Esempio n. 1
0
File: pop.php Progetto: philum/cms
function vacuum_image($doc, $id)
{
    if (strpos($doc, '?')) {
        $dc = strdeb($doc, '?');
    }
    $xt = xt($dc);
    if (substr($doc, 0, 21) == 'data:image/png;base64') {
        $b64 = 1;
        $dc = substr($doc, 22);
        $xt = '.png';
    }
    //if(substr($doc,0,22)=='data:image/jpeg;base64'){$b64=1; $dc=substr($doc,23);$xt='.jpg';}
    if (!$xt or $xt == '.php' or $xt == '.jpeg') {
        $xt = '.jpg';
    }
    if (forbidden_img($doc) === false) {
        return;
    }
    //if(!is_numeric($id))copy($doc,'users/'.ses('qb').'/'.strrchr_b($doc,'/'));
    if ($id == 'test') {
        return $doc;
    }
    if ($id) {
        $nmw = $_SESSION['qb'] . '_' . $id . '_' . substr(md5($doc), 0, 6) . $xt;
        if ($b64) {
            write_file('img/' . $nmw, base64_decode($dc));
            $ok = 1;
        } else {
            $dc = urlutf($doc, 1);
            $ok = @copy($dc, 'img/' . $nmw);
            //error here stop display new art
            if (!$ok) {
                $d = curl_get_contents($dc);
                if (strpos($d, 'Forbidden') === false) {
                    write_file('img/' . $nmw, $d);
                    $ok = 1;
                }
            }
        }
        if ($ok) {
            add_im_img($nmw);
            add_im_msg($doc, $nmw);
            return $nmw;
        } else {
            return $doc;
        }
    } else {
        return $doc;
    }
}
Esempio n. 2
0
File: sav.php Progetto: philum/cms
function save_img()
{
    $qb = $_SESSION['qb'];
    $read = $_SESSION['read'];
    $fich = $_FILES['fichier']['name'];
    $fich_tmp = $_FILES['fichier']['tmp_name'];
    $xt = xt($fich);
    $fich = normalize($fich);
    $fich = str_replace("-", "", $fich);
    if ($fich == "") {
        $exp_out .= "no file uploaded ";
    } else {
        $goodxt = ".mp4.m4a.mov.mpg.mp3.wav.wmv.asf.rmv.ram.rm.swf.flv.jpg.png.gif.pdf.txt.rar.zip.tar.gz";
        $goodxt .= $_SESSION['prmb'][23];
        $goodext = str_replace(array(".php", ".js"), "", $goodxt);
        if (stristr($goodxt, $xt) === false) {
            $exp_out .= $xt . '=forbidden ; authorized=' . $goodxt . br();
        }
        $poids = $_FILES['fichier']['size'] / 1024;
        $uplimit = prms('uplimit') * 1000;
        if ($poids >= $uplimit || $poids == 0) {
            $exp_out .= "{$poids} > 250Mo ";
        }
        if ($xt == ".rm") {
            $fich .= "v";
        }
        $rep = 'img/';
        if (stristr(".m4a.mpg.mp4.asf.rmv.wmv.flv", $xt) !== false) {
            $rep = 'video/';
        } elseif (stristr(".rar.swf.txt.pdf", $xt) !== false) {
            $rep = 'docs/';
        } elseif (stristr(".mp3", $xt) !== false) {
            $rep = 'mp3/';
        }
        if (stristr(".txt.mp3.pdf.swf", $xt) !== false) {
            $rep = 'users/' . $qb . '/' . $rep;
        } elseif (stristr(".jpg.png.gif", $xt) === false) {
            $rep = 'users/' . $qb . '/' . $rep;
        }
        if (stristr(".jpg.png.gif.mp3.mp4.pmg.swf.wmv.flv.pdf", $xt) === false) {
            $w = ':w';
        }
        if (stristr(".txt", $xt) !== false) {
            $w = ':scrut';
        }
        if ($_GET['mode'] == "banim") {
            $mg = 'ban_' . $qb . '.jpg';
        } elseif ($_GET['avnim'] == "ok") {
            $mg = 'avatar_' . $_SESSION['USE'] . '.gif';
            $rep = 'imgb/';
        } elseif ($_GET['edit_css']) {
            $mg = 'css_' . $qb . '_' . $fich;
            $rep = 'imgb/';
        } elseif ($_GET['bkgim'] == "ok") {
            $mg = 'bkg_' . $qb . '.jpg';
            $rep = 'imgb/';
        } elseif ($_GET["mode"] == "disk") {
            $rep = 'users/' . ajx($_GET['opdir'], 1) . '/';
            $mg = $fich;
            if ($_GET['opdir'] != $qb) {
                mkdir_r($rep);
            }
        } else {
            $mg = $qb . '_' . $read . '_' . $fich;
        }
        if (!is_dir($rep)) {
            mkdir($rep, 0777);
        }
        if (is_uploaded_file($fich_tmp) && !$exp_out) {
            if (!move_uploaded_file($fich_tmp, $rep . $mg)) {
                $exp_out .= " not saved";
            }
            if ($xt == '.tar' or $xt == '.gz') {
                unpack_gz($rep . $mg, $rep);
            }
            if ($read && !$_GET["mode"]) {
                add_im_img($mg);
                if (!$_POST["imnot"]) {
                    add_im_msg("", $rep . $mg . $w);
                }
            }
        } else {
            $exp_out .= "upload refused: {$rep}{$mg}";
        }
    }
    //end_no_file
    if ($exp_out) {
        alert($exp_out);
    }
    return $rep . $mg;
}