$set[idf_escape($cols[$i])] = $col == "" && $fields[$cols[$i]]["null"] ? "NULL" : q(str_replace('""', '"', preg_replace('~^"|"$~', '', $col))); } $result = insert_update($TABLE, $set, $primary); if (!$result) { break; } } } if ($result) { queries("COMMIT"); } queries_redirect(remove_from_uri("page"), lang('%d row(s) have been imported.', $affected), $result); queries("ROLLBACK"); // after queries_redirect() to not overwrite error } else { $error = upload_error($file); } } } $table_name = $adminer->tableName($table_status); if (is_ajax()) { // needs to send headers ob_start(); } page_header(lang('Select') . ": {$table_name}", $error); $set = null; if (isset($rights["insert"])) { $set = ""; foreach ((array) $_GET["where"] as $val) { if (count($foreign_keys[$val["col"]]) == 1 && ($val["op"] == "=" || !$val["op"] && !ereg('[_%]', $val["val"]))) { $set .= "&set" . urlencode("[" . bracket_escape($val["col"]) . "]") . "=" . urlencode($val["val"]);
function attach_upload($varname = 'attach', $multi = 0) { global $db, $tablepre, $extension, $typemaxsize, $allowsetattachperm, $attachperm, $maxprice, $attachprice, $attachdesc, $attachsave, $attachdir, $thumbstatus, $thumbwidth, $thumbheight, $maxattachsize, $maxsizeperday, $maxattachnum, $attachextensions, $watermarkstatus, $watermarktype, $watermarktrans, $watermarkquality, $watermarktext, $_FILES, $discuz_uid, $imageexists; $attachments = $attacharray = array(); $imageexists = 0; static $safeext = array('jpg', 'jpeg', 'gif', 'png', 'swf', 'bmp', 'txt', 'zip', 'rar', 'doc', 'mp3'); static $imgext = array('jpg', 'jpeg', 'gif', 'png', 'bmp'); if ($multi) { if (isset($_FILES[$varname]) && is_array($_FILES[$varname])) { foreach ($_FILES[$varname] as $key => $var) { foreach ($var as $id => $val) { $attachments[$id][$key] = $val; } } } } else { $attachments[0] = $_FILES[$varname]; } if (empty($attachments)) { return FALSE; } $allowuploadnum = count($attachments); if ($maxattachnum) { $allowuploadnum = $maxattachnum - $db->result_first("SELECT count(*) FROM {$tablepre}attachments WHERE uid='{$GLOBALS['discuz_uid']}' AND dateline>'{$GLOBALS['timestamp']}'-86400"); $allowuploadnum = $allowuploadnum < 0 ? 0 : $allowuploadnum; } foreach ($attachments as $key => $attach) { $attach_saved = false; $attach['uid'] = $discuz_uid; if ($allowuploadnum == 0 || !disuploadedfile($attach['tmp_name']) || !($attach['tmp_name'] != 'none' && $attach['tmp_name'] && $attach['name'])) { continue; } $filename = daddslashes($attach['name']); $attach['ext'] = strtolower(fileext($attach['name'])); $extension = in_array($attach['ext'], $safeext) ? $attach['ext'] : 'attach'; if (in_array($attach['ext'], $imgext)) { $attach['isimage'] = $attach['isimage'] ? $attach['isimage'] : 1; $imageexists = 1; } else { $attach['isimage'] = 0; } $attach['thumb'] = 0; $attach['name'] = htmlspecialchars($attach['name'], ENT_QUOTES); if (strlen($attach['name']) > 90) { $attach['name'] = 'abbr_' . md5($attach['name']) . '.' . $attach['ext']; } if ($attachextensions && (!preg_match("/(^|\\s|,)" . preg_quote($attach['ext'], '/') . "(\$|\\s|,)/i", $attachextensions) || !$attach['ext'])) { if ($multi) { upload_error('post_attachment_ext_notallowed', $attacharray); } else { return 1; } } if (empty($attach['size'])) { if ($multi) { upload_error('post_attachment_size_invalid', $attacharray); } else { return 2; } } if ($maxattachsize && $attach['size'] > $maxattachsize) { if ($multi) { upload_error('post_attachment_toobig', $attacharray); } else { return 3; } } if ($type = $db->fetch_first("SELECT maxsize FROM {$tablepre}attachtypes WHERE extension='" . addslashes($attach['ext']) . "'")) { if ($type['maxsize'] == 0) { if ($multi) { upload_error('post_attachment_ext_notallowed', $attacharray); } else { return 4; } } elseif ($attach['size'] > $type['maxsize']) { require_once DISCUZ_ROOT . './include/attachment.func.php'; $typemaxsize = sizecount($type['maxsize']); if ($multi) { upload_error('post_attachment_type_toobig', $attacharray); } else { return 5; } } } if ($attach['size'] && $maxsizeperday) { if (!isset($todaysize)) { $todaysize = intval($db->result_first("SELECT SUM(filesize) FROM {$tablepre}attachments\r\n\t\t\t\t\tWHERE uid='{$GLOBALS['discuz_uid']}' AND dateline>'{$GLOBALS['timestamp']}'-86400")); } $todaysize += $attach['size']; if ($todaysize >= $maxsizeperday) { $maxsizeperday = $maxsizeperday / 1048576 >= 1 ? round($maxsizeperday / 1048576, 1) . 