public function uploadItemResources($aResources,$itemId) { if($aResources != '') { $itemResourceManager = ItemResource::newInstance(); $folder = osc_uploads_path().(floor($itemId/100))."/"; $numImagesItems = osc_max_images_per_item(); $numImages = $itemResourceManager->countResources($itemId); foreach ($aResources['error'] as $key => $error) { if($numImagesItems==0 || ($numImagesItems>0 && $numImages<$numImagesItems)) { if ($error == UPLOAD_ERR_OK) { $tmpName = $aResources['tmp_name'][$key]; $imgres = ImageResizer::fromFile($tmpName); $extension = osc_apply_filter('upload_image_extension', $imgres->getExt()); $mime = osc_apply_filter('upload_image_mime', $imgres->getMime()); // Create normal size $normal_path = $path = $tmpName."_normal"; $size = explode('x', osc_normal_dimensions()); $img = ImageResizer::fromFile($tmpName)->autoRotate()->resizeTo($size[0], $size[1]); if( osc_is_watermark_text() ) { $img->doWatermarkText(osc_watermark_text(), osc_watermark_text_color()); } else if ( osc_is_watermark_image() ){ $img->doWatermarkImage(); } $img->saveToFile($path, $extension); // Create preview $path = $tmpName."_preview"; $size = explode('x', osc_preview_dimensions()); ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path, $extension); // Create thumbnail $path = $tmpName."_thumbnail"; $size = explode('x', osc_thumbnail_dimensions()); ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path, $extension); $numImages++; $itemResourceManager->insert(array( 'fk_i_item_id' => $itemId )); $resourceId = $itemResourceManager->dao->insertedId(); if(!is_dir($folder)) { if (!@mkdir($folder, 0755, true)) { return 3; // PATH CAN NOT BE CREATED } } osc_copy($tmpName.'_normal', $folder.$resourceId.'.'.$extension); osc_copy($tmpName.'_preview', $folder.$resourceId.'_preview.'.$extension); osc_copy($tmpName.'_thumbnail', $folder.$resourceId.'_thumbnail.'.$extension); if( osc_keep_original_image() ) { $path = $folder.$resourceId.'_original.'.$extension; osc_copy($tmpName, $path); } @unlink($tmpName."_normal"); @unlink($tmpName."_preview"); @unlink($tmpName."_thumbnail"); @unlink($tmpName); $s_path = str_replace(osc_base_path(), '', $folder); $itemResourceManager->update( array( 's_path' => $s_path ,'s_name' => osc_genRandomPassword() ,'s_extension' => $extension ,'s_content_type' => $mime ) ,array( 'pk_i_id' => $resourceId ,'fk_i_item_id' => $itemId ) ); osc_run_hook('uploaded_file', ItemResource::newInstance()->findByPrimaryKey($resourceId)); } } } unset($itemResourceManager); } return 0; // NO PROBLEMS }
public function uploadItemResources($aResources, $itemId) { if ($aResources != '') { $wat = new Watermark(); $itemResourceManager = ItemResource::newInstance(); $numImagesItems = osc_max_images_per_item(); $numImages = $itemResourceManager->countResources($itemId); foreach ($aResources['error'] as $key => $error) { if ($numImagesItems == 0 || $numImagesItems > 0 && $numImages < $numImagesItems) { if ($error == UPLOAD_ERR_OK) { $numImages++; $tmpName = $aResources['tmp_name'][$key]; $itemResourceManager->insert(array('fk_i_item_id' => $itemId)); $resourceId = $itemResourceManager->dao->insertedId(); // Create normal size $normal_path = $path = osc_content_path() . 'uploads/' . $resourceId . '.jpg'; $size = explode('x', osc_normal_dimensions()); ImageResizer::fromFile($tmpName)->resizeTo($size[0], $size[1])->saveToFile($path); if (osc_is_watermark_text()) { $wat->doWatermarkText($path, osc_watermark_text_color(), osc_watermark_text(), 'image/jpeg'); } elseif (osc_is_watermark_image()) { $wat->doWatermarkImage($path, 'image/jpeg'); } // Create preview $path = osc_content_path() . 'uploads/' . $resourceId . '_preview.jpg'; $size = explode('x', osc_preview_dimensions()); ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path); // Create thumbnail $path = osc_content_path() . 