return $str;
}
function getArrayVal(array $array, $name)
{
if (array_key_exists($name, $array)) {
return strip_only_tags($array[$name], "script");
}
}
error_reporting(0);
$pic = getArrayVal($_GET, "pic");
$height = getArrayVal($_GET, "height");
$width = getArrayVal($_GET, "width");
include CL_ROOT . "/include/class.hft_image.php";
$imagehw = GetImageSize($pic);
$imagewidth = $imagehw[0];
$imageheight = $imagehw[1];
$myThumb = new hft_image(CL_ROOT . "/" . $pic);
$myThumb->jpeg_quality = 80;
if (!isset($height)) {
$ratio = $imageheight / $imagewidth;
$height = $width * $ratio;
$height = round($height);
}
if (!isset($width)) {
$ratio = $imagewidth / $imageheight;
$width = $height * $ratio;
}
$myThumb->resize($width, $height, 0);
HEADER("Content-Type: image/jpeg");
$myThumb->output_resized("");
DefinedImage::load("$root/upload/orig/$id.$ext")
->resize(320, 240)
->save("$root/upload/small/$id.$ext")
->resize(100, 75)
->save("$root/upload/thumb/$id.$ext");
}
*/
if (class_exists('hft_image')) {
$img = new hft_image("{$root}/upload/orig/{$id}.{$ext}");
$img->resize(320, 240);
$img->output_resized("{$root}/upload/small/{$id}.{$ext}");
$img = new hft_image("{$root}/upload/orig/{$id}.{$ext}");
$img->resize(100, 75);
$img->output_resized("{$root}/upload/thumb/{$id}.{$ext}");
} else {
copy("{$root}/upload/orig/{$id}.{$ext}", "{$root}/upload/small/{$id}.{$ext}");
copy("{$root}/upload/orig/{$id}.{$ext}", "{$root}/upload/thumb/{$id}.{$ext}");
}
mysql_query("INSERT INTO errors ( id, name, url, posted )\n VALUES ( '{$id}', '{$_POST['name']}', '{$_POST['url']}', '{$time}' )");
$tags = explode(' ', $_POST['tags']);
foreach ($tags as $tag) {
$tag = strtolower($tag);
$tag = str_replace(',', '', $tag);
mysql_query("INSERT INTO errors_tags ( id, tag )\n VALUES ( '{$id}', '{$tag}' )");
}
header("Location: {$rootURL}/{$id}");
exit;
}
}
}
if ($FILE['name'] != '') {
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
}
@copy($FILE['tmp_name'], "icon/news_" . $arr['news']['post_date'] . ".jpg");
$original_image = "icon/news_" . $arr['news']['post_date'] . ".jpg";
$desired_width = _INEWS_W;
$desired_height = _INEWS_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("icon/news_" . $arr['news']['post_date'] . ".jpg", "JPG");
$pic = '1';
} else {
if ($arr['news']['pic'] == 1) {
$pic = '1';
} else {
$pic = '0';
}
}
if ($FILESS['name'] != '') {
//·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_NEWS, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . $_POST['HEADLINE'] . "", "detail" => "" . $_POST['DETAIL'] . "", "posted" => "" . $admin_user . "", "post_date" => "" . $arr['news']['post_date'] . "", "update_date" => "" . $arr['news']['post_date'] . "", "attach" => "" . $arr['news']['post_date'] . "_" . $FILESS['name'] . "", "pic" => "" . $pic . "", "enable_comment" => "" . $ENABLE_COMMENT . "", "ran" => "" . $ran . ""), " id=" . $_GET['id'] . "");
$db->closedb();
@copy($FILESS['tmp_name'], "attach/news_" . $arr['news']['post_date'] . "_" . $FILESS['name'] . "");
} else {
exit;
}
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('กรุณาใช้ไฟล์นามสกุล jpg เท่านั้น')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
} else {
@copy($FILE['tmp_name'], "knowledgeicon/" . $knowledge['post_date'] . ".jpg");
$original_image = "knowledgeicon/" . $knowledge['post_date'] . ".jpg";
$desired_width = _IKNOW_W;
$desired_height = _IKNOW_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("knowledgeicon/" . $knowledge['post_date'] . ".jpg", "JPG");
}
//ทำการแก้ไขข้อมูลลงดาต้าเบส
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_KNOWLEDGE, array("category" => $_POST['CATEGORY'], "topic" => addslashes(htmlspecialchars($_POST['TOPIC'])), "headline" => addslashes(htmlspecialchars($_POST['HEADLINE'])), "posted" => $_SESSION['admin_user'], "update_date" => TIMESTAMP, "enable_comment" => $_POST['ENABLE_COMMENT']), " id='" . $_GET['id'] . "'");
$db->closedb();
//ทำการสร้างไฟล์ text ของข่าวสาร
$Filename = $knowledge['post_date'] . ".txt";
$txt_name = "knowledgedata/" . $Filename . "";
$txt_open = @fopen("{$txt_name}", "w");
@fwrite($txt_open, "" . $_POST['DETAIL'] . "");
@fclose($txt_open);
