it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Contact: Lyubomir Arsov, liubo (at) web-lobby.com
*/
include '../system.inc.php';
include 'functions.inc.php';
header("Pragma: cache");
header("Cache-Control: max-age=3600");
verifyAction('GENERATETHUMB');
checkAccess('GENERATETHUMB');
$path = urldecode(empty($_GET['f']) ? '' : $_GET['f']);
verifyPath($path);
@chmod(fixPath(dirname($path)), octdec(DIRPERMISSIONS));
@chmod(fixPath($path), octdec(FILEPERMISSIONS));
$w = intval(empty($_GET['width']) ? '100' : $_GET['width']);
$h = intval(empty($_GET['height']) ? '0' : $_GET['height']);
header('Content-type: ' . RoxyFile::GetMIMEType(basename($path)));
if ($w && $h) {
RoxyImage::CropCenter(fixPath($path), null, $w, $h);
} else {
RoxyImage::Resize(fixPath($path), null, $w, $h);
}
if (!empty($_FILES['files']) && is_array($_FILES['files']['tmp_name'])) {
$errors = $errorsExt = array();
foreach ($_FILES['files']['tmp_name'] as $k => $v) {
$filename = $_FILES['files']['name'][$k];
$filename = RoxyFile::MakeUniqueFilename(fixPath($path), $filename);
$filePath = fixPath($path) . '/' . $filename;
if (!RoxyFile::CanUploadFile($filename)) {
$errorsExt[] = $filename;
} elseif (!move_uploaded_file($v, $filePath)) {
$errors[] = $filename;
}
if (is_file($filePath)) {
@chmod($filePath, octdec(FILEPERMISSIONS));
}
if (RoxyFile::IsImage($filename) && (intval(MAX_IMAGE_WIDTH) > 0 || intval(MAX_IMAGE_HEIGHT) > 0)) {
RoxyImage::Resize($filePath, $filePath, intval(MAX_IMAGE_WIDTH), intval(MAX_IMAGE_HEIGHT));
}
}
if ($errors && $errorsExt) {
$res = getSuccessRes(t('E_UploadNotAll') . ' ' . t('E_FileExtensionForbidden'));
} elseif ($errorsExt) {
$res = getSuccessRes(t('E_FileExtensionForbidden'));
} elseif ($errors) {
$res = getSuccessRes(t('E_UploadNotAll'));
} else {
$res = getSuccessRes();
}
} else {
$res = getErrorRes(t('E_UploadNoFiles'));
}
} else {
if (!RoxyFile::CanUploadFile($filename)) {
$errorsExt[] = $filename;
$isUploaded = false;
} elseif (!move_uploaded_file($v, $filePath)) {
$errors[] = $filename;
$isUploaded = false;
}
if (is_file($filePath)) {
@chmod($filePath, octdec(FILEPERMISSIONS));
}
if ($isUploaded && RoxyFile::IsImage($filename) && (intval(MAX_IMAGE_WIDTH) > 0 || intval(MAX_IMAGE_HEIGHT) > 0)) {
RoxyImage::Resize($filePath, $filePath, intval(MAX_IMAGE_WIDTH), intval(MAX_IMAGE_HEIGHT));
error_log(date("Y-m-d H:i:s") . " : " . $_SERVER[PHP_SELF] . "\n", 3, "../../../log/spy.log");
$dest = $_SERVER["DOCUMENT_ROOT"] . "thumbs/" . $filename;
error_log(date("Y-m-d H:i:s") . " : " . $dest . "\n", 3, "../../../log/spy.log");
RoxyImage::Resize($filePath, $dest, 200, 200);
}
}
if ($errors && $errorsExt) {
$res = getSuccessRes(t('E_UploadNotAll') . ' ' . t('E_FileExtensionForbidden'));
} elseif ($errorsExt) {
$res = getSuccessRes(t('E_FileExtensionForbidden'));
} elseif ($errors) {
$res = getSuccessRes(t('E_UploadNotAll'));
} else {
$res = getSuccessRes();
}
} else {
$res = getErrorRes(t('E_UploadNoFiles'));
}
} else {