} else {
$sql = "SELECT category_id FROM game_categories\n WHERE category_name = '" . mysql_real_escape_string($name) . "' LIMIT 1";
$conn->execute($sql);
if ($conn->Affected_Rows() > 0) {
$errors[] = 'Category name \'' . htmlspecialchars($name, ENT_QUOTES, 'UTF-8') . ' is already used. Please choose another name!';
} else {
$channel['name'] = $name;
}
}
if ($_FILES['picture']['tmp_name'] == '') {
$errors[] = 'Please provide a category image!';
}
if (!$errors) {
$sql = "INSERT INTO game_categories (category_name) VALUES ('" . mysql_real_escape_string($name) . "')";
$conn->execute($sql);
$chid = $conn->Insert_ID();
require $config['BASE_DIR'] . '/classes/image.class.php';
$image = new VImageConv();
$image->process($_FILES['picture']['tmp_name'], $chimg . '/' . $chid . '.jpg', 'MAX_WIDTH', 384, 216);
$image->canvas(384, 216, '000000', true);
if ($errors) {
$sql = "DELETE FROM game_categories WHERE category_id = '" . mysql_real_escape_string($chid) . "' LIMIT 1";
$conn->execute($sql);
}
}
if (!$errors) {
$msg = 'Category Successfuly added!';
VRedirect::go('channels.php?m=listgame&msg=' . $msg);
}
}
$smarty->assign('channel', $channel);
$total_favorites = intval(trim($_POST['total_favorites']));
$status = intval(trim($_POST['status']));
if (strlen($title) < 3) {
$errors[] = 'Game title field cannot be blank!';
} elseif (strlen($tags) < 3) {
$errors[] = 'Game keyword(tags) field cannot be blank!';
} elseif ($category === 0) {
$errors[] = 'Select at least one category and no more then 3!';
}
if (!$errors) {
if ($_FILES['thumb']['tmp_name'] != '' && is_uploaded_file($_FILES['thumb']['tmp_name'])) {
require $config['BASE_DIR'] . '/classes/image.class.php';
$src = $_FILES['thumb']['tmp_name'];
$dst = $config['BASE_DIR'] . '/media/games/tmb/' . $GID . '.jpg';
$image = new VImageConv();
$image->process($src, $dst, 'MAX_WIDTH', 256, 144);
$image->canvas(256, 144, '000000', true);
}
$sql = "UPDATE game SET title = '" . mysql_real_escape_string($title) . "', tags = '" . mysql_real_escape_string($tags) . "',\n category = '" . $category . "', type = '" . mysql_real_escape_string($type) . "',\n be_commented = '" . mysql_real_escape_string($be_commented) . "',\n be_rated = '" . mysql_real_escape_string($be_rated) . "', rate = '" . mysql_real_escape_string($rate) . "',\n ratedby = '" . mysql_real_escape_string($ratedby) . "', total_plays = '" . mysql_real_escape_string($total_plays) . "',\n total_comments = '" . mysql_real_escape_string($total_comments) . "', total_favorites = '" . mysql_real_escape_string($total_favorites) . "',\n status = '" . mysql_real_escape_string($status) . "' WHERE GID = '" . mysql_real_escape_string($GID) . "' LIMIT 1";
$conn->execute($sql);
$messages[] = 'Game information updated successfuly!';
}
}
$sql = "SELECT * FROM game WHERE GID = '" . $GID . "' LIMIT 1";
$rs = $conn->execute($sql);
if (mysql_affected_rows() == 1) {
$game = $rs->getrows();
} else {
$errors[] = 'Invalid Game ID. This game does not exist!';
}
}
$ext = 'jpg';
} elseif ($imagesize['2'] == 3) {
$ext = 'png';
}
if ($ext == '') {
$errors[] = 'Invalid image format uploaded. Allowed formats: jpg, gif and png!';
}
}
if (!$errors) {
$src = $_FILES['avatar']['tmp_name'];
$dst_tmp = $config['BASE_DIR'] . '/tmp/avatars/' . $UID . '.' . $ext;
if (move_uploaded_file($src, $dst_tmp)) {
require $config['BASE_DIR'] . '/classes/image.class.php';
$dst = $config['BASE_DIR'] . '/media/users/orig/' . $UID . '.jpg';
$image = new VImageConv();
$image->process($dst_tmp, $dst, 'MAX_HEIGHT', 240, 200);
