<?php session_start(); require 'check_user.php'; $order_code = $_GET['order']; if (!isset($_FILES['banck_image']['name']) || empty($_FILES['banck_image']['name'])) { header("location: order_status.php?order={$order_code}&msg=up_it_plz"); die; } $file_name = $_FILES['banck_image']['name']; require '../helpers/functions.php'; if (is_valid_type($file_name, array('jpg', 'png', 'jpeg'))) { if (file_exists('../uploaded/bank/' . $file_name)) { $file_name = md5(date('h:m:s:i')) . '_' . $file_name; } $move = move_uploaded_file($_FILES['banck_image']['tmp_name'], "../uploaded/bank/" . $file_name); if ($move) { require '../connection/DB.php'; $order = $conn->prepare("UPDATE orders SET status = ? , transefer_image = ? WHERE order_code = ?"); $order->bindValue(1, 2, PDO::PARAM_INT); $order->bindValue(2, $file_name, PDO::PARAM_STR); $order->bindValue(3, $order_code, PDO::PARAM_STR); $order->execute(); header("Location: order_status.php?order=" . $order_code . "&msg=done"); die; } } else { header("Location: order_status.php?order={$order}&msg=invalid"); die; }
$randomlist[$i] = $i; } for ($i = 0; $i < $picturesnum; $i++) { $index1 = rand(0, $picturesnum - 1); $index2 = rand(0, $picturesnum - 1); if ($index1 != $index2) { $temp = $randomlist[$index1]; $randomlist[$index1] = $randomlist[$index2]; $randomlist[$index2] = $temp; } } $first = true; for ($i = 0; $i < $limit; $i++) { if (array_key_exists($i + 2, $pictures)) { $pic = $pictures[$randomlist[$i + 2]]; while (!is_dir($dir . '/' . $subdir . '/' . $pic) && !is_valid_type($pic)) { $i++; $pic = $pictures[$randomlist[$i + 2]]; } if ($i == 0) { echo '<div class="item active">' . "\n"; } else { echo '<div class="item">' . "\n"; } echo "<img src=\"http://192.168.0.100/pictures/{$subdir}/{$pic}\" alt=\"{$i}\"></div>" . "\n"; } } ?> </div> <!-- Left and right controls -->
/** *@Route("/photo/{id}" , name="photo") */ public function Photo(Request $request, $id) { $message = []; $users = $this->get('security.token_storage')->getToken()->getUser(); $send = $request->get('post'); if (isset($send)) { if ($users != "anon.") { $post = new Post(); $em = $this->getDoctrine()->getManager(); $post->setUsernameId($users); $post->setImageId($id); $post->setPost($send); $em->persist($post); $sd = $em->flush(); } else { $message['danger'] = 'You are not registered!'; } } $repository = $this->getDoctrine()->getRepository('AppBundle:post'); $query = $repository->createQueryBuilder('p')->where('p.imageId = :id')->setMaxResults(5)->orderBy('p.id', 'DESC')->setParameter('id', $id)->getQuery(); $posts = $query->getResult(); $repository = $this->getDoctrine()->getRepository('AppBundle:photo'); $photo = $repository->findById($id); $repository = $this->getDoctrine()->getRepository('AppBundle:categories'); $query = $repository->createQueryBuilder('p')->getQuery(); $category = $query->getResult(); if ($delete = $request->get('delete')) { $em = $this->getDoctrine()->getManager(); $delete = $em->getRepository('AppBundle:photo')->findOneById($delete); $em->remove($delete); $em->flush(); return $this->redirectToRoute('home'); } $user = $this->get('security.token_storage')->getToken()->getUser(); if ($user) { $repo = $this->getDoctrine()->getManager()->getRepository('AppBundle:photo'); $qb = $repo->createQueryBuilder('a'); $qb->select('COUNT(a)'); $qb->where('a.username = :usernameId'); $qb->setParameter('usernameId', $user); $photos = $qb->getQuery()->getSingleScalarResult(); } if ($edit = $request->get('edit')) { $repository = $this->getDoctrine()->getRepository('AppBundle:categories'); $query = $repository->createQueryBuilder('p')->getQuery(); $category = $query->getResult(); $user = $this->get('security.token_storage')->getToken()->getUser(); $title = $request->get('title'); $description = $request->get('description'); $categories = $request->get('categories'); $image = $request->get('image'); function is_valid_type($file) { $valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif", "image/png"); if (in_array($file['type'], $valid_types)) { return 1; } return 0; } if (isset($_FILES['image'])) { if (!empty($_FILES['image'])) { if (is_valid_type($_FILES['image'])) { if (!file_exists($_FILES['image']['name'])) { $extension = strtolower(substr(strrchr($_FILES['image']['name'], '.'), 1)); $filename = DFileHelper::getRandomFileName($extension); $target = 'img/' . $filename . '.' . $extension; if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) { $photo = new Photo(); $em = $this->getDoctrine()->getManager(); $photo = $em->getRepository('AppBundle:photo')->findOneById($id); $photo->setUsername($user); $photo->setDescription($description); $photo->setTitle($title); $photo->setCategories($em->getRepository("AppBundle:categories")->find($categories)); $photo->setImage('img/' . $filename . '.' . $extension); $em->persist($photo); $em->flush(); $message['success'] = "Photo added"; return $this->render('site/img.html.twig', array('users' => $users, 'post' => $posts, 'photo' => $photo, 'message' => $message, 'title' => 'Photo', 'photos' => $photos, 