<?php
session_start();
require 'check_user.php';
$order_code = $_GET['order'];
if (!isset($_FILES['banck_image']['name']) || empty($_FILES['banck_image']['name'])) {
header("location: order_status.php?order={$order_code}&msg=up_it_plz");
die;
}
$file_name = $_FILES['banck_image']['name'];
require '../helpers/functions.php';
if (is_valid_type($file_name, array('jpg', 'png', 'jpeg'))) {
if (file_exists('../uploaded/bank/' . $file_name)) {
$file_name = md5(date('h:m:s:i')) . '_' . $file_name;
}
$move = move_uploaded_file($_FILES['banck_image']['tmp_name'], "../uploaded/bank/" . $file_name);
if ($move) {
require '../connection/DB.php';
$order = $conn->prepare("UPDATE orders SET status = ? , transefer_image = ? WHERE order_code = ?");
$order->bindValue(1, 2, PDO::PARAM_INT);
$order->bindValue(2, $file_name, PDO::PARAM_STR);
$order->bindValue(3, $order_code, PDO::PARAM_STR);
$order->execute();
header("Location: order_status.php?order=" . $order_code . "&msg=done");
die;
}
} else {
header("Location: order_status.php?order={$order}&msg=invalid");
die;
}
$randomlist[$i] = $i;
}
for ($i = 0; $i < $picturesnum; $i++) {
$index1 = rand(0, $picturesnum - 1);
$index2 = rand(0, $picturesnum - 1);
if ($index1 != $index2) {
$temp = $randomlist[$index1];
$randomlist[$index1] = $randomlist[$index2];
$randomlist[$index2] = $temp;
}
}
$first = true;
for ($i = 0; $i < $limit; $i++) {
if (array_key_exists($i + 2, $pictures)) {
$pic = $pictures[$randomlist[$i + 2]];
while (!is_dir($dir . '/' . $subdir . '/' . $pic) && !is_valid_type($pic)) {
$i++;
$pic = $pictures[$randomlist[$i + 2]];
}
if ($i == 0) {
echo '<div class="item active">' . "\n";
} else {
echo '<div class="item">' . "\n";
}
echo "<img src=\"http://192.168.0.100/pictures/{$subdir}/{$pic}\" alt=\"{$i}\"></div>" . "\n";
}
}
?>
</div>
<!-- Left and right controls -->
/**
*@Route("/photo/{id}" , name="photo")
*/
public function Photo(Request $request, $id)
{
$message = [];
$users = $this->get('security.token_storage')->getToken()->getUser();
$send = $request->get('post');
if (isset($send)) {
if ($users != "anon.") {
$post = new Post();
$em = $this->getDoctrine()->getManager();
$post->setUsernameId($users);
$post->setImageId($id);
$post->setPost($send);
$em->persist($post);
$sd = $em->flush();
} else {
$message['danger'] = 'You are not registered!';
}
}
$repository = $this->getDoctrine()->getRepository('AppBundle:post');
$query = $repository->createQueryBuilder('p')->where('p.imageId = :id')->setMaxResults(5)->orderBy('p.id', 'DESC')->setParameter('id', $id)->getQuery();
$posts = $query->getResult();
$repository = $this->getDoctrine()->getRepository('AppBundle:photo');
$photo = $repository->findById($id);
$repository = $this->getDoctrine()->getRepository('AppBundle:categories');
$query = $repository->createQueryBuilder('p')->getQuery();
$category = $query->getResult();
if ($delete = $request->get('delete')) {
$em = $this->getDoctrine()->getManager();
$delete = $em->getRepository('AppBundle:photo')->findOneById($delete);
$em->remove($delete);
$em->flush();
return $this->redirectToRoute('home');
}
$user = $this->get('security.token_storage')->getToken()->getUser();
if ($user) {
$repo = $this->getDoctrine()->getManager()->getRepository('AppBundle:photo');
$qb = $repo->createQueryBuilder('a');
$qb->select('COUNT(a)');
$qb->where('a.username = :usernameId');
$qb->setParameter('usernameId', $user);
$photos = $qb->getQuery()->getSingleScalarResult();
}
if ($edit = $request->get('edit')) {
$repository = $this->getDoctrine()->getRepository('AppBundle:categories');
$query = $repository->createQueryBuilder('p')->getQuery();
$category = $query->getResult();
$user = $this->get('security.token_storage')->getToken()->getUser();
$title = $request->get('title');
$description = $request->get('description');
$categories = $request->get('categories');
$image = $request->get('image');
function is_valid_type($file)
{
$valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif", "image/png");
if (in_array($file['type'], $valid_types)) {
return 1;
}
return 0;
}
if (isset($_FILES['image'])) {
if (!empty($_FILES['image'])) {
if (is_valid_type($_FILES['image'])) {
if (!file_exists($_FILES['image']['name'])) {
$extension = strtolower(substr(strrchr($_FILES['image']['name'], '.'), 1));
$filename = DFileHelper::getRandomFileName($extension);
$target = 'img/' . $filename . '.' . $extension;
if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) {
$photo = new Photo();
$em = $this->getDoctrine()->getManager();
$photo = $em->getRepository('AppBundle:photo')->findOneById($id);
$photo->setUsername($user);
$photo->setDescription($description);
$photo->setTitle($title);
$photo->setCategories($em->getRepository("AppBundle:categories")->find($categories));
$photo->setImage('img/' . $filename . '.' . $extension);
$em->persist($photo);
$em->flush();
$message['success'] = "Photo added";
return $this->render('site/img.html.twig', array('users' => $users, 'post' => $posts, 'photo' => $photo, 'message' => $message, 'title' => 'Photo', 'photos' => $photos, 'url' => 'photo/' . $id, 'category' => $category, 'base_dir' => realpath($this->container->getParameter('kernel.root_dir') . '/..')));
