<?php // check project permissions and set project_id SESSION variable require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => false, 'errorText' => ''); $proj_id = validID($_POST['project']) ? $_POST['project'] : 0; $q = new myQuery("SELECT perm\n FROM project_user\n WHERE user_id='{$_SESSION['user_id']}'\n AND project_id='{$proj_id}'"); if ($q->get_num_rows() == 1) { $return['perm'] = $q->get_one(); $_SESSION['project_id'] = $proj_id; } else { $return['error'] = true; $return['errorText'] = 'You do not have permission to access this project.'; } scriptReturn($return); exit;
if (is_dir($dir . '/' . $currentFile)) { $ret2 = countFilesProc($dir . '/' . $currentFile); $ret['files'] += $ret2['files']; $ret['size'] += $ret2['size']; } else { $ret['files']++; $ret['size'] += filesize($dir . '/' . $currentFile); } } } closedir($odir); return $ret; } $user = $_SESSION['user_id']; $proj_id = $_POST['proj_id']; $q = new myQuery("SELECT project.user_id as owner \n FROM project \n LEFT JOIN project_user ON (project.id=project_id)\n WHERE project_user.user_id='{$user}' AND project_id='{$proj_id}'"); if ($q->get_num_rows() > 0) { $return['filemtime'] = filemtime(IMAGEBASEDIR . $proj_id); if ($return['filemtime'] != $_POST['filemtime']) { $res = countFilesProc(IMAGEBASEDIR . $proj_id); if ($res) { $return['mysize'] = $q->get_one() == $user ? $res['size'] : 0; $return['files'] = $res['files'] | 0; $return['trash'] = $res['trash'] | 0; $return['tmp'] = $res['tmp'] | 0; $return['size'] = formatBytes($res['size']); } } } scriptReturn($return); exit;
function projectPerm($id) { $q = new myQuery("SELECT 1 FROM project_user WHERE project_id='{$id}' AND user_id='{$_SESSION[user_id]}'"); return $q->get_num_rows() == 1; }
public function getID() { $ps = $this->getPointNumber(); $ls = count($this->_lines); $user_id = $_SESSION['user_id']; $q = new myQuery("SELECT tem.id, \n COUNT(DISTINCT p.n) as ps, \n COUNT(DISTINCT l.n) as ls,\n COUNT(DISTINCT sym) as syms \n FROM tem \n LEFT JOIN point as p on p.tem_id=tem.id \n LEFT JOIN line as l on l.tem_id=tem.id\n WHERE tem.public=1 OR tem.user_id={$user_id}\n GROUP BY tem.id\n HAVING ps={$ps} AND ls={$ls} AND syms>0"); if ($q->get_num_rows() >= 1) { return intval($q->get_one()); } else { return false; } }
} else { if ($res['status'] == 'disabled') { $return['error'] = true; $return['errorText'] .= "<li>Your account has been disabled.</li>"; } else { if ($hash == $hash_check) { $return['user'] = $id; $q = new myQuery("INSERT INTO login (user_id, logintime) VALUES ({$id}, NOW())"); // set session variables $_SESSION['user_id'] = $id; if ($id == 1) { $_SESSION['superuser'] = true; } // check if they have any project folders $q = new myQuery("SELECT project_id FROM project_user WHERE user_id={$id}"); if ($q->get_num_rows() == 0) { $notes = my_clean("{$res['firstname']} {$res['lastname']} ({$res['email']}) first project"); $projname = my_clean("{$res['firstname']} {$res['lastname']} Project"); $q = new myQuery("INSERT INTO project (user_id, name, dt, notes) VALUES ({$id}, '{$projname}', NOW(), '{$notes}')"); $new_proj_id = $q->get_insert_id(); $mydir = IMAGEBASEDIR . $new_proj_id; if ($new_proj_id > 1 && !mkdir($mydir, DIRPERMS)) { $return['error'] = true; $return['errorText'] .= '<li>Your default image directory could not be created</li>'; $q->set_query("DELETE FROM project WHERE id={$new_proj_id}"); } else { mkdir($mydir . '/.tmp', DIRPERMS); mkdir($mydir . '/.trash', DIRPERMS); copy(DOC_ROOT . '/include/examples/_female_avg.jpg', $mydir . '/_female_avg.jpg'); copy(DOC_ROOT . '/include/examples/_female_avg.tem', $mydir . '/_female_avg.tem'); copy(DOC_ROOT . '/include/examples/_male_avg.jpg', $mydir . '/_male_avg.jpg');