$ProcessOutput = "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการแก้ไขสาระน่ารู้ เข้าสู่ระบบเรียบร้อยแล้ว</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"?name=admin&file=knowledge\"><B>กลับหน้า จัดการสาระน่ารู้ </B></A>";
//create the image from JPEG file
$img = new hft_image($_FILES['bild']['tmp_name']);
$origWidth = $img->image_original_width;
$origHeight = $img->image_original_height;
if ($origWidth < $maxBreite) {
$maxBreite = $origWidth;
}
if ($origHeight < $maxHoehe) {
$maxHoehe = $origHeight;
}
//keep X to Y ratio
//so there will be no geometrical distortions:
$img->resize($maxBreite, $maxHoehe, "-");
//save the resized image to file
//commented to save server load
$img->output_resized($_FILES['bild']['tmp_name']);
//file-upload war erfolgreich:
$pfad = $_FILES['bild']['tmp_name'];
$bild_id = setBild($pfad, 'Picture for table card ' . $tableCardId, $img->image_resized_width, $img->image_resized_height, $fileExtension);
setTableCardPic($bild_id, $tableCardId);
if (!empty($old_id)) {
//altes bild loeschen
deleteBild($old_id);
}
}
$nachricht = "Das Design der Tischkarte wurde erfolgreich gespeichert.";
$nachricht = getUebersetzung($nachricht);
$info = true;
//back to the edit page:
include_once './index.php';
exit;
$width = _IGALLERYT_W;
$height = _IGALLERYT_H;
$desired_width = $size[0];
$desired_height = $size[1];
if ($desired_width > $width) {
$im = $desired_width / $width;
$imheight = $desired_height / $im;
$image = new hft_image($original_image);
$image->resize($width, $imheight, '0');
} else {
$im = $size[1] / $height;
$imwidth = $size[0] / $im;
$image = new hft_image($original_image);
$image->resize($imwidth, $height, '0');
}
$image->output_resized("images/gallery/gal_" . $CAT . "/thb_" . $_FILES["fileUpload"]['name'][$k] . "", "PNG");
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->add_db(TB_GALLERY, array("category" => "" . $_POST['CATEGORY'] . "", "posted" => "" . $admin_user . "", "post_date" => "" . TIMESTAMP . "", "pic" => "" . $_FILES["fileUpload"]['name'][$k] . "", "enable_comment" => "1"));
$db->closedb();
} else {
$ProcessOutput .= "<BR><BR>";
$ProcessOutput .= "<center><font color='red'>" . _ADMIN_GALLERY_MESSAGE_NOUP . " " . $_FILES["fileUpload"]['name'][$k] . " " . _DOWNLOAD_MOD_ERROR2 . "</font><br>";
}
}
}
}
}
}
}
$count++;
}
if ($FILE['name']) {
require "includes/class.resizepic.php";
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg") {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
} else {
@copy($FILE['tmp_name'], "icon/webboard_" . TIMESTAMP . ".jpg");
$original_image = "icon/webboard_" . TIMESTAMP . ".jpg";
$desired_width = _IKNOW_W;
$desired_height = _IKNOW_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("icon/webboard_" . TIMESTAMP . ".jpg", "JPG");
}
$pic = '1';
} else {
$pic = '0';
}
if ($FILESS['name']) {
//·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->add_db(TB_WEBBOARD, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . addslashes(htmlspecialchars($_POST['HEADLINE'])) . "", "headline" => "" . $_POST['DETAIL'] . "", "posted" => "" . $_SESSION['admin_user'] . "", "post_date" => "" . TIMESTAMP . "", "update_date" => "" . TIMESTAMP . "", "attach" => "" . TIMESTAMP . "_" . $FILESS['name'] . "", "pic" => "" . $pic . "", "enable_comment" => "" . $ENABLE_COMMENT . ""));
$db->closedb();
@copy($FILESS['tmp_name'], "attach/webboard_" . TIMESTAMP . "_" . $FILESS['name'] . "");
} else {
//·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->add_db(TB_WEBBOARD, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . addslashes(htmlspecialchars($_POST['HEADLINE'])) . "", "headline" => "" . $_POST['DETAIL'] . "", "posted" => "" . $_SESSION['admin_user'] . "", "post_date" => "" . TIMESTAMP . "", "update_date" => "" . TIMESTAMP . "", "pic" => "" . $pic . "", "enable_comment" => "" . $ENABLE_COMMENT . ""));
exit;
}
if ($FILE['type'] == 'image/jpg' || $FILE['type'] == 'image/jpeg' || $FILE['type'] == 'image/pjpeg' || $FILE['type'] == 'image/JPG' || $FILE['type'] == 'image/gif' || $FILE['type'] == 'image/x-png' || $FILE['type'] == 'image/png') {
if ($widths > _MEMBER_LIMIT_PICWIDTH) {
$images = $FILE["tmp_name"];
