function edit() { if (!$this->haveAccessTo('edit')) { return $this->showAccessDenied(); } $nRecordID = Func::POSTGET('rec', false, true); if (!$nRecordID) { $this->adminRedirect(Errors::IMPOSSIBLE); } $aData = $this->db->one_array('SELECT * FROM ' . TABLE_BANNERS . ' WHERE id=' . $nRecordID); if (empty($aData)) { $this->adminRedirect(Errors::IMPOSSIBLE); } $sPrevPosition = $aData['position']; if (bff::$isPost) { $this->input->postm(array('position' => TYPE_STR, 'cat' => TYPE_ARRAY_UINT, 'enabled' => TYPE_BOOL, 'banner_type' => TYPE_UINT, 'show_limit' => TYPE_UINT, 'resize_img' => TYPE_BOOL, 'code' => TYPE_STR, 'show_start' => TYPE_STR, 'show_finish' => TYPE_STR, 'clickurl' => TYPE_STR, 'showurl' => TYPE_STR, 'showurl_recursive' => TYPE_BOOL, 'flash_width' => TYPE_UINT, 'flash_height' => TYPE_UINT, 'flash_key' => TYPE_STR, 'title' => TYPE_STR, 'alt' => TYPE_STR, 'description' => TYPE_STR), $aData); if (!$aData['position']) { $this->errors->set('position'); } /* если при редактировании позиция меняется, проверить новую позицию на возможность ротации */ if ($aData['position'] != $sPrevPosition) { if (!$this->checkRotation($aData['position'])) { $this->errors->set('no_rotation'); } } $aData['clickurl'] = preg_replace("[^http://|www\\.|https://|ftp://]", '', $aData['clickurl']); $aData['showurl'] = preg_replace("[^http://|www\\.|https://|ftp://]", '', $aData['showurl']); $sFlashAddFields = ''; if ($aData['banner_type'] == BANNERS_TYPE_FLASH) { if (!$aData['flash_width'] || !$aData['flash_height']) { $this->errors->set('no_flash_size'); } $sFlashAddFields = 'flash = ' . $this->db->str2sql(serialize(array('width' => $aData['flash_width'], 'height' => $aData['flash_height'], 'key' => $aData['flash_key']))) . ','; } Func::setSESSION('banner_position', $aData['position']); if ($this->errors->no()) { $this->db->execute('UPDATE ' . TABLE_BANNERS . ' SET clickurl = :clickurl, position = :position, cat = :cat, show_start = :show_start, show_finish = :show_finish, showurl = :showurl, showurl_recursive =' . $aData['showurl_recursive'] . ', enabled =' . $aData['enabled'] . ', banner_type =' . $aData['banner_type'] . ',' . $sFlashAddFields . ' show_limit = ' . $aData['show_limit'] . ', title = :title, alt = :alt, description = :description WHERE id=' . $nRecordID, array(':clickurl' => $aData['clickurl'], ':position' => $aData['position'], ':cat' => join(',', $aData['cat']), ':show_start' => date('Y-m-d H:i', strtotime($aData['show_start'])), ':show_finish' => date('Y-m-d H:i', strtotime($aData['show_finish'])), ':showurl' => $aData['showurl'], ':title' => $aData['title'], ':alt' => $aData['alt'], ':description' => $aData['description'])); do { if ($aData['banner_type'] == BANNERS_TYPE_IMG) { $oUpload = new Upload('bnrimg', false); if (isset($_FILES['bnrimg']) && $_FILES['bnrimg']['error'] == 4) { break; } $oUpload->checkIsIMG(); if ($oUpload->isSuccessfull()) { $this->delImages($nRecordID, array('banner' => $aData['banner'])); $aImgInfo = getimagesize($_FILES['bnrimg']['tmp_name']); $sExtension = image_type_to_extension($aImgInfo[2], false); $sFilename = func::generateRandomName(5, true, true) . '.' . $sExtension; $aPositionInfo = $this->positions[$aData['position']]; if (!isset($aPositionInfo['height']) || !$aPositionInfo['height']) { $aPositionInfo['height'] = false; } if (!$aData['resize_img']) { $aWorkingImg = array('filename' => BANNERS_PATH . $nRecordID . '_work_' . $sFilename, 'width' => $aImgInfo[0], 'height' => $aImgInfo[1], 'autofit' => true, 'crop_v' => 'center', 'crop_h' => 'center'); } else { $aWorkingImg = array('filename' => BANNERS_PATH . $nRecordID . '_work_' . $sFilename, 'width' => $aPositionInfo['width'], 'height' => $aPositionInfo['height'], 'autofit' => true, 'crop_v' => 'center', 'crop_h' => 'center'); } $aParams = array(array('filename' => BANNERS_PATH . $nRecordID . '_th_' . $sFilename, 'width' => 100, 'height' => false, 'autofit' => true, 'crop_v' => 'center', 'crop_h' => 'center'), $aWorkingImg ? $aWorkingImg : ''); $oThumb = new CThumbnail($_FILES['bnrimg']['tmp_name'], false); $oThumb->save($aParams); $this->db->execute('UPDATE ' . TABLE_BANNERS . ' SET banner=' . $this->db->str2sql($sFilename) . ' WHERE id=' . $nRecordID); } } elseif ($aData['banner_type'] == BANNERS_TYPE_FLASH) { $fUpload = new Upload('flash', false); if (!empty($fUpload->filename)) { $this->delImages($nRecordID, array('banner' => $aData['banner'])); $fUpload->save(BANNERS_PATH, $nRecordID . '_src_'); $this->db->execute('UPDATE ' . TABLE_BANNERS . ' SET banner=' . $this->db->str2sql($fUpload->getFilename()) . ' WHERE