return $str; } function getArrayVal(array $array, $name) { if (array_key_exists($name, $array)) { return strip_only_tags($array[$name], "script"); } } error_reporting(0); $pic = getArrayVal($_GET, "pic"); $height = getArrayVal($_GET, "height"); $width = getArrayVal($_GET, "width"); include CL_ROOT . "/include/class.hft_image.php"; $imagehw = GetImageSize($pic); $imagewidth = $imagehw[0]; $imageheight = $imagehw[1]; $myThumb = new hft_image(CL_ROOT . "/" . $pic); $myThumb->jpeg_quality = 80; if (!isset($height)) { $ratio = $imageheight / $imagewidth; $height = $width * $ratio; $height = round($height); } if (!isset($width)) { $ratio = $imagewidth / $imageheight; $width = $height * $ratio; } $myThumb->resize($width, $height, 0); HEADER("Content-Type: image/jpeg"); $myThumb->output_resized("");
DefinedImage::load("$root/upload/orig/$id.$ext") ->resize(320, 240) ->save("$root/upload/small/$id.$ext") ->resize(100, 75) ->save("$root/upload/thumb/$id.$ext"); } */ if (class_exists('hft_image')) { $img = new hft_image("{$root}/upload/orig/{$id}.{$ext}"); $img->resize(320, 240); $img->output_resized("{$root}/upload/small/{$id}.{$ext}"); $img = new hft_image("{$root}/upload/orig/{$id}.{$ext}"); $img->resize(100, 75); $img->output_resized("{$root}/upload/thumb/{$id}.{$ext}"); } else { copy("{$root}/upload/orig/{$id}.{$ext}", "{$root}/upload/small/{$id}.{$ext}"); copy("{$root}/upload/orig/{$id}.{$ext}", "{$root}/upload/thumb/{$id}.{$ext}"); } mysql_query("INSERT INTO errors ( id, name, url, posted )\n VALUES ( '{$id}', '{$_POST['name']}', '{$_POST['url']}', '{$time}' )"); $tags = explode(' ', $_POST['tags']); foreach ($tags as $tag) { $tag = strtolower($tag); $tag = str_replace(',', '', $tag); mysql_query("INSERT INTO errors_tags ( id, tag )\n VALUES ( '{$id}', '{$tag}' )"); } header("Location: {$rootURL}/{$id}"); exit; } }
} if ($FILE['name'] != '') { if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } @copy($FILE['tmp_name'], "icon/news_" . $arr['news']['post_date'] . ".jpg"); $original_image = "icon/news_" . $arr['news']['post_date'] . ".jpg"; $desired_width = _INEWS_W; $desired_height = _INEWS_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("icon/news_" . $arr['news']['post_date'] . ".jpg", "JPG"); $pic = '1'; } else { if ($arr['news']['pic'] == 1) { $pic = '1'; } else { $pic = '0'; } } if ($FILESS['name'] != '') { //·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_NEWS, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . $_POST['HEADLINE'] . "", "detail" => "" . $_POST['DETAIL'] . "", "posted" => "" . $admin_user . "", "post_date" => "" . $arr['news']['post_date'] . "", "update_date" => "" . $arr['news']['post_date'] . "", "attach" => "" . $arr['news']['post_date'] . "_" . $FILESS['name'] . "", "pic" => "" . $pic . "", "enable_comment" => "" . $ENABLE_COMMENT . "", "ran" => "" . $ran . ""), " id=" . $_GET['id'] . ""); $db->closedb(); @copy($FILESS['tmp_name'], "attach/news_" . $arr['news']['post_date'] . "_" . $FILESS['name'] . ""); } else {
exit; } if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('กรุณาใช้ไฟล์นามสกุล jpg เท่านั้น')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } else { @copy($FILE['tmp_name'], "knowledgeicon/" . $knowledge['post_date'] . ".jpg"); $original_image = "knowledgeicon/" . $knowledge['post_date'] . ".jpg"; $desired_width = _IKNOW_W; $desired_height = _IKNOW_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("knowledgeicon/" . $knowledge['post_date'] . ".jpg", "JPG"); } //ทำการแก้ไขข้อมูลลงดาต้าเบส $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_KNOWLEDGE, array("category" => $_POST['CATEGORY'], "topic" => addslashes(htmlspecialchars($_POST['TOPIC'])), "headline" => addslashes(htmlspecialchars($_POST['HEADLINE'])), "posted" => $_SESSION['admin_user'], "update_date" => TIMESTAMP, "enable_comment" => $_POST['ENABLE_COMMENT']), " id='" . $_GET['id'] . "'"); $db->closedb(); //ทำการสร้างไฟล์ text ของข่าวสาร $Filename = $knowledge['post_date'] . ".txt"; $txt_name = "knowledgedata/" . $Filename . ""; $txt_open = @fopen("{$txt_name}", "w"); @fwrite($txt_open, "" . $_POST['DETAIL'] . ""); @fclose($txt_open); $ProcessOutput = "<BR><BR>"; $ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>"; $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการแก้ไขสาระน่ารู้ เข้าสู่ระบบเรียบร้อยแล้ว</B></FONT><BR><BR>"; $ProcessOutput .= "<A HREF=\"?name=admin&file=knowledge\"><B>กลับหน้า จัดการสาระน่ารู้ </B></A>";
