$image_name = un_htmlspecialchars(trim($HTTP_POST_VARS['image_name_' . $i])); $cat_id = intval($HTTP_POST_VARS['cat_id_' . $i]); $user_id = intval($HTTP_POST_VARS['user_id_' . $i]) != 0 ? intval($HTTP_POST_VARS['user_id_' . $i]) : $user_info['user_id']; $remote_file = trim($HTTP_POST_VARS['remote_file_' . $i]); $remote_thumb_file = trim($HTTP_POST_VARS['remote_thumb_file_' . $i]); $image_download_url = trim($HTTP_POST_VARS['image_download_url_' . $i]); if ($image_name == "") { $error['image_name_' . $i] = 1; } if ($cat_id == 0) { $error['cat_id_' . $i] = 1; } if ((empty($HTTP_POST_FILES['file_' . $i]['tmp_name']) || $HTTP_POST_FILES['file_' . $i]['tmp_name'] == "none") && $remote_file == "" || $remote_file != "" && !check_remote_media($remote_file) && !check_local_media($remote_file)) { $error['file_' . $i] = 1; } if ($remote_thumb_file != "" && !check_remote_thumb($remote_thumb_file) && !check_local_thumb($remote_thumb_file)) { $error['remote_thumb_file_' . $i] = 1; } if ($image_download_url != "" && !is_remote($image_download_url) && !is_local_file($image_download_url)) { $error['image_download_url_' . $i] = 1; } if (!empty($additional_image_fields)) { foreach ($additional_image_fields as $key => $val) { if (isset($HTTP_POST_VARS[$key . '_' . $i]) && intval($val[2]) == 1 && trim($HTTP_POST_VARS[$key . '_' . $i]) == "") { $error[$key . '_' . $i] = 1; } } } } if (empty($error)) { for ($i = 1; $i <= $num_newimages; $i++) {
$msg .= ($msg != "" ? "<br />" : "") . "<b>" . $lang['file_upload_error'] . ": " . $new_name . "</b><br />" . $site_upload->get_upload_errors(); $uploaderror = 1; } } else { $new_name = $remote_media_file; } // Upload thumb file $new_thumb_name = ""; if (!empty($HTTP_POST_FILES['thumb_file']['tmp_name']) && $HTTP_POST_FILES['thumb_file']['tmp_name'] != "none" && !$uploaderror) { $new_thumb_name = $site_upload->upload_file("thumb_file", "thumb", $upload_cat, get_basefile($new_name)); if (!$new_thumb_name) { $msg .= ($msg != "" ? "<br />" : "") . "<b>" . $lang['thumb_upload_error'] . ": " . $new_thumb_name . "</b><br />" . $site_upload->get_upload_errors(); @unlink(MEDIA_TEMP_PATH . "/" . $new_name); $uploaderror = 1; } } elseif (check_remote_thumb($remote_thumb_file)) { $new_thumb_name = $remote_thumb_file; } elseif ($config['auto_thumbnail'] == 1 && !empty($new_name) && !$uploaderror && (!empty($HTTP_POST_FILES['media_file']['tmp_name']) && $HTTP_POST_FILES['media_file']['tmp_name'] != "none" || is_remote($new_name))) { if ($direct_upload) { if (is_remote($new_name)) { $src = $new_name; $thumb = create_unique_filename(THUMB_PATH . "/" . $cat_id, filterFileName($new_name)); } else { $src = MEDIA_PATH . "/" . $cat_id . "/" . $new_name; $thumb = $new_name; } $dest = THUMB_PATH . "/" . $cat_id . "/" . $thumb; } else { if (is_remote($new_name)) { $src = $new_name; $thumb = create_unique_filename(THUMB_TEMP_PATH, filterFileName($new_name));
} unset($HTTP_POST_VARS['remote_thumb_file']); $new_thumb_name = ""; } elseif (!empty($HTTP_POST_FILES['thumb_file']['tmp_name']) && $HTTP_POST_FILES['thumb_file']['tmp_name'] != "none" && !$error) { unset($HTTP_POST_VARS['remote_thumb_file']); @rename(THUMB_TEMP_PATH . "/" . $old_thumb_file_name, THUMB_TEMP_PATH . "/" . $old_thumb_file_name . ".bak"); $new_thumb_name = $site_upload->upload_file("thumb_file", "thumb", 0, get_basefile($new_name)); if (!$new_thumb_name) { $error_msg .= $lang['thumb_upload_error'] . ": <b>" . $HTTP_POST_FILES['thumb_file']['name'] . "</b><br />" . $site_upload->get_upload_errors(); @rename(THUMB_TEMP_PATH . "/" . $old_thumb_file_name . ".bak", THUMB_TEMP_PATH . "/" . $old_thumb_file_name); @unlink(MEDIA_TEMP_PATH . "/" . $new_name); $error = 1; } else { $log[] = $lang['thumb_upload_success'] . ": <b>{$new_thumb_name}</b>"; } } elseif ((empty($HTTP_POST_FILES['thumb_file']['tmp_name']) || $HTTP_POST_FILES['thumb_file']['tmp_name'] == "none") && $remote_thumb_file != "" && check_remote_thumb($remote_thumb_file)) { $new_thumb_name = $remote_thumb_file; if (!empty($old_thumb_file_name) && file_exists(THUMB_TEMP_PATH . "/" . $old_thumb_file_name)) { unlink(THUMB_TEMP_PATH . "/" . $old_thumb_file_name); } } else { $new_thumb_name = $old_thumb_file_name; } if (empty($error)) { $additional_sql = ""; if (!empty($additional_image_fields)) { $table_fields = $site_db->get_table_fields(IMAGES_TABLE); foreach ($additional_image_fields as $key => $val) { if (isset($HTTP_POST_VARS[$key]) && isset($table_fields[$key])) { $additional_sql .= ", {$key} = '" . un_htmlspecialchars(trim($HTTP_POST_VARS[$key])) . "'"; }