function upload_file($file) { if ($file['name'] == '') { echo 'Файл не выбран!'; return; } //Проверяем расширения изображений, их размер и процесс копирования из временной директории if ($file['type'] == 'image/jpeg' || $file['type'] == 'image/png' || $file['type'] == 'image/pjpeg' || $file['type'] == 'image/gif') { if ($file['size'] <= GW_MAXFILESIZE) { if (copy($file['tmp_name'], 'img/' . $file['name'])) { echo 'Файл успешно загружен'; img_resize('img/' . $file['name'], 'thumbs/thumb_' . $file['name'], '250', '150'); } else { echo 'Ошибка загрузки файла'; return; } } else { echo "Файл не должен превышать размер в 5 Мб!"; return; } } else { echo "Файл должен иметь одно из известных расширений графических изображений (gif, jpeg или png)!"; return; } }
function upload_file($file) { if ($file['name'] == '') { echo 'Файл не выбран!'; return; } //Проверяем расширения изображений, их размер и процесс копирования из временной директории $arr = explode(".", $file['name']); $ext = mb_strtolower($arr[count($arr) - 1]); $allowed = array('jpg', 'jpeg', 'png', 'gif'); $img_name = htmlspecialchars(trim($file['name'])); $thumb_name = 'thumb_' . $img_name; if (in_array($ext, $allowed)) { if ($file['size'] <= GW_MAXFILESIZE) { if (copy($file['tmp_name'], 'img/' . $img_name)) { echo 'Файл успешно загружен'; img_resize('img/' . $img_name, 'thumbs/' . $thumb_name, '250', '150'); $dbc = mysqli_connect(HOSTNAME, USERNAME, PASSWORD, DBNAME) or die('No connect with data base'); $query = "INSERT INTO `images` (`image_name`, `thumb_name`) VALUES ('{$img_name}', '{$thumb_name}')"; mysqli_query($dbc, $query) or die("Ошибка при отправке запроса<br>" . mysql_error()); mysqli_close($dbc); } else { echo 'Ошибка загрузки файла'; return; } } else { echo "Файл не должен превышать размер в 5 Мб!"; return; } } else { echo "Файл должен иметь одно из известных расширений графических изображений (gif, jpeg или png)!"; return; } }
/** * Sube un archivo a la carpeta uploads * @param unknown_type $arr_file_desc * @param unknown_type $destino * @param unknown_type $name */ function subirArchivo($arr_file_desc, $destino = null, $name = null) { $arr_file = array(); $file_extension = file_extension($arr_file_desc['name']); if ($destino == null) { $dia = date("j"); $mes = date("n"); $anyo = date("Y"); $new_relative_path = $anyo . BARRA_SERVIDOR . $mes . BARRA_SERVIDOR . $dia; } else { $new_relative_path = $destino; } if ($name != null) { $new_file_name = $name; } else { $new_file_name = str_replace("." . $file_extension, "", $arr_file_desc['name']); } // Creamos la ruta de carpetas createPath($new_relative_path); // Si existe el archivo, con un contador cambio el nombre hasta que deje de existir $cont = 0; while (file_exists(UPLOAD_DIR . BARRA_SERVIDOR . $new_relative_path . BARRA_SERVIDOR . $new_file_name . "." . $file_extension)) { $cont++; $new_file_name .= $cont; } if (file_exists($arr_file_desc['tmp_name'])) { if (!copy($arr_file_desc['tmp_name'], UPLOAD_DIR . BARRA_SERVIDOR . $new_relative_path . BARRA_SERVIDOR . $new_file_name . "." . $file_extension)) { print "Error, no ha sido posible la copia del archivo"; } else { //borro el archivo temporal unlink($arr_file_desc['tmp_name']); } } else { header('Content-type: application/json'); //objeto json que devolverá la respuesta $jsondata = array(); $jsondata['error'] = true; $jsondata['msg'] = "No se ha podido subir el archivo, intentelo de nuevo o contacte con su administrador."; echo json_encode($jsondata); exit; } $new_file_path = $new_relative_path . BARRA_SERVIDOR . $new_file_name . "." . $file_extension; $origen_dir = UPLOAD_DIR . BARRA_SERVIDOR . substr($new_file_path, 0, strrpos($new_file_path, BARRA_SERVIDOR)) . BARRA_SERVIDOR; $nombre_archivo = substr($new_file_path, strrpos($new_file_path, BARRA_SERVIDOR) + 1); $nombre_sin_extension = substr($nombre_archivo, 0, strrpos($nombre_archivo, ".")); $extension = substr($new_file_path, strrpos($new_file_path, ".") + 1); //si es una imagen, creo una más pequeña para agilizar la carga con thumbnails if ($extension == "jpg" || $extension == "gif" || $extension == "png") { //$info = getimagesize ($new_file_path); img_resize($origen_dir . $nombre_archivo, THUMBNAIL_WIDTH, $origen_dir, $nombre_sin_extension . "." . $extension, THUMBNAIL_HEIGHT); } // Devuelvo la ruta sin la carpeta padre por si se cambia en la configuracion return $new_file_path; }
function file_upload($file, $gallery_path, $link, $galleryid) { if ($file['name'] == '') { return 'Файл не выбран!'; } $format = strtolower(substr($file['type'], strpos($file['type'], '/') + 1)); if (!($format == 'jpeg' || $format == 'png')) { return 'Формат ' . $format . ' не поддерживается'; } $size = (int) $file['size']; if ($size > 1000000) { return 'Максимально допустимый размер файла 1Мб!'; } $sides = getimagesize($file['tmp_name']); $width = $sides[0]; $height = $sides[1]; if ($width < 150 || $height < 150) { return 'Ширина и высота изображения должны быть не меньше 150 пикселей'; } $index = time() . '_'; // для уникального имени файла $new_name = $index . translit_space($file['name']); $path_full = $gallery_path . 'full/' . $new_name; $path_min = $gallery_path . 'min/' . $new_name; // добавляем файл на сервер if (copy($file['tmp_name'], $path_full)) { if (img_resize($file['tmp_name'], $path_min, 150, 150)) { //Добавляем в БД // if(isset($_POST['img_name'])){ // $img_name = $_POST['img_name']; // } else{ // $img_name = ''; // } isset($_POST['img_name']) ? $img_name = $_POST['img_name'] : ($img_name = ''); isset($_POST['img_alt']) ? $img_alt = $_POST['img_alt'] : ($img_alt = ''); isset($_POST['img_title']) ? $img_title = $_POST['img_title'] : ($img_title = ''); if (mysqli_query($link, "INSERT Image(Name, FileName, Alt, Title, GalleryID) \n\t\t\t\t\t\t\t\t\tSELECT '{$img_name}', '{$new_name}', '{$img_alt}', '{$img_title}', {$galleryid}")) { return 'Файл <b>"' . $file['name'] . '"</b> успешно загружен'; } else { return 'Ошибка работы с базой данных'; // Код для удаления загруженного и preview-файла // ... } } else { return 'Ошибка при создании preview-файла'; // Код для удаления загруженного файла // ... } } else { return 'Ошибка загрузки файла'; } }
protected function resizeImage($file) { require_once "includes/img_resize.php"; $tmpname = $this->tempdestination; $tmpname .= isset($this->newName) ? $this->newName : $file['name']; $size = 400; $save_dir = "img/temp/thumbs/"; $save_name = "thumb_"; $save_name .= isset($this->newName) ? $this->newName : $file['name']; $resize = img_resize($tmpname, $size, $save_dir, $save_name); if (!$resize) { $this->messages[] = "Gat ekki gert smámynd."; } }
public function createDefaultImages($preset) { if ($preset['is_internal']) { return false; } $default_root = cmsConfig::get('upload_path') . 'default/'; foreach ($this->default_images_types as $image_type) { $file_name = $image_type . '_' . $preset['name'] . '.png'; $original_file = $image_type . '_original.png'; $create = true; // если такой файл есть, смотрим размер изображения, если изменился, удаляем и создаем новый if (file_exists($default_root . $file_name)) { $create = false; $size = getimagesize($default_root . $file_name); // проверяем только заданные в пресете размеры if ($preset['width'] && $preset['width'] != $size[0]) { $create = true; } if ($preset['height'] && $preset['height'] != $size[1]) { $create = true; } if ($create) { @unlink($default_root . $file_name); } } if ($create) { if (!file_exists($default_root . $original_file)) { return false; } if (!isset($preset['height'])) { $preset['height'] = $preset['width']; } img_resize($default_root . $original_file, $default_root . $file_name, $preset['width'], $preset['height'], $preset['is_square'], 30); } return true; } }
$path_parts = pathinfo($realfile); $ext = mb_strtolower($path_parts['extension']); if ($ext != 'jpg' && $ext != 'jpeg' && $ext != 'gif' && $ext != 'png' && $ext != 'bmp') { exit(0); } $lid = $inDB->get_fields('cms_user_photos', 'id>0', 'id', 'id DESC'); $lastid = $lid['id'] + 1; $filename = md5($lastid . $realfile) . '.jpg'; $uploadphoto = $uploaddir . $filename; $uploadthumb['small'] = $uploaddir . 'small/' . $filename; $uploadthumb['medium'] = $uploaddir . 'medium/' . $filename; $source = $_FILES['Filedata']['tmp_name']; $errorCode = $_FILES['Filedata']['error']; if ($inCore->moveUploadedFile($source, $uploadphoto, $errorCode)) { @img_resize($uploadphoto, $uploadthumb['small'], 96, 96, true); @img_resize($uploadphoto, $uploadthumb['medium'], 600, 600, false, false); if ($model->config['watermark']) { @img_add_watermark($uploadthumb['medium']); } @unlink($uploadphoto); $model->addUploadedPhoto($user_id, array('filename' => $realfile, 'imageurl' => $filename)); if (cmsCore::inRequest('upload')) { cmsCore::redirect('/users/' . $inUser->login . '/photos/submit'); } } else { header("HTTP/1.1 500 Internal Server Error"); echo cmsCore::uploadError(); } exit(0); } if ($pdo == 'submitphotos') {
$ext = pathinfo($filename, PATHINFO_EXTENSION); $newName = $Auth->generateCode(20); $data = array('old' => $filename, 'new' => $newName . '.' . $ext, 'small' => $newName . '_s.' . $ext, 'size' => $_FILES['file']['size'], 'status' => -1, 'errorMsg' => ''); $destination = _UPLOAD_RIR . $data['new']; $destinationSmall = _UPLOAD_RIR . $data['small']; if (move_uploaded_file($_FILES['file']['tmp_name'], $destination)) { $rows = array('category', 'src_large', 'src_small', 'oldname', 'newname', 'folder', 'size', 'user'); $queryData = array($_POST['category'], $data['new'], $data['small'], $data['old'], $newName, _UPLOAD_RIR, $data['size'], $_COOKIE['id']); $id = $Db->insert('galary_images', $rows, $queryData); if ($id > 0) { $data['status'] = 1; $data['id'] = $id; } } echo json_encode($data); img_resize($destination, $destinationSmall, 200, 0); } else { $data = array('status' => -1, 'errorMsg' => 'Недостаточно прав'); echo json_encode($data); } /* Функция img_resize(): генерация thumbnails Параметры: $src - имя исходного файла $dest - имя генерируемого файла $width, $height - ширина и высота генерируемого изображения, в пикселях Необязательные параметры: $rgb - цвет фона, по умолчанию - белый $quality - качество генерируемого JPEG, по умолчанию - максимальное (100) ***********************************************************************************/ function img_resize($src, $dest, $width, $height, $rgb = 0xffffff, $quality = 100)