'uploads/' . $resourceId . '_thumbnail.jpg'; $size = explode('x', osc_thumbnail_dimensions()); ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path); if (osc_keep_original_image()) { $path = osc_content_path() . 'uploads/' . $resourceId . '_original.jpg'; move_uploaded_file($tmpName, $path); } $s_path = 'oc-content/uploads/'; $resourceType = 'image/jpeg'; $itemResourceManager->update(array('s_path' => $s_path, 's_name' => osc_genRandomPassword(), 's_extension' => 'jpg', 's_content_type' => $resourceType), array('pk_i_id' => $resourceId, 'fk_i_item_id' => $itemId)); osc_run_hook('uploaded_file', ItemResource::newInstance()->findByPrimaryKey($resourceId)); } } } unset($itemResourceManager); } }
public static function photos_javascript() { ?> <script type="text/javascript"> var photoIndex = 0; function gebi(id) { return document.getElementById(id); } function ce(name) { return document.createElement(name); } function re(id) { var e = gebi(id); e.parentNode.removeChild(e); } function addNewPhoto() { var max = <?php echo osc_max_images_per_item(); ?> ; var num_img = $('input[name="photos[]"]').size() + $("a.delete").size(); if((max!=0 && num_img<max) || max==0) { var id = 'p-' + photoIndex++; var i = ce('input'); i.setAttribute('type', 'file'); i.setAttribute('name', 'photos[]'); var a = ce('a'); a.style.fontSize = 'x-small'; a.style.paddingLeft = '10px'; a.setAttribute('href', '#'); a.setAttribute('divid', id); a.onclick = function() { re(this.getAttribute('divid')); return false; } a.appendChild(document.createTextNode('<?php _e('Remove'); ?> ')); var d = ce('div'); d.setAttribute('id', id); d.setAttribute('style','padding: 4px 0;') d.appendChild(i); d.appendChild(a); gebi('photos').appendChild(d); } else { alert('<?php _e('Sorry, you have reached the maximum number of images per ad'); ?> '); } } // Listener: automatically add new file field when the visible ones are full. setInterval("add_file_field()", 250); /** * Timed: if there are no empty file fields, add new file field. */ function add_file_field() { var count = 0; $('input[name="photos[]"]').each(function(index) { if ( $(this).val() == '' ) { count++; } }); var max = <?php echo osc_max_images_per_item(); ?> ; var num_img = $('input[name="photos[]"]').size() + $("a.delete").size(); if (count == 0 && (max==0 || (max!=0 && num_img<max))) { addNewPhoto(); } } </script> <?php }
?> </label> <div class="separate-top-medium"> <label> <input type="checkbox" <?php echo osc_images_enabled_at_items() ? 'checked="checked"' : ''; ?> name="enableField#images@items" value="1" /> <?php _e('Attach images'); ?> </label> </div> <div class="separate-top-medium"> <?php printf(__('Attach %s images per listing'), '<input type="text" class="input-small" name="numImages@items" value="' . osc_max_images_per_item() . '" />'); ?> <div class="help-box"><?php _e('If the value is zero, it means an unlimited number of images is allowed'); ?> </div> </div> </div> </div> </div> <div class="form-actions"> <input type="submit" id="save_changes" value="<?php echo osc_esc_html(__('Save changes')); ?> " class="btn btn-submit" /> </div>
<meta name="googlebot" content="noindex, nofollow" /> <script type="text/javascript"> twitter_theme.text_select_subcategory = "<?php _e('Select a subcategory...', 'twitter_bootstrap'); ?> " ; twitter_theme.category_selected_id = "<?php echo item_selected_category_id(); ?> " ; twitter_theme.subcategory_selected_id = "<?php echo item_selected_subcategory_id(); ?> " ; twitter_theme.max_number_photos = <?php echo osc_max_images_per_item(); ?> ; twitter_theme.photo_remove_text = "<?php _e('Remove', 'twitter_bootstrap'); ?> " ; twitter_theme.max_images_fields_txt = "<?php _e('Sorry, you have reached the maximum number of images per ad', 'twitter_bootstrap'); ?> " ; twitter_theme.country_select_id = "<?php echo get_country_id(osc_item() != null ? osc_item() : array()); ?> " ; twitter_theme.region_select_id = "<?php