$image->resize(true);
$src = $dst;
$dst = $config['BASE_DIR'] . '/media/users/' . $UID . '.jpg';
$image->process($src, $dst, 'EXACT', 100, 120);
$image->resize(true);
$photo_new = TRUE;
} else {
$errors[] = 'Failed to move uploaded file (invalid permissions?)!';
}
}
}
if (!$errors) {
$sql_add = NULL;
if ($password != '') {
$passwd = md5($password);
$total_favorites = intval(trim($_POST['total_favorites']));
$status = intval(trim($_POST['status']));
if (strlen($title) < 3) {
$errors[] = 'Game title field cannot be blank!';
} elseif (strlen($tags) < 3) {
$errors[] = 'Game keyword(tags) field cannot be blank!';
} elseif ($category === 0) {
$errors[] = 'Select at least one category and no more then 3!';
}
if (!$errors) {
if ($_FILES['thumb']['tmp_name'] != '' && is_uploaded_file($_FILES['thumb']['tmp_name'])) {
require $config['BASE_DIR'] . '/classes/image.class.php';
$src = $_FILES['thumb']['tmp_name'];
$dst = $config['BASE_DIR'] . '/media/games/tmb/' . $GID . '.jpg';
$image = new VImageConv();
$image->process($src, $dst, 'MAX_WIDTH', 160, 120);
$image->canvas(160, 120, '000000', true);
}
$sql = "UPDATE game SET title = '" . mysql_real_escape_string($title) . "', tags = '" . mysql_real_escape_string($tags) . "',\n category = '" . $category . "', type = '" . mysql_real_escape_string($type) . "',\n be_commented = '" . mysql_real_escape_string($be_commented) . "',\n be_rated = '" . mysql_real_escape_string($be_rated) . "', rate = '" . mysql_real_escape_string($rate) . "',\n ratedby = '" . mysql_real_escape_string($ratedby) . "', total_plays = '" . mysql_real_escape_string($total_plays) . "',\n total_comments = '" . mysql_real_escape_string($total_comments) . "', total_favorites = '" . mysql_real_escape_string($total_favorites) . "',\n status = '" . mysql_real_escape_string($status) . "' WHERE GID = '" . mysql_real_escape_string($GID) . "' LIMIT 1";
$conn->execute($sql);
$messages[] = 'Game information updated successfuly!';
}
}
$sql = "SELECT * FROM game WHERE GID = '" . $GID . "' LIMIT 1";
$rs = $conn->execute($sql);
if (mysql_affected_rows() == 1) {
$game = $rs->getrows();
} else {
$errors[] = 'Invalid Game ID. This game does not exist!';
}
}
if ($values['tmp_name'] != '') {
if (is_uploaded_file($values['tmp_name'])) {
++$photos;
$photo_expl = explode('_', $key);
$photo_nr = $photo_expl['1'];
$caption = $filter->get('caption_' . $photo_nr);
$sql_add = NULL;
if ($caption != '') {
$sql_add = ", caption = '" . mysql_real_escape_string($caption) . "'";
}
$sql = "INSERT INTO photos SET AID = " . $album_id . $sql_add;
$conn->execute($sql);
$photo_id = mysql_insert_id();
$src = $values['tmp_name'];
$dst = $config['BASE_DIR'] . '/media/photos/tmb/' . $photo_id . '.jpg';
$image->process($src, $dst, 'MAX_WIDTH', 150, 0);
$image->resize(true, true);
$dst = $config['BASE_DIR'] . '/media/photos/' . $photo_id . '.jpg';
$image->process($src, $dst, 'MAX_WIDTH', 575, 0);
$image->resize(true, true);
}
}
}
$src = $config['BASE_DIR'] . '/media/photos/tmb/' . $photo_id . '.jpg';
$dst = $config['BASE_DIR'] . '/media/albums/' . $album_id . '.jpg';
$image->process($src, $dst, 'EXACT', 120, 140);
$image->crop(0, 0, 120, 140, true);
$sql = "UPDATE albums SET total_photos = " . intval($photos) . ", status = '1' WHERE AID = " . $album_id . " LIMIT 1";
$conn->execute($sql);
$sql = "UPDATE channel SET total_albums = total_albums+1 WHERE CHID = " . $category . " LIMIT 1";
$conn->execute($sql);
$image->process($avatar_tmp, $dst, 'MAX_HEIGHT', 240, 200);
$image->resize(true);
if (file_exists($dst) && filesize($dst) > 100) {