$temp_name=$_SERVER['DOCUMENT_ROOT']."/userfiles/tmp/".$_FILES["filename"]["name"]; // print_r($_SERVER['DOCUMENT_ROOT']); // exit; //перемещаем на сервак файлик if(move_uploaded_file($_FILES["filename"]["tmp_name"],$temp_name)) { //смотрим параметры файла $name_file=$temp_name; $name_files="/userfiles/tmp/".$_FILES["filename"]["name"]; $path_image="../../userfiles/tmp/"; $size = getimagesize($name_file); if (($size[0]<120) && ($size[1]<100)) {$x=$size[0];$y=$size[1];} else {$x=120;$y=100;} //делаем резайз файла под нужные размеры // require ('image_resize.php'); if (img_resize($name_file,$name_file, $x, $y)) { echo "<br><b><p class=blue1 align=center>Преобразование прошло успешно</p></b>"; ?><div align='center'><a href="#" class="blue1" align="center" onClick="image_mag_up('<?echo $name_files;?>','<?echo $_FILES["filename"]["type"];?>'); window.close(); ">Дальше</a></div><? } else echo 'Файл не смог быть преобразован'; } else {echo "Не удалось переместить файл";} } else {echo "<p width='400' height='70' class='blue1'><div align='center' class='mmsel'>ОШИБКА.<br>Выбран файл не подходящего содержимого</p>";?><a href="javascript:history.go(-1)" mce_href="javascript:history.go(-1)" class="blue1">Вернуться назад</a><?} } else echo ("Размер файла превышает три мегабайта"); } else {echo "<p width='400' height='70' class='blue1'><div align='center' class='mmsel'>ОШИБКА.<br>Не выбран файл</p>";?><a href="javascript:history.go(-1)" mce_href="javascript:history.go(-1)" class="blue1">Вернуться назад</a><?} ?>
function users() { header('X-Frame-Options: DENY'); $inCore = cmsCore::getInstance(); $inPage = cmsPage::getInstance(); $inDB = cmsDatabase::getInstance(); $inUser = cmsUser::getInstance(); global $_LANG; $model = new cms_model_users(); // id пользователя $id = cmsCore::request('id', 'int', 0); // логин пользователя $login = cmsCore::strClear(urldecode(cmsCore::request('login', 'html', ''))); $do = $inCore->do; $page = cmsCore::request('page', 'int', 1); $pagetitle = $inCore->getComponentTitle(); if ($model->config['sw_search'] != 2) { $inPage->addPathway($pagetitle, '/users'); } $inPage->setTitle($pagetitle); $inPage->setDescription($pagetitle); // js только авторизованным if ($inUser->id) { $inPage->addHeadJS('components/users/js/profile.js'); $inPage->addHeadJsLang(array('CONFIRM_CLEAN_CAT', 'CHOOSE_RECIPIENT', 'SEND_TO_USER', 'FRIENDSHIP_OFFER', 'STOP_FRIENDLY', 'REALY_STOP_FRIENDLY', 'ENTER_STATUS', 'HAVE_JUST')); } //============================================================================// //========================= Список пользователей ============================// //============================================================================// if ($do == 'view') { // если запрещен просмотр всех пользователей, 404 if ($model->config['sw_search'] == 2) { cmsCore::error404(); } //очищаем поисковые запросы если пришли со другой страницы if (!strstr(cmsCore::getBackURL(), '/users')) { cmsUser::sessionClearAll(); } $stext = array(); // Возможные входные переменные $name = cmsCore::getSearchVar('name'); $city = cmsCore::getSearchVar('city'); $hobby = cmsCore::getSearchVar('hobby'); $gender = cmsCore::getSearchVar('gender'); $orderby = cmsCore::request('orderby', array('karma', 'rating', 'regdate'), 'regdate'); $orderto = cmsCore::request('orderto', array('asc', 'desc'), 'desc'); $age_to = (int) cmsCore::getSearchVar('ageto', 'all'); $age_fr = (int) cmsCore::getSearchVar('agefrom', 'all'); $group_id = cmsCore::request('group_id', 'int', 0); // Флаг о показе только онлайн пользователей if (cmsCore::inRequest('online')) { cmsUser::sessionPut('usr_online', (bool) cmsCore::request('online', 'int')); $page = 1; } $only_online = cmsUser::sessionGet('usr_online'); if ($only_online) { $stext[] = $_LANG['SHOWING_ONLY_ONLINE']; } /////////////////////////////////////// //////////Условия выборки////////////// /////////////////////////////////////// // группа if ($group_id) { $model->whereUserGroupIs($group_id); $link['group'] = '/users/group/' . $group_id; $_LANG['GROUP_SEARCH_NAME'] = cmsUser::getGroupTitle($group_id); } // Добавляем в выборку имя, если оно есть if ($name) { $model->whereNameIs($name); $stext[] = $_LANG['NAME'] . " — " . htmlspecialchars(stripslashes($name)); } // Добавляем в выборку город, если он есть if ($city) { $model->whereCityIs($city); $stext[] = $_LANG['CITY'] . " — " . htmlspecialchars(stripslashes($city)); } // Добавляем в выборку хобби, если есть if ($hobby) { $model->whereHobbyIs($hobby); $stext[] = $_LANG['HOBBY'] . " — " . htmlspecialchars(stripslashes($hobby)); } // Добавляем в выборку пол, если есть if ($gender) { $model->whereGenderIs($gender); if ($gender == 'm') { $stext[] = $_LANG['MALE']; } else { $stext[] = $_LANG['FEMALE']; } } // Добавляем в выборку возраст, более if ($age_fr) { $model->whereAgeFrom($age_fr); $stext[] = $_LANG['NOT_YOUNG'] . " {$age_fr} " . $_LANG['YEARS']; } // Добавляем в выборку возраст, менее if ($age_to) { $model->whereAgeTo($age_to); $stext[] = $_LANG['NOT_OLD'] . " {$age_fr} " . $_LANG['YEARS']; } // Считаем общее количество согласно выборки $total = $model->getUsersCount($only_online); if ($total) { //устанавливаем сортировку $inDB->orderBy($orderby, $orderto); //устанавливаем номер текущей страницы и кол-во пользователей на странице $inDB->limitPage($page, $model->config['users_perpage']); // Загружаем пользователей согласно выборки $users = $model->getUsers($only_online); } else { $inDB->resetConditions(); } $link['latest'] = '/users'; $link['positive'] = '/users/positive.html'; $link['rating'] = '/users/rating.html'; if ($orderby == 'regdate') { $link['selected'] = 'latest'; } if ($orderby == 'karma') { $link['selected'] = 'positive'; } if ($orderby == 'rating') { $link['selected'] = 'rating'; } $pagebar_link = '/users/' . $link['selected'] . '%page%.html'; if ($group_id) { $link['selected'] = 'group'; $pagebar_link = '/users/' . $link['selected'] . '/' . $group_id . '-%page%'; } cmsPage::initTemplate('components', 'com_users_view')->assign('stext', $stext)->assign('orderby', $orderby)->assign('orderto', $orderto)->assign('users', $users)->assign('total', $total)->assign('only_online', $only_online)->assign('gender', $gender)->assign('name', stripslashes($name))->assign('city', stripslashes($city))->assign('hobby', stripslashes($hobby))->assign('age_to', $age_to)->assign('age_fr', $age_fr)->assign('cfg', $model->config)->assign('link', $link)->assign('pagebar', cmsPage::getPagebar($total, $page, $model->config['users_perpage'], $pagebar_link))->display('com_users_view.tpl'); } //============================================================================// //======================= Редактирование профиля ============================// //============================================================================// if ($do == 'editprofile') { // неавторизованным, не владельцам и не админам тут делать нечего if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) { cmsCore::error404(); } $usr = $model->getUser($id); if (!$usr) { cmsCore::error404(); } $opt = cmsCore::request('opt', 'str', 'edit'); // главного админа может редактировать только он сам if ($id == 1 && $inUser->id != $id) { cmsCore::error404(); } // показываем форму if ($opt == 'edit') { $inPage->setTitle($_LANG['CONFIG_PROFILE'] . ' - ' . $usr['nickname']); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['CONFIG_PROFILE']); $private_forms = array(); if (isset($model->config['privforms'])) { if (is_array($model->config['privforms'])) { foreach ($model->config['privforms'] as $form_id) { $private_forms = array_merge($private_forms, cmsForm::getFieldsHtml($form_id, $usr['formsdata'])); } } } cmsPage::initTemplate('components', 'com_users_edit_profile')->assign('opt', $opt)->assign('usr', $usr)->assign('private_forms', $private_forms)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('cfg', $model->config)->display('com_users_edit_profile.tpl'); return; } // Если сохраняем профиль if ($opt == 'save') { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $errors = false; $users['nickname'] = cmsCore::request('nickname', 'str'); if (mb_strlen($users['nickname']) < 2) { cmsCore::addSessionMessage($_LANG['SHORT_NICKNAME'], 'error'); $errors = true; } cmsCore::loadModel('registration'); $modreg = new cms_model_registration(); if (!$inUser->is_admin) { if ($modreg->getBadNickname($users['nickname'])) { cmsCore::addSessionMessage($_LANG['ERR_NICK_EXISTS'], 'error'); $errors = true; } } $profiles['gender'] = cmsCore::request('gender', 'str'); $profiles['city'] = cmsCore::request('city', 'str'); if (mb_strlen($profiles['city']) > 50) { cmsCore::addSessionMessage($_LANG['LONG_CITY_NAME'], 'error'); $errors = true; } $users['email'] = cmsCore::request('email', 'email'); if (!