?> </div> <?php if (osc_images_enabled_at_items()) { ?> <div class="box photos"> <h2><?php _e('Photos', 'modern'); ?> </h2> <?php ItemForm::photos(); ?> <div id="photos"> <?php if (osc_max_images_per_item() == 0 || osc_max_images_per_item() != 0 && osc_count_item_resources() < osc_max_images_per_item()) { ?> <div class="row"> <input type="file" name="photos[]" /> </div> <?php } ?> </div> <a href="#" onclick="addNewPhoto(); return false;"><?php _e('Add new photo', 'modern'); ?> </a> </div> <?php }
public static function ajax_photos($resources = null) { if ($resources == null) { $resources = osc_get_item_resources(); } $aImages = array(); if (Session::newInstance()->_getForm('photos') != '') { $aImages = Session::newInstance()->_getForm('photos'); $aImages = $aImages['name']; Session::newInstance()->_drop('photos'); Session::newInstance()->_dropKeepForm('photos'); } ?> <div id="restricted-fine-uploader"></div> <div style="clear:both;"></div> <?php if (count($aImages) > 0 || $resources != null && is_array($resources) && count($resources) > 0) { ?> <h3><?php _e('Images already uploaded'); ?> </h3> <ul class="qq-upload-list"> <?php foreach ($resources as $_r) { $img = $_r['pk_i_id'] . '.' . $_r['s_extension']; ?> <li class=" qq-upload-success"> <span class="qq-upload-file"><?php echo $img; ?> </span> <a class="qq-upload-delete" href="#" photoid="<?php echo $_r['pk_i_id']; ?> " itemid="<?php echo $_r['fk_i_item_id']; ?> " photoname="<?php echo $_r['s_name']; ?> " photosecret="<?php echo Params::getParam('secret'); ?> " style="display: inline; cursor:pointer;"><?php _e('Delete'); ?> </a> <div class="ajax_preview_img"><img src="<?php echo osc_apply_filter('resource_path', osc_base_url() . $_r['s_path']) . $_r['pk_i_id'] . '_thumbnail.' . $_r['s_extension']; ?> " alt="<?php echo osc_esc_html($img); ?> "></div> </li> <?php } ?> <?php foreach ($aImages as $img) { ?> <li class=" qq-upload-success"> <span class="qq-upload-file"><?php echo $img; $img = osc_esc_html($img); ?> </span> <a class="qq-upload-delete" href="#" ajaxfile="<?php echo $img; ?> " style="display: inline; cursor:pointer;"><?php _e('Delete'); ?> </a> <div class="ajax_preview_img"><img src="<?php echo osc_base_url(); ?> oc-content/uploads/temp/<?php echo $img; ?> " alt="<?php echo $img; ?> "></div> <input type="hidden" name="ajax_photos[]" value="<?php echo $img; ?> "> </li> <?php } ?> </ul> <?php } ?> <div style="clear:both;"></div> <?php $aExt = explode(',', osc_allowed_extension()); foreach ($aExt as $key => $value) { $aExt[$key] = "'" . $value . "'"; } $allowedExtensions = join(',', $aExt); $maxSize = (int) osc_max_size_kb() * 1024; $maxImages = (int) osc_max_images_per_item(); ?> <script> $(document).ready(function() { $('.qq-upload-delete').on('click', function(evt) { evt.preventDefault(); var parent = $(this).parent() var result = confirm('<?php echo osc_esc_js(__("This action can't be undone. Are you sure you want to continue?")); ?> '); var urlrequest = ''; if($(this).attr('ajaxfile')!=undefined) { urlrequest = 'ajax_photo='+$(this).attr('ajaxfile'); } else { urlrequest = 'id='+$(this).attr('photoid')+'&item='+$(this).attr('itemid')+'&code='+$(this).attr('photoname')+'&secret='+$(this).attr('photosecret'); } if(result) { $.ajax({ type: "POST", url: '<?php echo osc_base_url(true); ?