$new_images = "members_" . TIMESTAMP . "_" . $FILE["name"];
@copy($FILE["tmp_name"], "icon/members_" . TIMESTAMP . "_" . $FILE["name"]);
$original_image = "icon/members_" . TIMESTAMP . "_" . $FILE["name"] . "";
$width = _MEMBER_LIMIT_PICWIDTH;
// $size=GetimageSize($images);
$im = $widths / $width;
$imheight = $heights / $im;
$image = new hft_image($original_image);
$image->resize($width, $imheight, '0');
if ($FILE['type'] == 'image/jpg' || $FILE['type'] == 'image/jpeg' || $FILE['type'] == 'image/pjpeg' || $FILE['type'] == 'image/JPG') {
$image->output_resized("icon/members_" . TIMESTAMP . "_" . $FILE["name"] . "", "JPG");
}
if ($FILE['type'] == 'image/gif') {
$image->output_resized("icon/members_" . TIMESTAMP . "_" . $FILE["name"] . "", "GIF");
}
if ($FILE['type'] == 'image/x-png' || $FILE['type'] == 'image/png') {
$image->output_resized("icon/members_" . TIMESTAMP . "_" . $FILE["name"] . "", "PNG");
}
$Filenames = "members_" . TIMESTAMP . "_" . $FILE["name"] . "";
} else {
@copy($FILE['tmp_name'], "icon/members_" . TIMESTAMP . "_" . $FILE["name"]);
$Filenames = "members_" . TIMESTAMP . "_" . $FILE["name"] . "";
}
} else {
$showmsg = "<br><br><center><font size='3' face='MS Sans Serif'><b>" . _MEMBER_MOD_FORM_JAVA_TYPE_PIC . "</b></font><br><br>\n\t<input type='button' value='" . _MEMBER_MOD_FORM_JAVA_RETERN . "' onclick='history.back();'></center>";
showerror($showmsg);
}
} else {
$this->error($ERR["NO_IMAGE_FOR_OUTPUT"]);
}
if (!$res) {
$this->error($ERR["UNABLE_TO_OUTPUT"] . " {$destination_file}");
}
return $res;
}
}
//END OF IMAGE RESIZE CLASS
//TIME TO USE CLASS
//PATH TO THE IMAGES DIRECTORY
$original_image = $_REQUEST[filename];
$desired_width = $_REQUEST[widthsize];
$desired_height = $_REQUEST[heightsize];
//CHANGE TO DESIRED MAX width x height
$maxwidth = 350;
$maxheight = 350;
//Make sure someone is not maliciously trying to resize large pictures to tie up server. If you have a need to
//create larger pics just change the maxwidth and maxheight attributes.
if ($desired_width > $maxwidth) {
$desired_width = $maxwidth;
}
if ($desired_height > $maxheight) {
$desired_height = $maxheight;
}
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '-');
$image->output_resized("", "JPG");
}
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg") {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
} else {
if (strrchr($filesw_name, ".") == ".zip" || strrchr($filesw_name, ".") == ".ZIP" || strrchr($abstractxx_name, ".") == ".pdf" || strrchr($abstractxx_name, ".") == ".doc" || strrchr($abstractxx_name, ".") == ".xls" || strrchr($abstractxx_name, ".") == ".ppt" || strrchr($abstractxx_name, ".") == ".docx" || strrchr($abstractxx_name, ".") == ".xlsx" || strrchr($abstractxx_name, ".") == ".pptx") {
@copy($FILE['tmp_name'], "icon/research_" . TIMESTAMP . ".jpg");
$original_image = "icon/research_" . TIMESTAMP . ".jpg";
$desired_width = _Iresearch_W;
$desired_height = _Iresearch_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("icon/research_" . TIMESTAMP . ".jpg", "JPG");
} else {
echo "<script language='javascript'>";
echo "alert('" . _WEBBOARD_MESS_TPYE_FILE_NOACC . " .zip .doc , .xls , .ppt , .pdf " . _WEBBOARD_MESS_TPYE_FILE_NOACC1 . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
}
}
if ($login_true) {
$dir = $login_true;
} else {
if ($admin_user) {
$dir = $admin_user;
} else {
$dir = 'guest';
{
createHiddenInput(\'draft\', \'true\');
post();
}
') . '
-->
</script>';
break;
case 'upload':
if ($_FILES['file']['size'] > 0) {
if (strpos($_FILES['file']['type'], 'image') !== false) {
list($filename, $ext) = explode('.', strtolower($_FILES['file']['name']));
$image = new hft_image($_FILES['file']['tmp_name']);
$image->output_original('../upload/' . $filename . '_orig.' . $ext);
$image->resize($preferences['thumb_width'], $preferences['thumb_height']);
$image->output_resized('../upload/' . $filename . '_thumb.' . $ext);
} else {
move_uploaded_file($_FILES['file']['tmp_name'], '../upload/' . strtolower($_FILES['file']['name']));
}
redirect('?rand=' . rand());
}
$page_title = 'Upload';
$content = '
You can upload files up to ' . ini_get('upload_max_filesize') . '.
