function process_post_data()
{
    global $HTTP_POST_VARS, $CONFIG;
    global $lang_errors;
    $pid = (int) $HTTP_POST_VARS['id'];
    $aid = (int) $HTTP_POST_VARS['aid'];
    $pwidth = (int) $HTTP_POST_VARS['pwidth'];
    $pheight = (int) $HTTP_POST_VARS['pheight'];
    $title = $HTTP_POST_VARS['title'];
    $caption = $HTTP_POST_VARS['caption'];
    $keywords = $HTTP_POST_VARS['keywords'];
    $user1 = $HTTP_POST_VARS['user1'];
    $user2 = $HTTP_POST_VARS['user2'];
    $user3 = $HTTP_POST_VARS['user3'];
    $user4 = $HTTP_POST_VARS['user4'];
    $read_exif = isset($HTTP_POST_VARS['read_exif']);
    $reset_vcount = isset($HTTP_POST_VARS['reset_vcount']);
    $reset_votes = isset($HTTP_POST_VARS['reset_votes']);
    $del_comments = isset($HTTP_POST_VARS['del_comments']) || $delete;
    $query = "SELECT category, filepath, filename FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='{$pid}'";
    $result = db_query($query);
    if (!mysql_num_rows($result)) {
        cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
    }
    $pic = mysql_fetch_array($result);
    mysql_free_result($result);
    if (!(GALLERY_ADMIN_MODE || USER_ADMIN_MODE)) {
        if ($pic['category'] != FIRST_USER_CAT + USER_ID) {
            cpg_die(ERROR, $lang_errors['perm_denied'] . "<br />(picture category = {$pic['category']}/ {$pid})", __FILE__, __LINE__);
        }
        if (!isset($user_album_set[$aid])) {
            cpg_die(ERROR, $lang_errors['perm_denied'] . "<br />(target album = {$aid})", __FILE__, __LINE__);
        }
    }
    $update = "aid = '" . $aid . "'";
    if (is_movie($pic['filename'])) {
        $update .= ", pwidth = " . $pwidth;
        $update .= ", pheight = " . $pheight;
    }
    $update .= ", title = '" . addslashes($title) . "'";
    $update .= ", caption = '" . addslashes($caption) . "'";
    $update .= ", keywords = '" . addslashes($keywords) . "'";
    $update .= ", user1 = '" . addslashes($user1) . "'";
    $update .= ", user2 = '" . addslashes($user2) . "'";
    $update .= ", user3 = '" . addslashes($user3) . "'";
    $update .= ", user4 = '" . addslashes($user4) . "'";
    if ($reset_vcount) {
        $update .= ", hits = '0'";
    }
    if ($reset_votes) {
        $update .= ", pic_rating = '0', votes = '0'";
    }
    if ($del_comments) {
        $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'";
        $result = db_query($query);
    } else {
        $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
        $result = db_query($query);
    }
}
Esempio n. 2
0
function print_gallery_sounds($sounds)
{
    if (count($sounds) > 0) {
        echo "<!-- Begin Sounds-->\n";
        echo "<div id='sounds'>\n";
        echo "\t<h3>Audio Files</h3>\n";
        echo "\t<ul>\n";
        foreach ($sounds as $sound) {
            if (is_movie($sound, array("mp3"))) {
                echo "\t<li>\n";
                echo "\t\t";
                print_movie($sound, "swf_player");
                echo "</a></li>\n";
                echo "\t</li>\n";
            }
            echo "\t</ul>\n";
            echo "</div>\n";
            echo "<!-- End Sounds-->\n\n";
        }
    }
}
Esempio n. 3
0
function is_known_filetype($file)
{
    return is_image($file) || is_movie($file) || is_audio($file) || is_document($file);
}
Esempio n. 4
0
function process_post_data()
{
    global $CONFIG, $mb_utf8_regex;
    global $lang_errors, $lang_editpics_php;
    $pid = (int) $_POST['id'];
    $aid = (int) $_POST['aid'];
    $pwidth = (int) $_POST['pwidth'];
    $pheight = (int) $_POST['pheight'];
    $title = $_POST['title'];
    $caption = $_POST['caption'];
    $keywords = $_POST['keywords'];
    $user1 = $_POST['user1'];
    $user2 = $_POST['user2'];
    $user3 = $_POST['user3'];
    $user4 = $_POST['user4'];
    $galleryicon = (int) $_POST['galleryicon'];
    $isgalleryicon = $galleryicon === $pid;
    // need to implement "Read EXIF info again" checkbox; comment out for now
    // $read_exif    = isset($_POST['read_exif']);
    $reset_vcount = isset($_POST['reset_vcount']);
    $reset_votes = isset($_POST['reset_votes']);
    $del_comments = isset($_POST['del_comments']) || $delete;
    $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a WHERE a.aid = p.aid AND pid = '{$pid}'");
    if (!mysql_num_rows($result)) {
        cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
    }
    $pic = mysql_fetch_array($result);
    mysql_free_result($result);
    if (!(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) {
        cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
    }
    $update = "aid = '" . $aid . "'";
    if (is_movie($pic['filename'])) {
        $update .= ", pwidth = " . $pwidth;
        $update .= ", pheight = " . $pheight;
    }
    $update .= ", title = '" . addslashes($title) . "'";
    $update .= ", caption = '" . addslashes($caption) . "'";
    $update .= ", keywords = '" . addslashes($keywords) . "'";
    $update .= ", user1 = '" . addslashes($user1) . "'";
    $update .= ", user2 = '" . addslashes($user2) . "'";
    $update .= ", user3 = '" . addslashes($user3) . "'";
    $update .= ", user4 = '" . addslashes($user4) . "'";
    if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) {
        $sql = 'update ' . $CONFIG['TABLE_PICTURES'] . ' set galleryicon=0 where owner_id=' . $pic['owner_id'] . ';';
        cpg_db_query($sql);
        $update .= ", galleryicon = " . addslashes($galleryicon);
    }
    if ($reset_vcount) {
        $update .= ", hits = '0'";
        resetDetailHits($pid);
    }
    if ($reset_votes) {
        $update .= ", pic_rating = '0', votes = '0'";
        resetDetailVotes($pid);
    }
    if ($del_comments) {
        $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'";
        $result = cpg_db_query($query);
    } else {
        $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