> ?page=ajax&action=delete_image&'+urlrequest, dataType: 'json', success: function(data){ parent.remove(); } }); } }); $('#restricted-fine-uploader').on('click','.primary_image', function(event){ if(parseInt($("div.primary_image").index(this))>0){ var a_src = $(this).parent().find('.ajax_preview_img img').attr('src'); var a_title = $(this).parent().find('.ajax_preview_img img').attr('alt'); var a_input = $(this).parent().find('input').attr('value'); // info var a1 = $(this).parent().find('span.qq-upload-file').text(); var a2 = $(this).parent().find('span.qq-upload-size').text(); var li_first = $('ul.qq-upload-list li').get(0); var b_src = $(li_first).find('.ajax_preview_img img').attr('src'); var b_title = $(li_first).find('.ajax_preview_img img').attr('alt'); var b_input = $(li_first).find('input').attr('value'); var b1 = $(li_first).find('span.qq-upload-file').text(); var b2 = $(li_first).find('span.qq-upload-size').text(); $(li_first).find('.ajax_preview_img img').attr('src', a_src); $(li_first).find('.ajax_preview_img img').attr('alt', a_title); $(li_first).find('input').attr('value', a_input); $(li_first).find('span.qq-upload-file').text(a1); $(li_first).find('span.qq-upload-size').text(a2); $(this).parent().find('.ajax_preview_img img').attr('src', b_src); $(this).parent().find('.ajax_preview_img img').attr('alt', b_title); $(this).parent().find('input').attr('value', b_input); $(this).parent().find('span.qq-upload-file').text(b1); $(this).parent().find('span.qq-upload-file').text(b2); } }); $('#restricted-fine-uploader').on('click','.primary_image', function(event){ $(this).addClass('over primary'); }); $('#restricted-fine-uploader').on('mouseenter mouseleave','.primary_image', function(event){ if(event.type=='mouseenter') { if(!$(this).hasClass('primary')) { $(this).addClass('primary'); } } else { if(parseInt($("div.primary_image").index(this))>0){ $(this).removeClass('primary'); } } }); $('#restricted-fine-uploader').on('mouseenter mouseleave','li.qq-upload-success', function(event){ if(parseInt($("li.qq-upload-success").index(this))>0){ if(event.type=='mouseenter') { $(this).find('div.primary_image').addClass('over'); } else { $(this).find('div.primary_image').removeClass('over'); } } }); window.removed_images = 0; $('#restricted-fine-uploader').on('click', 'a.qq-upload-delete', function(event) { window.removed_images = window.removed_images+1; $('#restricted-fine-uploader .flashmessage-error').remove(); }); $('#restricted-fine-uploader').fineUploader({ request: { endpoint: '<?php echo osc_base_url(true) . "?page=ajax&action=ajax_upload"; ?> ' }, multiple: true, validation: { allowedExtensions: [<?php echo $allowedExtensions; ?> ], sizeLimit: <?php echo $maxSize; ?> , itemLimit: <?php echo $maxImages; ?> }, messages: { tooManyItemsError: '<?php echo osc_esc_js(__('Too many items ({netItems}) would be uploaded. Item limit is {itemLimit}.')); ?> ', onLeave: '<?php echo osc_esc_js(__('The files are being uploaded, if you leave now the upload will be cancelled.')); ?> ', typeError: '<?php echo osc_esc_js(__('{file} has an invalid extension. Valid extension(s): {extensions}.')); ?> ', sizeError: '<?php echo osc_esc_js(__('{file} is too large, maximum file size is {sizeLimit}.')); ?> ', emptyError: '<?php echo osc_esc_js(__('{file} is empty, please select files again without it.')); ?> ' }, deleteFile: { enabled: true, method: "POST", forceConfirm: false, endpoint: '<?php echo osc_base_url(true) . "?page=ajax&action=delete_ajax_upload"; ?> ' }, retry: { showAutoRetryNote : true, showButton: true }, text: { uploadButton: '<?php echo osc_esc_js(__('Click or Drop for upload images')); ?> ', waitingForResponse: '<?php echo osc_esc_js(__('Processing...')); ?> ', retryButton: '<?php echo osc_esc_js(__('Retry')); ?> ', cancelButton: '<?php echo osc_esc_js(__('Cancel')); ?> ', failUpload: '<?php echo osc_esc_js(__('Upload failed')); ?> ', deleteButton: '<?php echo osc_esc_js(__('Delete')); ?