//create the image from JPEG file $img = new hft_image($_FILES['bild']['tmp_name']); $origWidth = $img->image_original_width; $origHeight = $img->image_original_height; if ($origWidth < $maxBreite) { $maxBreite = $origWidth; } if ($origHeight < $maxHoehe) { $maxHoehe = $origHeight; } //keep X to Y ratio //so there will be no geometrical distortions: $img->resize($maxBreite, $maxHoehe, "-"); //save the resized image to file //commented to save server load $img->output_resized($_FILES['bild']['tmp_name']); //file-upload war erfolgreich: $pfad = $_FILES['bild']['tmp_name']; $bild_id = setBild($pfad, 'Picture for table card ' . $tableCardId, $img->image_resized_width, $img->image_resized_height, $fileExtension); setTableCardPic($bild_id, $tableCardId); if (!empty($old_id)) { //altes bild loeschen deleteBild($old_id); } } $nachricht = "Das Design der Tischkarte wurde erfolgreich gespeichert."; $nachricht = getUebersetzung($nachricht); $info = true; //back to the edit page: include_once './index.php'; exit;
$width = _IGALLERYT_W; $height = _IGALLERYT_H; $desired_width = $size[0]; $desired_height = $size[1]; if ($desired_width > $width) { $im = $desired_width / $width; $imheight = $desired_height / $im; $image = new hft_image($original_image); $image->resize($width, $imheight, '0'); } else { $im = $size[1] / $height; $imwidth = $size[0] / $im; $image = new hft_image($original_image); $image->resize($imwidth, $height, '0'); } $image->output_resized("images/gallery/gal_" . $CAT . "/thb_" . $_FILES["fileUpload"]['name'][$k] . "", "PNG"); $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->add_db(TB_GALLERY, array("category" => "" . $_POST['CATEGORY'] . "", "posted" => "" . $admin_user . "", "post_date" => "" . TIMESTAMP . "", "pic" => "" . $_FILES["fileUpload"]['name'][$k] . "", "enable_comment" => "1")); $db->closedb(); } else { $ProcessOutput .= "<BR><BR>"; $ProcessOutput .= "<center><font color='red'>" . _ADMIN_GALLERY_MESSAGE_NOUP . " " . $_FILES["fileUpload"]['name'][$k] . " " . _DOWNLOAD_MOD_ERROR2 . "</font><br>"; } } } } } } } $count++; }
if ($FILE['name']) { require "includes/class.resizepic.php"; if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg") { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } else { @copy($FILE['tmp_name'], "icon/webboard_" . TIMESTAMP . ".jpg"); $original_image = "icon/webboard_" . TIMESTAMP . ".jpg"; $desired_width = _IKNOW_W; $desired_height = _IKNOW_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("icon/webboard_" . TIMESTAMP . ".jpg", "JPG"); } $pic = '1'; } else { $pic = '0'; } if ($FILESS['name']) { //·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->add_db(TB_WEBBOARD, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . addslashes(htmlspecialchars($_POST['HEADLINE'])) . "", "headline" => "" . $_POST['DETAIL'] . "", "posted" => "" . $_SESSION['admin_user'] . "", "post_date" => "" . TIMESTAMP . "", "update_date" => "" . TIMESTAMP . "", "attach" => "" . TIMESTAMP . "_" . $FILESS['name'] . "", "pic" => "" . $pic . "", "enable_comment" => "" . $ENABLE_COMMENT . "")); $db->closedb(); @copy($FILESS['tmp_name'], "attach/webboard_" . TIMESTAMP . "_" . $FILESS['name'] . ""); } else { //·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->add_db(TB_WEBBOARD, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . addslashes(htmlspecialchars($_POST['HEADLINE'])) . "", "headline" => "" . $_POST['DETAIL'] . "", "posted" => "" . $_SESSION['admin_user'] . "", "post_date" => "" . TIMESTAMP . "", "update_date" => "" . TIMESTAMP . "", "pic" => "" . $pic . "", "enable_comment" => "" . $ENABLE_COMMENT . ""));