        $result = cpg_db_query($query);
    }
    // rename a file
    if ($_POST['filename'] != $pic['filename']) {
        if ($CONFIG['thumb_use'] == 'ht' && $pic['pheight'] > $CONFIG['picture_width']) {
            $condition = true;
        } elseif ($CONFIG['thumb_use'] == 'wd' && $pic['pwidth'] > $CONFIG['picture_width']) {
            $condition = true;
        } elseif ($CONFIG['thumb_use'] == 'any' && max($pic['pwidth'], $pic['pheight']) > $CONFIG['picture_width']) {
            $condition = true;
        } else {
            $condition = false;
        }
        if ($CONFIG['make_intermediate'] && $condition) {
            $prefices = array('fullsize', 'normal', 'thumb');
        } else {
            $prefices = array('fullsize', 'thumb');
        }
        if (!is_image($pic['filename'])) {
            $prefices = array('fullsize');
        }
        foreach ($prefices as $prefix) {
            $oldname = urldecode(get_pic_url($pic, $prefix));
            $filename = replace_forbidden($_POST['filename']);
            $newname = str_replace($pic['filename'], $filename, $oldname);
            $old_mime = cpg_get_type($oldname);
            $new_mime = cpg_get_type($newname);
            if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__);
            }
            if (!is_known_filetype($newname)) {
                cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__);
            }
            if (file_exists($newname)) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__);
            }
            if (!file_exists($oldname)) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__);
            }
            if (rename($oldname, $newname)) {
                cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$filename}' WHERE pid = '{$pid}' LIMIT 1");
            } else {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__);
            }
        }
    }
}
Esempio n. 5
0
function theme_display_fullsize_pic()
{
    global $CONFIG, $THEME_DIR, $FORBIDDEN_SET, $LINEBREAK, $pid;
    global $lang_errors, $lang_fullsize_popup, $lang_charset;
    $superCage = Inspekt::makeSuperCage();
    if (!USER_ID && $CONFIG['allow_unlogged_access'] <= 2) {
        printf($lang_errors['login_needed'], '', '', '', '');
        die;
    } elseif (USER_ID && USER_ACCESS_LEVEL <= 2) {
        printf($lang_errors['access_intermediate_only'], '', '', '', '');
        die;
    }
    if ($superCage->get->keyExists('picfile')) {
        if (!GALLERY_ADMIN_MODE) {
            cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
        }
        //$picfile = $_GET['picfile'];
        //$picfile = $superCage->get->getPath('picfile'); // doesn't work with HTML entities
        $matches = $superCage->get->getMatched('picfile', '/^[0-9A-Za-z~ \\/_.-]+$/');
        $picfile = $matches[0];
        $picname = $CONFIG['fullpath'] . $picfile;
        $imagesize = @getimagesize($picname);
        $imagedata = array('name' => $picfile, 'path' => path2url($picname), 'geometry' => $imagesize[3]);
    } elseif ($pid) {
        $sql = "SELECT filepath, filename, url_prefix, pwidth, pheight FROM {$CONFIG['TABLE_PICTURES']} AS p " . "WHERE pid='{$pid}' {$FORBIDDEN_SET}";
        $result = cpg_db_query($sql);
        if (!mysql_num_rows($result)) {
            cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
        }
        $row = mysql_fetch_assoc($result);
        if (is_image($row['filename'])) {
            $pic_url = get_pic_url($row, 'fullsize');
            $geom = 'width="' . $row['pwidth'] . '" height="' . $row['pheight'] . '"';
            $imagedata = array('name' => $row['filename'], 'path' => $pic_url, 'geometry' => $geom);
        } else {
            $pic_html = theme_html_picture();
            if (is_movie($row['filename'])) {
                $mime_content = cpg_get_type($row['filename']);
                $ctrl_offset['mov'] = 15;
                $ctrl_offset['wmv'] = 45;
                $ctrl_offset['swf'] = 0;
                $ctrl_offset['rm'] = 0;
                $ctrl_offset_default = 45;
                $ctrl_height = isset($ctrl_offset[$mime_content['extension']]) ? $ctrl_offset[$mime_content['extension']] : $ctrl_offset_default;
                preg_match('/width="([0-9]+)".*height="([0-9]+)"/', $pic_html, $matches);
                $width = $matches[1] + $CONFIG['fullsize_padding_x'];
                $height = $matches[2] + $CONFIG['fullsize_padding_y'] + $ctrl_height;
                $resize_window = '<script type="text/javascript">window.resizeTo(' . $width . ', ' . $height . ')</script>';
            }
            preg_match('/<td align="center" style="{SLIDESHOW_STYLE}">.*(.*)<\\/td>/Us', $pic_html, $matches);
            $pic_html = $matches[1] . $resize_window;
        }
    }
    if (!USER_ID && $CONFIG['allow_unlogged_access'] <= 2 || USER_ID && USER_ACCESS_LEVEL <= 2) {
        // adjust the size of the window if we don't have to catter for a full-size pop-up, but only a text message
        $row['pwidth'] = 200;
        $row['pheight'] = 100;
    }
    $charset = $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'];
    $fullsize_html = <<<EOT
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
    <head>
        <meta http-equiv="content-type" content="text/html; charset={$charset}" />
        <title>{$CONFIG['gallery_name']}: {$lang_fullsize_popup['click_to_close']}</title>
        <style type="text/css">
            body { margin: 0; padding: 0; background-color: gray; }
            img { margin:0; padding:0; border:0; }
            #content { margin:0 auto; padding:0; border:0; }
            table { border:0; width:{$row['pwidth']}px; height:{$row['pheight']}px; border-collapse:collapse}
            td { vertical-align: middle; text-align:center; }
        </style>

        <script type="text/javascript" src="js/jquery-1.4.2.js"></script>