$users['email']) { cmsCore::addSessionMessage($_LANG['REALY_ADRESS_EMAIL'], 'error'); $errors = true; } if ($usr['email'] != $users['email']) { $is_set_email = $inDB->get_field('cms_users', "email='{$users['email']}'", 'id'); if ($is_set_email) { cmsCore::addSessionMessage($_LANG['ADRESS_EMAIL_IS_BUSY'], 'error'); $errors = true; } else { // формируем токен $token = md5($usr['email'] . uniqid() . microtime()); $inDB->insert('cms_users_activate', array('user_id' => $inUser->id, 'pubdate' => date("Y-m-d H:i:s"), 'code' => $token)); $codelink = HOST . '/users/change_email/' . $token . '/' . $users['email']; // по старому адресу высылаем письмо с подтверждением $letter = cmsCore::getLanguageTextFile('change_email'); $letter = str_replace(array('{nickname}', '{codelink}'), array($inUser->nickname, $codelink), $letter); cmsCore::mailText($usr['email'], '', $letter); cmsCore::addSessionMessage(sprintf($_LANG['YOU_CHANGE_EMAIL'], $usr['email']), 'info'); // email не меняем $users['email'] = $usr['email']; } } $profiles['showphone'] = cmsCore::request('showphone', 'int', 0); $profiles['showmail'] = cmsCore::request('showmail', 'int'); $profiles['email_newmsg'] = cmsCore::request('email_newmsg', 'int'); $profiles['showbirth'] = cmsCore::request('showbirth', 'int'); $profiles['description'] = cmsCore::request('description', 'str', ''); $users['birthdate'] = (int) $_REQUEST['birthdate']['year'] . '-' . (int) $_REQUEST['birthdate']['month'] . '-' . (int) $_REQUEST['birthdate']['day']; $profiles['signature'] = $inDB->escape_string(cmsCore::badTagClear(cmsCore::request('signature', 'html', ''))); $profiles['signature_html'] = $inDB->escape_string(cmsCore::parseSmiles(cmsCore::request('signature', 'html', ''), true)); $profiles['allow_who'] = cmsCore::request('allow_who', 'str'); if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['allow_who'])) { $errors = true; } $users['icq'] = cmsCore::request('icq', 'str', ''); $profiles['showicq'] = cmsCore::request('showicq', 'int'); $profiles['cm_subscribe'] = cmsCore::request('cm_subscribe', 'str'); if (!preg_match('/^([a-zA-Z]+)$/ui', $profiles['cm_subscribe'])) { $errors = true; } $users['phone'] = cmsCore::request('phone', 'int', 0); // получаем данные форм $profiles['formsdata'] = ''; if (isset($model->config['privforms'])) { if (is_array($model->config['privforms'])) { foreach ($model->config['privforms'] as $form_id) { $form_input = cmsForm::getFieldsInputValues($form_id); $profiles['formsdata'] .= $inDB->escape_string(cmsCore::arrayToYaml($form_input['values'])); // Проверяем значения формы foreach ($form_input['errors'] as $field_error) { if ($field_error) { cmsCore::addSessionMessage($field_error, 'error'); $errors = true; } } } } } if ($errors) { cmsCore::redirectBack(); } $inDB->update('cms_user_profiles', cmsCore::callEvent('UPDATE_USER_PROFILES', array_merge(array('id' => $usr['pid'], 'user_id' => $usr['id']), $profiles)), $usr['pid']); $inDB->update('cms_users', cmsCore::callEvent('UPDATE_USER_USERS', array_merge(array('id' => $usr['id']), $users)), $usr['id']); cmsCore::addSessionMessage($_LANG['PROFILE_SAVED'], 'info'); cmsCore::redirect(cmsUser::getProfileURL($usr['login'])); } if ($opt == 'changepass') { $errors = false; $oldpass = cmsCore::request('oldpass', 'str'); $newpass = cmsCore::request('newpass', 'str'); $newpass2 = cmsCore::request('newpass2', 'str'); if ($inUser->password != md5($oldpass)) { cmsCore::addSessionMessage($_LANG['OLD_PASS_WRONG'], 'error'); $errors = true; } if ($newpass != $newpass2) { cmsCore::addSessionMessage($_LANG['WRONG_PASS'], 'error'); $errors = true; } if ($oldpass && $newpass && $newpass2 && mb_strlen($newpass) < 6) { cmsCore::addSessionMessage($_LANG['PASS_SHORT'], 'error'); $errors = true; } if ($errors) { cmsCore::redirectBack(); } cmsCore::callEvent('UPDATE_USER_PASSWORD', array('user_id' => $usr['id'], 'oldpass' => $oldpass, 'newpass' => $newpass)); $sql = "UPDATE cms_users SET password='******' WHERE id = '{$id}' AND password='******'"; $inDB->query($sql); cmsCore::addSessionMessage($_LANG['PASS_CHANGED'], 'info'); cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } } //============================================================================// //============================= Просмотр профиля ============================// //============================================================================// if ($do == 'profile') { $inPage->addHeadJsLang(array('NEW_POST_ON_WALL', 'CONFIRM_DEL_POST_ON_WALL')); // если просмотр профиля гостям запрещен if (!$inUser->id && !$model->config['sw_guest']) { cmsUser::goToLogin(); } if (is_numeric($login)) { cmsCore::error404(); } $usr = $model->getUser($login); if (!$usr) { cmsCore::error404(); } $myprofile = $inUser->id == $usr['id']; $inPage->setTitle($usr['nickname']); $inPage->addPathway($usr['nickname']); // просмотр профиля запрещен if (!cmsUser::checkUserContentAccess($usr['allow_who'], $usr['id'])) { cmsPage::initTemplate('components', 'com_users_not_allow')->assign('is_auth', $inUser->id)->assign('usr', $usr)->display('com_users_not_allow.tpl'); return; } // Профиль удален if ($usr['is_deleted']) { cmsPage::initTemplate('components', 'com_users_deleted.tpl')->assign('usr', $usr)->assign('is_admin', $inUser->is_admin)->assign('others_active', $inDB->rows_count('cms_users', "login='******'login']}' AND is_deleted=0", 1))->display('com_users_deleted.tpl'); return; } // Данные о друзьях $usr['friends_total'] = cmsUser::getFriendsCount($usr['id']); $usr['friends'] = cmsUser::getFriends($usr['id']); // очищать сессию друзей если в своем профиле и количество друзей из базы не совпадает с количеством друзей в сессии if ($myprofile && sizeof($usr['friends']) != $usr['friends_total']) { cmsUser::clearSessionFriends(); } // обрезаем список $usr['friends'] = array_slice($usr['friends'], 0, 6); // выясняем друзья ли мы с текущим пользователем $usr['isfriend'] = !$myprofile ? cmsUser::isFriend($usr['id']) : false; // награды пользователя $usr['awards'] = $model->config['sw_awards'] ? $model->getUserAwards($usr['id']) : false; // стена if ($model->config['sw_wall']) { $inDB->limitPage(1, $model->config['wall_perpage']); $usr['wall_html'] = cmsUser::getUserWall($usr['id'], 'users', $myprofile, $inUser->is_admin); } // можно ли пользователю изменять карму $usr['can_change_karma'] = $model->isUserCanChangeKarma($usr['id']) && $inUser->id; // Фотоальбомы пользователя if ($model->config['sw_photo']) { $usr['albums'] = $model->getPhotoAlbums($usr['id'], $usr['isfriend'], !$inCore->isComponentEnable('photos')); $usr['albums_total'] = sizeof($usr['albums']); $usr['albums_show'] = 6; if ($usr['albums_total'] > $usr['albums_show']) { array_splice($usr['albums'], $usr['albums_show']); } } $usr['board_count'] = $model->config['sw_board'] ? $inDB->rows_count('cms_board_items', "user_id='{$usr['id']}' AND published=1") : 0; $usr['comments_count'] = $model->config['sw_comm'] ? $inDB->rows_count('cms_comments', "user_id='{$usr['id']}' AND published=1") : 0; $usr['forum_count'] = $model->config['sw_forum'] ? $inDB->rows_count('cms_forum_posts', "user_id = '{$usr['id']}'") : 0; $usr['files_count'] = $model->config['sw_files'] ? $inDB->rows_count('cms_user_files', "user_id = '{$usr['id']}'") : 0; $cfg_reg = $inCore->loadComponentConfig('registration'); $usr['invites_count'] = $inUser->id && $myprofile && $cfg_reg['reg_type'] == 'invite' ? $model->getUserInvitesCount($inUser->id) : 0; $usr['blog'] = $model->config['sw_blogs'] ? $inDB->get_fields('cms_blogs', "user_id = '{$usr['id']}' AND owner = 'user'", 'title, seolink') : false; $usr['form_fields'] = array(); if (is_array($model->config['privforms'])) { foreach ($model->config['privforms'] as $form_id) { $usr['form_fields'] = array_merge($usr['form_fields'], cmsForm::getFieldsValues($form_id, $usr['formsdata'])); } } if ($usr['city']) { cmsCore::loadModel('geo'); $geo = new cms_model_geo(); $city_parents = $geo->getCityParents($usr['city']); if ($city_parents) { $usr['country'] = $city_parents['country_name']; } } $plugins = $model->getPluginsOutput($usr); cmsPage::initTemplate('components', 'com_users_profile.tpl')->assign('usr', $usr)->assign('plugins', $plugins)->assign('cfg', $model->config)->assign('myprofile', $myprofile)->assign('cfg_forum', $inCore->loadComponentConfig('forum'))->assign('is_admin', $inUser->is_admin)->assign('is_auth', $inUser->id)->display('com_users_profile.tpl'); } //============================================================================// //============================= Список сообщений ============================// //============================================================================// if ($do == 'messages') { if (!$model->config['sw_msg']) { cmsCore::error404(); } if (!$inUser->id || $inUser->id != $id && !$inUser->is_admin) { cmsUser::goToLogin(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $inPage->setTitle($_LANG['MY_MESS']); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['MY_MESS'], '/users/' . $id . '/messages.html'); include 'components/users/messages.php'; } //============================================================================// //=========================== Отправка сообщения ============================// //============================================================================// if ($do == 'sendmessage') { if (!$model->config['sw_msg']) { cmsCore::halt(); } if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$inUser->id || $inUser->id == $id && !cmsCore::inRequest('massmail') && !cmsCore::request('send_to_group', 'int', 0)) { cmsCore::halt(); } if (!cmsCore::inRequest('gosend')) { $replyid = cmsCore::request('replyid', 'int', 0); if ($replyid) { $msg = $model->getReplyMessage($replyid, $inUser->id); if (!$msg) { cmsCore::halt(); } } $inPage->setRequestIsAjax(); cmsPage::initTemplate('components', 'com_users_messages_add')->assign('msg', isset($msg) ? $msg : array())->assign('is_reply_user', $replyid)->assign('id', $id)->assign('bbcodetoolbar', cmsPage::getBBCodeToolbar('message'))->assign('smilestoolbar', cmsPage::getSmilesPanel('message'))->assign('groups', $inUser->is_admin ? cmsUser::getGroups(true) : array())->assign('friends', cmsUser::getFriends($inUser->id))->assign('id_admin', $inUser->is_admin)->display('com_users_messages_add.tpl'); cmsCore::jsonOutput(array('error' => false, 'html' => ob_get_clean())); } if (cmsCore::inRequest('gosend')) { // Кому отправляем $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::halt(); } $message = cmsCore::parseSmiles(cmsCore::request('message', 'html', ''), true); if (mb_strlen($message) < 2) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ERR_SEND_MESS'])); } if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $output = cmsCore::callEvent('USER_SEND_MESSEDGE', array('text' => $message, 'to_id' => $id)); $message = $output['text']; $id = $output['to_id']; $send_to_group = cmsCore::request('send_to_group', 'int', 0); $group_id = cmsCore::request('group_id', 'int', 0); // // Обычная отправка (1 получатель) // if (!cmsCore::inRequest('massmail') && !