrite($fp, ' ');
fclose($fp);
}
$dest_dir .= '/';
$filepath .= '/';
} else {
$filepath = $CONFIG['userpics'];
$dest_dir = $CONFIG['fullpath'] . $filepath;
}
// Check that target dir is writable
if (!is_writable($dest_dir)) {
simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['dest_dir_ro'], $dest_dir), __FILE__, __LINE__, true);
}
$matches = array();
//if (get_magic_quotes_gpc()) $_FILES['userpicture']['name'] = stripslashes($_FILES['userpicture']['name']);
//using getRaw as it will be sanitized in the code below in the preg_match. {SaWey}
$filename = $superCage->files->getRaw('/userpicture/name');
if (get_magic_quotes_gpc()) {
$filename = stripslashes($filename);
}
// Replace forbidden chars with underscores
//$picture_name = replace_forbidden($_FILES['userpicture']['name']);
$picture_name = replace_forbidden($filename);
// Check that the file uploaded has a valid extension
if (!preg_match("/(.+)\\.(.*?)\\Z/", $picture_name, $matches)) {
$matches[1] = 'invalid_fname';
$matches[2] = 'xxx';
}
if ($matches[2] == '' || !is_known_filetype($matches)) {
simple_die(ERROR, sprintf($lang_db_input_php['err_invalid_fext'], $CONFIG['allowed_file_extensions']), __FILE__, __LINE__);
}
// Create a unique name for the uploaded file
$nr = 0;
$picture_name = $matches[1] . '.' . $matches[2];
while (file_exists($dest_dir . $picture_name)) {
$picture_name = $matches[1] . '~' . $nr++ . '.' . $matches[2];
}
$uploaded_pic = $dest_dir . $picture_name;
// Move the picture into its final location
if (!move_uploaded_file($superCage->files->getRaw('/userpicture/tmp_name'), $uploaded_pic)) {
simple_die(CRITICAL_ERROR, sprintf($lang_db_input_php['err_move'], $picture_name, $dest_dir), __FILE__, __LINE__, true);
}
// Change file permission
chmod($uploaded_pic, octdec($CONFIG['default_file_mode']));
// Check file size. Delete if it is excessive.
if (filesize($uploaded_pic) > $CONFIG['max_upl_size'] << 10) {
@unlink($uploaded_pic);
simple_die(ERROR, sprintf($lang_db_input_php['err_imgsize_too_large'], $CONFIG['max_upl_size']), __FILE__, __LINE__);
} elseif (is_image($picture_name)) {
// Get picture information
$imginfo = getimagesize($uploaded_pic);
// cpg_getimagesize does not recognize the file as a picture
if ($imginfo == null) {
@unlink($uploaded_pic);
simple_die(ERROR, $lang_db_input_php['err_invalid_img'], __FILE__, __LINE__, true);
}
// JPEG and PNG only are allowed with GD
//if ($imginfo[2] != GIS_JPG && $imginfo[2] != GIS_PNG && ($CONFIG['thumb_method'] == 'gd1' || $CONFIG['thumb_method'] == 'gd2')) {
if ($imginfo[2] != GIS_JPG && $imginfo[2] != GIS_PNG && $CONFIG['GIF_support'] == 0) {
@unlink($uploaded_pic);
simple_die(ERROR, $lang_errors['gd_file_type_err'], __FILE__, __LINE__, true);
}
// Check that picture size (in pixels) is lower than the maximum allowed
if (max($imginfo[0], $imginfo[1]) > $CONFIG['max_upl_width_height']) {
if (USER_IS_ADMIN && $CONFIG['auto_resize'] == 1 || !USER_IS_ADMIN && $CONFIG['auto_resize'] > 0) {
//resize_image($uploaded_pic, $uploaded_pic, $CONFIG['max_upl_width_height'], $CONFIG['thumb_method'], $imginfo[0] > $CONFIG['max_upl_width_height'] ? 'wd' : 'ht');
resize_image($uploaded_pic, $uploaded_pic, $CONFIG['max_upl_width_height'], $CONFIG['thumb_method'], $CONFIG['thumb_use']);
} else {
@unlink($uploaded_pic);
simple_die(ERROR, sprintf($lang_db_input_php['err_fsize_too_large'], $CONFIG['max_upl_width_height'], $CONFIG['max_upl_width_height']), __FILE__, __LINE__);
}
}
}
// Create thumbnail and internediate image and add the image into the DB
$result = add_picture($album, $filepath, $picture_name, $position, $title, $caption, $keywords, $user1, $user2, $user3, $user4, $category);
if ($result !== true) {
@unlink($uploaded_pic);
simple_die(CRITICAL_ERROR, isset($result['error']) ? $result['error'] : sprintf($lang_db_input_php['err_insert_pic'], $uploaded_pic) . '<br /><br />' . $ERROR, __FILE__, __LINE__, true);
} else {
echo "SUCCESS";
exit;
}
}