> ', deletingStatusText: '<?php echo osc_esc_js(__('Deleting...')); ?> ', formatProgress: '<?php echo osc_esc_js(__('{percent}% of {total_size}')); ?> ' } }).on('error', function (event, id, name, errorReason, xhrOrXdr) { $('#restricted-fine-uploader .flashmessage-error').remove(); $('#restricted-fine-uploader').append('<div class="flashmessage flashmessage-error">' + errorReason + '<a class="close" onclick="javascript:$(\'.flashmessage-error\').remove();" >X</a></div>'); }).on('statusChange', function(event, id, old_status, new_status) { $(".alert.alert-error").remove(); }).on('complete', function(event, id, fileName, responseJSON) { if (responseJSON.success) { var new_id = id - removed_images; var li = $('.qq-upload-list li')[new_id]; <?php if (Params::getParam('action') == 'item_add') { ?> if(parseInt(new_id)==0) { $(li).append('<div class="primary_image primary"></div>'); } else { $(li).append('<div class="primary_image"><a title="<?php echo osc_esc_js(osc_esc_html(__('Make primary image'))); ?> "></a></div>'); } <?php } // @TOFIX @FIXME escape $responseJSON_uploadName below // need a js function similar to osc_esc_js(osc_esc_html()) ?> $(li).append('<div class="ajax_preview_img"><img src="<?php echo osc_base_url(); ?> oc-content/uploads/temp/'+responseJSON.uploadName+'" alt="' + responseJSON.uploadName + '"></div>'); $(li).append('<input type="hidden" name="ajax_photos[]" value="'+responseJSON.uploadName+'"></input>'); } <?php if (Params::getParam('action') == 'item_edit') { ?> }).on('validateBatch', function(event, fileOrBlobDataArray) { // clear alert messages if($('#restricted-fine-uploader .alert-error').size()>0) { $('#restricted-fine-uploader .alert-error').remove(); } var len = fileOrBlobDataArray.length; var result = canContinue(len); return result.success; }); function canContinue(numUpload) { // strUrl is whatever URL you need to call var strUrl = "<?php echo osc_base_url(true) . "?page=ajax&action=ajax_validate&id=" . osc_item_id() . "&secret=" . osc_item_secret(); ?> "; var strReturn = {}; jQuery.ajax({ url: strUrl, success: function(html) { strReturn = html; }, async:false }); var json = JSON.parse(strReturn); var total = parseInt(json.count) + $("#restricted-fine-uploader input[name='ajax_photos[]']").size() + (numUpload); <?php if ($maxImages > 0) { ?> if(total<=<?php echo $maxImages; ?> ) { json.success = true; } else { json.success = false; $('#restricted-fine-uploader .qq-uploader').after($('<div class="alert alert-error"><?php echo osc_esc_js(sprintf(__('Too many items were uploaded. Item limit is %d.'), $maxImages)); ?> </div>')); } <?php } else { ?> json.success = true; <?php } ?> return json; } <?php } else { ?> }); <?php } ?> }); </script> <?php }
<td></td> <td> <input type="checkbox" <?php echo osc_images_enabled_at_items() ? 'checked="true"' : ''; ?> name="enableField#images@items" value="1" /> <?php _e('Attach images'); ?> </td> </tr> <tr> <td></td> <td class="additional-options"> <?php printf(__('Attach %s images per item'), '<input type="text" class="micro" name="numImages@items" value="' . osc_max_images_per_item() . '" />'); ?> <span class="help-box"><?php _e('If the value is zero, it means unlimited number of images'); ?> </span> </td> </tr> <!-- /optional fields --> <tr class="separate"> <td></td> <td> <input type="submit" value="<?php echo osc_esc_html(__('Save changes')); ?> " />