This will be saved en <em>upload</em> folder.
To link to your upload file you need to refer as <em>\'upload/filename.ext\'</em>.
If you upload an image, it will create two files: <em>\'filename_orig.ext\'</em> and <em>\'filename_thumb.ext\'</em>.
<form name="frm" id="frm" action="" method="post" enctype="multipart/form-data">
<label for="file">Upload file</label><input type="file" name="file" id="file" /><br />
<div align="center"><a href="javascript:send();">upload</a> <a href="?rand=' . rand() . '">back</a></div>
</form>';
$width = _IGALLERY_W;
$height = _IGALLERY_H;
$desired_width = $size[0];
$desired_height = $size[1];
if ($desired_width > $width) {
$im = $desired_width / $width;
$imheight = $desired_height / $im;
$image = new hft_image($original_image);
$image->resize($width, $imheight, '0');
} else {
$im = $size[1] / $height;
$imwidth = $size[0] / $im;
$image = new hft_image($original_image);
$image->resize($imwidth, $height, '0');
}
$image->output_resized("modules/filemanager/" . $pathext . "thb_" . $_FILES['uploadedfile']['name'] . "", "PNG");
} else {
/* put the file in the directory */
move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $path . $pathext . $_FILES['uploadedfile']['name'] . $OffExt);
}
}
}
}
} else {
$msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>The Filename: " . $_FILES['uploadedfile']['name'] . " is BLOCKED from being uploaded here.</font><p>";
}
} else {
// $msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>¾×é¹·Õè㹡ÒÃà¡çº¢éÍÁÙÅäÁèà¾Õ§¾Í<br>äÁèÊÒÁÒöÍѾâÅË´ä´é.</font><p>";
$msg = "<font face='Verdana, Arial, Hevetica' size='2' color='#ff0000'>" . _FILEMANAGER_MOD_IMG_NOUP . "</font><p>";
}
} else {
require "includes/class.resizepic.php";
$FILE = $_FILES['FILE'];
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('��س��������ʡ�� jpg ��ҹ��')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
} else {
@copy($FILE['tmp_name'], "usericon/" . $arr[user][post_date] . ".jpg");
$original_image = "usericon/" . $arr[user][post_date] . ".jpg";
$desired_width = _Iuser_W;
$desired_height = _Iuser_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("usericon/" . $arr[user][post_date] . ".jpg", "JPG");
}
//�ӡ����䢢�����ŧ�ҵ����
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_user, array("username" => "{$_POST['USERNAME']}", "password" => "{$NewPass}", "name" => "{$_POST['NAME']}", "email" => "{$_POST['EMAIL']}", "level" => "{$_POST['LEVEL']}", "address" => "{$_POST['ADDRESS']}", "update_date" => "" . TIMESTAMP . "", "tel" => "{$_POST['TEL']}"), " id='{$_GET['id']}' ");
$db->closedb();
$ProcessOutput .= "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"" . $URLre . "\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>��ӡ����䢢��������º��������</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"" . $URLre . "\"><B>��Ѻ�˹�Ҵ����к�</B></A>";
$ProcessOutput .= "</CENTER>";
$ProcessOutput .= "<BR><BR>";
}
} else {
//�ó�����ҹ
$ProcessOutput = $PermissionFalse;
if ($FILE['tmp_name'] != '') {
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
} else {
require "includes/class.resizepic.php";
@copy($FILE['tmp_name'], "icon/download_" . $arr['download']['post_date'] . ".jpg");
$original_image = "icon/download_" . $arr['download']['post_date'] . ".jpg";
$desired_width = _Idownload_W;
$desired_height = _Idownload_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("icon/download_" . $arr['download']['post_date'] . ".jpg", "JPG");
}
}
if ($FILES['tmp_name'] != '') {
@unlink("data/download_" . $arr['download']['full_text']);
if ($upload = copy($FILES['tmp_name'], "data/download_" . TIMESTAMP . "_" . $FILES['name'] . "")) {
} else {
print "<center><font color='red'>" . _ADMIN_DOWNLOAD_FORM_ERROR_UPLOAD . " " . $FILES['name'] . " " . _ADMIN_DOWNLOAD_FORM_ERROR_UPLOAD1 . "</font></center><br>";
}
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_DOWNLOAD, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . addslashes(htmlspecialchars($_POST['HEADLINE'])) . "", "detail" => "" . $_POST['DETAIL'] . "", "posted" => "" . $admin_user . "", "update_date" => "" . TIMESTAMP . "", "enable_comment" => "" . $ENABLE_COMMENT . "", "full_text" => "" . TIMESTAMP . "_" . $FILES['name'] . "", "type" => "" . $FILES['type'] . "", "size" => "" . $FILES['size'] . ""), " id='" . $_GET['id'] . "' ");