exit; } if ($FILE['type'] == 'image/jpg' || $FILE['type'] == 'image/jpeg' || $FILE['type'] == 'image/pjpeg' || $FILE['type'] == 'image/JPG' || $FILE['type'] == 'image/gif' || $FILE['type'] == 'image/x-png' || $FILE['type'] == 'image/png') { if ($widths > _MEMBER_LIMIT_PICWIDTH) { $images = $FILE["tmp_name"]; $new_images = "members_" . TIMESTAMP . "_" . $FILE["name"]; @copy($FILE["tmp_name"], "icon/members_" . TIMESTAMP . "_" . $FILE["name"]); $original_image = "icon/members_" . TIMESTAMP . "_" . $FILE["name"] . ""; $width = _MEMBER_LIMIT_PICWIDTH; // $size=GetimageSize($images); $im = $widths / $width; $imheight = $heights / $im; $image = new hft_image($original_image); $image->resize($width, $imheight, '0'); if ($FILE['type'] == 'image/jpg' || $FILE['type'] == 'image/jpeg' || $FILE['type'] == 'image/pjpeg' || $FILE['type'] == 'image/JPG') { $image->output_resized("icon/members_" . TIMESTAMP . "_" . $FILE["name"] . "", "JPG"); } if ($FILE['type'] == 'image/gif') { $image->output_resized("icon/members_" . TIMESTAMP . "_" . $FILE["name"] . "", "GIF"); } if ($FILE['type'] == 'image/x-png' || $FILE['type'] == 'image/png') { $image->output_resized("icon/members_" . TIMESTAMP . "_" . $FILE["name"] . "", "PNG"); } $Filenames = "members_" . TIMESTAMP . "_" . $FILE["name"] . ""; } else { @copy($FILE['tmp_name'], "icon/members_" . TIMESTAMP . "_" . $FILE["name"]); $Filenames = "members_" . TIMESTAMP . "_" . $FILE["name"] . ""; } } else { $showmsg = "<br><br><center><font size='3' face='MS Sans Serif'><b>" . _MEMBER_MOD_FORM_JAVA_TYPE_PIC . "</b></font><br><br>\n\t<input type='button' value='" . _MEMBER_MOD_FORM_JAVA_RETERN . "' onclick='history.back();'></center>"; showerror($showmsg);
} } else { $this->error($ERR["NO_IMAGE_FOR_OUTPUT"]); } if (!$res) { $this->error($ERR["UNABLE_TO_OUTPUT"] . " {$destination_file}"); } return $res; } } //END OF IMAGE RESIZE CLASS //TIME TO USE CLASS //PATH TO THE IMAGES DIRECTORY $original_image = $_REQUEST[filename]; $desired_width = $_REQUEST[widthsize]; $desired_height = $_REQUEST[heightsize]; //CHANGE TO DESIRED MAX width x height $maxwidth = 350; $maxheight = 350; //Make sure someone is not maliciously trying to resize large pictures to tie up server. If you have a need to //create larger pics just change the maxwidth and maxheight attributes. if ($desired_width > $maxwidth) { $desired_width = $maxwidth; } if ($desired_height > $maxheight) { $desired_height = $maxheight; } $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '-'); $image->output_resized("", "JPG");
} if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg") { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } else { if (strrchr($filesw_name, ".") == ".zip" || strrchr($filesw_name, ".") == ".ZIP" || strrchr($abstractxx_name, ".") == ".pdf" || strrchr($abstractxx_name, ".") == ".doc" || strrchr($abstractxx_name, ".") == ".xls" || strrchr($abstractxx_name, ".") == ".ppt" || strrchr($abstractxx_name, ".") == ".docx" || strrchr($abstractxx_name, ".") == ".xlsx" || strrchr($abstractxx_name, ".") == ".pptx") { @copy($FILE['tmp_name'], "icon/research_" . TIMESTAMP . ".jpg"); $original_image = "icon/research_" . TIMESTAMP . ".jpg"; $desired_width = _Iresearch_W; $desired_height = _Iresearch_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("icon/research_" . TIMESTAMP . ".jpg", "JPG"); } else { echo "<script language='javascript'>"; echo "alert('" . _WEBBOARD_MESS_TPYE_FILE_NOACC . " .zip .doc , .xls , .ppt , .pdf " . _WEBBOARD_MESS_TPYE_FILE_NOACC1 . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } } if ($login_true) { $dir = $login_true; } else { if ($admin_user) { $dir = $admin_user; } else { $dir = 'guest';