$send_to_group) { //отправляем сообщение $msg_id = cmsUser::sendMessage($inUser->id, $id, $message); // отправляем уведомление на email если нужно $model->sendNotificationByEmail($id, $inUser->id, $msg_id); cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['SEND_MESS_OK'])); } // // далее идут массовые рассылки, доступные только админам // if (!$inUser->is_admin) { cmsCore::halt(); } // отправить всем: получаем список всех пользователей if (cmsCore::inRequest('massmail')) { $userlist = cmsUser::getAllUsers(); // проверяем что есть кому отправлять if (!$userlist) { cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ERR_SEND_MESS'])); } $count = array(); // отправляем всем по списку foreach ($userlist as $usr) { $count[] = cmsUser::sendMessage(USER_MASSMAIL, $usr['id'], $message); } cmsCore::jsonOutput(array('error' => false, 'text' => sprintf($_LANG['SEND_MESS_ALL_OK'], sizeof($count)))); } // отправить группе: получаем список членов группы if ($send_to_group) { $count = cmsUser::sendMessageToGroup(USER_MASSMAIL, $group_id, $message); $success_msg = sprintf($_LANG['SEND_MESS_GROUP_OK'], $count, cmsUser::getGroupTitle($group_id)); cmsCore::jsonOutput(array('error' => false, 'text' => $success_msg)); } } } //============================================================================// //============================= Удаление сообщения ==========================// //============================================================================// if ($do == 'delmessage') { if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$model->config['sw_msg']) { cmsCore::halt(); } if (!$inUser->id) { cmsCore::halt(); } $msg = $inDB->get_fields('cms_user_msg', "id='{$id}'", '*'); if (!$msg) { cmsCore::halt(); } $can_delete = $inUser->id == $msg['to_id'] || $inUser->id == $msg['from_id'] ? true : false; if (!$can_delete && !$inUser->is_admin) { cmsCore::halt(); } // Сообщения с from_id < 0 if ($msg['from_id'] < 0) { $inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1"); $info_text = $_LANG['MESS_NOTICE_DEL_OK']; } // мне сообщение от пользователя if ($msg['to_id'] == $inUser->id && $msg['from_id'] > 0) { $inDB->query("UPDATE cms_user_msg SET to_del=1 WHERE id='{$id}'"); $info_text = $_LANG['MESS_DEL_OK']; } // от меня сообщение if ($msg['from_id'] == $inUser->id && !$msg['is_new']) { $inDB->query("UPDATE cms_user_msg SET from_del=1 WHERE id='{$id}'"); $info_text = $_LANG['MESS_DEL_OK']; } // отзываем сообщение if ($msg['from_id'] == $inUser->id && $msg['is_new']) { $inDB->query("DELETE FROM cms_user_msg WHERE id = '{$id}' LIMIT 1"); $info_text = $_LANG['MESS_BACK_OK']; } // удаляем сообщения, которые удалены с двух сторон $inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1"); cmsCore::jsonOutput(array('error' => false, 'text' => $info_text)); } //============================================================================// //=========================== Удаление сообщений ============================// //============================================================================// if ($do == 'delmessages') { if (!$model->config['sw_msg']) { cmsCore::error404(); } if ($inUser->id != $id && !$inUser->is_admin) { cmsCore::error404(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $opt = cmsCore::request('opt', 'str', 'in'); if ($opt == 'notices') { $inDB->query("DELETE FROM cms_user_msg WHERE to_id = '{$id}' AND from_id < 0"); } else { $del_flag = $opt == 'in' ? 'to_del' : 'from_del'; $id_flag = $opt == 'in' ? 'to_id' : 'from_id'; $inDB->query("UPDATE cms_user_msg SET {$del_flag}=1 WHERE {$id_flag}='{$id}'"); $inDB->query("DELETE FROM cms_user_msg WHERE to_del=1 AND from_del=1"); } cmsCore::addSessionMessage($_LANG['MESS_ALL_DEL_OK'], 'info'); cmsCore::redirectBack(); } //============================================================================// //============================= Загрузка аватара ============================// //============================================================================// if ($do == 'avatar') { if (!$inUser->id || $inUser->id && $inUser->id != $id) { cmsCore::error404(); } $inPage->setTitle($_LANG['LOAD_AVATAR']); $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); $inPage->addPathway($_LANG['LOAD_AVATAR']); if (cmsCore::inRequest('upload')) { cmsCore::loadClass('upload_photo'); $inUploadPhoto = cmsUploadPhoto::getInstance(); // Выставляем конфигурационные параметры $inUploadPhoto->upload_dir = PATH . '/images/'; $inUploadPhoto->dir_medium = 'users/avatars/'; $inUploadPhoto->dir_small = 'users/avatars/small/'; $inUploadPhoto->small_size_w = $model->config['smallw']; $inUploadPhoto->medium_size_w = $model->config['medw']; $inUploadPhoto->medium_size_h = $model->config['medh']; $inUploadPhoto->is_watermark = false; $inUploadPhoto->input_name = 'picture'; $file = $inUploadPhoto->uploadPhoto($inUser->orig_imageurl); if (!$file) { cmsCore::addSessionMessage('<strong>' . $_LANG['ERROR'] . ':</strong> ' . cmsCore::uploadError() . '!', 'error'); cmsCore::redirect('/users/' . $id . '/avatar.html'); } $sql = "UPDATE cms_user_profiles SET imageurl = '{$file['filename']}' WHERE user_id = '{$id}' LIMIT 1"; $inDB->query($sql); // очищаем предыдущую запись о смене аватара cmsActions::removeObjectLog('add_avatar', $id); // выводим сообщение в ленту cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava"> <img border="0" src="/images/users/avatars/small/' . $file['filename'] . '"> </a>')); cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } else { cmsPage::initTemplate('components', 'com_users_avatar_upload')->assign('id', $id)->display('com_users_avatar_upload.tpl'); } } //============================================================================// //============================= Библиотека аватаров =========================// //============================================================================// if ($do == 'select_avatar') { if (!$inUser->id || $inUser->id && $inUser->id != $id) { cmsCore::error404(); } $avatars_dir = PATH . "/images/users/avatars/library"; $avatars_dir_rel = "/images/users/avatars/library"; $avatars_dir_handle = opendir($avatars_dir); $avatars = array(); while ($nextfile = readdir($avatars_dir_handle)) { if ($nextfile != '.' && $nextfile != '..' && (mb_strstr($nextfile, '.gif') || mb_strstr($nextfile, '.jpg') || mb_strstr($nextfile, '.jpeg') || mb_strstr($nextfile, '.png'))) { $avatars[] = $nextfile; } } closedir($avatars_dir_handle); if (!cmsCore::inRequest('set_avatar')) { $inPage->setTitle($_LANG['SELECT_AVATAR']); $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); $inPage->addPathway($_LANG['SELECT_AVATAR']); $perpage = 20; $total = sizeof($avatars); $avatars = array_slice($avatars, ($page - 1) * $perpage, $perpage); cmsPage::initTemplate('components', 'com_users_avatars')->assign('userid', $id)->assign('avatars', $avatars)->assign('avatars_dir', $avatars_dir_rel)->assign('page', $page)->assign('perpage', $perpage)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, '/users/%user_id%/select-avatar-%page%.html', array('user_id' => $id)))->display('com_users_avatars.tpl'); } else { $avatar_id = cmsCore::request('avatar_id', 'int', 0); $file = $avatars[$avatar_id]; if (file_exists($avatars_dir . '/' . $file)) { $uploaddir = PATH . '/images/users/avatars/'; $realfile = $file; $filename = md5($realfile . '-' . $id . '-' . time()) . '.jpg'; $uploadfile = $avatars_dir . '/' . $realfile; $uploadavatar = $uploaddir . $filename; $uploadthumb = $uploaddir . 'small/' . $filename; if ($inUser->orig_imageurl && $inUser->orig_imageurl != 'nopic.jpg') { @unlink(PATH . '/images/users/avatars/' . $inUser->orig_imageurl); @unlink(PATH . '/images/users/avatars/small/' . $inUser->orig_imageurl); } cmsCore::includeGraphics(); copy($uploadfile, $uploadavatar); @img_resize($uploadfile, $uploadthumb, $model->config['smallw'], $model->config['smallw']); $sql = "UPDATE cms_user_profiles SET imageurl = '{$filename}' WHERE user_id = '{$id}' LIMIT 1"; $inDB->query($sql); // очищаем предыдущую запись о смене аватара cmsActions::removeObjectLog('add_avatar', $id); // выводим сообщение в ленту cmsActions::log('add_avatar', array('object' => '', 'object_url' => '', 'object_id' => $id, 'target' => '', 'target_url' => '', 'description' => '<a href="' . cmsUser::getProfileURL($inUser->login) . '" class="act_usr_ava"> <img border="0" src="/images/users/avatars/small/' . $filename . '"> </a>')); } cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } } //============================================================================// //======================== Работа с фотографиями ============================// //============================================================================// if ($do == 'photos') { if (!$model->config['sw_photo']) { cmsCore::error404(); } $pdo = cmsCore::request('pdo', 'str', ''); include 'components/users/photos.php'; } //============================================================================// //============================= Друзья пользователя =========================// //============================================================================// if ($do == 'friendlist') { if (!