'MB' : round($maxsizeperday / 1024) . 'KB'; if ($multi) { upload_error('post_attachment_quota_exceed', $attacharray); } else { return 6; } } } if ($attachsave) { if ($multi) { switch ($attachsave) { case 1: $attach_subdir = 'forumid_' . $GLOBALS['fid']; break; case 2: $attach_subdir = 'ext_' . $extension; break; case 3: $attach_subdir = 'month_' . date('ym'); break; case 4: $attach_subdir = 'day_' . date('ymd'); break; } } else { $attach_subdir = 'swfupload'; } $attach_dir = $attachdir . '/' . $attach_subdir; if (!is_dir($attach_dir)) { @mkdir($attach_dir, 0777); @fclose(fopen($attach_dir . '/index.htm', 'w')); } $attach['attachment'] = $attach_subdir . '/'; } else { $attach['attachment'] = ''; } $attach['attachment'] .= preg_replace("/(php|phtml|php3|php4|jsp|exe|dll|asp|cer|asa|shtml|shtm|aspx|asax|cgi|fcgi|pl)(\\.|\$)/i", "_\\1\\2", date('ymdHi') . substr(md5($filename . microtime() . random(6)), 8, 16) . '.' . $extension); $target = $attachdir . '/' . $attach['attachment']; if (@copy($attach['tmp_name'], $target) || function_exists('move_uploaded_file') && @move_uploaded_file($attach['tmp_name'], $target)) { @unlink($attach['tmp_name']); $attach_saved = true; } if (!$attach_saved && @is_readable($attach['tmp_name'])) { @($fp = fopen($attach['tmp_name'], 'rb')); @flock($fp, 2); @($attachedfile = fread($fp, $attach['size'])); @fclose($fp); @($fp = fopen($target, 'wb')); @flock($fp, 2); if (@fwrite($fp, $attachedfile)) { @unlink($attach['tmp_name']); $attach_saved = true; } @fclose($fp); } if ($attach_saved) { @chmod($target, 0644); $width = $height = $type = 0; if ($attach['isimage'] || $attach['ext'] == 'swf') { $imagesize = @getimagesize($target); list($width, $height, $type) = (array) $imagesize; $size = $width * $height; if ($size > 16777216 || $size < 4 || empty($type) || $attach['isimage'] && !in_array($type, array(1, 2, 3, 6, 13))) { @unlink($target); if ($multi) { upload_error('post_attachment_image_checkerror', $attacharray); } else { return 7; } } } if ($attach['isimage'] && ($thumbstatus || $watermarkstatus)) { require_once DISCUZ_ROOT . './include/image.class.php'; $image = new Image($target, $attach); if ($image->imagecreatefromfunc && $image->imagefunc) { $image->Thumb($thumbwidth, $thumbheight); $multi && $image->Watermark(); $attach = $image->attach; } } $attach['width'] = 0; if ($attach['isimage'] || $attach['ext'] == 'swf') { $imagesize = @getimagesize($target); list($width) = (array) $imagesize; $attach['width'] = $width; } $attach['remote'] = $multi ? ftpupload($target, $attach) : 0; $attach['perm'] = $allowsetattachperm ? intval($attachperm[$key]) : 0; $attach['description'] = cutstr(dhtmlspecialchars($attachdesc[$key]), 100); $attach['price'] = $maxprice ? intval($attachprice[$key]) <= $maxprice ? intval($attachprice[$key]) : $maxprice : 0; $attacharray[$key] = $attach; $allowuploadnum--; } else { if ($multi) { upload_error('post_attachment_save_error', $attacharray); } else { return 8; } } } return !empty($attacharray) ? $attacharray : false; }