$db->closedb();
} else {
//·Ó¡ÒÃá¡é䢢éÍÁÙÅŧ´ÒµéÒàºÊ
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_DOWNLOAD, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . addslashes(htmlspecialchars($_POST['HEADLINE'])) . "", "detail" => "" . $_POST['DETAIL'] . "", "posted" => "" . $admin_user . "", "update_date" => "" . TIMESTAMP . "", "enable_comment" => "" . $ENABLE_COMMENT . ""), " id='" . $_GET['id'] . "' ");
$orig = $uploaddir . $uploadfile;
}
require_once "hft_image.php";
$img = new hft_image($orig);
$img->resize(600, 600, "-");
$x = strlen($orig) - 4;
$ext = substr($orig, $x, 4);
$fname = substr($orig, 0, $x);
$outputfile = $fname . $ext;
$img->output_resized($outputfile);
$outputfile = substr($outputfile, -14);
$originfilename = substr($fname . $ext, -14);
$img = new hft_image($orig);
$img->resize(250, 250, "-");
$outputfiletmb = $fname . '_tmb' . $ext;
$img->output_resized($outputfiletmb);
$outputfiletmb = substr($outputfiletmb, -18);
$beszuras = 'Update kep Set kicsi="' . $outputfiletmb . '", nagy="' . $originfilename . '", megjegyzes="' . $felirat . '" where id=3;';
mysql_query("{$beszuras}", $abc);
}
if ($in = 4) {
$felirat = $_POST["text1"];
$beszuras = 'Update kep Set megjegyzes="' . $felirat . '" where id=3;';
mysql_query("{$beszuras}", $abc);
}
if ($in = 5) {
$felirat = $_POST["text2"];
$beszuras = 'Update kep Set megjegyzes="' . $felirat . '" where id=3;';
mysql_query("{$beszuras}", $abc);
}
if ($in = 6) {
if ($FILE['name']) {
require "includes/class.resizepic.php";
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
}
@copy($FILE['tmp_name'], "icon/blog_" . $arr['blog']['post_date'] . "_" . $arr['blog']['posted'] . ".jpg");
$original_image = "icon/blog_" . $arr['blog']['post_date'] . "_" . $arr['blog']['posted'] . ".jpg";
$desired_width = _Iblog_W;
$desired_height = _Iblog_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("icon/blog_" . $arr['blog']['post_date'] . "_" . $arr['blog']['posted'] . ".jpg", "JPG");
$pic = '1';
} else {
$pic = '1';
}
if ($FILESS['name']) {
$abstractxx_name = $FILESS['tmp_name'];
if (strrchr($abstractxx_name, ".") == ".pdf" || strrchr($abstractxx_name, ".") == ".doc" || strrchr($abstractxx_name, ".") == ".xls" || strrchr($abstractxx_name, ".") == ".ppt" || strrchr($abstractxx_name, ".") == ".docx" || strrchr($abstractxx_name, ".") == ".xlsx" || strrchr($abstractxx_name, ".") == ".pptx" || strrchr($abstractxx_name, ".") == ".zip" || strrchr($abstractxx_name, ".") == ".rar" || strrchr($abstractxx_name, ".") == ".tar.gz") {
// copy($_FILES['abstractxx']['tmp_name'], "data/download_".TIMESTAMP."_".$FILES['name']."");
@copy($FILESS['tmp_name'], "attach/blog_" . TIMESTAMP . "_" . $FILESS['name'] . "");
} else {
echo "<script language='javascript'>";
echo "alert('" . _WEBBOARD_MESS_TPYE_FILE_NOACC . " .doc , .xls , .ppt , .pdf , .zip , .tar.gz , .rar " . _WEBBOARD_MESS_TPYE_FILE_NOACC1 . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
}
if ($FILE != '') {
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
} else {
@copy($FILE['tmp_name'], "icon/research_" . $arr['research']['post_date'] . ".jpg");
$original_image = "icon/research_" . $arr['research']['post_date'] . ".jpg";
$desired_width = _Iresearch_W;
$desired_height = _Iresearch_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("icon/research_" . $arr['research']['post_date'] . ".jpg", "JPG");
}
}
$dir = "" . $arr['research']['posted'] . "" . $arr['research']['post_date'] . "";
if ($filesw['name'] != '' && $abstractxx['name'] != '') {
if ($upload = copy($filesw['tmp_name'], "data/research_" . TIMESTAMP . "_" . $filesw['name'] . "")) {
} else {
print "<center><font color='red'>" . _RESEARCH_MOD_ADD_NOUP_PIC . " {$filesw} " . _RESEARCH_MOD_ADD_NOUP_PIC1 . "</font></center><br>";
}
unlink($filesw);
if ($upload = copy($abstractxx['tmp_name'], "data/research_" . TIMESTAMP . "_" . $abstractxx['name'] . "")) {
} else {
print "<center><font color='red'>" . _RESEARCH_MOD_ADD_NOUP_PIC . " {$abstractxx} " . _RESEARCH_MOD_ADD_NOUP_PIC1 . "</font></center><br>";
}
unlink($abstractxx_name);
//·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ
}
if ($FILE['name'] != '') {
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
}
@copy($FILE['tmp_name'], "images/icon/news_" . TIMESTAMP . ".jpg");
$original_image = "images/icon/news_" . TIMESTAMP . ".jpg";