        <script type="text/javascript" src="js/jquery.dimensions.pack.js"></script>
        <script type="text/javascript" src="js/displayimage.fullsize.js"></script>
    </head>
    <body style="margin:0px; padding:0px; background-color: gray;">

EOT;
    if ($pic_html) {
        $fullsize_html .= $pic_html;
    } else {
        if ($CONFIG['transparent_overlay'] == 1) {
            $fullsize_html .= <<<EOT
            <table cellpadding="0" cellspacing="0" align="center" style="padding:0px;">
                <tr>

EOT;
            $fullsize_html .= '<td align="center" valign="middle" background="' . htmlspecialchars($imagedata['path']) . '" ' . $imagedata['geometry'] . ' class="image">';
            $fullsize_html .= '<div id="content">';
            $fullsize_html .= '<a href="javascript: window.close()" style="border:none"><img src="images/image.gif?id=' . floor(rand() * 1000 + rand()) . '&amp;fullsize=yes" ' . $imagedata['geometry'] . ' alt="' . htmlspecialchars($imagedata['name']) . '" title="' . htmlspecialchars($imagedata['name']) . $LINEBREAK . $lang_fullsize_popup['click_to_close'] . '" /></a><br />' . $LINEBREAK;
            $fullsize_html .= <<<EOT
                        </div>
                    </td>
                </tr>
            </table>

EOT;
        } else {
            $fullsize_html .= '        <div id="content">' . $LINEBREAK;
            $fullsize_html .= '<a href="javascript: window.close()"><img src="' . htmlspecialchars($imagedata['path']) . '" ' . $imagedata['geometry'] . ' id="fullsize_image" alt="' . htmlspecialchars($imagedata['name']) . '" title="' . htmlspecialchars($imagedata['name']) . $LINEBREAK . $lang_fullsize_popup['click_to_close'] . '" /></a><br />' . $LINEBREAK . '        </div>' . $LINEBREAK;
        }
    }
    $fullsize_html .= <<<EOT
  </body>
</html>

EOT;
    $fullsize_html = CPGPluginAPI::filter('fullsize_html', $fullsize_html);
    echo $fullsize_html;
}
Esempio n. 6
0
/**
 * Function to return html required for displaying the flv palyer
 */
function video2flash_ffmpeg_file_data($pic_data)
{
    global $CONFIG;
    $file = $CONFIG['fullpath'] . $pic_data['filepath'] . $pic_data['filename'];
    $picture_url = get_pic_url($pic_data, 'fullsize');
    preg_match("/(.+)\\.(.*?)\\Z/", $pic_data['filename'], $matches);
    $flv = $CONFIG['fullpath'] . $pic_data['filepath'] . $matches[1] . '.flv';
    // We will replace the file html only if it is a valid movie and we have the flv file
    if (is_movie($file) && file_exists($flv)) {
        $thumb = $CONFIG['fullpath'] . $pic_data['filepath'] . $CONFIG['thumb_pfx'] . $matches[1] . ".jpg";
        $flashvars = '';
        if (file_exists($thumb)) {
            $flashvars = '&image=' . $CONFIG['ecards_more_pic_target'] . $thumb;
        }
        if ($CONFIG['video2flash_ffmpeg_player_autostart'] == 'yes') {
            $flashvars = '&autostart=true';
        }
        $pic_data['html'] = <<<EOT
             <object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" width="{$CONFIG['video2flash_ffmpeg_player_width']}" height="{$CONFIG['video2flash_ffmpeg_player_height']}">
                <param name="movie" value="plugins/video2flash_ffmpeg/player.swf?file={$CONFIG['ecards_more_pic_target']}{$flv}{$flashvars}" />
                <param name="quality" value="high" />
                <param name="wmode" value="transparent" />
                <embed src="plugins/video2flash_ffmpeg/player.swf?file={$CONFIG['ecards_more_pic_target']}{$flv}{$flashvars}" quality="high" wmode="transparent" width="{$CONFIG['video2flash_ffmpeg_player_width']}" height="{$CONFIG['video2flash_ffmpeg_player_height']}" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" />
            </object>
EOT;
    }
    //  print_r($pic_data);
    return $pic_data;
}
Esempio n. 7
0
function form_pic_info($text)
{
    global $CURRENT_PIC, $THUMB_ROWSPAN, $CONFIG;
    global $lang_byte_units, $lang_editpics_php, $lang_common, $loop_counter, $row_style_class, $icon_array, $cpg_udb;
    if (!is_movie($CURRENT_PIC['filename'])) {
        $pic_info = sprintf($lang_editpics_php['pic_info_str'], $CURRENT_PIC['pwidth'], $CURRENT_PIC['pheight'], $CURRENT_PIC['filesize'] >> 10, $CURRENT_PIC['hits'], $CURRENT_PIC['votes']);
    } else {
        $pic_info = sprintf($lang_editpics_php['pic_info_str'], '<input type="text" name="pwidth' . $CURRENT_PIC['pid'] . '" value="' . $CURRENT_PIC['pwidth'] . '" size="5" maxlength="5" class="textinput" />', '<input type="text" name="pheight' . $CURRENT_PIC['pid'] . '" value="' . $CURRENT_PIC['pheight'] . '" size="5" maxlength="5" class="textinput" />', $CURRENT_PIC['filesize'] >> 10, $CURRENT_PIC['hits'], $CURRENT_PIC['votes']);
    }
    if (UPLOAD_APPROVAL_MODE) {
        if ($CURRENT_PIC['owner_id']) {
            $pic_info .= ' - <a href="profile.php?uid=' . $CURRENT_PIC['owner_id'] . '">' . $cpg_udb->get_user_name($CURRENT_PIC['owner_id']) . '</a>';
        }
    }
    $thumb_url = get_pic_url($CURRENT_PIC, 'thumb');
    $thumb_link = 'displayimage.php?pid=' . $CURRENT_PIC['pid'];
    $filename = htmlspecialchars($CURRENT_PIC['filename']);
    $filepath = htmlspecialchars($CURRENT_PIC['filepath']);
    $isgalleryicon_selected = $CURRENT_PIC['galleryicon'] ? 'checked="checked" ' : '';
    $isgalleryicon_disabled = !isset($CURRENT_PIC['category']) || $CURRENT_PIC['category'] < FIRST_USER_CAT ? ' style="display:none;" ' : '';
    if ($loop_counter == 0) {
        $row_style_class = 'tableb';
    } else {
        $row_style_class = 'tableb tableb_alternate';
    }
    $loop_counter++;
    if ($loop_counter > 1) {
        $loop_counter = 0;
    }
    if ($CURRENT_PIC['approved'] == 'YES') {
        $pic_approval_checked = 'checked="checked"';
    } else {
        $pic_approval_checked = '';
    }
    // The approve checkbox is shown only if the user is admin or moderator.
