function flag_ajax_operation() { global $wpdb; // if nonce is not correct it returns -1 check_ajax_referer("flag-ajax"); // check for correct capability if (!is_user_logged_in()) { die('-1'); } // check for correct FlAG capability if (!current_user_can('FlAG Upload images') || !current_user_can('FlAG Manage gallery')) { die('-1'); } // include the flag function include_once dirname(__FILE__) . '/functions.php'; // Get the image id if (isset($_POST['image'])) { $id = (int) $_POST['image']; // let's get the image data $picture = flagdb::find_image($id); // what do you want to do ? switch ($_POST['operation']) { case 'create_thumbnail': $result = flagAdmin::create_thumbnail($picture); break; case 'resize_image': $result = flagAdmin::resize_image($picture); break; case 'webview_image': $result = flagAdmin::webview_image($picture); break; case 'import_metadata': $result = flagAdmin::import_MetaData($id); break; case 'copy_metadata': $result = flagAdmin::copy_MetaData($id); break; case 'get_image_ids': $result = flagAdmin::get_image_ids($id); break; default: do_action('flag_ajax_' . sanitize_key($_POST['operation'])); die('-1'); break; } // A success should return a '1' die($result); } // The script should never stop here die('0'); }
while (file_exists($file)) { $filename = sanitize_title($filepart['filename']) . '_' . $i++ . '.' . $filepart['extension']; } $file = ABSPATH . trailingslashit($path) . $filename; // Open temp file if (@move_uploaded_file($_FILES['userfile']['tmp_name'], $file)) { $alttext = esc_sql($account->alttext); $description = esc_sql($account->description); $exclude = intval($account->exclude); $location = esc_sql($account->location); $wpdb->query("INSERT INTO {$wpdb->flagpictures} (galleryid, filename, alttext, description, exclude, location) VALUES ('{$gid}', '{$filename}', '{$alttext}', '{$description}', '{$exclude}', '{$location}')"); // and give me the new id $pic_id = (int) $wpdb->insert_id; @(require_once dirname(dirname(__FILE__)) . '/admin/functions.php'); // add the metadata flagAdmin::import_MetaData($pic_id); // action hook for post process after the image is added to the database $image = array('id' => $pic_id, 'filename' => $filename, 'galleryID' => $gid); do_action('flag_added_new_image', $image); $thumb = flagAdmin::create_thumbnail($pic_id); if ($thumb != '1') { die('{"status":"thumb_error: ' . $thumb . '"}'); } } else { @unlink($_FILES['userfile']['tmp_name']); die('{"status":"fwrite_error"}'); } } $r['data'] = $wpdb->get_results("SELECT pid, galleryid, filename, description, alttext, link, UNIX_TIMESTAMP(imagedate) AS imagedate, UNIX_TIMESTAMP(modified) AS modified, sortorder, exclude, location, hitcounter, total_value, total_votes, meta_data FROM {$wpdb->flagpictures} WHERE galleryid = '{$gid}' ORDER BY pid DESC"); $r['data'] = stripslashes_deep($r['data']); $i = 0;
/** * Add images to database * * @class flagAdmin * @param int $galleryID * @param array $imageslist * @param bool $name2alt * @return array $image_ids Id's which are sucessful added */ function add_Images($galleryID, $imageslist, $name2alt = false) { global $wpdb; $alttext = ''; $image_ids = array(); if (is_array($imageslist)) { foreach ($imageslist as $picture) { if ($name2alt) { // strip off the extension of the filename $path_parts = pathinfo($picture); $alttext = !isset($path_parts['filename']) ? substr($path_parts['basename'], 0, strpos($path_parts['basename'], '.')) : $path_parts['filename']; } // save it to the database $result = $wpdb->query($wpdb->prepare("INSERT INTO {$wpdb->flagpictures} (galleryid, filename, alttext, exclude) VALUES (%s, %s, %s, 0)", $galleryID, $picture, $alttext)); // and give me the new id $pic_id = (int) $wpdb->insert_id; if ($result) { $image_ids[] = $pic_id; } // add the metadata flagAdmin::import_MetaData($pic_id); // action hook for post process after the image is added to the database $image = array('id' => $pic_id, 'filename' => $picture, 'galleryID' => $galleryID); do_action('flag_added_new_image', $image); } } // is_array return $image_ids; }