$_SESSION['message'] = $lang['user.avatar_upload_msg'];
$_SESSION['uploaded'] = true;
VRedirect::go($config['BASE_URL'] . '/user/avatar');
}
}
}
}
if (isset($_POST['avatar_crop_submit'])) {
$filter = new VFilter();
$x = $filter->get('x1', 'INTEGER');
$y = $filter->get('y1', 'INTEGER');
$width = $filter->get('width', 'INTEGER');
$height = $filter->get('height', 'INTEGER');
$uid = $user['UID'];
$src = $config['BASE_DIR'] . '/media/users/orig/' . $uid . '.jpg';
$dst = $config['BASE_DIR'] . '/media/users/' . $uid . '.jpg';
$image = new VImageConv();
$image->process($src, $dst, 'EXACT', 100, 120);
$image->crop($x, $y, $width, $height, true);
if (file_exists($dst) && filesize($dst) > 100) {
$sql = "UPDATE signup SET photo = '" . intval($user['UID']) . ".jpg' WHERE UID = " . intval($uid) . " LIMIT 1";
$conn->execute($sql);
$_SESSION['message'] = $lang['user.avatar_crop_msg'];
VRedirect::go($config['BASE_URL'] . '/user/avatar');
}
}
$smarty->assign('crop', $crop);
$smarty->assign('uploaded', $uploaded);
$sql = "INSERT INTO photos SET AID = " . $aid . $sql_add;
$conn->execute($sql);
$photo_id = mysql_insert_id();
$src = $values['tmp_name'];
$dst = $config['BASE_DIR'] . '/media/photos/tmb/' . $photo_id . '.jpg';
list($width, $height) = getimagesize($src);
$crop_w = min($width, $height);
$crop_h = $crop_w;
if ($width > $height) {
$crop_x = floor(($width - $crop_w) / 2);
$crop_y = 0;
} else {
$crop_x = 0;
$crop_y = floor(($height - $crop_h) / 2);
}
$image->process($src, $dst, 'EXACT', $crop_w, $crop_h);
$image->crop($crop_x, $crop_y, $crop_w, $crop_h, true);
$image->process($dst, $dst, 'MAX_WIDTH', 400, 0);
$image->resize(true, true);
$dst = $config['BASE_DIR'] . '/media/photos/' . $photo_id . '.jpg';
$image->process($src, $dst, 'MAX_WIDTH', 960, 0);
$image->resize(true, true);
++$photos;
}
}
}
$sql = "UPDATE albums SET total_photos = total_photos+" . intval($photos) . " WHERE AID = " . $aid . " LIMIT 1";
$conn->execute($sql);
$_SESSION['message'] = $lang['album.add_photos_msg'] . '!';
header('Location: ' . $config['BASE_URL'] . '/album/' . $aid);
die;
if ($tags == '') {
$errors[] = $lang['album.tags_empty'];
$err['tags'] = 1;
} else {
$tags = prepare_string($tags, false);
}
if ($type == '') {
$errors[] = $lang['album.type_empty'];
$err['type'] = 1;
}
if (!$errors) {
$src = $config['BASE_DIR'] . '/tmp/albums/' . $pid . '_' . $random . '.jpg';
$dst = $config['BASE_DIR'] . '/media/albums/' . $aid . '.jpg';
if (file_exists($src) && is_file($src)) {
$image = new VImageConv();
$image->process($src, $dst, 'EXACT', $width, $height);
$image->crop($x, $y, $width, $height, true);
unlink($src);
}
$type = ($type == 'public' or $type == 'private') ? $type : 'public';
$sql = "UPDATE albums SET name = '" . mysql_real_escape_string($name) . "', category = " . intval($category) . ",\n tags = '" . mysql_real_escape_string($tags) . "', type = '" . $type . "'\n WHERE AID = " . $aid;
$conn->execute($sql);
$album['name'] = $name;
$album['category'] = $category;
$album['tags'] = $tags;
$album['type'] = $type;
$messages[] = $lang['album.edit_msg'];
}
}
$sql = "SELECT PID, caption FROM photos WHERE AID = " . $aid . " AND status = '1' ORDER BY PID ASC";
$rs = $conn->execute($sql);
$ext = 'jpg';
} elseif ($imagesize['2'] == 3) {
$ext = 'png';
}
if ($ext == '') {
$errors[] = 'Invalid image format uploaded. Allowed formats: jpg, gif and png!';
}
}
if (!$errors) {
$src = $_FILES['avatar']['tmp_name'];
$dst_tmp = $config['BASE_DIR'] . '/tmp/avatars/' . $UID . '.' . $ext;