    $approve_html = '';
    if (GALLERY_ADMIN_MODE || MODERATOR_MODE) {
        $approve_html = <<<EOT
                          <td class="{$row_style_class}" width="40" valign="top">
                                  <input type="checkbox" name="approved{$CURRENT_PIC['pid']}" id="approve{$CURRENT_PIC['pid']}" value="YES" {$pic_approval_checked} class="checkbox" title="{$lang_editpics_php['approve_pic']}" /><label for="approve{$CURRENT_PIC['pid']}" class="clickable_option">{$icon_array['file_approve']}</label>
                          </td>
EOT;
    }
    // The reset hits box will only be displayed if a file has more than zero hits
    if ($CURRENT_PIC['hits'] == 0) {
        $hits_reset_disabled = 'disabled="disabled"';
    } else {
        $hits_reset_disabled = '';
    }
    // The reset votes box will only be displayed if a file has more than zero votes
    if ($CURRENT_PIC['votes'] == 0) {
        $votes_reset_disabled = 'disabled="disabled"';
    } else {
        $votes_reset_disabled = '';
    }
    echo <<<EOT
    <tr>
        <td colspan="3">
            <table border="0" cellspacing="0" cellpadding="0" width="100%">
                <tr>
                    <td class="{$row_style_class}" colspan="6">
                            {$icon_array['file_name']}{$lang_common['filename']}: <tt>{$CONFIG['site_url']}{$CONFIG['fullpath']}{$filepath}{$filename}</tt>
                    </td>
                </tr>
                <tr>
                    <td class="{$row_style_class}">&nbsp;</td>
                    <td class="{$row_style_class}" width="40" valign="top">
                    <input type="checkbox" name="delete{$CURRENT_PIC['pid']}" id="delete{$CURRENT_PIC['pid']}" value="1" class="checkbox" title="{$lang_editpics_php['del_pic']}" /><label for="delete{$CURRENT_PIC['pid']}" class="clickable_option">{$icon_array['delete']}</label>
                    </td>
                    {$approve_html}
                    <td class="{$row_style_class}" width="70">
                            <input type="checkbox" name="reset_vcount{$CURRENT_PIC['pid']}" id="reset_vcount{$CURRENT_PIC['pid']}" value="1" class="checkbox" title="{$lang_editpics_php['reset_view_count']}" {$hits_reset_disabled} /><label for="reset_vcount{$CURRENT_PIC['pid']}" class="clickable_option" title="{$lang_editpics_php['reset_view_count']}">{$icon_array['reset_views']} ({$CURRENT_PIC['hits']})</label>
                    </td>
                    <td class="{$row_style_class}" width="70">
                            <input type="checkbox" name="reset_votes{$CURRENT_PIC['pid']}" id="reset_votes{$CURRENT_PIC['pid']}" value="1" class="checkbox" title="{$lang_editpics_php['reset_votes']}" {$votes_reset_disabled} /><label for="reset_votes{$CURRENT_PIC['pid']}" class="clickable_option"><img src="images/rating.png" border="0" width="16" height="16" alt="" title="{$lang_editpics_php['reset_votes']}" /> ({$CURRENT_PIC['votes']})</label>
                    </td>
                    <td class="{$row_style_class}" width="40">
                            <input type="checkbox" name="del_comments{$CURRENT_PIC['pid']}" id="del_comments{$CURRENT_PIC['pid']}" value="1" class="checkbox" title="{$lang_editpics_php['del_comm']}" /><label for="del_comments{$CURRENT_PIC['pid']}" class="clickable_option">{$icon_array['comment_delete']}</label>
                    </td>
                </tr>
            </table>
        </td>
    </tr>
    <tr>
        <td class="{$row_style_class}" style="white-space: nowrap;">
                {$text}
        </td>
        <td class="{$row_style_class}">
                <input type="hidden" name="pid[]" value="{$CURRENT_PIC['pid']}" />
                {$pic_info}
        </td>
           <td class="{$row_style_class}" align="center" valign="top" rowspan="{$THUMB_ROWSPAN}">
                <a href="{$thumb_link}" target="_blank"><img src="{$thumb_url}" class="image" border="0" alt="" /></a><br />
                <span{$isgalleryicon_disabled}><input type="radio" name="galleryicon" id="galleryicon{$CURRENT_PIC['pid']}" value="{$CURRENT_PIC['pid']}" {$isgalleryicon_selected}class="checkbox" /><label for="galleryicon{$CURRENT_PIC['pid']}" class="clickable_option">{$lang_editpics_php['gallery_icon']}</label></span>
        </td>
    </tr>

EOT;
}
Esempio n. 8
0
 $form_array = array(array($lang_upload_php['album'], 'album', 2), array($lang_upload_php['pic_title'], 'title', 0, 255, 1, $title), array($captionLabel, 'caption', 3, $CONFIG['max_img_desc_length'], isset($iptc['Caption']) ? $iptc['Caption'] : ''), array($lang_upload_php['keywords'], 'keywords', 0, 255, 1, isset($iptc['Keywords']) ? implode(' ', $iptc['Keywords']) : ''), array('control', 'phase_2', 4), array('unique_ID', $_POST['unique_ID'], 4));
 // Check for user defined fields.
 if (!empty($CONFIG['user_field1_name'])) {
     $form_array[] = array($CONFIG['user_field1_name'], 'user1', 0, 255, 1);
 }
 if (!empty($CONFIG['user_field2_name'])) {
     $form_array[] = array($CONFIG['user_field2_name'], 'user2', 0, 255, 1);
 }
 if (!empty($CONFIG['user_field3_name'])) {
     $form_array[] = array($CONFIG['user_field3_name'], 'user3', 0, 255, 1);
 }
 if (!empty($CONFIG['user_field4_name'])) {
     $form_array[] = array($CONFIG['user_field4_name'], 'user4', 0, 255, 1);
 }
 // Check for movies and audio, and create width and height boxes if true.
 if (is_movie($file_set[1]) or is_audio($file_set[1])) {
     //Add width and height boxes to the form.
     $form_array[] = array($lang_admin_php['th_wd'], 'movie_wd', 0, 4, 1);
     $form_array[] = array($lang_admin_php['th_ht'], 'movie_ht', 0, 4, 1);
 }
 // Create the form and echo more instructions.
 create_form($form_array);
 // More instructions.
 if (count($escrow_array) > '1') {
     form_statement($lang_upload_php['place_instr_2']);
 }
 // Make button say 'Continue.'
 close_form($lang_continue);
 // Close the table, create footers, and flush the output buffer.
 endtable();
 pagefooter();
function form_pic_info($text)
{
    global $CURRENT_PIC, $THUMB_ROWSPAN, $CONFIG, $lang_byte_units, $lang_editpics_php;
    if (!is_movie($CURRENT_PIC['filename'])) {
        $pic_info = sprintf($lang_editpics_php['pic_info_str'], $CURRENT_PIC['pwidth'], $CURRENT_PIC['pheight'], $CURRENT_PIC['filesize'] >> 10, $CURRENT_PIC['hits'], $CURRENT_PIC['votes']);
    } else {
        $pic_info = sprintf($lang_editpics_php['pic_info_str'], '<input type="text" name="pwidth' . $CURRENT_PIC['pid'] . '" value="' . $CURRENT_PIC['pwidth'] . '" size="5" maxlength="5" class="textinput" />', '<input type="text" name="pheight' . $CURRENT_PIC['pid'] . '" value="' . $CURRENT_PIC['pheight'] . '" size="5" maxlength="5" class="textinput" />', $CURRENT_PIC['filesize'] >> 10, $CURRENT_PIC['hits'], $CURRENT_PIC['votes']);
    }
    if (UPLOAD_APPROVAL_MODE) {
        // Commented out by Omni; Duplicate of above
        //$pic_info = $CURRENT_PIC['pwidth'].' &times; '.$CURRENT_PIC['pheight'].' - '.($CURRENT_PIC['filesize'] >> 10).$lang_byte_units[1];
        if ($CURRENT_PIC['owner_name']) {