$inUser->id) { cmsUser::goToLogin(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $perpage = 10; $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['FRIENDS']); $inPage->setTitle($_LANG['FRIENDS']); // все друзья $friends = cmsUser::getFriends($usr['id']); // их общее количество $total = count($friends); // получаем только нужных на странице $friends = array_slice($friends, ($page - 1) * $perpage, $perpage); cmsPage::initTemplate('components', 'com_users_friends')->assign('friends', $friends)->assign('usr', $usr)->assign('myprofile', $id == $inUser->id)->assign('total', $total)->assign('pagebar', cmsPage::getPagebar($total, $page, $perpage, 'javascript:centerLink(\'/users/' . $id . '/friendlist%page%.html\')'))->display('com_users_friends.tpl'); } //============================================================================// //============================= Запрос на дружбу ============================// //============================================================================// if ($do == 'addfriend') { if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$inUser->id || $inUser->id == $id) { cmsCore::halt(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::halt(); } cmsUser::clearSessionFriends(); if (cmsUser::isFriend($id)) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['YOU_ARE_BE_FRIENDS'])); } // проверяем был ли ранее запрос на дружбу // если был, то делаем accept запросу $is_need_accept_id = cmsUser::getFriendFieldId($id, 0, 'to_me'); if ($is_need_accept_id) { $inDB->query("UPDATE cms_user_friends SET is_accepted = 1 WHERE id = '{$is_need_accept_id}'"); //регистрируем событие cmsActions::log('add_friend', array('object' => $inUser->nickname, 'user_id' => $usr['id'], 'object_url' => cmsUser::getProfileURL($inUser->login), 'object_id' => $is_need_accept_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => '')); cmsCore::callEvent('USER_ACCEPT_FRIEND', $id); cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_FRIEND_OK'] . $usr['nickname'])); } // Если пользователь пытается добавиться в друзья к // пользователю, к которому уже отправил запрос if (cmsUser::getFriendFieldId($id, 0, 'from_me')) { cmsCore::jsonOutput(array('error' => true, 'text' => $_LANG['ADD_TO_FRIEND_SEND_ERR'])); } // Мы вообще не друзья с пользователем, создаем запрос cmsUser::addFriend($id); cmsUser::sendMessage(USER_UPDATER, $id, sprintf($_LANG['RECEIVED_F_O'], cmsUser::getProfileLink($inUser->login, $inUser->nickname), '<a class="ajaxlink" href="javascript:void(0)" onclick="users.acceptFriend(' . $inUser->id . ', this);return false;">' . $_LANG['ACCEPT'] . '</a>', '<a class="ajaxlink" href="javascript:void(0)" onclick="users.rejectFriend(' . $inUser->id . ', this);return false;">' . $_LANG['REJECT'] . '</a>')); cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['ADD_TO_FRIEND_SEND'])); } //============================================================================// //============================= Прекращение дружбы ==========================// //============================================================================// if ($do == 'delfriend') { if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$inUser->id || $inUser->id == $id) { cmsCore::halt(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } if (cmsUser::getFriendFieldId($id)) { $is_accepted_friend = cmsUser::isFriend($id); if (cmsUser::deleteFriend($id)) { // Если подтвержденный друг if ($is_accepted_friend) { cmsCore::jsonOutput(array('error' => false, 'text' => $usr['nickname'] . $_LANG['DEL_FRIEND'])); } else { cmsCore::jsonOutput(array('error' => false, 'text' => $_LANG['REJECT_FRIEND'] . $usr['nickname'])); } } else { cmsCore::halt(); } } else { cmsCore::halt(); } } //============================================================================// //============================= История кармы ===============================// //============================================================================// if ($do == 'karma') { $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $inPage->setTitle($_LANG['KARMA_HISTORY']); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['KARMA_HISTORY']); cmsPage::initTemplate('components', 'com_users_karma')->assign('karma', $model->getUserKarma($usr['id']))->assign('usr', $usr)->display('com_users_karma.tpl'); } //============================================================================// //============================= Изменение кармы =============================// //============================================================================// if ($do == 'votekarma') { if ($_SERVER['HTTP_X_REQUESTED_WITH'] != 'XMLHttpRequest') { cmsCore::halt(); } if (!$inUser->id) { cmsCore::halt(); } $points = cmsCore::request('sign', 'str', 'plus') == 'plus' ? 1 : -1; $to = cmsCore::request('to', 'int', 0); $user = cmsUser::getShortUserData($to); if (!$user) { cmsCore::halt(); } if (!$model->isUserCanChangeKarma($to)) { cmsCore::halt(); } cmsCore::halt(cmsUser::changeKarmaUser($to, $points)); } //============================================================================// //======================= Наградить пользователя ============================// //============================================================================// if ($do == 'giveaward') { if (!$inUser->is_admin) { cmsCore::error404(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $inPage->setTitle($_LANG['AWARD_USER']); $inPage->addPathway($usr['nickname'], cmsUser::getProfileURL($usr['login'])); $inPage->addPathway($_LANG['AWARD']); if (!cmsCore::inRequest('gosend')) { cmsPage::initTemplate('components', 'com_users_awards_give')->assign('usr', $usr)->assign('awardslist', cmsUser::getAwardsImages())->display('com_users_awards_give.tpl'); } else { $award['title'] = cmsCore::request('title', 'str', $_LANG['AWRD']); $award['description'] = cmsCore::request('description', 'str', ''); $award['imageurl'] = cmsCore::request('imageurl', 'str', ''); $award['from_id'] = $inUser->id; $award['id'] = 0; cmsUser::giveAward($award, $id); cmsCore::redirect(cmsUser::getProfileURL($usr['login'])); } } //============================================================================// //============================= Удаление награды ============================// //============================================================================// if ($do == 'delaward') { $aw = $inDB->get_fields('cms_user_awards', "id = '{$id}'", '*'); if (!$aw) { cmsCore::error404(); } if (!$inUser->id || $inUser->id != $aw['user_id'] && !$inUser->is_admin) { cmsCore::error404(); } $inDB->delete('cms_user_awards', "id = '{$id}'", 1); cmsActions::removeObjectLog('add_award', $id); cmsCore::redirectBack(); } //============================================================================// //============================= Награды на сайте ============================// //============================================================================// if ($do == 'awardslist') { $inPage->setTitle($_LANG['SITE_AWARDS']); $inPage->addPathway($_LANG['SITE_AWARDS']); $awards = cmsUser::getAutoAwards(); if (!$awards) { cmsCore::error404(); } foreach ($awards as $aw) { //Перебираем все награды и ищем пользователей с текущей наградой $sql = "SELECT u.id as id, u.nickname as nickname, u.login as login, IFNULL(p.gender, 'm') as gender\r\n FROM cms_user_awards aw\r\n LEFT JOIN cms_users u ON u.id = aw.user_id\r\n LEFT JOIN cms_user_profiles p ON p.user_id = u.id\r\n WHERE aw.award_id = '{$aw['id']}'"; $rs = $inDB->query($sql); $aw['uhtml'] = ''; if ($inDB->num_rows($rs)) { while ($user = $inDB->fetch_assoc($rs)) { $aw['uhtml'] .= cmsUser::getGenderLink($user['id'], $user['nickname'], $user['gender'], $user['login']) . ', '; } $aw['uhtml'] = rtrim($aw['uhtml'], ', '); } else { $aw['uhtml'] = $_LANG['NOT_USERS_WITH_THIS_AWARD']; } $aws[] = $aw; } cmsPage::initTemplate('components', 'com_users_awards_site')->assign('aws', $aws)->display('com_users_awards_site.tpl'); } //============================================================================// //============================= Удаление профиля ============================// //============================================================================// if ($do == 'delprofile') { // неавторизованным тут делать нечего if (!$inUser->id) { cmsCore::error404(); } // есть ли удаляемый профиль $data = cmsUser::getShortUserData($id); if (!$data) { cmsCore::error404(); } // владелец профиля или админ if ($inUser->is_admin) { // могут ли администраторы удалять профиль if (!cmsUser::isAdminCan('admin/users', cmsUser::getAdminAccess())) { cmsCore::error404(); } // администратор сам себя не удалит if ($inUser->id == $data['id']) { cmsCore::error404(); } } else { // удаляем только свой профиль if ($inUser->id != $data['id']) { cmsCore::error404(); } } if (isset($_POST['csrf_token'])) { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $model->deleteUser($id); if (!$inUser->is_admin) { session_destroy(); cmsCore::redirect('/logout'); } else { cmsCore::addSessionMessage($_LANG['DELETING_PROFILE_OK'], 'info'); cmsCore::redirect('/users'); } } else { $inPage->setTitle($_LANG['DELETING_PROFILE']); $inPage->addPathway($data['nickname'], $inUser->getProfileURL($data['login'])); $inPage->addPathway($_LANG['DELETING_PROFILE']); $confirm['title'] = $_LANG['DELETING_PROFILE']; $confirm['text'] = '<p>' . $_LANG['REALLY_DEL_PROFILE'] . '</p>'; $confirm['action'] = '/users/' . $id . '/delprofile.html'; $confirm['yes_button'] = array(); $confirm['yes_button']['type'] = 'submit'; cmsPage::initTemplate('components', 'action_confirm.tpl')->assign('confirm', $confirm)->display('action_confirm.tpl'); } } //============================================================================// //============================ Восстановить профиль =========================// //============================================================================// if ($do == 'restoreprofile') { if (!$inUser->is_admin) { cmsCore::error404(); } $usr = cmsUser::getShortUserData($id); if (!$usr) { cmsCore::error404(); } $inDB->query("UPDATE cms_users SET is_deleted = 0 WHERE id = '{$id}'"); cmsCore::redirectBack(); } //============================================================================// //============================= Файлы пользователей =========================// //============================================================================// if ($do == 'files') { if (!