{ createHiddenInput(\'draft\', \'true\'); post(); } ') . ' --> </script>'; break; case 'upload': if ($_FILES['file']['size'] > 0) { if (strpos($_FILES['file']['type'], 'image') !== false) { list($filename, $ext) = explode('.', strtolower($_FILES['file']['name'])); $image = new hft_image($_FILES['file']['tmp_name']); $image->output_original('../upload/' . $filename . '_orig.' . $ext); $image->resize($preferences['thumb_width'], $preferences['thumb_height']); $image->output_resized('../upload/' . $filename . '_thumb.' . $ext); } else { move_uploaded_file($_FILES['file']['tmp_name'], '../upload/' . strtolower($_FILES['file']['name'])); } redirect('?rand=' . rand()); } $page_title = 'Upload'; $content = ' You can upload files up to ' . ini_get('upload_max_filesize') . '. This will be saved en <em>upload</em> folder. To link to your upload file you need to refer as <em>\'upload/filename.ext\'</em>. If you upload an image, it will create two files: <em>\'filename_orig.ext\'</em> and <em>\'filename_thumb.ext\'</em>. <form name="frm" id="frm" action="" method="post" enctype="multipart/form-data"> <label for="file">Upload file</label><input type="file" name="file" id="file" /><br /> <div align="center"><a href="javascript:send();">upload</a> <a href="?rand=' . rand() . '">back</a></div> </form>';
$width = _IGALLERY_W; $height = _IGALLERY_H; $desired_width = $size[0]; $desired_height = $size[1]; if ($desired_width > $width) { $im = $desired_width / $width; $imheight = $desired_height / $im; $image = new hft_image($original_image); $image->resize($width, $imheight, '0'); } else { $im = $size[1] / $height; $imwidth = $size[0] / $im; $image = new hft_image($original_image); $image->resize($imwidth, $height, '0'); } $image->output_resized("modules/filemanager/" . $pathext . "thb_" . $_FILES['uploadedfile']['name'] . "", "PNG"); } else { /* put the file in the directory */ move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $path . $pathext . $_FILES['uploadedfile']['name'] . $OffExt); } } } } } else { $msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>The Filename: " . $_FILES['uploadedfile']['name'] . " is BLOCKED from being uploaded here.</font><p>"; } } else { // $msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>¾×é¹·Õè㹡ÒÃà¡çº¢éÍÁÙÅäÁèà¾Õ§¾Í<br>äÁèÊÒÁÒöÍѾâÅË´ä´é.</font><p>"; $msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>" . _FILEMANAGER_MOD_IMG_NOUP . "</font><p>"; } } else {
require "includes/class.resizepic.php"; $FILE = $_FILES['FILE']; if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('��س��������ʡ�� jpg ��ҹ��')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } else { @copy($FILE['tmp_name'], "usericon/" . $arr[user][post_date] . ".jpg"); $original_image = "usericon/" . $arr[user][post_date] . ".jpg"; $desired_width = _Iuser_W; $desired_height = _Iuser_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("usericon/" . $arr[user][post_date] . ".jpg", "JPG"); } //�ӡ����䢢�����ŧ�ҵ���� $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_user, array("username" => "{$_POST['USERNAME']}", "password" => "{$NewPass}", "name" => "{$_POST['NAME']}", "email" => "{$_POST['EMAIL']}", "level" => "{$_POST['LEVEL']}", "address" => "{$_POST['ADDRESS']}", "update_date" => "" . TIMESTAMP . "", "tel" => "{$_POST['TEL']}"), " id='{$_GET['id']}' "); $db->closedb(); $ProcessOutput .= "<BR><BR>"; $ProcessOutput .= "<CENTER><A HREF=\"" . $URLre . "\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>"; $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>��ӡ����䢢��������º��������</B></FONT><BR><BR>"; $ProcessOutput .= "<A HREF=\"" . $URLre . "\"><B>��Ѻ�˹�Ҵ����к�</B></A>"; $ProcessOutput .= "</CENTER>"; $ProcessOutput .= "<BR><BR>"; } } else { //�ó�����ҹ $ProcessOutput = $PermissionFalse;
if ($FILE['tmp_name'] != '') { if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } else { require "includes/class.resizepic.php"; @copy($FILE['tmp_name'], "icon/download_" . $arr['download']['post_date'] . ".jpg"); $original_image = "icon/download_" . $arr['download']['post_date'] . ".jpg"; $desired_width = _Idownload_W; $desired_height = _Idownload_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("icon/download_" . $arr['download']['post_date'] . ".jpg", "JPG"); } } if ($FILES['tmp_name'] != '') { @unlink("data/download_" . $arr['download']['full_text']); if ($upload = copy($FILES['tmp_name'], "data/download_" . TIMESTAMP . "_" . $FILES['name'] . "")) { } else { print "<center><font color='red'>" . _ADMIN_DOWNLOAD_FORM_ERROR_UPLOAD . " " . $FILES['name'] . " " . _ADMIN_DOWNLOAD_FORM_ERROR_UPLOAD1 . "</font></center><br>"; } $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_DOWNLOAD, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . addslashes(htmlspecialchars($_POST['HEADLINE'])) . "", "detail" => "" . $_POST['DETAIL'] . "", "posted" => "" . $admin_user . "", "update_date" => "" . TIMESTAMP . "", "enable_comment" => "" . $ENABLE_COMMENT . "", "full_text" => "" . TIMESTAMP . "_" . $FILES['name'] . "", "type" => "" . $FILES['type'] . "", "size" => "" . $FILES['size'] . ""), " id='" . $_GET['id'] . "' "); $db->closedb(); } else { //·Ó¡ÒÃá¡é䢢éÍÁÙÅŧ´ÒµéÒàºÊ $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_DOWNLOAD, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . addslashes(htmlspecialchars($_POST['HEADLINE'])) . "", "detail" => "" . $_POST['DETAIL'] . "", "posted" => "" . $admin_user . "", "update_date" => "" . TIMESTAMP . "", "enable_comment" => "" . $ENABLE_COMMENT . ""), " id='" . $_GET['id'] . "' ");
$orig = $uploaddir . $uploadfile; } require_once "hft_image.php"; $img = new hft_image($orig); $img->resize(600, 600, "-"); $x = strlen($orig) - 4; $ext = substr($orig, $x, 4); $fname = substr($orig, 0, $x); $outputfile = $fname . $ext; $img->output_resized($outputfile); $outputfile = substr($outputfile, -14); $originfilename = substr($fname . $ext, -14); $img = new hft_image($orig); $img->resize(250, 250, "-"); $outputfiletmb = $fname . '_tmb' . $ext; $img->output_resized($outputfiletmb); $outputfiletmb = substr($outputfiletmb, -18); $beszuras = 'Update kep Set kicsi="' . $outputfiletmb . '", nagy="' . $originfilename . '", megjegyzes="' . $felirat . '" where id=3;'; mysql_query("{$beszuras}", $abc); } if ($in = 4) { $felirat = $_POST["text1"]; $beszuras = 'Update kep Set megjegyzes="' . $felirat . '" where id=3;'; mysql_query("{$beszuras}", $abc); } if ($in = 5) { $felirat = $_POST["text2"]; $beszuras = 'Update kep Set megjegyzes="' . $felirat . '" where id=3;'; mysql_query("{$beszuras}", $abc); } if ($in = 6) {
if ($FILE['name']) { require "includes/class.resizepic.php"; if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } @copy($FILE['tmp_name'], "icon/blog_" . $arr['blog']['post_date'] . "_" . $arr['blog']['posted'] . ".jpg"); $original_image = "icon/blog_" . $arr['blog']['post_date'] . "_" . $arr['blog']['posted'] . ".jpg"; $desired_width = _Iblog_W; $desired_height = _Iblog_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("icon/blog_" . $arr['blog']['post_date'] . "_" . $arr['blog']['posted'] . ".jpg", "JPG"); $pic = '1'; } else { $pic = '1'; } if ($FILESS['name']) { $abstractxx_name = $FILESS['tmp_name']; if (strrchr($abstractxx_name, ".") == ".pdf" || strrchr($abstractxx_name, ".") == ".doc" || strrchr($abstractxx_name, ".") == ".xls" || strrchr($abstractxx_name, ".") == ".ppt" || strrchr($abstractxx_name, ".") == ".docx" || strrchr($abstractxx_name, ".") == ".xlsx" || strrchr($abstractxx_name, ".") == ".pptx" || strrchr($abstractxx_name, ".") == ".zip" || strrchr($abstractxx_name, ".") == ".rar" || strrchr($abstractxx_name, ".") == ".tar.gz") { // copy($_FILES['abstractxx']['tmp_name'], "data/download_".TIMESTAMP."_".$FILES['name'].""); @copy($FILESS['tmp_name'], "attach/blog_" . TIMESTAMP . "_" . $FILESS['name'] . ""); } else { echo "<script language='javascript'>"; echo "alert('" . _WEBBOARD_MESS_TPYE_FILE_NOACC . " .doc , .xls , .ppt , .pdf , .zip , .tar.gz , .rar " . _WEBBOARD_MESS_TPYE_FILE_NOACC1 . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit;