            $pic_info .= ' - <a href ="profile.php?uid=' . $CURRENT_PIC['owner_id'] . '" target="_blank">' . $CURRENT_PIC['owner_name'] . '</a>';
        }
    }
    $thumb_url = get_pic_url($CURRENT_PIC, 'thumb');
    $thumb_link = 'displayimage.php?&pos=' . -$CURRENT_PIC['pid'];
    $filename = htmlspecialchars($CURRENT_PIC['filename']);
    echo <<<EOT
        <input type="hidden" name="pid[]" value="{$CURRENT_PIC['pid']}">
        <tr>
                <td class="tableh2" colspan="3">
                        <b>{$filename}</b>
                </td>
        </tr>
        <tr>
                <td class="tableb" style="white-space: nowrap;">
                        {$text}
                </td>
                <td class="tableb">
                        {$pic_info}
                </td>
                   <td class="tableb" align="center" rowspan="{$THUMB_ROWSPAN}">
                        <a href="{$thumb_link}" target="_blank"><img src="{$thumb_url}" class="image" border="0"><br /></a>
            </td>
        </tr>

EOT;
}
function process_post_data()
{
    global $CONFIG, $USER_DATA, $lang_errors, $lang_editpics_php, $superCage;
    //Check if the form token is valid
    if (!checkFormToken()) {
        cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
    }
    $user_album_set = array();
    $result = cpg_db_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " OR uploads = 'YES'");
    while ($row = mysql_fetch_assoc($result)) {
        $user_album_set[$row['aid']] = 1;
    }
    mysql_free_result($result);
    $pid = $superCage->post->getInt('id');
    $aid = $superCage->post->getInt('aid');
    $pwidth = $superCage->post->getInt('pwidth');
    $pheight = $superCage->post->getInt('pheight');
    $title = cpgSanitizeUserTextInput($superCage->post->getEscaped('title'));
    $caption = cpgSanitizeUserTextInput($superCage->post->getEscaped('caption'));
    $keywords = cpgSanitizeUserTextInput(utf_replace($superCage->post->getEscaped('keywords')));
    $user1 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user1'));
    $user2 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user2'));
    $user3 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user3'));
    $user4 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user4'));
    $galleryicon = $superCage->post->getInt('galleryicon');
    $isgalleryicon = $galleryicon == $pid;
    $read_exif = $superCage->post->keyExists('read_exif') ? $superCage->post->getInt('read_exif') : 0;
    $reset_vcount = $superCage->post->keyExists('reset_vcount') ? $superCage->post->getInt('reset_vcount') : 0;
    $reset_votes = $superCage->post->keyExists('reset_votes') ? $superCage->post->getInt('reset_votes') : 0;
    $del_comments = $superCage->post->keyExists('del_comments') ? $superCage->post->getInt('del_comments') : 0;
    $result = cpg_db_query("SELECT category, owner_id, url_prefix, filepath, filename, pwidth, pheight, p.aid AS aid FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE pid = '{$pid}'");
    if (!mysql_num_rows($result)) {
        cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
    }
    $pic = mysql_fetch_assoc($result);
    mysql_free_result($result);
    if (!GALLERY_ADMIN_MODE && !MODERATOR_MODE && !USER_ADMIN_MODE && !user_is_allowed() && !$CONFIG['users_can_edit_pics']) {
        if ($pic['category'] != FIRST_USER_CAT + USER_ID) {
            cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
        }
        if (!isset($user_album_set[$aid])) {
            cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
        }
    }
    if (!USER_ID || !(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID)) {
        cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
    }
    $result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid = '{$aid}'");
    if (!mysql_num_rows($result)) {
        cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
    }
    $new_alb = mysql_fetch_assoc($result);
    mysql_free_result($result);
    cpg_trim_keywords($keywords);
    $update = "aid = '{$aid}'";
    if (is_movie($pic['filename'])) {
        $update .= ", pwidth = " . $pwidth;
        $update .= ", pheight = " . $pheight;
    }
    $update .= ", title = '{$title}'";
    $update .= ", caption = '{$caption}'";
    $update .= ", keywords = '{$keywords}'";
    if (GALLERY_ADMIN_MODE) {
        $approved = $superCage->post->getAlpha('approved');
        $update .= ", approved = '{$approved}'";
    } elseif ($new_alb['category'] < FIRST_USER_CAT && $aid != $pic['aid']) {
        $approved = $USER_DATA['pub_upl_need_approval'] ? 'NO' : 'YES';
        $update .= ", approved = '{$approved}'";
    } elseif ($new_alb['category'] > FIRST_USER_CAT && $aid != $pic['aid'] && $pic['category'] < FIRST_USER_CAT) {
        $approved = $USER_DATA['priv_upl_need_approval'] ? 'NO' : 'YES';
        $update .= ", approved = '{$approved}'";
    }
    $update .= ", user1 = '{$user1}'";
    $update .= ", user2 = '{$user2}'";
    $update .= ", user3 = '{$user3}'";
    $update .= ", user4 = '{$user4}'";
    if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) {
        $sql = "UPDATE {$CONFIG['TABLE_PICTURES']} SET galleryicon = 0 WHERE owner_id = {$pic['owner_id']}";
        cpg_db_query($sql);
        $update .= ", galleryicon = " . $galleryicon;
    }
    if ($reset_vcount) {
        $update .= ", hits = 0";
        resetDetailHits($pid);
    }
    if ($reset_votes) {
        $update .= ", pic_rating = 0, votes = 0";
        resetDetailVotes($pid);
    }
    if ($read_exif) {
        // If "read exif info again" is checked then just delete the entry from the exif table.
        // The new exif information will automatically be read when someone views the image.
        $query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE pid = '{$pid}'";
        cpg_db_query($query);
    }
    if ($del_comments) {
        $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid = '{$pid}'";
        cpg_db_query($query);
    }
    $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
    cpg_db_query($query);
    // Executes after a file update is committed
    CPGPluginAPI::action('after_edit_file', $pid);
    // rename a file
    if ($superCage->post->keyExists('filename')) {
        $post_filename = $superCage->post->getEscaped('filename');
    }
    if ($post_filename != $pic['filename']) {
        if ($CONFIG['make_intermediate'] && cpg_picture_dimension_exceeds_intermediate_limit($pic['pwidth'], $pic['pheight'])) {
            $prefixes = array('fullsize', 'normal', 'thumb');
        } else {
            $prefixes = array('fullsize', 'thumb');
        }
        if ($CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) {
            $prefixes[] = 'orig';
        }
        if (!is_image($pic['filename'])) {
            $prefixes = array('fullsize');
            // Check for custom thumbnails
            $mime_content_old = cpg_get_type($pic['filename']);
            $mime_content_new = cpg_get_type(replace_forbidden($post_filename));
            $file_base_name_old = str_replace('.' . $mime_content_old['extension'], '', basename($pic['filename']));
            foreach (array('.gif', '.png', '.jpg') as $thumb_extension) {