function doModel() { //specific things for this class switch ($this->action) { case 'bulk_actions': break; case 'regions': //Return regions given a countryId $regions = Region::newInstance()->findByCountry(Params::getParam("countryId")); echo json_encode($regions); break; case 'cities': //Returns cities given a regionId $cities = City::newInstance()->findByRegion(Params::getParam("regionId")); echo json_encode($cities); break; case 'location': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term")); foreach ($cities as $k => $city) { $cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")"; } echo json_encode($cities); break; case 'location_countries': // This is the autocomplete AJAX $countries = Country::newInstance()->ajax(Params::getParam("term")); echo json_encode($countries); break; case 'location_regions': // This is the autocomplete AJAX $regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country")); echo json_encode($regions); break; case 'location_cities': // This is the autocomplete AJAX $cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region")); echo json_encode($cities); break; case 'delete_image': // Delete images via AJAX $ajax_photo = Params::getParam('ajax_photo'); $id = Params::getParam('id'); $item = Params::getParam('item'); $code = Params::getParam('code'); $secret = Params::getParam('secret'); $json = array(); if ($ajax_photo != '') { $files = Session::newInstance()->_get('ajax_files'); $success = false; foreach ($files as $uuid => $file) { if ($file == $ajax_photo) { $filename = $files[$uuid]; unset($files[$uuid]); Session::newInstance()->_set('ajax_files', $files); $success = @unlink(osc_content_path() . 'uploads/temp/' . $filename); break; } } echo json_encode(array('success' => $success, 'msg' => $success ? _m('The selected photo has been successfully deleted') : _m("The selected photo couldn't be deleted"))); return false; } if (Session::newInstance()->_get('userId') != '') { $userId = Session::newInstance()->_get('userId'); $user = User::newInstance()->findByPrimaryKey($userId); } else { $userId = null; $user = null; } // Check for required fields if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) { $json['success'] = false; $json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist"); echo json_encode($json); return false; } $aItem = Item::newInstance()->findByPrimaryKey($item); // Check if the item exists if (count($aItem) == 0) { $json['success'] = false; $json['msg'] = _m("The listing doesn't exist"); echo json_encode($json); return false; } if (!osc_is_admin_user_logged_in()) { // Check if the item belong to the user if ($userId != null && $userId != $aItem['fk_i_user_id']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } // Check if the secret passphrase match with the item if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) { $json['success'] = false; $json['msg'] = _m("The listing doesn't belong to you"); echo json_encode($json); return false; } } // Does id & code combination exist? $result = ItemResource::newInstance()->existResource($id, $code); if ($result > 0) { $resource = ItemResource::newInstance()->findByPrimaryKey($id); if ($resource['fk_i_item_id'] == $item) { // Delete: file, db table entry if (defined(OC_ADMIN)) { osc_deleteResource($id, true); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id()); } else { osc_deleteResource($id, false); Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id()); } ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code)); $json['msg'] = _m('The selected photo has been successfully deleted'); $json['success'] = 'true'; } else { $json['msg'] = _m("The selected photo does not belong to you"); $json['success'] = 'false'; } } else { $json['msg'] = _m("The selected photo couldn't be deleted"); $json['success'] = 'false'; } echo json_encode($json); return true; break; case 'alerts': // Allow to register to an alert given (not sure it's used on admin) $encoded_alert = Params::getParam("alert"); $alert = osc_decrypt_alert(base64_decode($encoded_alert)); // check alert integrity / signature $stringToSign = osc_get_alert_public_key() . $encoded_alert; $signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign)); $server_signature = Session::newInstance()->_get('alert_signature'); if ($server_signature != $signature) { echo '-2'; return false; } $email = Params::getParam("email"); $userid = Params::getParam("userid"); if (osc_is_web_user_logged_in()) { $userid = osc_logged_user_id(); $user = User::newInstance()->findByPrimaryKey($userid); $email = $user['s_email']; } if ($alert != '' && $email != '') { if (osc_validate_email($email)) { $secret = osc_genRandomPassword(); if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) { if ((int) $userid > 0) { $user = User::newInstance()->findByPrimaryKey($userid); if ($user['b_active'] == 1 && $user['b_enabled'] == 1) { Alerts::newInstance()->activate($alertID); echo '1'; return true; } else { echo '-1'; return false; } } else { $aAlert = Alerts::newInstance()->findByPrimaryKey($alertID); osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret); } echo "1"; } else { echo "0"; } return true; } else { echo '-1'; return false; } } echo '0'; return false; break; case 'runhook': // run hooks $hook = Params::getParam('hook'); if ($hook == '') { echo json_encode(array('error' => 'hook parameter not defined')); break; } switch ($hook) { case 'item_form': osc_run_hook('item_form', Params::getParam('catId')); break; case 'item_edit': $catId = Params::getParam("catId"); $itemId = Params::getParam("itemId"); osc_run_hook("item_edit", $catId, $itemId); break; default: osc_run_hook('ajax_' . $hook); break; } break; case 'custom': // Execute via AJAX custom file if (Params::existParam('route')) { $routes = Rewrite::newInstance()->getRoutes(); $rid = Params::getParam('route'); $file = '../'; if (isset($routes[$rid]) && isset($routes[$rid]['file'])) { $file = $routes[$rid]['file']; } } else { // DEPRECATED: Disclosed path in URL is deprecated, use routes instead // This will be REMOVED in 3.4 $file = Params::getParam('ajaxfile'); } if ($file == '') { echo json_encode(array('error' => 'no action defined')); break; } // valid file? if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || stripos($file, '/admin/') !== false) { //If the file is inside an "admin" folder, it should NOT be opened in frontend echo json_encode(array('error' => 'no valid ajaxFile')); break; } if (!file_exists(osc_plugins_path() . $file)) { echo json_encode(array('error' => "ajaxFile doesn't exist")); break; } require_once osc_plugins_path() . $file; break; case 'check_username_availability': $username = osc_sanitize_username(Params::getParam('s_username')); if (!osc_is_username_blacklisted($username)) { $user = User::newInstance()->findByUsername($username); if (isset($user['s_username'])) { echo json_encode(array('exists' => 1, 's_username' => $username)); } else { echo json_encode(array('exists' => 0, 's_username' => $username)); } } else { echo json_encode(array('exists' => 1, 's_username' => $username)); } break; case 'ajax_upload': // Include the uploader class require_once LIB_PATH . "AjaxUploader.php"; $uploader = new AjaxUploader(); $original = pathinfo($uploader->getOriginalName()); $filename = uniqid("qqfile_") . "." . $original['extension']; $result = $uploader->handleUpload(osc_content_path() . 'uploads/temp/' . $filename); $result['uploadName'] = $filename; echo htmlspecialchars(json_encode($result), ENT_NOQUOTES); break; case 'ajax_validate': $id = Params::getParam('id'); if (!is_numeric($id)) { echo json_encode(array('success' => false)); die; } $secret = Params::getParam('secret'); $item = Item::newInstance()->findByPrimaryKey($id); if ($item['s_secret'] != $secret) { echo json_encode(array('success' => false)); die; } $nResources = ItemResource::newInstance()->countResources($id); $result = array('success' => $nResources < osc_max_images_per_item(), 'count' => $nResources); echo json_encode($result); break; case 'delete_ajax_upload': $files = Session::newInstance()->_get('ajax_files'); $success = false; $filename = ''; if (isset($files[Params::getParam('qquuid')]) && $files[Params::getParam('qquuid')] != '') { $filename = $files[Params::getParam('qquuid')]; unset($files[Params::getParam('qquuid')]); Session::newInstance()->_set('ajax_files', $files); $success = @unlink(osc_content_path() . 