id=' . $nRecordID); } } else { $this->db->execute('UPDATE ' . TABLE_BANNERS . ' SET banner=' . $this->db->str2sql($aData['code']) . ' WHERE id=' . $nRecordID); } } while (false); $this->adminRedirect(Errors::SUCCESSFULL); } $aData['banner'] = $this->db->one_data('SELECT banner FROM ' . TABLE_BANNERS . ' WHERE id=' . $nRecordID); } $aData['cat'] = explode(',', $aData['cat']); if (empty($aData['position'])) { $aData['position'] = Func::SESSION('banner_position'); } $aData['width'] = $this->positions[$aData['position']]['width']; $aData['height'] = $this->positions[$aData['position']]['height']; //prepare link $aData['link'] = $this->prepareClickURL($aData['id']); //prepare thumbnail path $aData['img_small'] = ''; $aData['img_big'] = ''; $sFilename = $aData['id'] . '_th_' . $aData['banner']; if (file_exists(BANNERS_PATH . $sFilename)) { $aData['img_small'] = BANNERS_URL . '/' . $sFilename; } $sFilename = $aData['id'] . '_work_' . $aData['banner']; if (file_exists(BANNERS_PATH . $sFilename)) { $aData['img_big'] = BANNERS_URL . '/' . $sFilename; } $aData['flash'] = unserialize($aData['flash']); $aData['resize_img'] = 1; $aData['date_min'] = date('Y,n,d', mktime(0, 0, 0, date('n') - 1, date('d'), date('y'))); $this->includeJS(array('datepicker')); $this->tplAssign('aCategories', $this->getBBSCategories($aData['cat'], false)); $this->tplAssign('aPosOptions', $this->positions); $this->tplAssign('aData', $aData); return $this->tplFetch('admin.form.tpl'); }
function upload() { #Загружались ли файлы if (empty($_FILES)) { return false; } #Достаточно ли свободного места на диске if ($nDiskFreeSpace = @disk_free_space($this->path)) { if ($nDiskFreeSpace <= 524288000) { trigger_error('attach_quota_reached'); return false; } } $aAttachments = array(); $i = 1; $aFiles = array_reverse($_FILES); foreach ($aFiles as $sFileKey => $aFileParams) { if (strpos($sFileKey, $this->input) === FALSE || $aFileParams['error'] == 4) { /* файл не был загружен */ continue; } $aAttachments[$i] = array('error' => 0, 'filesize' => @filesize($aFileParams['tmp_name']), 'rfilename' => $aFileParams['name'], 'extension' => mb_strtolower(pathinfo($aFileParams['name'], PATHINFO_EXTENSION))); if (!$aAttachments[$i]['filesize']) { $aAttachments[$i]['filesize'] = $aFileParams['size']; } #Не указана ли ошибка загрузки if ($aFileParams['error'] != 0) { switch ($aFileParams['error']) { case 1: //The uploaded file exceeds the upload_max_filesize directive in php.ini. //The uploaded file exceeds the upload_max_filesize directive in php.ini. case 2: //The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form. $aAttachments[$i]['error'] = BFF_UPLOADERROR_MAXSIZE; break; default: //3: The uploaded file was only partially uploaded. //4: No file was uploaded. //6: Missing a temporary folder. Introduced in PHP 4.3.10 and PHP 5.0.3. //7: Failed to write file to disk. Introduced in PHP 5.1.0. $aAttachments[$i]['error'] = -$aFileParams['error']; break; } continue; } #Загружен ли файл? if (!is_uploaded_file($aFileParams['tmp_name'])) { $aAttachments[$i]['error'] = BFF_UPLOADERROR_UPLOADERR; continue; } #Проверка имени файла if (preg_match("#[\\/:;*?\"<>|]#i", $aFileParams['name'])) { $aAttachments[$i]['error'] = BFF_UPLOADERROR_WRONGNAME; continue; } #Проверка размера файла if ($aAttachments[$i]['filesize'] <= 0) { $aAttachments[$i]['error'] = BFF_UPLOADERROR_WRONGSIZE; continue; } if (!empty($this->maxsize) && $aAttachments[$i]['filesize'] > $this->maxsize) { $aAttachments[$i]['error'] = BFF_UPLOADERROR_MAXSIZE; continue; } #Проверка типа файла по раширению if (!$this->isAllowedExtension($aAttachments[$i]['extension'])) { $aAttachments[$i]['error'] = BFF_UPLOADERROR_WRONGTYPE; continue; } #Проверка свободного места на диске if ($nDiskFreeSpace <= $aAttachments[$i]['filesize']) { $aAttachments[$i]['error'] = BFF_UPLOADERROR_DISKQUOTA; continue; } #Генерация имени файла if ($aAttachments[$i]['extension'] == 'jpeg') { $aAttachments[$i]['extension'] = 'jpg'; } $sFilename = func::generateRandomName(10, false, true) . '.' . $aAttachments[$i]['extension']; $sFilepath = $this->path . $sFilename; #Сохранение if (!move_uploaded_file($aFileParams['tmp_name'], $sFilepath)) { $aAttachments[$i]['error'] = BFF_UPLOADERROR_UPLOADERR; continue; } $aAttachments[$i]['filename'] = $sFilename; @chmod($sFilepath, 0666); if (++$i > $this->limit) { break; } } if ($this->limit == 1) { $attach = current($aAttachments); return $attach['error'] === 0 ? $attach['filename'] . ';' . $attach['filesize'] . ';' . $attach['extension'] : ''; } return $aAttachments; }