                if (file_exists($CONFIG['fullpath'] . $pic['filepath'] . $CONFIG['thumb_pfx'] . $file_base_name_old . $thumb_extension)) {
                    // Thumbnail found, check if it's the only file using that thumbnail
                    $count = mysql_result(cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath = '{$pic['filepath']}' AND filename LIKE '{$file_base_name_old}.%'"), 0);
                    if ($count == 1) {
                        $prefixes[] = 'thumb';
                        $custom_thumb = TRUE;
                        break;
                    }
                }
            }
        }
        $pic_prefix = array('thumb' => $CONFIG['thumb_pfx'], 'normal' => $CONFIG['normal_pfx'], 'orig' => $CONFIG['orig_pfx'], 'fullsize' => '');
        $files_to_rename = array();
        foreach ($prefixes as $prefix) {
            $oldname = urldecode($CONFIG['fullpath'] . $pic['filepath'] . $pic_prefix[$prefix] . $pic['filename']);
            $filename = replace_forbidden($post_filename);
            $newname = str_replace($pic['filename'], $filename, $oldname);
            if ($custom_thumb == TRUE && $prefix == 'thumb') {
                $oldname = str_replace('.' . $mime_content_old['extension'], $thumb_extension, $oldname);
                $newname = str_replace('.' . $mime_content_new['extension'], $thumb_extension, $newname);
            }
            $old_mime = cpg_get_type($oldname);
            $new_mime = cpg_get_type($newname);
            if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__);
            }
            if (!is_known_filetype($newname)) {
                cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__);
            }
            if (file_exists($newname)) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__);
            }
            if (!file_exists($oldname)) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__);
            }
            // Check if there will be no conflicts before doing anything
            $files_to_rename[] = array('oldname' => $oldname, 'filename' => $filename, 'newname' => $newname);
        }
        if (count($files_to_rename) > 0) {
            foreach ($files_to_rename as $file) {
                if (rename($file['oldname'], $file['newname'])) {
                    cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$file['filename']}' WHERE pid = '{$pid}' LIMIT 1");
                } else {
                    cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__);
                }
            }
        }
    }
}
Esempio n. 11
0
function process_post_data()
{
    global $CONFIG, $mb_utf8_regex;
    global $lang_errors, $lang_editpics_php;
    $superCage = Inspekt::makeSuperCage();
    $pid = $superCage->post->getInt('id');
    $aid = $superCage->post->getInt('aid');
    $pwight = $superCage->post->getInt('pwidth');
    $pheight = $superCage->post->getInt('pheight');
    $title = cpgSanitizeUserTextInput($superCage->post->getEscaped('title'));
    $caption = cpgSanitizeUserTextInput($superCage->post->getEscaped('caption'));
    $keywords = cpgSanitizeUserTextInput(utf_replace($superCage->post->getEscaped('keywords')));
    $user1 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user1'));
    $user2 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user2'));
    $user3 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user3'));
    $user4 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user4'));
    $galleryicon = $superCage->post->getInt('galleryicon');
    $isgalleryicon = $galleryicon === $pid;
    if ($superCage->post->keyExists('read_exif')) {
        $read_exif = $superCage->post->getInt('read_exif');
    }
    if ($superCage->post->keyExists('reset_vcount')) {
        $reset_vcount = $superCage->post->getInt('reset_vcount');
    }
    if ($superCage->post->keyExists('reset_votes')) {
        $reset_votes = $superCage->post->getInt('reset_votes');
    }
    if ($superCage->post->keyExists('del_comments')) {
        $del_comments = $superCage->post->getInt('del_comments') || $delete;
    }
    $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a WHERE a.aid = p.aid AND pid = '{$pid}'");
    if (!mysql_num_rows($result)) {
        cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
    }
    $pic = mysql_fetch_array($result);
    mysql_free_result($result);
    if (!(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) {
        cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
    }
    $update = "aid = '" . $aid . "'";
    if (is_movie($pic['filename'])) {
        $update .= ", pwidth = " . $pwidth;
        $update .= ", pheight = " . $pheight;
    }
    $update .= ", title = '" . $title . "'";
    $update .= ", caption = '" . $caption . "'";
    $update .= ", keywords = '" . $keywords . "'";
    if (GALLERY_ADMIN_MODE) {
        $approved = $superCage->post->getAlpha('approved');
        $update .= ", approved = '" . $approved . "'";
    }
    $update .= ", user1 = '" . $user1 . "'";
    $update .= ", user2 = '" . $user2 . "'";
    $update .= ", user3 = '" . $user3 . "'";
    $update .= ", user4 = '" . $user4 . "'";
    if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) {
        $sql = 'update ' . $CONFIG['TABLE_PICTURES'] . ' set galleryicon=0 where owner_id=' . $pic['owner_id'] . ';';
        cpg_db_query($sql);
        $update .= ", galleryicon = " . $galleryicon;
    }
    if ($reset_vcount) {
        $update .= ", hits = '0'";
        resetDetailHits($pid);
    }
    if ($reset_votes) {
        $update .= ", pic_rating = '0', votes = '0'";
        resetDetailVotes($pid);
    }
    if ($read_exif) {
        $filepath = urldecode(get_pic_url($pic, 'fullsize'));
        // If read exif info again is checked then we will just delete the entry from exif table. The new exif information will automatically be read when someone views the image.
        $query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE filename = '{$filepath}'";
        cpg_db_query($query);
    }
    if ($del_comments) {
        $query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'";
        $result = cpg_db_query($query);
    } else {
        $query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
        $result = cpg_db_query($query);
    }
    // rename a file
    if ($superCage->post->keyExists('filename') && ($matches = $superCage->post->getMatched('filename', '/^[0-9A-Za-z\\/_.-]+$/'))) {
        $post_filename = $matches[0];
    }
    if ($post_filename != $pic['filename']) {
        if ($CONFIG['thumb_use'] == 'ht' && $pic['pheight'] > $CONFIG['picture_width']) {
            $condition = true;
        } elseif ($CONFIG['thumb_use'] == 'wd' && $pic['pwidth'] > $CONFIG['picture_width']) {
            $condition = true;
        } elseif ($CONFIG['thumb_use'] == 'any' && max($pic['pwidth'], $pic['pheight']) > $CONFIG['picture_width']) {
            $condition = true;
        } else {
            $condition = false;
        }
        if ($CONFIG['make_intermediate'] && $condition) {
            $prefices = array('fullsize', 'normal', 'thumb');