return false; case 'mirror': if (preg_match('/^(true|t|1)$/i', $data)) { $img->mirror(); return true; } return false; } } $return = array('error' => true, 'errorText' => '', 'newFileName' => ''); $image = safeFileName($_POST['theData']['image']); if ($image) { ini_set('memory_limit', '512M'); $default_rgb = array(255, 255, 255); $q = new myQuery("SELECT prefval FROM pref WHERE user_id='{$_SESSION['user_id']}' AND pref='mask_color'"); if ($q->get_num_rows() == 1 && preg_match('/rgb\\((\\d{1,3}),(\\d{1,3}),(\\d{1,3})\\)$/i', $q->get_one(), $rgb)) { $default_rgb = array_slice($rgb, 1); } include_once DOC_ROOT . '/include/classes/psychomorph.class.php'; if (array_key_exists('hasTem', $_POST['theData'])) { $img = new PsychoMorph_ImageTem($image); } else { $img = new PsychoMorph_Image($image); } // set order $possible_edits = array('align', 'resize', 'rotate', 'crop', 'mask', 'sym', 'mirror'); if ($_POST['theData']['order'] == '' || $_POST['theData']['order'] == 'false') { $edits = $possible_edits; } else { $edits = explode(',', $_POST['theData']['order']); }
echo "<h3>Last PHP Error</h3>"; htmlArray(debug_backtrace()); htmlArray(error_get_last()); // session Variables $_SESSION['debug'] = true; echo "<h3>\$_SESSION Variables</h3>\n"; htmlArray($_SESSION); $php_time = date('Y-m-d H:i:s'); $q = new myQuery('SELECT NOW()'); $mysql_time = $q->get_one(); echo "<h3>Time Comparison</h3>\n<ul>\n\t<li>MySQL time: {$mysql_time}</li>\n\t<li>PHP time: {$php_time}</li>\n</ul>"; echo "<h3>MySQLi Test</h3>"; $q = new myQuery("SELECT id, firstname FROM user LIMIT 3"); echo '<table><thead><tr><th></th><th>Answer</th><th>True Value</th></thead></tr><tbody>'; echo '<tr><td>Query</td><td>' . $q->get_query() . '</td><td>SELECT id, firstname FROM user LIMIT 3</td></tr>'; echo '<tr><td>N Rows</td><td>' . $q->get_num_rows() . '</td><td>3</td></tr>'; echo '<tr><td>get_row()</td><td>'; print_r($q->get_row()); echo '</td><td>Array ( [id] => 1 [firstname] => Lisa )</td></tr>'; echo '<tr><td>get_row(2)</td><td>'; print_r($q->get_row(2)); echo '</td><td>Array ( [id] => 3 [firstname] => Amanda )</td></tr>'; echo '<tr><td>get_col("id")</td><td>'; print_r($q->get_col('id')); echo '</td><td>Array ( [0] => 1 [1] => 2 [2] => 3 )</td></tr>'; echo '<tr><td>get_one()</td><td>' . $q->get_one() . '</td><td>1</td></tr>'; echo '<tr><td>get_one(2, "firstname")</td><td>' . $q->get_one(2, 'firstname') . '</td><td>Amanda</td></tr>'; echo '<tr><td>get_one(2, "error")</td><td>' . $q->get_one(2, 'error') . '</td><td>Column <code>error</code> does not exist in row <code>2</code></td></tr>'; echo '<tr><td>get_assoc()</td><td>'; print_r($q->get_assoc()); echo '</td><td>Array ( [0] => Array ( [id] => 1 [firstname] => Lisa ) [1] => Array ( [id] => 2 [firstname] => Ben ) [2] => Array ( [id] => 3 [firstname] => Amanda ) )</td></tr>';