if (move_uploaded_file($src, $dst_tmp)) {
require $config['BASE_DIR'] . '/classes/image.class.php';
$dst_orig = $config['BASE_DIR'] . '/media/users/orig/' . $UID . '.jpg';
$image = new VImageConv();
$image->process($dst_tmp, $dst_orig, 'MAX_WIDTH', 500, 0);
$image->resize(true, true);
list($width, $height) = getimagesize($dst_orig);
$crop_w = min($width, $height);
$crop_h = $crop_w;
if ($width > $height) {
$crop_x = floor(($width - $crop_w) / 2);
$crop_y = 0;
} else {
$crop_x = 0;
$crop_y = floor(($height - $crop_h) / 2);
}
$dst = $config['BASE_DIR'] . '/media/users/' . $UID . '.jpg';
$image->process($dst_orig, $dst, 'EXACT', $crop_w, $crop_h);
$image->crop($crop_x, $crop_y, $crop_w, $crop_h, true);
$photo_new = TRUE;
$image = new VImageConv();
foreach ($_FILES as $key => $values) {
if ($values['tmp_name'] != '') {
if (is_uploaded_file($values['tmp_name'])) {
$filename = substr($values['name'], strrpos($values['name'], DIRECTORY_SEPARATOR) + 1);
$extension = strtolower(substr($values['name'], strrpos($values['name'], '.') + 1));
$extensions_allowed = explode(',', trim($config['image_allowed_extensions']));
if (in_array($extension, $extensions_allowed)) {
$sql = "INSERT INTO notice_images (addtime, extension) VALUES (" . time() . ", '" . $extension . "')";
$conn->execute($sql);
$image_id = mysql_insert_id();
$dst_orig = $config['BASE_DIR'] . '/images/notice_images/' . $image_id . '.' . $extension;
if (move_uploaded_file($values['tmp_name'], $dst_orig)) {
$src = $dst_orig;
$dst = $config['BASE_DIR'] . '/images/notice_images/thumbs/' . $image_id . '.jpg';
$image->process($src, $dst, 'MAX_WIDTH', 150, 0);
$image->resize(true, true);
++$images;
} else {
$sql = "DELETE FROM notice_images WHERE image_id = " . $image_id . " LIMIT 1";
$conn->execute($sql);
}
}
}
}
}
}
if ($images > 0) {
$_SESSION['message'] = 'Successfully added ' . $images . ' images!';
VRedirect::go($config['BASE_URL'] . '/siteadmin/notices.php?m=list_images');
}
$errors[] = 'Category image directory \'' . $chimg . '\' is not writable!';
}
$channel = array();
$CID = isset($_GET['CID']) && is_numeric($_GET['CID']) ? trim($_GET['CID']) : NULL;
$CID = $CID && channelExists($CID) ? $CID : NULL;
if (!$CID) {
$errors[] = 'Category does not exist! Invalid channel id!?';
}
if (isset($_POST['edit_channel']) && !$errors) {
$name = trim($_POST['name']);
if ($name == '') {
$errors[] = 'Category name field cannot be blank!';
}
if (!$errors) {
$sql = "UPDATE channel SET name = '" . mysql_real_escape_string($name) . "' WHERE CHID = '" . mysql_real_escape_string($CID) . "' LIMIT 1";
$conn->execute($sql);
if ($_FILES['picture']['tmp_name'] != '') {
require $config['BASE_DIR'] . '/classes/image.class.php';
$image = new VImageConv();
$image->process($_FILES['picture']['tmp_name'], $chimg . '/' . $CID . '.jpg', 'MAX_WIDTH', 140, 105);
$image->canvas(140, 105, '000000', true);
}
}
if (!$errors) {
$messages[] = 'Category updated successfuly!';
}
}
$sql = "SELECT * FROM channel WHERE CHID = '" . mysql_real_escape_string($CID) . "' LIMIT 1";
$rs = $conn->execute($sql);
$channel = $rs->getrows();
$smarty->assign('channel', $channel);
<?php
defined('_VALID') or die('Restricted Access!');
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/classes/image.class.php';
$data = array('status' => false, 'width' => 0, 'height' => 0);
if (isset($_POST['PID']) && isset($_POST['random'])) {
$filter = new VFilter();
$PID = $filter->get('PID', 'INTEGER');
$random = $filter->get('random');
$src = $config['BASE_DIR'] . '/media/photos/' . $PID . '.jpg';