        } else {
            $prefices = array('fullsize', 'thumb');
        }
        if ($CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) {
            $prefices[] = 'orig';
        }
        if (!is_image($pic['filename'])) {
            $prefices = array('fullsize');
        }
        foreach ($prefices as $prefix) {
            // OVI
            // $oldname = urldecode(get_pic_url($pic, $prefix));
            $oldname = urldecode(get_pic_url($pic, $prefix, false, true));
            // OVI
            $filename = replace_forbidden($post_filename);
            $newname = str_replace($pic['filename'], $filename, $oldname);
            $old_mime = cpg_get_type($oldname);
            $new_mime = cpg_get_type($newname);
            if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__);
            }
            if (!is_known_filetype($newname)) {
                cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__);
            }
            // OVI
            //if (file_exists($newname))
            //cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__);
            //if (!file_exists($oldname))
            //cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__);
            // OVI
            // OVI
            $imageContainer = new FileContainer($pic['pid'], $pic['owner_id']);
            $imageContainer->original_path = $oldname;
            //echo $imageContainer->original_path." ".$newname;exit(1);
            global $storage;
            if (!$storage->rename_file($imageContainer, $newname)) {
                cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__);
            }
            // OVI
            /*if (rename($oldname, $newname))
                       {
                           cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '$filename' WHERE pid = '$pid' LIMIT 1");
                       } else cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__);
            		*/
        }
        // foreach
        // OVI
        cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$filename}' WHERE pid = '{$pid}' LIMIT 1");
        // OVI
    }
}
Esempio n. 12
0
function add_picture($aid, $filepath, $filename, $title = '', $caption = '', $keywords = '', $user1 = '', $user2 = '', $user3 = '', $user4 = '', $category = 0)
{
    global $xoopsModuleConfig, $ERROR, $USER_DATA, $PIC_NEED_APPROVAL;
    global $xoopsDB, $xoopsUser, $picinID, $_SERVER;
    $myts =& MyTextSanitizer::getInstance();
    // MyTextSanitizer object
    $image = $xoopsModuleConfig['fullpath'] . $filepath . $filename;
    $normal = $xoopsModuleConfig['fullpath'] . $filepath . $xoopsModuleConfig['normal_pfx'] . $filename;
    $thumb = $xoopsModuleConfig['fullpath'] . $filepath . $xoopsModuleConfig['thumb_pfx'] . $filename;
    $imagesize = getimagesize($image);
    if (!$imagesize) {
        if (is_movie($image)) {
            $filename_wo_ext = substr($filename, 0, strrpos($filename, '.'));
            $thm_image = get_real_path() . $filepath . $filename_wo_ext . ".thm";
            if (file_exists($thm_image)) {
                copy($thm_image, $thumb);
                copy($thm_image, $normal);
            } else {
                copy(XOOPS_ROOT_PATH . "/modules/xcgal/images/thumb_avi.jpg", $thumb);
                copy(XOOPS_ROOT_PATH . "/modules/xcgal/images/thumb_avi.jpg", $normal);
            }
            $imagesize[0] = 320;
            $imagesize[1] = 240;
        } elseif (is_audio($image)) {
            $filename_wo_ext = substr($filename, 0, strrpos($filename, '.'));
            $thm_image = get_real_path() . $filepath . $filename_wo_ext . ".thm";
            if (file_exists($thm_image)) {
                copy($thm_image, $thumb);
                copy($thm_image, $normal);
            } else {
                copy(XOOPS_ROOT_PATH . "/modules/xcgal/images/thumb_mp3.jpg", $thumb);
                copy(XOOPS_ROOT_PATH . "/modules/xcgal/images/thumb_mp3.jpg", $normal);
            }
            $imagesize[0] = 320;
            $imagesize[1] = 240;
        }
    } else {
        if (!file_exists($thumb)) {
            if (!resize_image($image, $thumb, $xoopsModuleConfig['thumb_width'], $xoopsModuleConfig['thumb_method'])) {
                return false;
            }
        }
        if (max($imagesize[0], $imagesize[1]) > $xoopsModuleConfig['picture_width'] && $xoopsModuleConfig['make_intermediate'] && !file_exists($normal)) {
            if (!resize_image($image, $normal, $xoopsModuleConfig['picture_width'], $xoopsModuleConfig['thumb_method'])) {
                return false;
            }
        }
    }
    $image_filesize = filesize($image);
    $total_filesize = $image_filesize + (file_exists($normal) ? filesize($normal) : 0) + filesize($thumb);
    // Test if disk quota exceeded
    if (!USER_IS_ADMIN && $USER_DATA['group_quota']) {
        if (is_object($xoopsUser)) {
            $quota_opt = "owner_id = '" . USER_ID . "'";
        } else {
            $quota_opt = "ip = '" . $_SERVER['REMOTE_ADDR'] . "'";
        }
        $result = $xoopsDB->query("SELECT sum(total_filesize) FROM " . $xoopsDB->prefix("xcgal_pictures") . " WHERE {$quota_opt}");
        $record = $xoopsDB->fetchArray($result);
        $total_space_used = $record['sum(total_filesize)'];
        //echo $total_space_used;
        $xoopsDB->freeRecordSet($result);
        if ($total_space_used + $total_filesize > $USER_DATA['group_quota'] << 10) {
            @unlink($image);
            @unlink($normal);
            @unlink($thumb);
            $msg = strtr(_MD_QUOTA_EXCEEDED, array('[quota]' => $USER_DATA['group_quota'], '[space]' => $total_space_used >> 10));
            redirect_header('index.php', 2, $msg);
        }
    }
    // Test if picture requires approval
    if (!$USER_DATA['priv_upl_need_approval'] && $category == FIRST_USER_CAT + USER_ID) {
        $approved = 'YES';
    } elseif (!$USER_DATA['pub_upl_need_approval']) {
        $approved = 'YES';
    } else {
        $approved = 'NO';
    }
    $PIC_NEED_APPROVAL = $approved == 'NO';
    // User ID is not recorded when in admin mode (ie. for batch uploads)
    $user_id = USER_ID;
    $user_name = USER_NAME;
    $query = "INSERT INTO " . $xoopsDB->prefix("xcgal_pictures") . " (aid, filepath, filename, filesize, total_filesize, pwidth, pheight, mtime, ctime, owner_id, owner_name, title, caption, keywords, approved, user1, user2, user3, user4, ip) VALUES ('{$aid}', '" . $myts->makeTboxData4Save($filepath) . "', '" . $myts->makeTboxData4Save($filename) . "', '{$image_filesize}', '{$total_filesize}', '{$imagesize[0]}', '{$imagesize[1]}','" . time() . "', '" . time() . "', '{$user_id}','{$user_name}', '{$title}', '{$caption}', '{$keywords}', '{$approved}', '{$user1}', '{$user2}', '{$user3}', '{$user4}','" . $_SERVER['REMOTE_ADDR'] . "')";
    $result = $xoopsDB->queryf($query);
    if ($approved == 'YES') {
        $picinID = $xoopsDB->getInsertId();
    }
    if ($approved == 'YES' && is_object($xoopsUser)) {
        $xoopsUser->incrementPost();
    }
    return $result;
}
Esempio n. 13
0
function fmp_get_html($CURRENT_PIC_DATA, $check_only = false)