$offset = 0; } } } } if ($empty) { echo "<p class='message'>" . lang('No commands to execute.') . "\n"; } elseif ($_POST["only_errors"]) { echo "<p class='message'>" . lang('%d query(s) executed OK.', $commands - count($errors)); echo " <span class='time'>(" . format_time($total_start) . ")</span>\n"; } elseif ($errors && $commands > 1) { echo "<p class='error'>" . lang('Error in query') . ": " . implode("", $errors) . "\n"; } //! MS SQL - SET SHOWPLAN_ALL OFF } else { echo "<p class='error'>" . upload_error($query) . "\n"; } } ?> <form action="" method="post" enctype="multipart/form-data" id="form"> <?php $execute = "<input type='submit' value='" . lang('Execute') . "' title='Ctrl+Enter'>"; if (!isset($_GET["import"])) { $q = $_GET["sql"]; // overwrite $q from if ($_POST) to save memory if ($_POST) { $q = $_POST["query"]; } elseif ($_GET["history"] == "all") { $q = $history; } elseif ($_GET["history"] != "") {
} } } } //Check file size $file_size = @filesize($_FILES['Filedata']["tmp_name"]); if (!$file_size || $file_size > $max_file_size_in_bytes) { upload_error("File exceeds the maximum allowed size"); exit(0); } //Checking file type $types_array = preg_replace('/,/', ' ', $types); $types_array = explode(' ', $types_array); $file_ext = strtolower(getExt($_FILES['Filedata']['name'])); if (!in_array($file_ext, $types_array)) { upload_error("Invalid file extension"); exit(0); } move_uploaded_file($tempFile, $targetFile); $Upload->add_conversion_queue($targetFileName, $file_directory); //exec(php_path()." -q ".BASEDIR."/actions/video_convert.php &> /dev/null &"); if (stristr(PHP_OS, 'WIN')) { exec(php_path() . " -q " . BASEDIR . "/actions/video_convert.php {$targetFileName}"); } else { exec(php_path() . " -q " . BASEDIR . "/actions/video_convert.php {$targetFileName} &> /dev/null &"); } $status_array['success'] = 'yes'; $status_array['file_name'] = $file_name; echo json_encode($status_array); //function used to display error function upload_error($error)
<input name="search" type="text" size="40" maxlength="50" required/> <input type="submit" name="Submit" value="Search"/><br><hr> </form> <!-- This is our logout button --> <a href='logout.php' style="color:#000000;">Log Out</a> <!-- This is our browse button <a href='browse_category.php' style="color:#000000;">Browse</a> **will be a dropdown listing all categories or something I assume--> <!-- This is our upload media button --> <a href='media_upload.php' style="color:#000000;">Upload File</a> <div id='upload_result'> <?php if (isset($_REQUEST['result']) && $_REQUEST['result'] != 0) { echo upload_error($_REQUEST['result']); } ?> </div> <br/><br/> <?php $query = "SELECT * from media"; $result = mysql_query($query); if (!$result) { die("Could not query the media table in the database: <br />" . mysql_error()); } ?>
if (strcasecmp($extension, $ext) == 0) { $valid_extension = true; break; } } if (!$valid_extension) { upload_error("Invalid file extension"); exit(0); } $filename = $cbphoto->create_filename(); $date_dir = createDateFolder(PHOTOS_DIR) . '/'; //Now uploading the file if (move_uploaded_file($_FILES[$form]['tmp_name'], $path . $date_dir . $filename . "." . $extension)) { echo json_encode(array("success" => "yes", "filename" => $filename, "extension" => $extension)); } else { upload_error("File could not be saved."); exit(0); } break; case 'upload_photo': header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT"); header("Cache-Control: no-store, no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); $targetDir = PHOTOS_DIR; $date_folders = $_REQUEST['file_directory']; $targetDir .= '/' . $date_folders; $cleanupTargetDir = true; // Remove old files $maxFileAge = 5 * 3600;
// Called by APC plugin to get info on current upload // Called by APC plugin to get info on current upload case 'get_upload_progress': get_upload_progress(); break; case 'upload_init': upload_init(); break; case 'upload_chunk': upload_chunk(); break; case 'upload_finished': upload_finished(); break; case 'upload_error': upload_error(); break; case 'edit_asset': asset_edit(); break; case 'asset_downloadable_set': asset_downloadable_set(); break; case 'delete_asset': asset_delete(); break; case 'move_asset': asset_move(); break; //move asset from album -priv to -pub //move asset from album -priv to -pub