$model->config['sw_files']) { cmsCore::error404(); } $fdo = cmsCore::request('fdo', 'str', ''); include 'components/users/files.php'; } //============================================================================// //================================ Инвайты =================================// //============================================================================// if ($do == 'invites') { $reg_cfg = $inCore->loadComponentConfig('registration'); if ($reg_cfg['reg_type'] != 'invite') { cmsCore::error404(); } $invites_count = $model->getUserInvitesCount($inUser->id); if (!$invites_count) { cmsCore::error404(); } if (!cmsCore::inRequest('send_invite')) { $inPage->addPathway($inUser->nickname, cmsUser::getProfileURL($inUser->login)); $inPage->addPathway($_LANG['MY_INVITES']); cmsPage::initTemplate('components', 'com_users_invites')->assign('invites_count', $invites_count)->display('com_users_invites.tpl'); return; } if (cmsCore::inRequest('send_invite')) { if (!cmsUser::checkCsrfToken()) { cmsCore::error404(); } $invite_email = cmsCore::request('invite_email', 'email', ''); if (!$invite_email) { cmsCore::redirectBack(); } if ($model->sendInvite($inUser->id, $invite_email)) { cmsCore::addSessionMessage(sprintf($_LANG['INVITE_SENDED'], $invite_email), 'success'); } else { cmsCore::addSessionMessage($_LANG['INVITE_ERROR'], 'error'); } cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } } if ($do == 'change_email') { if (!$inUser->id) { cmsUser::goToLogin(); } $email = cmsCore::request('email', 'email', ''); $token = cmsCore::request('token', 'str', ''); // не занят ли email $is_email = $inDB->get_field('cms_users', "email='{$email}'", 'id'); if ($is_email || !$email || !$token) { cmsCore::error404(); } // проверяем токен $valid_id = $inDB->get_field('cms_users_activate', "code='{$token}' AND user_id = '{$inUser->id}'", 'id'); if (!$valid_id) { cmsCore::error404(); } $inDB->delete('cms_users_activate', "id = '{$valid_id}'"); // Сохраняем новый email $inDB->update('cms_users', array('email' => $email), $inUser->id); cmsCore::addSessionMessage($_LANG['NEW_EMAIL_SAVED'], 'success'); cmsCore::redirect(cmsUser::getProfileURL($inUser->login)); } /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// }
private function createUser($profile) { $inCore = cmsCore::getInstance(); $inDB = cmsDatabase::getInstance(); $inUser = cmsUser::getInstance(); cmsCore::loadClass('actions'); $nickname = $email = $birthdate = ''; $advanced = array(); // для вконтакте поолучаем большой аватар, статус и город if (strstr($profile->identity, '//vk.com')) { $vk = $this->callVk($profile->uid); if ($vk) { $advanced = array('city' => $vk->city->title, 'status' => $vk->status, 'photo' => $vk->photo_max_orig); } } if (!empty($profile->name->full_name)) { // указано полное имя $nickname = $profile->name->full_name; } elseif (!empty($profile->name->first_name)) { // указано имя и фамилия по-отдельности $nickname = $profile->name->first_name; if (!empty($profile->name->last_name)) { $nickname .= ' ' . $profile->name->last_name; } } elseif (preg_match('/^(http:\\/\\/)([a-zA-Z0-9\\-_]+)\\.([a-zA-Z0-9\\-_]+)\\.([a-zA-Z]{2,6})([\\/]?)$/i', $profile->identity)) { // не указано имя, но передан идентификатор в виде домена $nickname = parse_url($profile->identity, PHP_URL_HOST); } $nickname = cmsCore::strClear($nickname); $login = substr(str_replace('-', '', cmsCore::strToURL($nickname)), 0, 15); if (!$nickname || !$login) { // не указано вообще ничего $max = $inDB->get_fields('cms_users', 'id>0', 'id', 'id DESC'); $nickname = $login = '******' . ($max['id'] + 1); } // генерируем пароль $pass = md5(substr(md5(microtime() . uniqid()), 0, 8)); if (!empty($profile->email)) { $email = cmsCore::strClear($profile->email); $already_email = $inDB->get_field('cms_users', "email='{$email}' AND is_deleted=0", 'email'); if ($already_email == $email) { cmsCore::redirect('/auth/error.html'); } } if (!empty($profile->dob)) { $birthdate = cmsCore::strClear($profile->dob); } // проверяем занятость логина if ($inDB->get_field('cms_users', "login='******' AND is_deleted=0", 'login') == $login) { // если логин занят, добавляем к нему ID $max = $inDB->get_fields('cms_users', 'id>0', 'id', 'id DESC'); $login .= $max['id'] + 1; } $user_array = cmsCore::callEvent('USER_BEFORE_REGISTER', array('status' => !empty($advanced['status']) ? $advanced['status'] : '', 'status_date' => date('Y-m-d H:i:s'), 'login' => $login, 'nickname' => $nickname, 'password' => $pass, 'email' => $email, 'birthdate' => $birthdate, 'group_id' => $this->reg_model->config['default_gid'], 'regdate' => date('Y-m-d H:i:s'), 'logdate' => date('Y-m-d H:i:s'), 'invited_by' => 0, 'openid' => md5($profile->identity))); $user_array['id'] = $user_id = $inDB->insert('cms_users', $user_array); // создаем профиль пользователя if ($user_id) { $filename = 'nopic.jpg'; // если есть аватар, пробуем скачать if (!empty($profile->photo) || !empty($advanced['photo'])) { $photo_path = $this->downloadAvatar(!empty($advanced['photo']) ? $advanced['photo'] : $profile->photo); if ($photo_path) { cmsCore::includeGraphics(); $uploaddir = PATH . '/images/users/avatars/'; $filename = md5($photo_path . '-' . $user_id . '-' . time()) . '.jpg'; $uploadavatar = $uploaddir . $filename; $uploadthumb = $uploaddir . 'small/' . $filename; $cfg = $inCore->loadComponentConfig('users'); @img_resize($photo_path, $uploadavatar, $cfg['medw'], $cfg['medh']); @img_resize($photo_path, $uploadthumb, $cfg['smallw'], $cfg['smallw']); @unlink($photo_path); } } $inUser->loadUserGeo(); $inDB->insert('cms_user_profiles', array('city' => !empty($advanced['city']) ? $advanced['city'] : $inUser->city, 'user_id' => $user_id, 'imageurl' => $filename, 'gender' => !empty($profile->gender) ? strtolower($profile->gender) : 'm')); cmsCore::callEvent('USER_REGISTER', $user_array); cmsActions::log('add_user', array('object' => '', 'user_id' => $user_id, 'object_url' => '', 'object_id' => $user_id, 'target' => '', 'target_url' => '', 'target_id' => 0, 'description' => '')); if ($this->reg_model->config['send_greetmsg']) { $this->reg_model->sendGreetsMessage($user_id); } return $user_id; } return false; }
function upload_file($file_name, $name_file_destination) { echo $name_file_destination; global $max_image_width; global $max_image_height; global $max_image_size; global $valid_types; global $_upload_dir; global $upload_dir; global $max_width; global $max_width_big_photo; //echo "<br>---".$max_width_big_photo; $err_str = ''; if (isset($_FILES[$file_name])) { if (is_uploaded_file($_FILES[$file_name]['tmp_name'])) { $filename = $_FILES[$file_name]['tmp_name']; $ext = substr($_FILES[$file_name]['name'], 1 + strrpos($_FILES[$file_name]['name'], ".")); if (filesize($filename) > $max_image_size * 1024) { return $err_str = 'Error: File size > ' . $max_image_size . 'K.'; } elseif (!in_array($ext, $valid_types)) { return $err_str = 'Error: Invalid file type.'; } else { $size = GetImageSize($filename); if ($size && $size[0] < $max_image_width && $size[1] < $max_image_height) { // if (move_uploaded_file($filename, $_upload_dir .$_FILES[$file_name]['name'])) // $box=imagettftext($filename, $max_image_size, 45, 30, 90, $colorblack, $font, "TEST") ; if (move_uploaded_file($filename, $upload_dir . $name_file_destination)) { //return $err_str = 'File successful uploaded.'; //$err_str = img_resize($_FILES[$file_name]['name']); if ($size[0] > $max_width) { $_size = $max_width; } else { $_size = $size[0]; } $err_str = img_resize($name_file_destination, $_size); if ($size[0] > $max_width_big_photo) { //echo "<br>--"; $err_str = img_resize_big($name_file_destination, $max_width_big_photo); } return $err_str; } else { return $err_str = 'Error: moving fie failed.'; } } else { return $err_str = 'Error: invalid image properties.'; } } } else { //return $err_str = 'Error: empty file.'; return $err_str = ''; } } return $err_str; }
//upload logo if ($_FILES['picture']['name']) { require PATH . '/includes/graphic.inc.php'; $uploaddir = PATH . '/images/clubs/'; if (!is_dir($uploaddir)) { @mkdir($uploaddir); } $filename = md5($id) . '.jpg'; $uploadphoto = $uploaddir . $filename; $uploadthumb = $uploaddir . 'small/' . $filename; if ($inCore->moveUploadedFile($_FILES['picture']['tmp_name'], $uploadphoto, $_FILES['picture']['error'])) { if (!isset($cfg['watermark'])) { $cfg['watermark'] = 0; } @img_resize($uploadphoto, $uploadthumb, $cfg['thumb1'], $cfg['thumb1'], $cfg['thumbsqr']); @img_resize($uploadphoto, $uploadphoto, $cfg['thumb2'], $cfg['thumb2'], $cfg['thumbsqr']); } else { $msg = $inCore->uploadError(); } $sql = "UPDATE cms_clubs SET imageurl = '{$filename}' WHERE id={$id}"; dbQuery($sql); } //insert into db $sql = "UPDATE cms_clubs\r\n SET admin_id = '{$admin_id}',\r\n title = '{$title}',\r\n description = '{$description}',\r\n clubtype = '{$clubtype}',\r\n published = '{$published}',\r\n maxsize = '{$maxsize}',\r\n enabled_blogs = '{$enabled_blogs}',\r\n enabled_photos = '{$enabled_photos}'\r\n WHERE id = {$id}"; dbQuery($sql); $moders = $_POST['moderslist']; $members = $_POST['memberslist']; if (array_search($admin_id, $moders)) { unset($moders[array_search($admin_id, $moders)]); } if (array_search($admin_id, $members)) {
} $file = $_FILES["imgfile"]["name"]; $path_parts = pathinfo($file); $ext = $path_parts['extension']; if (strstr($ext, 'php')) { die; } $file = md5($file . time()) . '.' . $ext; $item['imageurl'] = $file; if (@move_uploaded_file($tmp_name, PATH . "/images/catalog/{$file}")) { //create image thumbnails if ($cfg['watermark']) { @img_add_watermark(PATH . "/images/catalog/{$file}"); } @img_resize(PATH . "/images/catalog/{$file}", PATH . "/images/catalog/small/{$file}.jpg", 100, 100); @img_resize(PATH . "/images/catalog/{$file}", PATH . "/images/catalog/medium/{$file}.jpg", 250, 250); @chmod(PATH . "/images/catalog/{$file}", 0644); @chmod(PATH . "/images/catalog/small/{$file}.jpg", 0644); @chmod(PATH . "/images/catalog/medium/{$file}.jpg", 0644); } else { $msg = 'Ошибка загрузки изображения!'; } } $model->updateItem($id, $item); } if (!isset($_SESSION['editlist']) || @sizeof($_SESSION['editlist']) == 0) { $inCore->redirect('?view=components&do=config&id=' . $_REQUEST['id'] . '&opt=list_items'); } else { $inCore->redirect('?view=components&do=config&id=' . $_REQUEST['id'] . '&opt=edit_item'); } }