{
    if (in_array($CURRENT_PIC_DATA['extension'], array('mp4', 'flv', 'webm', 'aac', 'mp3', 'ogg'))) {
        if ($check_only == true) {
            return true;
        }
        global $CONFIG, $USER;
        // Load language file
        require_once "./plugins/flash_media_player/lang/english.php";
        if ($CONFIG['lang'] != 'english' && file_exists("./plugins/flash_media_player/lang/{$CONFIG['lang']}.php")) {
            require_once "./plugins/flash_media_player/lang/{$CONFIG['lang']}.php";
        }
        $media_file = $CONFIG['ecards_more_pic_target'] . get_pic_url($CURRENT_PIC_DATA, 'fullsize');
        // Use thumbnail or intermediate-sized image, if exists
        $thumb = get_pic_url($CURRENT_PIC_DATA, 'thumb');
        if (file_exists($normal = str_replace($CONFIG['thumb_pfx'], $CONFIG['normal_pfx'], $thumb))) {
            $thumb = $normal;
        }
        // Support for external files / YouTube support
        if ($CURRENT_PIC_DATA['filesize'] < 512) {
            $file_content = file_get_contents($CONFIG['fullpath'] . $CURRENT_PIC_DATA['filepath'] . $CURRENT_PIC_DATA['filename']);
            if (preg_match('/^(http|ftp)s?:\\/\\/.*\\.' . $CURRENT_PIC_DATA['extension'] . '$/i', $file_content, $matches)) {
                $media_file = strip_tags($matches[0]);
            } elseif (is_movie($CURRENT_PIC_DATA['filename'])) {
                $youtube_support = array("http://www.youtube.com/watch?v", "http://www.youtube.com/watch#!v=", "http://www.youtube.com/v/", "http://youtu.be/");
                foreach ($youtube_support as $url_format) {
                    if (stripos($file_content, $url_format) === 0) {
                        $media_file = $file_content;
                        break;
                    }
                }
            }
        }
        // Use skin if available
        if ($handle = opendir('plugins/flash_media_player/skins/')) {
            $skins = array();
            while (false !== ($file = readdir($handle))) {
                if (stripos($file, '.xml')) {
                    $skins[] = $file;
                }
            }
            closedir($handle);
            if (count($skins) == 1) {
                $skin = "\nskin: \"plugins/flash_media_player/skins/{$skins[0]}\",";
            }
        }
        $autostart = $CONFIG['media_autostart'] == 1 ? "true" : "false";
        $pic_html = <<<EOT
            <script type="text/javascript" src="plugins/flash_media_player/jwplayer.js"></script>
            <div id="flash_media_player">{$lang_plugin_flash_media_player['loading_player']}</div>
            <script type="text/javascript">
                jwplayer("flash_media_player").setup({
                    autostart: {$autostart},
                    height: {$CURRENT_PIC_DATA['pheight']},
                    width: {$CURRENT_PIC_DATA['pwidth']},
                    file: "{$media_file}",
                    image: "{$thumb}",{$skin}
                });
            </script>
EOT;
        return $pic_html;
    } else {
        return false;
    }
}
Esempio n. 14
0
function html_picture()
{
    global $xoopsModuleConfig, $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $USER, $_COOKIE;
    global $album, $comment_date_fmt;
    global $xoopsTpl, $myts;
    $pid = $CURRENT_PIC_DATA['pid'];
    if (!isset($USER['liv']) || !is_array($USER['liv'])) {
        $USER['liv'] = array();
    }
    // Add 1 to hit counter
    if ($album != "topn" && $album != "lasthits" && !in_array($pid, $USER['liv']) && isset($_COOKIE[$xoopsModuleConfig['cookie_name'] . '_data'])) {
        add_hit($pid);
        if (count($USER['liv']) > 4) {
            array_shift($USER['liv']);
        }
        array_push($USER['liv'], $pid);
    }
    if ($xoopsModuleConfig['make_intermediate'] && max($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight']) > $xoopsModuleConfig['picture_width']) {
        $picture_url = get_pic_url($CURRENT_PIC_DATA, 'normal');
    } else {
        $picture_url = get_pic_url($CURRENT_PIC_DATA, 'fullsize');
    }
    $image_size = compute_img_size($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight'], $xoopsModuleConfig['picture_width']);
    $xoopsTpl->assign('pid', $pid);
    $xoopsTpl->assign('picture_url', $picture_url);
    $xoopsTpl->assign('image_size', $image_size['geom']);
    if (is_image($CURRENT_PIC_DATA['filename'])) {
        $xoopsTpl->assign('file_type', 'image');
        if (isset($image_size['reduced'])) {
            $winsizeX = $CURRENT_PIC_DATA['pwidth'] + 16;
            $winsizeY = $CURRENT_PIC_DATA['pheight'] + 16;
            $xoopsTpl->assign('reduced', 1);
            $xoopsTpl->assign('winsizeX', $winsizeX);
            $xoopsTpl->assign('winsizeY', $winsizeY);
            $xoopsTpl->assign('uniqid_rand', uniqid(rand()));
            $xoopsTpl->assign('lang_view_fs', _MD_DIS_FULL);
        } else {
            $xoopsTpl->assign('reduced', 0);
        }
    } else {
        if (is_movie($CURRENT_PIC_DATA['filename'])) {
            $xoopsTpl->assign('file_type', 'movie');
        }
    }
    if ($CURRENT_PIC_DATA['title']) {
        $xoopsTpl->assign('pic_title', $myts->makeTboxData4Show($CURRENT_PIC_DATA['title']));
    } else {
        $xoopsTpl->assign('pic_title', '');
    }
    if ($CURRENT_PIC_DATA['caption']) {
        $xoopsTpl->assign('pic_caption', $myts->makeTareaData4Show($CURRENT_PIC_DATA['caption'], 0));
    } else {
        $xoopsTpl->assign('pic_caption', '');
    }
    if (USER_ADMIN_MODE && $CURRENT_ALBUM_DATA['category'] == FIRST_USER_CAT + USER_ID || GALLERY_ADMIN_MODE) {
        $xoopsTpl->assign('lang_confirm_del', _MD_DIS_CONF_DEL);
        $xoopsTpl->assign('lang_del_pic', _MD_DIS_DEL_PIC);
    } else {
        $xoopsTpl->assign('lang_del_pic', '');
    }
    if (!USER_CAN_SEE_FULL) {
        $xoopsTpl->assign('lang_no_full', 'Full-size images are available only for registered users!');
    } else {
        $xoopsTpl->assign('lang_no_full', '');
    }
}
Esempio n. 15
0
 $nr = 0;
 $picture_name = $matches[1] . '.' . $matches[2];
 while (file_exists($dest_dir . $picture_name)) {
     $picture_name = $matches[1] . '~' . $nr++ . '.' . $matches[2];
 }
 $uploaded_pic = $dest_dir . $picture_name;
 // Move the picture into its final location
 if (!move_uploaded_file($_FILES['userpicture']['tmp_name'], $uploaded_pic)) {
     redirect_header('index.php', 2, sprintf(_MD_DB_ERR_MOVE, $picture_name, $dest_dir));
 }
 // Change file permission
 chmod($uploaded_pic, octdec($xoopsModuleConfig['default_file_mode']));
 // Get picture information
 $imginfo = getimagesize($uploaded_pic);
 //media
 if (!$imginfo && is_movie($uploaded_pic)) {
     $imginfo[0] = 320;
     $imginfo[1] = 240;
     $movie_picture = true;
 } elseif (!$imginfo && is_audio($uploaded_pic)) {
     $imginfo[0] = 320;
     $imginfo[1] = 240;
     $movie_picture = true;
 } elseif (!$imginfo && is_document($uploaded_pic)) {
     $imginfo[0] = 320;
     $imginfo[1] = 240;
     $movie_picture = true;
 } else {
     $movie_picture = false;
 }
 // Check that picture size (in pixels) is lower than the maximum allowed