if (file_exists($src) && is_file($src)) {
$dst = $config['BASE_DIR'] . '/tmp/albums/' . $PID . '_' . $random . '.jpg';
$image = new VImageConv();
$image->process($src, $dst, 'MAX_WIDTH', 350, 200);
$image->resize(true, true);
$image = getimagesize($dst);
$data['status'] = true;
$data['width'] = $image['0'];
$data['height'] = $image['1'];
}
}
echo json_encode($data);
die;
<?php
defined('_VALID') or die('Restricted Access!');
require $config['BASE_DIR'] . '/classes/filter.class.php';
require $config['BASE_DIR'] . '/include/compat/json.php';
require $config['BASE_DIR'] . '/classes/image.class.php';
$data = array('status' => false, 'width' => 0, 'height' => 0);
if (isset($_POST['PID']) && isset($_POST['random'])) {
$filter = new VFilter();
$PID = $filter->get('PID', 'INTEGER');
$random = $filter->get('random');
$src = $config['BASE_DIR'] . '/media/photos/' . $PID . '.jpg';
if (file_exists($src) && is_file($src)) {
$dst = $config['BASE_DIR'] . '/tmp/albums/' . $PID . '_' . $random . '.jpg';
$image = new VImageConv();
$image->process($src, $dst, 'MAX_WIDTH', 580, 580);
$image->resize(true, true);
$image = getimagesize($dst);
$data['status'] = true;
$data['width'] = $image['0'];
$data['height'] = $image['1'];
}
}
echo json_encode($data);
die;
require $config['BASE_DIR'] . '/classes/image.class.php';
$image = new VImageConv();
$tmb_dir = $config['BASE_DIR'] . '/media/videos/tmb/' . $vid;
$tmp_dir = $config['BASE_DIR'] . '/tmp/thumbs/' . $vid;
@mkdir($tmb_dir);
@mkdir($tmp_dir);
$width = (int) $config['img_max_width'];
$height = (int) $config['img_max_height'];
$i = 1;
foreach ($_FILES as $file) {
$tmb = $i . '.jpg';
if (move_uploaded_file($file['tmp_name'], $tmp_dir . '/' . $tmb)) {
$src = $tmp_dir . '/' . $tmb;
$dst = $tmb_dir . '/' . $tmb;
$dst_tmp = $tmp_dir . '/' . $tmb . '.tmp.jpg';
$image->process($src, $dst_tmp, 'MAX_WIDTH', $width, 0);
$image->resize(true, true);
$image->process($dst_tmp, $dst, 'EXACT', $width, $height);
$image->crop(0, 0, $width, $height, true);
++$i;
}
}
$vkey = substr(md5($vid), 11, 20);
$conn->execute("UPDATE video SET vkey = '" . $vkey . "', thumbs = " . ($i - 1) . ", active = '1'\n\t\t WHERE VID = " . $vid . " LIMIT 1");
$messages[] = 'Successfuly embeded video!';
}
}
function duration_to_seconds($duration)
{
$dur_arr = explode(':', $duration);
if (!isset($dur_arr['1'])) {
$photo_expl = explode('_', $key);
$photo_nr = $photo_expl['1'];
$caption = $filter->get('caption_' . $photo_nr);
$sql_add = NULL;
if ($caption != '') {
$sql_add = ", caption = '" . mysql_real_escape_string($caption) . "'";
}
$sql = "INSERT INTO photos SET AID = " . $album_id . $sql_add;
$conn->execute($sql);
$photo_id = mysql_insert_id();
if ($photos === 1) {
$album_cover_id = $photo_id;
}
$src = $values['tmp_name'];
$dst = $config['BASE_DIR'] . '/media/photos/tmb/' . $photo_id . '.jpg';
$image->process($src, $dst, 'MAX_WIDTH', 150, 0);
$image->resize(true, true);
$dst = $config['BASE_DIR'] . '/media/photos/' . $photo_id . '.jpg';
$image->process($src, $dst, 'MAX_WIDTH', 575, 0);
$image->resize(true, true);
}
}
}
$src = $config['BASE_DIR'] . '/media/photos/tmb/' . $album_cover_id . '.jpg';
$dst = $config['BASE_DIR'] . '/media/albums/' . $album_id . '.jpg';
list($width, $height) = getimagesize($src);
if ($height < 120) {
$src_orig = $config['BASE_DIR'] . '/media/photos/' . $album_cover_id . '.jpg';
list($width, $height) = getimagesize($src_orig);
if ($width > 220 && $height > 200) {
$dst_cover = $config['BASE_DIR'] . '/tmp/albums/' . $album_cover_id . '_tmp.jpg';