'url' => 'photo/' . $id, 'category' => $category, 'base_dir' => realpath($this->container->getParameter('kernel.root_dir') . '/..'))); } else { $message['danger'] = "You can not download the file. Check permissions to the directory ( read / write)"; } } else { $message['danger'] = "File with this name already exists"; } } else { $photo = new Photo(); $em = $this->getDoctrine()->getManager(); $photo = $em->getRepository('AppBundle:photo')->findOneById($id); $photo->setUsername($user); $photo->setDescription($description); $photo->setTitle($title); $photo->setCategories($em->getRepository("AppBundle:categories")->find($categories)); $em->persist($photo); $em->flush(); $message['success'] = "Photo edited!"; return $this->redirect('/photo/' . $edit); } } } } return $this->render('site/img.html.twig', array('users' => $users, 'post' => $posts, 'photo' => $photo, 'message' => $message, 'title' => 'Photo', 'url' => 'photo/' . $id, 'category' => $category, 'photos' => $photos, 'base_dir' => realpath($this->container->getParameter('kernel.root_dir') . '/..'))); }
public function edit_userAction(Request $request, $id) { $message = []; $user = $this->user(); $username = $request->get('username'); $last_name = $request->get('last_name'); $first_name = $request->get('first_name'); $twitter = $request->get('twitter'); $password = $request->get('password'); $git = $request->get('git'); $google = $request->get('google'); $avatar = $request->get('image'); $role = $request->get('role'); function is_valid_type($file) { $valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif", "image/png"); if (in_array($file['type'], $valid_types)) { return 1; } return 0; } $em = $this->getDoctrine()->getManager(); $query = $em->createQuery('SELECT p FROM AppBundle:user p WHERE p.id = :id')->setParameter('id', $id); $db_username = $query->getResult(); if (isset($_FILES['image'])) { if (!empty($_FILES['image'])) { if (is_valid_type($_FILES['image'])) { if (!file_exists($_FILES['image']['name'])) { $extension = strtolower(substr(strrchr($_FILES['image']['name'], '.'), 1)); $filename = DFileHelper::getRandomFileName($extension); $target = 'img/avatar/' . $filename . '.' . $extension; if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) { if (isset($username) && isset($last_name) && isset($first_name) && isset($twitter) && isset($password) && isset($git) && isset($google)) { if (!empty($username) && !empty($last_name) && !empty($first_name) && !empty($twitter) && !empty($password) && !empty($git) && !empty($google)) { $em = $this->getDoctrine()->getManager(); $user = $em->getRepository('AppBundle:user')->find($id); $user->setUsername($username); $user->setlast_name($last_name); $user->settwitter($twitter); $user->setgoogle($google); $user->setgit($git); $user->setrole($role); $passwords = $this->get('security.password_encoder')->encodePassword($user, $password); $user->setPassword($passwords); $user->setfirst_name($first_name); $user->setavatar('/img/avatar/' . $filename . '.' . $extension); $em->persist($user); $em->flush(); $message['success'] = "User updated"; } else { $message['danger'] = "Somsing missing"; } } else { $message['danger'] = "Somsing missing"; } } else { $message['danger'] = "You can not download the file. Check permissions to the directory ( read / write)"; } } else { $message['danger'] = "File with this name already exists"; } } else { $message['danger'] = "You can upload files : JPEG, GIF, BMP, PNG"; } } } if ($user->role >= 2) { return $this->render('admin/admin.edit_user.html.twig', array('user' => $user, 'title' => 'Edit User', 'db_username' => $db_username, 'message' => $message, 'base_dir' => realpath($this->container->getParameter('kernel.root_dir') . '/..'))); } else { return $this->redirectToRoute('home'); } }
$sql = "insert into Jokes (title,image_path,created_on,extra1,extra2) values ('{$title}','" . $TARGET_PATH . "', '{$created_on}','{$extra1}','{$extra2}')"; $result = mysql_query($sql) or die("Could not insert data into DB: " . mysql_error()); echo "Done..!"; } else { echo "Error while uploading file"; } } //Policies if ($category == "Policies") { $TARGET_PATH = "images/Policies/"; $TARGET_PATH .= $image_tmp_name . ".jpeg"; if ($image['name'] == "" || $content == "" || $title == "") { $_SESSION['error'] = "All fields are required"; echo "All fields are required"; } if (!is_valid_type($image)) { $_SESSION['error'] = "You must upload a jpeg, gif, or bmp"; } if (move_uploaded_file($image['tmp_name'], $TARGET_PATH)) { $sql = "insert into Policies (title,subheading,image_path,content,created_on,extra1,extra2) values ('{$title}','{$subtitle}','" . $TARGET_PATH . "','{$content}', '{$created_on}','{$extra1}','{$extra2}')"; $result = mysql_query($sql) or die("Could not insert data into DB: " . mysql_error()); echo "Done..!"; } else { echo "Error while uploading file"; } } //Videos if ($category == "Videos") { if ($title == "" || $imageLink == "" || $videoLink == "") { $_SESSION['error'] = "All fields are required"; echo "All fields are required";