if (isset($delpic) && $delpic->getChecked()) { $filename = ""; if (file_exists($_SESSION['site_class_catpicdir'] . '/' . $oldpic)) { @unlink($_SESSION['site_class_catpicdir'] . '/' . $oldpic); @unlink($_SESSION['site_class_catpicdir'] . '/tn_' . $oldpic); } } //kep feltoltese if ($file->isUploadedFile()) { $filevalues = $file->getValue(); $sdir = preg_replace('|/$|', '', $_SESSION['site_class_catpicdir']) . '/'; $filename = time() . preg_replace('|[^\\d\\w_\\.]|', '_', change_hunchar($filevalues['name'])); $tn_name = 'tn_' . $filename; //kep atmeretezese include_once 'includes/function.images.php'; if (($pic = img_resize($filevalues['tmp_name'], $sdir . $filename, $_SESSION['site_class_catpicwidth'], $_SESSION['site_class_catpicheight'])) && ($tn = img_resize($filevalues['tmp_name'], $sdir . $tn_name, $_SESSION['site_class_catpictwidth'], $_SESSION['site_class_catpictheight']))) { @chmod($sdir . $filename, 0664); @chmod($sdir . $tn_name, 0664); @unlink($filevalues['tmp_name']); //ha volt regi kep, akkor toroljuk if ($oldpic != "") { if (file_exists($_SESSION['site_class_catpicdir'] . '/' . $oldpic)) { @unlink($_SESSION['site_class_catpicdir'] . '/' . $oldpic); @unlink($_SESSION['site_class_catpicdir'] . '/tn_' . $oldpic); } } //regi kep torlesenek vege } $form_class->setElementError('picture', $locale->get('category_error_category_picupload')); } }
$img_h = $img_info[1] + 60; echo "<script language=\"javascript\">WinOpen('/_php/viewer.php?path=".$pic_ref."&id=".$img_nam."','viewer',".$img_w.",".$img_h.")</script>"; } } for ($x = 0; $x < 6; $x++) { if (${"f_upl_".$x}) { if (${"f_pic_".$x}) { if (!$id) { $idx = get_newid("referenz"); $img_nam = $idx."_".$x; } else { $img_nam = $id."_".$x; } $pic = img_upload($img_ref,${"f_pic_".$x},${"f_pic_".$x."_name"}); img_resize($img_ref,$pic,$img_nam,$img_w_sm,$img_w_lg); if ($picstr) { $pics = explode("#",$picstr); } for ($y = 0; $y < 6; $y++) { if (!$pics[$y]) { $pics[$y] = "-"; } } $pics[$x] = $pic; $picstr = implode("#",$pics); unset($add_img[$x]); } } }
++$gallery_n; $i = 1; echo '<section class="maps ' . $section_propieties . '"><div class="wrapper">'; echo title_and_subtitle(); $p = "left"; echo '<ul id="map-gallery-slider-' . $gallery_n . '" class="' . $aspect_ratio . '"><li class="slide">'; while (have_rows('maps')) { the_row(); if ($i % 2 == 1 && $i != 1) { echo '</li><li class="slide">'; $p = "left"; } $map_title = get_sub_field('map_title'); $image = get_sub_field('map'); $image_url = $image['url']; $image_new_height = img_resize($image_url, 400, false); echo '<div class="item item_' . $p . '" style="height:' . $image_new_height . 'px">'; echo '<a href="' . $image_url . '" class="fancybox" rel="gallery_' . $module_counter . '"><img src="' . $image_url . '"></a>'; echo '<h4>' . $map_title . '</h4></div>'; ++$i; $p = "right"; } echo '</li></ul>'; if ($has_description == "with_description") { echo '<div class="description">' . $description . '</div>'; } echo download_link(); echo '</div></section>'; //gallery portrait (3 elements per slide) } elseif ($i >= 4 && $aspect_ratio == "portrait") { ++$gallery_n;
// We'll start handling the upload in the next ste if (move_uploaded_file($_FILES['image_3']['tmp_name'], $upload_path . $image3_name)) { $target_file = "images/animals/{$image3_name}"; $resized_file = "images/animals/Image_{$image3_name}"; $wmax = 640; $hmax = 480; img_resize($target_file, $resized_file, $wmax, $hmax, $fileExt); unlink($target_file); $image_name3 = $upload_path . $image3_name; $image3_db = $storage_link . "Image_" . $image3_name; //Create Thum $target_file = "images/animals/Image_{$image3_name}"; $thumbnail = "images/animals/Thumb_{$image3_name}"; $wthumb = 100; $hthumb = 70; img_resize($target_file, $thumbnail, $wthumb, $hthumb, $fileExt); $image3_thumb = $storage_link . "Thumb_" . $image3_name; echo "<a href=\" {$image3_thumb} \"><img src=\" {$image3_thumb}\" alt=\"Image 3\" width=\"100\" height=\"70\" /></a>"; } else { echo 'There was an error during the Third Image upload. Please try again.<br>'; } // It failed } echo "</div>"; //Insert into DB $AnimalPrice = str_replace(",", "", $_POST['price']); $AnimalWeight = str_replace(",", "", $_POST['weight']); $AnimalColor = ""; if ($_POST['white'] == "White") { $AnimalColor = $AnimalColor . "White, "; }
<?php require_once "functions/file_handling.php"; require_once "functions/img_resize.php"; if (isset($_POST['submit'])) { $file = $_FILES['file']; $err = is_valid_file($file); if (!$err) { change_location($file['tmp_name'], $file['name']); img_resize("uploads/" . $file['name'], "img_preview/" . $file['name'], 200, 200); } } ?> <!DOCTYPE html> <html> <head> <title>Галерея</title> <meta charset="utf-8"/> <meta name="description" content="This is the main page of my site"/> <link rel="stylesheet" href="../lesson-5/css/style.css" type="text/css"> <link rel="stylesheet" href="style.css" type="text/css"> <link href='https://fonts.googleapis.com/css?family=Comfortaa:400,300,700&subset=latin,cyrillic,cyrillic-ext,latin-ext' rel='stylesheet' type='text/css'/> </head> <body> <div class="content"> <ul class="main-menu"> <li> <h1><a href="#">Home</a></h1> </li> <li><a href="#">Статьи</a></li> <li><a href="#">Каталог</a></li>
$dirlist = get_ftpdir($fdir); $ddir = rtrim($_SESSION['site_galerydir'], '/') . '/'; if ($form->validate()) { $errors = array(); if (isset($_POST['fileChecked']) && is_array($_POST['fileChecked'])) { foreach ($_POST['fileChecked'] as $key => $value) { if (get_magic_quotes_gpc()) { $file = stripslashes($value); } else { $file = $value; } $filetype = exec(trim('file -bi' . escapeshellarg($fdir . $file))); $filename = time() . preg_replace('|[^\\w\\d_\\.]|', '_', change_hunchar($file)); $tn_name = 'tn_' . $filename; if ($type == 'p') { if (!($pic = img_resize($fdir . $file, $ddir . $filename, $_SESSION['site_picwidth'], $_SESSION['site_picheight'])) || !($tn = img_resize($fdir . $file, $ddir . $tn_name, $_SESSION['site_thumbwidth'], $_SESSION['site_thumbheight']))) { $errors[] = $file; } else { @chmod($ddir . $filename, 0664); @chmod($ddir . $tn_name, 0664); $name = str_replace("'", "''", $file); $size = filesize($ddir . $filename); $picture_id = $mdb2->extended->getBeforeID('iShark_Pictures', 'picture_id', TRUE, TRUE); $query = "\n\t\t\t\t\t\t\tINSERT INTO iShark_Pictures \n\t\t\t\t\t\t\t(picture_id, realname, name, width, height, tn_width, tn_height, add_user_id, add_date)\n\t\t\t\t\t\t\tVALUES\n\t\t\t\t\t\t\t({$picture_id}, '{$filename}', '{$name}', {$pic['width']}, {$pic['height']}, {$tn['width']}, {$tn['height']}, {$_SESSION['user_id']}, NOW())\n\t\t\t\t\t\t"; $mdb2->exec($query); $last_picture_id = $mdb2->extended->getAfterID($picture_id, 'iShark_Pictures', 'picture_id'); $query = "\n\t\t\t\t\t\t\tINSERT INTO iShark_Galleries_Pictures\n\t\t\t\t\t\t\t(gallery_id, picture_id)\n\t\t\t\t\t\t\tVALUES \n\t\t\t\t\t\t\t({$gid}, {$last_picture_id})\n\t\t\t\t\t\t"; $mdb2->exec($query); } } else { //ha nincsenek videokgaleriak, akkor berakjuk a feltetelt
img_resize($file_org, $file_id, $img_src, 250, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . "medium", "img"); img_resize($file_org, $file_id, $img_src, 150, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . "small", "img"); img_resize($file_org, $file_id, $img_src, 96, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . "thumbnail", "tn"); // orginal bild loeschen #unlink($file_org); rename($file_org, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . $pathvars["filebase"]["pic"]["o"] . "img_" . $file_id . ".png"); // speicher des quellbild freigeben imagedestroy($img_src); break; case ".jpg": // quellbild in speicher einlesen $img_src = @imagecreatefromjpeg($file_org); img_resize($file_org, $file_id, $img_src, 628, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . "big", "img"); img_resize($file_org, $file_id, $img_src, 250, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . "medium", "img"); img_resize($file_org, $file_id, $img_src, 150, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . "small", "img"); img_resize($file_org, $file_id, $img_src, 96, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . "thumbnail", "tn"); // orginal bild loeschen #unlink($file_org); #echo $file_org; #echo $cfg["file"]["maindir"].$pathvars["filebase"]["pic"]["o"]."img_".$file_id.".jpg"; rename($file_org, $cfg["file"]["maindir"] . $cfg["file"]["picture"] . $pathvars["filebase"]["pic"]["o"] . "img_" . $file_id . ".jpg"); // speicher des quellbild freigeben imagedestroy($img_src); break; default: echo "da ist der wurm drin"; } } if ($debugging[html_enable]) { $debugging[ausgabe] .= "sql: " . $sql . $debugging[char]; }
// Adatok mentése if ($form->validate()) { if (!$file->isUploadedFile()) { header('Location: admin.php?p=' . $module_name . '&act=pic&pic_act=upl&gid=' . $gid); exit; } $filevalues = $file->getValue(); $gdir = preg_replace('|/$|', '', $_SESSION['site_galerydir']) . '/'; $filename = time() . preg_replace('|[^\\d\\w_\\.]|', '_', change_hunchar($filevalues['name'])); $tn_name = 'tn_' . $filename; $name = $mdb2->escape($form->getSubmitValue('name')); $tags = $form->getSubmitValue('tags'); if ($type == 'p') { // Kép feltöltése átméretezéssel include_once 'includes/function.images.php'; if (($pic = img_resize($filevalues['tmp_name'], $gdir . $filename, $_SESSION['site_picwidth'], $_SESSION['site_picheight'])) && ($tn = img_resize($filevalues['tmp_name'], $gdir . $tn_name, $_SESSION['site_thumbwidth'], $_SESSION['site_thumbheight']))) { @chmod($gdir . $filename, 0664); @chmod($gdir . $tn_name, 0664); $description = $form->getSubmitValue('description'); if (empty($description)) { $description = ""; } $picture_id = $mdb2->extended->getBeforeID('iShark_Pictures', 'picture_id', TRUE, TRUE); $query = "\n\t\t\t\t\tINSERT INTO iShark_Pictures\n\t\t\t\t\t(picture_id, realname, name, width, height, tn_width, tn_height, add_user_id, add_date, description)\n\t\t\t\t\tVALUES\n\t\t\t\t\t({$picture_id}, '{$filename}', '{$name}', {$pic['width']}, {$pic['height']}, {$tn['width']}, {$tn['height']}, {$_SESSION['user_id']}, now(), '" . $description . "')\n\t\t\t\t"; $mdb2->exec($query); $last_picture_id = $mdb2->extended->getAfterID($picture_id, 'iShark_Pictures', 'picture_id'); //ha letezik a $tags tomb, akkor felvisszuk a kapcsolotablaba if (is_array($tags) && count($tags) > 0) { foreach ($tags as $key => $id) { $query = "\n\t\t\t\t\t\t\tINSERT INTO iShark_Tags_Modules \n\t\t\t\t\t\t\t(tag_id, module_name, id) \n\t\t\t\t\t\t\tVALUES \n\t\t\t\t\t\t\t({$id}, 'picture', {$last_picture_id})\n\t\t\t\t\t\t"; $mdb2->exec($query);