'uploads/temp/' . $filename); } echo json_encode(array('success' => $success, 'uploadName' => $filename)); break; default: echo json_encode(array('error' => __('no action defined'))); break; } // clear all keep variables into session Session::newInstance()->_dropKeepForm(); Session::newInstance()->_clearVariables(); }
public function uploadItemResources($aResources, $itemId) { if ($aResources != '') { $wat = new Watermark(); $itemResourceManager = ItemResource::newInstance(); $numImagesItems = osc_max_images_per_item(); $numImages = $itemResourceManager->countResources($itemId); foreach ($aResources['error'] as $key => $error) { if ($numImagesItems == 0 || $numImagesItems > 0 && $numImages < $numImagesItems) { if ($error == UPLOAD_ERR_OK) { $freedisk = 4 * osc_max_size_kb() * 1024; if (function_exists('disk_free_space')) { $freedisk = @disk_free_space(osc_content_path() . 'uploads/'); } if ($freedisk != false) { $tmpName = $aResources['tmp_name'][$key]; $total_size = 0; // Create normal size $normal_path = $path = $tmpName . "_normal"; $size = explode('x', osc_normal_dimensions()); ImageResizer::fromFile($tmpName)->resizeTo($size[0], $size[1])->saveToFile($path); if (osc_is_watermark_text()) { $wat->doWatermarkText($path, osc_watermark_text_color(), osc_watermark_text(), 'image/jpeg'); } elseif (osc_is_watermark_image()) { $wat->doWatermarkImage($path, 'image/jpeg'); } $sizeTmp = filesize($path); $total_size += $sizeTmp !== false ? $sizeTmp : osc_max_size_kb() * 1024; // Create preview $path = $tmpName . "_preview"; $size = explode('x', osc_preview_dimensions()); ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path); $sizeTmp = filesize($path); $total_size += $sizeTmp !== false ? $sizeTmp : osc_max_size_kb() * 1024; // Create thumbnail $path = $tmpName . "_thumbnail"; $size = explode('x', osc_thumbnail_dimensions()); ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path); $sizeTmp = filesize($path); $total_size += $sizeTmp !== false ? $sizeTmp : osc_max_size_kb() * 1024; if (osc_keep_original_image()) { $sizeTmp = filesize($tmpName); $total_size += $sizeTmp !== false ? $sizeTmp : osc_max_size_kb() * 1024; } if ($total_size <= $freedisk) { $numImages++; $itemResourceManager->insert(array('fk_i_item_id' => $itemId)); $resourceId = $itemResourceManager->dao->insertedId(); osc_copy($tmpName . '_normal', osc_content_path() . 'uploads/' . $resourceId . '.jpg'); osc_copy($tmpName . '_preview', osc_content_path() . 'uploads/' . $resourceId . '_preview.jpg'); osc_copy($tmpName . '_thumbnail', osc_content_path() . 'uploads/' . $resourceId . '_thumbnail.jpg'); if (osc_keep_original_image()) { $path = osc_content_path() . 'uploads/' . $resourceId . '_original.jpg'; move_uploaded_file($tmpName, $path); } $s_path = 'oc-content/uploads/'; $resourceType = 'image/jpeg'; $itemResourceManager->update(array('s_path' => $s_path, 's_name' => osc_genRandomPassword(), 's_extension' => 'jpg', 's_content_type' => $resourceType), array('pk_i_id' => $resourceId, 'fk_i_item_id' => $itemId)); osc_run_hook('uploaded_file', ItemResource::newInstance()->findByPrimaryKey($resourceId)); } else { return 2; // IMAGES ARE BIGGER THAN SPACE } } else { return 1; // NO SPACE LEFT } } } } unset($itemResourceManager); } return 0; // NO PROBLEMS }