} else {
$message['danger'] = "You can not download the file. Check permissions to the directory ( read / write)";
}
} else {
$message['danger'] = "File with this name already exists";
}
} else {
$photo = new Photo();
$em = $this->getDoctrine()->getManager();
$photo = $em->getRepository('AppBundle:photo')->findOneById($id);
$photo->setUsername($user);
$photo->setDescription($description);
$photo->setTitle($title);
$photo->setCategories($em->getRepository("AppBundle:categories")->find($categories));
$em->persist($photo);
$em->flush();
$message['success'] = "Photo edited!";
return $this->redirect('/photo/' . $edit);
}
}
}
}
return $this->render('site/img.html.twig', array('users' => $users, 'post' => $posts, 'photo' => $photo, 'message' => $message, 'title' => 'Photo', 'url' => 'photo/' . $id, 'category' => $category, 'photos' => $photos, 'base_dir' => realpath($this->container->getParameter('kernel.root_dir') . '/..')));
}
public function edit_userAction(Request $request, $id)
{
$message = [];
$user = $this->user();
$username = $request->get('username');
$last_name = $request->get('last_name');
$first_name = $request->get('first_name');
$twitter = $request->get('twitter');
$password = $request->get('password');
$git = $request->get('git');
$google = $request->get('google');
$avatar = $request->get('image');
$role = $request->get('role');
function is_valid_type($file)
{
$valid_types = array("image/jpg", "image/jpeg", "image/bmp", "image/gif", "image/png");
if (in_array($file['type'], $valid_types)) {
return 1;
}
return 0;
}
$em = $this->getDoctrine()->getManager();
$query = $em->createQuery('SELECT p
FROM AppBundle:user p
WHERE p.id = :id')->setParameter('id', $id);
$db_username = $query->getResult();
if (isset($_FILES['image'])) {
if (!empty($_FILES['image'])) {
if (is_valid_type($_FILES['image'])) {
if (!file_exists($_FILES['image']['name'])) {
$extension = strtolower(substr(strrchr($_FILES['image']['name'], '.'), 1));
$filename = DFileHelper::getRandomFileName($extension);
$target = 'img/avatar/' . $filename . '.' . $extension;
if (move_uploaded_file($_FILES['image']['tmp_name'], $target)) {
if (isset($username) && isset($last_name) && isset($first_name) && isset($twitter) && isset($password) && isset($git) && isset($google)) {
if (!empty($username) && !empty($last_name) && !empty($first_name) && !empty($twitter) && !empty($password) && !empty($git) && !empty($google)) {
$em = $this->getDoctrine()->getManager();
$user = $em->getRepository('AppBundle:user')->find($id);
$user->setUsername($username);
$user->setlast_name($last_name);
$user->settwitter($twitter);
$user->setgoogle($google);
$user->setgit($git);
$user->setrole($role);
$passwords = $this->get('security.password_encoder')->encodePassword($user, $password);
$user->setPassword($passwords);
$user->setfirst_name($first_name);
$user->setavatar('/img/avatar/' . $filename . '.' . $extension);
$em->persist($user);
$em->flush();
$message['success'] = "User updated";
} else {
$message['danger'] = "Somsing missing";
}
} else {
$message['danger'] = "Somsing missing";
}
} else {
$message['danger'] = "You can not download the file. Check permissions to the directory ( read / write)";
}
} else {
$message['danger'] = "File with this name already exists";
}
} else {
$message['danger'] = "You can upload files : JPEG, GIF, BMP, PNG";
}
}
}
if ($user->role >= 2) {
return $this->render('admin/admin.edit_user.html.twig', array('user' => $user, 'title' => 'Edit User', 'db_username' => $db_username, 'message' => $message, 'base_dir' => realpath($this->container->getParameter('kernel.root_dir') . '/..')));
} else {
return $this->redirectToRoute('home');
}
}
$sql = "insert into Jokes (title,image_path,created_on,extra1,extra2) values ('{$title}','" . $TARGET_PATH . "', '{$created_on}','{$extra1}','{$extra2}')";
$result = mysql_query($sql) or die("Could not insert data into DB: " . mysql_error());
echo "Done..!";
} else {
echo "Error while uploading file";
}
}
//Policies
if ($category == "Policies") {
$TARGET_PATH = "images/Policies/";
$TARGET_PATH .= $image_tmp_name . ".jpeg";
if ($image['name'] == "" || $content == "" || $title == "") {
$_SESSION['error'] = "All fields are required";
echo "All fields are required";
}
if (!is_valid_type($image)) {
$_SESSION['error'] = "You must upload a jpeg, gif, or bmp";
}
if (move_uploaded_file($image['tmp_name'], $TARGET_PATH)) {
$sql = "insert into Policies (title,subheading,image_path,content,created_on,extra1,extra2) values ('{$title}','{$subtitle}','" . $TARGET_PATH . "','{$content}', '{$created_on}','{$extra1}','{$extra2}')";
$result = mysql_query($sql) or die("Could not insert data into DB: " . mysql_error());
echo "Done..!";
} else {
echo "Error while uploading file";
}
}
//Videos
if ($category == "Videos") {
if ($title == "" || $imageLink == "" || $videoLink == "") {
$_SESSION['error'] = "All fields are required";
echo "All fields are required";