$desired_width = _INEWS_W;
$desired_height = _INEWS_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("images/icon/news_" . TIMESTAMP . ".jpg", "JPG");
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_NEWS_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . "", "icon" => "news_" . TIMESTAMP . ".jpg"), " id=" . $_GET['id'] . " ");
$db->closedb();
} else {
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_NEWS_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . ""), " id=" . $_GET['id'] . " ");
$db->closedb();
}
$ProcessOutput = "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_NEW_MESSAGE_CAT_EDIT . "</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"?name=admin&file=news_category\"><B>" . _ADMIN_NEW_MESSAGE_CAT_GOBACK . "</B></A>";
$ProcessOutput .= "</CENTER>";
$ProcessOutput .= "<BR><BR>";
} else {
$width = _IPERTHB_W;
$height = _IPERTHB_H;
$desired_width = $size['0'];
$desired_height = $size['1'];
if ($desired_width > $width) {
$im = $desired_width / $width;
$imheight = $desired_height / $im;
$image = new hft_image($original_image);
$image->resize($width, $imheight, '0');
} else {
$im = $size['1'] / $height;
$imwidth = $size['0'] / $im;
$image = new hft_image($original_image);
$image->resize($imwidth, $height, '0');
}
$image->output_resized("images/personnel/thb_" . TIMESTAMP . "_" . $namepic_name . "", "PNG");
}
}
}
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_personnel, array("p_name" => "" . $_POST['NAME'] . "", "p_position" => "" . $_POST['POST'] . "", "p_data" => "" . $_POST['DATAS'] . "", "p_add" => "" . $_POST['ADD'] . "", "p_tel" => "" . $_POST['TEL'] . "", "p_mail" => "" . $_POST['EMAIL'] . "", "p_pic" => "" . TIMESTAMP . "_" . $FILESS['name'] . "", "boss" => "" . $_POST['BOSS'] . ""), " id='" . $_GET['id'] . "' ");
$db->closedb();
$ProcessOutput .= "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_PERSONNEL_MESSAGE_EDIT_MEM . "</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"?name=admin&file=personnel\"><B>" . _ADMIN_PERSONNEL_MESSAGE_GOBACK . "</B></A>";
$ProcessOutput .= "</CENTER>";
$ProcessOutput .= "<BR><BR>";
}
} else {
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
}
if ($FILE['name'] != '') {
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
}
@copy($FILE['tmp_name'], "images/icon/download_" . TIMESTAMP . ".jpg");
$original_image = "images/icon/download_" . TIMESTAMP . ".jpg";
$desired_width = _INEWS_W;
$desired_height = _INEWS_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("images/icon/download_" . TIMESTAMP . ".jpg", "JPG");
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_DOWNLOAD_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . "", "icon" => "download_" . TIMESTAMP . ".jpg"), " id=" . $_GET['id'] . " ");
$db->closedb();
} else {
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_DOWNLOAD_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . ""), " id=" . $_GET['id'] . " ");
$db->closedb();
}
$ProcessOutput = "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_DOWNLOAD_MESSAGE_EDIT_CAT . "</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"?name=admin&file=download_category\"><B>" . _ADMIN_DOWNLOAD_MESSAGE_GOBACK_CAT . "</B></A>";
$ProcessOutput .= "</CENTER>";
$ProcessOutput .= "<BR><BR>";
} else {
$width = _IVIDEOT_W;
$height = _IVIDEOT_H;
$desired_width = $size[0];
$desired_height = $size[1];
if ($desired_width > $width) {
$im = $desired_width / $width;
$imheight = $desired_height / $im;
$image = new hft_image($original_image);
$image->resize($width, $imheight, '0');
} else {
$im = $size[1] / $height;
$imwidth = $size[0] / $im;
$image = new hft_image($original_image);
$image->resize($imwidth, $height, '0');
}
$image->output_resized(str_replace('//', '/', $targetPath) . "thb_" . TIMESTAMP . "_" . $_FILES['Filedata']['name'] . "", "PNG");
$db->add_db(TB_VIDEO, array("category" => "" . $_POST['cat'] . "", "topic" => "" . $topic . "", "detail" => "" . $detail . "", "posted" => "" . $_POST['admin'] . "", "post_date" => "" . TIMESTAMP . "", "pic" => "thb_" . TIMESTAMP . "_" . $_FILES['Filedata']['name'] . "", "enable_comment" => "1", "youtube" => "0"));
unlink($targetFile);
}
}
}
} else {
//copy($_FILES['Filedata']['tmp_name'], "video/thumbs/".TIMESTAMP."_".$_FILES['Filedata']['name'].""))