if (file_exists("main_pics/" . $content_picture)) { @unlink("main_pics/" . $content_picture); } } } else { $filename = ""; } $pic = TRUE; //kep feltoltese if ($file->isUploadedFile()) { $filevalues = $file->getValue(); $sdir = preg_replace('|/$|', '', 'main_pics') . '/'; $filename = time() . preg_replace('|[^\\d\\w_\\.]|', '_', change_hunchar($filevalues['name'])); //kep atmeretezese include_once 'includes/function.images.php'; if (is_array($pic = img_resize($filevalues['tmp_name'], $sdir . $filename, 461, 272))) { @chmod($sdir . $filename, 0664); @unlink($filevalues['tmp_name']); } if (!$pic) { $form->setElementError('pic', $locale->get('news_error_picupload')); } } if ($pic) { if ($sub_act == "mod") { $query = "\n UPDATE iShark_Carousel\n SET title = '" . $title . "',\n text = '" . $desc . "',\n content_id = '" . $content_id . "',\n pic = '" . $filename . "'\n WHERE id = '" . $_REQUEST["id"] . "'\n "; $mdb2->exec($query); if ($content_picture != "") { if (file_exists($_SESSION['site_cnt_picdir'] . "/" . $content_picture)) { @unlink($_SESSION['site_cnt_picdir'] . "/" . $content_picture); }
/** * Это устаревший метод, используйте функцию img_resize */ public function imageCopyResized($src, $dest, $maxwidth, $maxheight = 160, $is_square = false, $quality = 95) { return img_resize($src, $dest, $maxwidth, $maxheight, $is_square, $quality); }
/** * Загружает фото файл * @return array $file (filename, realfile) */ public function uploadPhoto($old_file = '') { // если каталог загрузки не определен, возвращаем ложь if (!$this->upload_dir) { return false; } if (!empty($_FILES[$this->input_name]['name'])) { cmsCore::includeGraphics(); $input_name = preg_replace('/[^a-zA-Zа-яёЁА-Я0-9\\.\\-_ ]/ui', '', mb_substr(basename(strval($_FILES[$this->input_name]['name'])), 0, 160)); // расширение $ext = mb_strtolower(pathinfo($input_name, PATHINFO_EXTENSION)); // имя файла без расширения $realfile = str_replace('.' . $ext, '', $input_name); if (!in_array($ext, array('jpg', 'jpeg', 'gif', 'png', 'bmp'))) { return false; } $this->filename = $this->filename ? $this->filename : md5(time() . $realfile) . '.' . $ext; $uploadphoto = $this->upload_dir . $this->filename; $uploadthumb['small'] = $this->upload_dir . $this->dir_small . $this->filename; $uploadthumb['medium'] = $this->upload_dir . $this->dir_medium . $this->filename; $uploadphoto = $this->upload_dir . $this->filename; $source = $_FILES[$this->input_name]['tmp_name']; $errorCode = $_FILES[$this->input_name]['error']; if (cmsCore::moveUploadedFile($source, $uploadphoto, $errorCode)) { // удаляем предыдущий файл если необходимо $this->deletePhotoFile($old_file); if (!$this->isImage($uploadphoto)) { $this->deletePhotoFile($this->filename); return false; } if (!$this->small_size_h) { $this->small_size_h = $this->small_size_w; } if (!$this->medium_size_h) { $this->medium_size_h = $this->medium_size_w; } // Гененрируем маленькое и среднее изображения if (!$this->only_medium) { if (!is_dir($this->upload_dir . $this->dir_small)) { @mkdir($this->upload_dir . $this->dir_small); } @img_resize($uploadphoto, $uploadthumb['small'], $this->small_size_w, $this->small_size_h, $this->thumbsqr); } if (!is_dir($this->upload_dir . $this->dir_medium)) { @mkdir($this->upload_dir . $this->dir_medium); } @img_resize($uploadphoto, $uploadthumb['medium'], $this->medium_size_w, $this->medium_size_h, false, false); // Накладывать ватермарк if ($this->is_watermark) { @img_add_watermark($uploadthumb['medium']); } if ($this->is_watermark) { @img_add_watermark($uploadthumb['small']); } // сохранять оригинал if (!$this->is_saveorig) { @unlink($uploadphoto); } elseif ($this->is_watermark) { @img_add_watermark($uploadphoto); } $file['filename'] = $this->filename; $file['realfile'] = $realfile; } else { return false; } } else { return false; } return $file; }
if ($file->isUploadedFile()) { $filevalues = $file->getValue(); $sdir = preg_replace('|/$|', '', $_SESSION['site_cnt_picdir']) . '/'; $filename = time() . preg_replace('|[^\\da-zA-Z_\\.]|', '_', change_hunchar($filevalues['name'])); //kep atmeretezese include_once 'includes/function.images.php'; //ha vezeto hirhez toltunk fel if ($form->getSubmitValue('mainnews') == 1) { if ($pic = img_resize($filevalues['tmp_name'], $sdir . $filename, $_SESSION['site_leadpicw'], $_SESSION['site_leadpich'])) { @chmod($sdir . $filename, 0664); @unlink($filevalues['tmp_name']); } } //ha sima hirhez toltunk fel if ($form->getSubmitValue('mainnews') == 0) { if ($pic = img_resize($filevalues['tmp_name'], $sdir . $filename, $_SESSION['site_newspicw'], $_SESSION['site_newspich'])) { @chmod($sdir . $filename, 0664); @unlink($filevalues['tmp_name']); } } $form->setElementError('lead_file', $locale->get('news_error_picupload')); //regi kep torlese - ha volt if ($content_picture != "") { if (file_exists($_SESSION['site_cnt_picdir'] . "/" . $content_picture)) { @unlink($_SESSION['site_cnt_picdir'] . "/" . $content_picture); } } } } //bevezeto szoveg csak akkor van, ha ezt engedelyeztuk if (!empty($_SESSION['site_is_lead'])) {
$("#result").html(msg); } }); } ); } ); </script> </div> <?php // открывает картинку 1.jpg и сохраняет ее с новыми размерами в 2.jpg // 150, 200 ширина и высота новой картинки // 70 качество нового изображения в процентах // 0xFFFFF0 цвет фона(если рисунок полуится меньше) // 0 включить/выключить создание размера изображения, строго по размерам, Если включить, тогда размер изображения всегда будет // таким, как заявлен, а лишнее будет заполняться фоном. Экспериментируйте. img_resize("wm/" . $str_exp[6], "wm/pw/s" . $str_exp[6], 100, 255, 98, 0xfffff0, 0); ?> <?php include_once $_SERVER['DOCUMENT_ROOT'] . '/template/footer.php'; } else { echo "Access denied"; } ?>
} } // $moveResult = move_uploaded_file($fileTmpLoc, "../groups/{$gS}/{$db_file_name}"); if ($moveResult != true) { header("location: ../message.php?msg=ERROR: File upload failed"); exit; } include_once "../php_includes/image_resize.php"; // $target_file = "../groups/{$gS}/{$db_file_name}"; // $resized_file = "../groups/{$gS}/{$db_file_name}"; $wmax = 200; $hmax = 300; img_resize($target_file, $resized_file, $wmax, $hmax, $fileExt); // $sql = "UPDATE groups SET logo='{$db_file_name}' WHERE name='{$gS}' AND creator='{$uS}'LIMIT 1"; $query = mysqli_query($db_conx, $sql); mysqli_close($db_conx); // header("location: ../group.php?g={$gS}"); exit; } // Add new post if (isset($_POST['action']) && $_POST['action'] == "new_post") { // Make sure post data is not empty if (strlen($_POST['data']) < 1) { exit; } // Clean all of the $_POST vars that will interact with the database
case "2": $ext = ".jpg"; break; case "3": $ext = ".png"; break; default: $ext = ".jpg"; break; } } $filename = time() . preg_replace('|[^\\da-zA-Z_\\.]|', '_', 'mtipic' . $ext); fclose($mtifile); //kep atmeretezese include_once 'includes/function.images.php'; if ($pic = img_resize($sdir . 'mti_temp_pic', $sdir . $filename, $_SESSION['site_newspicw'], $_SESSION['site_newspich'])) { @chmod($sdir . $filename, 0664); } } unlink($sdir . 'mti_temp_pic'); } $types = array('integer', 'text', 'text', 'text', 'integer', 'integer', 'text'); $values = array($content_id, $row_mti['title'], $row_mti['lead'], $row_mti['body'], $_SESSION['user_id'], $_SESSION['user_id'], $_SESSION['site_deflang']); //beszurjuk az mti hirt a sajt hir tablankba $query = "\n\t\t\tINSERT INTO iShark_Contents \n\t\t\t(content_id, is_mainnews, is_index, type, title, lead, content, add_user_id, add_date, mod_user_id, mod_date, is_active, lang, picture) \n\t\t\tVALUES \n\t\t\t(?, 0, 0, 2, ?, ?, ?, ?, NOW(), ?, NOW(), 1, ?, '" . $filename . "')\n\t\t"; $result = $mdb2->prepare($query, $types, MDB2_PREPARE_MANIP); $result->execute($values); $last_content_id = $mdb2->extended->getAfterID($content_id, 'iShark_Contents', 'content_id'); //rovat, ha hasznaljuk if (!empty($_SESSION['site_category'])) { //megnezzuk, hogy van-e mar ilyen mti kategoriank
//===Documents folder, should exist in your host in there you're going to save the file just uploaded $moveResult = move_uploaded_file($temp, $file_to_saved); //echo $file_to_saved; if ($moveResult != true) { echo "<span style='color:red;font-size:24px;'>"; echo "ERROR: File not uploaded. Try again."; echo "</span>"; unlink($temp); // Remove the uploaded file from the PHP temp folder exit; } //======= Image part ends here //unlink($temp); // Remove the uploaded file from the PHP temp folder //========Include Image Resize function======= include 'imageResize.php'; $file_to_saved = "../../Assets/image/HomePage/" . $file_get; $resized_file = "../../Assets/image/HomePage/" . "resized_" . $file_get; $wmax = 400; $hmax = 750; img_resize($file_to_saved, $resized_file, $wmax, $hmax, $fileExt); unlink($file_to_saved); // Remove the Original file from the image folder and display only resized image //========End of Image Resize function=========== // ======== Start Image Thumbnail(Crop) Function//===== ------ $target_file = "../../Assets/image/HomePage/" . "resized_" . $file_get; $thumbnail = "../../Assets/image/HomePage/" . "thumb_" . $file_get; $wthumb = 400; $hthumb = 595; img_thumb($target_file, $thumbnail, $wthumb, $hthumb, $fileExt); unlink($resized_file); //====End of Image Thumbnail(Crop) Function ==============