} if ($FILE != '') { if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } else { @copy($FILE['tmp_name'], "icon/research_" . $arr['research']['post_date'] . ".jpg"); $original_image = "icon/research_" . $arr['research']['post_date'] . ".jpg"; $desired_width = _Iresearch_W; $desired_height = _Iresearch_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("icon/research_" . $arr['research']['post_date'] . ".jpg", "JPG"); } } $dir = "" . $arr['research']['posted'] . "" . $arr['research']['post_date'] . ""; if ($filesw['name'] != '' && $abstractxx['name'] != '') { if ($upload = copy($filesw['tmp_name'], "data/research_" . TIMESTAMP . "_" . $filesw['name'] . "")) { } else { print "<center><font color='red'>" . _RESEARCH_MOD_ADD_NOUP_PIC . " {$filesw} " . _RESEARCH_MOD_ADD_NOUP_PIC1 . "</font></center><br>"; } unlink($filesw); if ($upload = copy($abstractxx['tmp_name'], "data/research_" . TIMESTAMP . "_" . $abstractxx['name'] . "")) { } else { print "<center><font color='red'>" . _RESEARCH_MOD_ADD_NOUP_PIC . " {$abstractxx} " . _RESEARCH_MOD_ADD_NOUP_PIC1 . "</font></center><br>"; } unlink($abstractxx_name); //·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ
} if ($FILE['name'] != '') { if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } @copy($FILE['tmp_name'], "images/icon/news_" . TIMESTAMP . ".jpg"); $original_image = "images/icon/news_" . TIMESTAMP . ".jpg"; $desired_width = _INEWS_W; $desired_height = _INEWS_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("images/icon/news_" . TIMESTAMP . ".jpg", "JPG"); $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_NEWS_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . "", "icon" => "news_" . TIMESTAMP . ".jpg"), " id=" . $_GET['id'] . " "); $db->closedb(); } else { $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_NEWS_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . ""), " id=" . $_GET['id'] . " "); $db->closedb(); } $ProcessOutput = "<BR><BR>"; $ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>"; $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_NEW_MESSAGE_CAT_EDIT . "</B></FONT><BR><BR>"; $ProcessOutput .= "<A HREF=\"?name=admin&file=news_category\"><B>" . _ADMIN_NEW_MESSAGE_CAT_GOBACK . "</B></A>"; $ProcessOutput .= "</CENTER>"; $ProcessOutput .= "<BR><BR>"; } else {
$width = _IPERTHB_W; $height = _IPERTHB_H; $desired_width = $size['0']; $desired_height = $size['1']; if ($desired_width > $width) { $im = $desired_width / $width; $imheight = $desired_height / $im; $image = new hft_image($original_image); $image->resize($width, $imheight, '0'); } else { $im = $size['1'] / $height; $imwidth = $size['0'] / $im; $image = new hft_image($original_image); $image->resize($imwidth, $height, '0'); } $image->output_resized("images/personnel/thb_" . TIMESTAMP . "_" . $namepic_name . "", "PNG"); } } } $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_personnel, array("p_name" => "" . $_POST['NAME'] . "", "p_position" => "" . $_POST['POST'] . "", "p_data" => "" . $_POST['DATAS'] . "", "p_add" => "" . $_POST['ADD'] . "", "p_tel" => "" . $_POST['TEL'] . "", "p_mail" => "" . $_POST['EMAIL'] . "", "p_pic" => "" . TIMESTAMP . "_" . $FILESS['name'] . "", "boss" => "" . $_POST['BOSS'] . ""), " id='" . $_GET['id'] . "' "); $db->closedb(); $ProcessOutput .= "<BR><BR>"; $ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>"; $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_PERSONNEL_MESSAGE_EDIT_MEM . "</B></FONT><BR><BR>"; $ProcessOutput .= "<A HREF=\"?name=admin&file=personnel\"><B>" . _ADMIN_PERSONNEL_MESSAGE_GOBACK . "</B></A>"; $ProcessOutput .= "</CENTER>"; $ProcessOutput .= "<BR><BR>"; } } else { $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
} if ($FILE['name'] != '') { if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } @copy($FILE['tmp_name'], "images/icon/download_" . TIMESTAMP . ".jpg"); $original_image = "images/icon/download_" . TIMESTAMP . ".jpg"; $desired_width = _INEWS_W; $desired_height = _INEWS_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("images/icon/download_" . TIMESTAMP . ".jpg", "JPG"); $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_DOWNLOAD_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . "", "icon" => "download_" . TIMESTAMP . ".jpg"), " id=" . $_GET['id'] . " "); $db->closedb(); } else { $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_DOWNLOAD_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . ""), " id=" . $_GET['id'] . " "); $db->closedb(); } $ProcessOutput = "<BR><BR>"; $ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>"; $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_DOWNLOAD_MESSAGE_EDIT_CAT . "</B></FONT><BR><BR>"; $ProcessOutput .= "<A HREF=\"?name=admin&file=download_category\"><B>" . _ADMIN_DOWNLOAD_MESSAGE_GOBACK_CAT . "</B></A>"; $ProcessOutput .= "</CENTER>"; $ProcessOutput .= "<BR><BR>"; } else {