move_uploaded_file($tempFile, $targetFile);
echo str_replace($_SERVER['DOCUMENT_ROOT'], '', $targetFile);
$db->add_db(TB_VIDEO, array("category" => "" . $_POST['cat'] . "", "topic" => "" . $topic . "", "detail" => "" . $detail . "", "posted" => "" . $_POST['admin'] . "", "post_date" => "" . TIMESTAMP . "", "pic" => "" . TIMESTAMP . "_" . $_FILES['Filedata']['name'] . "", "enable_comment" => "1", "youtube" => "0"));
}
}
} else {
$tempFile = $_FILES['Filedata']['tmp_name'];
if (strchr($_FILES['Filedata']['name'], ".") == ".mpg" || strchr($_FILES['Filedata']['name'], ".") == ".mov" || strchr($_FILES['Filedata']['name'], ".") == ".avi" || strchr($_FILES['Filedata']['name'], ".") == ".wmv" || strchr($_FILES['Filedata']['name'], ".") == ".MP4" || strchr($_FILES['Filedata']['name'], ".") == ".flv") {
}
if ($FILE['name'] != '') {
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
}
@copy($FILE['tmp_name'], "images/icon/knowledge_" . TIMESTAMP . ".jpg");
$original_image = "images/icon/knowledge_" . TIMESTAMP . ".jpg";
$desired_width = _IKNOW_W;
$desired_height = _IKNOW_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("images/icon/knowledge_" . TIMESTAMP . ".jpg", "JPG");
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_KNOWLEDGE_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . "", "icon" => "knowledge_" . TIMESTAMP . ".jpg"), " id=" . $_GET['id'] . " ");
$db->closedb();
} else {
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_KNOWLEDGE_CAT, array("category_name" => "" . addslashes(htmlspecialchars($_POST['CATEGORY'])) . ""), " id=" . $_GET['id'] . " ");
$db->closedb();
}
$ProcessOutput = "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_KNOWLEDGE_MESSAGE_CAT_EDIT . "</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"?name=admin&file=knowledge_category\"><B>" . _ADMIN_KNOWLEDGE_MESSAGE_CAT_GOBACK . "</B></A>";
$ProcessOutput .= "</CENTER>";
$ProcessOutput .= "<BR><BR>";
} else {
exit;
}
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('กรุณาใช้ไฟล์นามสกุล jpg เท่านั้น')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
} else {
@copy($FILE['tmp_name'], "newsicon/" . $news['post_date'] . ".jpg");
$original_image = "newsicon/" . $news['post_date'] . ".jpg";
$desired_width = _INEWS_W;
$desired_height = _INEWS_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("newsicon/" . $news['post_date'] . ".jpg", "JPG");
}
//ทำการแก้ไขข้อมูลลงดาต้าเบส
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_NEWS, array("category" => $_POST['CATEGORY'], "topic" => addslashes(htmlspecialchars($_POST['TOPIC'])), "headline" => addslashes(htmlspecialchars($_POST['HEADLINE'])), "posted" => $_SESSION['admin_user'], "update_date" => TIMESTAMP, "enable_comment" => $_POST['ENABLE_COMMENT']), " id= " . intval($_GET['id']));
$db->closedb();
//ทำการสร้างไฟล์ text ของข่าวสาร
$Filename = $news['post_date'] . ".txt";
$txt_name = "newsdata/" . $Filename . "";
$txt_open = @fopen("{$txt_name}", "w");
@fwrite($txt_open, "" . $_POST['DETAIL'] . "");
@fclose($txt_open);
$ProcessOutput = "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>ได้ทำการแก้ไขข่าวสาร / ประชาสัมพันธ์ เข้าสู่ระบบเรียบร้อยแล้ว</B></FONT><BR><BR>";
$ProcessOutput .= "<A HREF=\"?name=admin&file=news\"><B>กลับหน้า จัดการข่าวสาร / ประชาสัมพันธ์ </B></A>";
if ($FILE['name']) {
require "includes/class.resizepic.php";
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg" and $FILE['size']) {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.back()</script>";
