Exemple #1
0
 case "save_mgr_settings_mgr":
     foreach ($_POST as $key => $value) {
         if (is_array($value)) {
             foreach ($value as $key2 => $value2) {
                 //${$key}[$key2] = addslashes($value2);
                 ${$key}[$key2] = quote_smart($value2);
             }
         } else {
             ${$key} = quote_smart($value);
         }
     }
     // UPLOAD logo
     if ($_FILES['logoFile']['name'] != "") {
         $ext = substr($_FILES['logoFile']['name'], -3);
         $logoFileName = $_FILES['logoFile']['name'];
         upload_file_new($_FILES['logoFile'], $logoFileName, "../logo/");
     }
     $real_dir = realpath("../logo/");
     $dir = opendir($real_dir);
     # LOOP THROUGH THE DIRECTORY
     while ($file1 = readdir($dir)) {
         // MAKE SURE IT IS A IMAGE FILE
         $isphp = explode(".", $file1);
         if ($file1 != ".." && $file1 != "." && is_file("../logo/" . $file1) && @$isphp[count($isphp) - 1] == "jpg" or @$isphp[count($isphp) - 1] == "gif" or @$isphp[count($isphp) - 1] == "png" or @$isphp[count($isphp) - 1] == "swf" or @$isphp[count($isphp) - 1] == "flv") {
             $replace_char = array(".", "+", "%", "(", ")", "'", "_", "!", "@", "#", "<", ">", "\$", "^", "&", "*", "-");
             $post = str_replace($replace_char, "", $file1);
             $post = trim($post);
             if ($_POST[$post] == 1) {
                 if (file_exists("../logo/" . $file1)) {
                     unlink("../logo/" . $file1);
                 }
             }
         }
         unlink($stock_video_path_manager . $mov_name1);
     }
 }
 //Upload movie sample files attached
 $movie2_result = mysql_query("SELECT id FROM uploaded_images", $db);
 while ($movie2 = mysql_fetch_object($movie2_result)) {
     $rs_mov2 = "sample_file_" . $movie2->id;
     $fs_mov2 = "file_name_" . $movie2->id;
     if ($_FILES[$rs_mov2]['name'] != "") {
         $movie2_extension = $_FILES[$rs_mov2]['name'];
         $movie2_ext = substr($_FILES[$rs_mov2]['name'], -3);
         $movie2_name = strip_ext($_POST[$fs_mov2]);
         $movie2_name = $movie2_name . "." . $movie2_ext;
         upload_file_new($_FILES[$rs_mov2], $movie2_name, $sample_video_path_manager);
     }
 }
 //Delete uploaded sample movie files attached
 $movie3_result = mysql_query("SELECT id FROM uploaded_images", $db);
 while ($movie3 = mysql_fetch_object($movie3_result)) {
     $rs_mov3 = "delete_sample_" . $movie3->id;
     $fs_mov3 = "file_name_" . $movie3->id;
     if ($_POST[$rs_mov3] == 1) {
         $movie_name3 = strip_ext($_POST[$fs_mov3]);
         $movie_name3 = array($movie_name3 . ".mov", $movie_name3 . ".avi", $movie_name3 . ".mpg", $movie_name3 . ".flv", $movie_name3 . ".wmv");
         foreach ($movie_name3 as $key => $value) {
             if (is_file($sample_video_path_manager . $movie_name3[$key])) {
                 $mov_name3 = $movie_name3[$key];
             }
         }
 $av = mysql_fetch_object($avresult);
 // Clear out the previous avatar, or deleted it if requested
 if ($deleteAv == "1" or $_FILES['avatarFile']['name'] != "") {
     if ($av->link) {
         if (file_exists("../gal_images/{$av->link}")) {
             unlink("../gal_images/{$av->link}");
         }
         $sql = "UPDATE photo_galleries SET link = NULL WHERE id = '{$item_id}'";
         $result = mysql_query($sql);
     }
     // UPLOAD Avatar
     if ($_FILES['avatarFile']['name'] != "") {
         $ext = substr($_FILES['avatarFile']['name'], -3);
         //$avFileName = "av".time().".$ext";
         $avFileName = "av-" . $id . ".{$ext}";
         upload_file_new($_FILES['avatarFile'], $avFileName, "../gal_images/");
         if ($file_result_code == 1) {
             $sql = "UPDATE photo_galleries SET link='{$file_details['1']}' WHERE id = '{$item_id}'";
             $result = mysql_query($sql);
         }
     }
 }
 // UPLOAD IMAGE
 if ($image != "") {
     upload_image_g($image, $image_name, $image_type, $image_path, "", "", "125", "95");
     // returns $image_details[1] - $image_details[8]
     // new image name(1),image type(2), image path(3), image bytes(4), image kb(5), width(6), heigth(7), time(8)
     // $image_results returns results of upload
     // $result_code returns 1,2,3 / results of upload... 1 Success, 2 Type Not Supported , 3 Empty
     if ($result_code == 1) {
         $added = date("Ymd");
Exemple #4
0
         }
     } else {
         ${$key} = $value;
     }
 }
 //ADDED IN PS350 TO CLEANUP UNWANTED CHARACTERS
 $name = cleanup($name);
 $price = price_cleanup($price);
 //SAVE TO THE DATABASE
 $publish_date = $s_year . $s_month . $s_day;
 $sql = "UPDATE prints SET name='{$name}',article='{$article}',porder='{$porder}',price='{$price}',quan_avail='{$quan_avail}',ship_price1='{$ship_price1}',ship_price2='{$ship_price2}',bypass='******',visible='{$visible}',taxable='{$taxable}' WHERE id = '{$item_id}'";
 $result = mysql_query($sql);
 // UPLOAD FILE
 if ($_FILES['fileup']['name'] != "") {
     //echo $_FILES['fileup']['name']; exit;
     upload_file_new($_FILES['fileup'], $_FILES['fileup']['name'], "../uploaded_files/");
     $fname = $_FILES['fileup']['name'];
     //echo $fname; exit;
     $sql = "INSERT INTO uploaded_files (reference,reference_id,filename,file_text) VALUES ('{$_POST['reference']}','{$_POST['item_id']}','{$fname}','{$_POST['file_text']}')";
     $result = mysql_query($sql);
 }
 // UPLOAD IMAGE
 if ($_FILES['image']['name'] != "") {
     upload_image($_FILES['image'], $_FILES['image']['name'], $_FILES['image']['type'], $_POST['image_path'], "", "", "125", "100");
     // returns $image_details[1] - $image_details[8]
     // new image name(1),image type(2), image path(3), image bytes(4), image kb(5), width(6), heigth(7), time(8)
     // $image_results returns results of upload
     // $result_code returns 1,2,3 / results of upload... 1 Success, 2 Type Not Supported , 3 Empty
     $iname = $_FILES['image']['name'];
     //echo $result_code; exit;
     //echo $_POST['reference'] . "<br />" . $_POST['item_id'] . "<br />" . $image_details[1] . "<br />" . $_POST['image_caption'];