$width = _IVIDEOT_W; $height = _IVIDEOT_H; $desired_width = $size[0]; $desired_height = $size[1]; if ($desired_width > $width) { $im = $desired_width / $width; $imheight = $desired_height / $im; $image = new hft_image($original_image); $image->resize($width, $imheight, '0'); } else { $im = $size[1] / $height; $imwidth = $size[0] / $im; $image = new hft_image($original_image); $image->resize($imwidth, $height, '0'); } $image->output_resized(str_replace('//', '/', $targetPath) . "thb_" . TIMESTAMP . "_" . $_FILES['Filedata']['name'] . "", "PNG"); $db->add_db(TB_VIDEO, array("category" => "" . $_POST['cat'] . "", "topic" => "" . $topic . "", "detail" => "" . $detail . "", "posted" => "" . $_POST['admin'] . "", "post_date" => "" . TIMESTAMP . "", "pic" => "thb_" . TIMESTAMP . "_" . $_FILES['Filedata']['name'] . "", "enable_comment" => "1", "youtube" => "0")); unlink($targetFile); } } } } else { //copy($_FILES['Filedata']['tmp_name'], "video/thumbs/".TIMESTAMP."_".$_FILES['Filedata']['name']."")) move_uploaded_file($tempFile, $targetFile); echo str_replace($_SERVER['DOCUMENT_ROOT'], '', $targetFile); $db->add_db(TB_VIDEO, array("category" => "" . $_POST['cat'] . "", "topic" => "" . $topic . "", "detail" => "" . $detail . "", "posted" => "" . $_POST['admin'] . "", "post_date" => "" . TIMESTAMP . "", "pic" => "" . TIMESTAMP . "_" . $_FILES['Filedata']['name'] . "", "enable_comment" => "1", "youtube" => "0")); } } } else { $tempFile = $_FILES['Filedata']['tmp_name']; if (strchr($_FILES['Filedata']['name'], ".") == ".mpg" || strchr($_FILES['Filedata']['name'], ".") == ".mov" || strchr($_FILES['Filedata']['name'], ".") == ".avi" || strchr($_FILES['Filedata']['name'], ".") == ".wmv" || strchr($_FILES['Filedata']['name'], ".") == ".MP4" || strchr($_FILES['Filedata']['name'], ".") == ".flv") {
} if ($FILE['name'] != '') { if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } @copy($FILE['tmp_name'], "images/icon/knowledge_" . TIMESTAMP . ".jpg"); $original_image = "images/icon/knowledge_" . TIMESTAMP . ".jpg"; $desired_width = _IKNOW_W; $desired_height = _IKNOW_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("images/icon/knowledge_" . TIMESTAMP . ".jpg", "JPG"); $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_KNOWLEDGE_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . "", "icon" => "knowledge_" . TIMESTAMP . ".jpg"), " id=" . $_GET['id'] . " "); $db->closedb(); } else { $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_KNOWLEDGE_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . ""), " id=" . $_GET['id'] . " "); $db->closedb(); } $ProcessOutput = "<BR><BR>"; $ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>"; $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_KNOWLEDGE_MESSAGE_CAT_EDIT . "</B></FONT><BR><BR>"; $ProcessOutput .= "<A HREF=\"?name=admin&file=knowledge_category\"><B>" . _ADMIN_KNOWLEDGE_MESSAGE_CAT_GOBACK . "</B></A>"; $ProcessOutput .= "</CENTER>"; $ProcessOutput .= "<BR><BR>"; } else {
exit; } if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('กรุณาใช้ไฟล์นามสกุล jpg เท่านั้น')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } else { @copy($FILE['tmp_name'], "newsicon/" . $news['post_date'] . ".jpg"); $original_image = "newsicon/" . $news['post_date'] . ".jpg"; $desired_width = _INEWS_W; $desired_height = _INEWS_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("newsicon/" . $news['post_date'] . ".jpg", "JPG"); } //ทำการแก้ไขข้อมูลลงดาต้าเบส $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_NEWS, array("category" => $_POST['CATEGORY'], "topic" => addslashes(htmlspecialchars($_POST['TOPIC'])), "headline" => addslashes(htmlspecialchars($_POST['HEADLINE'])), "posted" => $_SESSION['admin_user'], "update_date" => TIMESTAMP, "enable_comment" => $_POST['ENABLE_COMMENT']), " id= " . intval($_GET['id'])); $db->closedb(); //ทำการสร้างไฟล์ text ของข่าวสาร $Filename = $news['post_date'] . ".txt"; $txt_name = "newsdata/" . $Filename . ""; $txt_open = @fopen("{$txt_name}", "w"); @fwrite($txt_open, "" . $_POST['DETAIL'] . ""); @fclose($txt_open); $ProcessOutput = "<BR><BR>"; $ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>"; $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการแก้ไขข่าวสาร / ประชาสัมพันธ์ เข้าสู่ระบบเรียบร้อยแล้ว</B></FONT><BR><BR>"; $ProcessOutput .= "<A HREF=\"?name=admin&file=news\"><B>กลับหน้า จัดการข่าวสาร / ประชาสัมพันธ์ </B></A>";
if ($FILE['name']) { require "includes/class.resizepic.php"; if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.back()</script>"; exit; } @copy($FILE['tmp_name'], "icon/knowledge_" . $arr['knowledge']['post_date'] . ".jpg"); $original_image = "icon/knowledge_" . $arr['knowledge']['post_date'] . ".jpg"; $desired_width = _IKNOW_W; $desired_height = _IKNOW_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("icon/knowledge_" . $arr['knowledge']['post_date'] . ".jpg", "JPG"); $pic = '1'; } else { if ($arr['knowledge']['pic'] == 1) { $pic = '1'; } else { $pic = '0'; } } if ($FILESS['name']) { //·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_KNOWLEDGE, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . $_POST['HEADLINE'] . "", "detail" => "" . $_POST['DETAIL'] . "", "posted" => "" . $_SESSION['admin_user'] . "", "post_date" => "" . $arr['knowledge']['post_date'] . "", "update_date" => "" . $arr['knowledge']['post_date'] . "", "attach" => "" . $arr['knowledge']['post_date'] . "_" . $FILESS['name'] . "", "pic" => "" . $pic . "", "enable_comment" => "" . $ENABLE_COMMENT . ""), " id=" . $_GET['id'] . ""); $db->closedb(); @copy($FILESS['tmp_name'], "attach/knowledge_" . $arr['knowledge']['post_date'] . "_" . $FILESS['name'] . ""); } else {
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg") { echo "<script language='javascript'>"; echo "alert('" . _JAVA_IMG_ACC . "')"; echo "</script>"; echo "<script language='javascript'>javascript:history.go(-1)</script>"; // echo "$namepic_name<br>"; exit; } else { $filepic = $FILE['tmp_name']; @copy($FILE['tmp_name'], "icon/admin_" . TIMESTAMP . "_" . $namepic_name . ""); $original_image = "icon/admin_" . TIMESTAMP . "_" . $namepic_name . ""; $desired_width = _Iadmin_W; $desired_height = _Iadmin_H; $image = new hft_image($original_image); $image->resize($desired_width, $desired_height, '0'); $image->output_resized("icon/admin_" . TIMESTAMP . "_" . $namepic_name . "", "JPG"); } //·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_ADMIN, array("username" => "" . $_POST['USERNAME'] . "", "password" => "" . $NewPass . "", "name" => "" . $_POST['NAME'] . "", "email" => "" . $_POST['EMAIL'] . "", "picture" => "admin_" . TIMESTAMP . "_" . $namepic_name . ""), " id='" . $_GET['id'] . "' "); $db->update_db(TB_MEMBER, array("user" => "" . $_POST['USERNAME'] . "", "password" => "" . $NewPass . "", "name" => "" . $_POST['NAME'] . "", "email" => "" . $_POST['EMAIL'] . "", "member_pic" => "admin_" . TIMESTAMP . "_" . $namepic_name . ""), " user='******'USERNAME_OLD'] . "' "); } else { //·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ $db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD); $db->update_db(TB_ADMIN, array("username" => "" . $_POST['USERNAME'] . "", "password" => "" . $NewPass . "", "name" => "" . $_POST['NAME'] . "", "email" => "" . $_POST['EMAIL'] . ""), " id='" . $_GET['id'] . "' "); $db->update_db(TB_MEMBER, array("user" => "" . $_POST['USERNAME'] . "", "password" => "" . $NewPass . "", "name" => "" . $_POST['NAME'] . "", "email" => "" . $_POST['EMAIL'] . ""), " user='******'USERNAME_OLD'] . "' "); } $db->closedb(); $ProcessOutput = "<BR><BR>"; $ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>"; $ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_USER_MESSAGE_EDIT . "</B></FONT><BR><BR>";