exit;
}
@copy($FILE['tmp_name'], "icon/knowledge_" . $arr['knowledge']['post_date'] . ".jpg");
$original_image = "icon/knowledge_" . $arr['knowledge']['post_date'] . ".jpg";
$desired_width = _IKNOW_W;
$desired_height = _IKNOW_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("icon/knowledge_" . $arr['knowledge']['post_date'] . ".jpg", "JPG");
$pic = '1';
} else {
if ($arr['knowledge']['pic'] == 1) {
$pic = '1';
} else {
$pic = '0';
}
}
if ($FILESS['name']) {
//·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_KNOWLEDGE, array("category" => "" . $_POST['CATEGORY'] . "", "topic" => "" . addslashes(htmlspecialchars($_POST['TOPIC'])) . "", "headline" => "" . $_POST['HEADLINE'] . "", "detail" => "" . $_POST['DETAIL'] . "", "posted" => "" . $_SESSION['admin_user'] . "", "post_date" => "" . $arr['knowledge']['post_date'] . "", "update_date" => "" . $arr['knowledge']['post_date'] . "", "attach" => "" . $arr['knowledge']['post_date'] . "_" . $FILESS['name'] . "", "pic" => "" . $pic . "", "enable_comment" => "" . $ENABLE_COMMENT . ""), " id=" . $_GET['id'] . "");
$db->closedb();
@copy($FILESS['tmp_name'], "attach/knowledge_" . $arr['knowledge']['post_date'] . "_" . $FILESS['name'] . "");
} else {
if ($FILE['type'] != "image/jpg" and $FILE['type'] != "image/jpeg" and $FILE['type'] != "image/pjpeg") {
echo "<script language='javascript'>";
echo "alert('" . _JAVA_IMG_ACC . "')";
echo "</script>";
echo "<script language='javascript'>javascript:history.go(-1)</script>";
// echo "$namepic_name<br>";
exit;
} else {
$filepic = $FILE['tmp_name'];
@copy($FILE['tmp_name'], "icon/admin_" . TIMESTAMP . "_" . $namepic_name . "");
$original_image = "icon/admin_" . TIMESTAMP . "_" . $namepic_name . "";
$desired_width = _Iadmin_W;
$desired_height = _Iadmin_H;
$image = new hft_image($original_image);
$image->resize($desired_width, $desired_height, '0');
$image->output_resized("icon/admin_" . TIMESTAMP . "_" . $namepic_name . "", "JPG");
}
//·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_ADMIN, array("username" => "" . $_POST['USERNAME'] . "", "password" => "" . $NewPass . "", "name" => "" . $_POST['NAME'] . "", "email" => "" . $_POST['EMAIL'] . "", "picture" => "admin_" . TIMESTAMP . "_" . $namepic_name . ""), " id='" . $_GET['id'] . "' ");
$db->update_db(TB_MEMBER, array("user" => "" . $_POST['USERNAME'] . "", "password" => "" . $NewPass . "", "name" => "" . $_POST['NAME'] . "", "email" => "" . $_POST['EMAIL'] . "", "member_pic" => "admin_" . TIMESTAMP . "_" . $namepic_name . ""), " user='******'USERNAME_OLD'] . "' ");
} else {
//·Ó¡ÒÃà¾ÔèÁ¢éÍÁÙÅŧ´ÒµéÒàºÊ
$db->connectdb(DB_NAME, DB_USERNAME, DB_PASSWORD);
$db->update_db(TB_ADMIN, array("username" => "" . $_POST['USERNAME'] . "", "password" => "" . $NewPass . "", "name" => "" . $_POST['NAME'] . "", "email" => "" . $_POST['EMAIL'] . ""), " id='" . $_GET['id'] . "' ");
$db->update_db(TB_MEMBER, array("user" => "" . $_POST['USERNAME'] . "", "password" => "" . $NewPass . "", "name" => "" . $_POST['NAME'] . "", "email" => "" . $_POST['EMAIL'] . ""), " user='******'USERNAME_OLD'] . "' ");
}
$db->closedb();
$ProcessOutput = "<BR><BR>";
$ProcessOutput .= "<CENTER><A HREF=\"?name=admin&file=main\"><IMG SRC=\"images/icon/login-welcome.gif\" BORDER=\"0\"></A><BR><BR>";
$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>" . _ADMIN_USER_MESSAGE_EDIT . "</B></FONT><BR><BR>";
