function parse_content(&$toparse) { $toparse = htmlspecialchars_decode($toparse); $explo = explode('|', $toparse); foreach ($explo as $index => $part) { $part = trim($part); if ($part[0] == '+') { $func = explode(',', $part, 4); switch ($func[0]) { case "+img": $explo[$index] = imgtag($func[1], $func[2]); break; case "+spacer": $explo[$index] = spacertag($func[1]); break; case "+atvgall": $explo[$index] = build_atv_gallery(); break; case "+imagegall": $explo[$index] = '<h1>Image Gallery</h1>' . imageupload() . '<p><br><br></p>' . delimage() . '<p><br><br></p>' . buildgallery(); break; case "+csv": $explo[$index] = csvfileupload(); break; case "+viparea": $explo[$index] = viparea(); break; case "+dbviewer": $explo[$index] = dbcontrol() . printusers() . printfiles() . printnotes() . printcms(); break; case "+filedeposit": $explo[$index] = filedeposit(); break; case "+newsfeed": $explo[$index] = build_newsfeed(); break; case "+projfeed": $explo[$index] = build_projectfeed($func[1]); break; case "+login": $explo[$index] = login_page(); break; case "+contactprofile": $explo[$index] = profilepage(); break; } } } $toparse = implode($explo); }
function sitepost() { global $url; $_POST = array_map('protect', $_POST); $site_name = $_POST['site_name']; $campo = is_null($_POST['campo']) ? '-' : $_POST['campo']; $idade_min = $_POST['idade_min']; if (!is_numeric($idade_min)) { infobox(t("O campo Idade mínima pode conter apenas números."), true, true); } mysql_query("UPDATE cfg_site SET `site_name`='{$site_name}', `campo`='{$campo}', `idade_min`='{$idade_min}'"); $site_logo = imageupload($_FILES['site_logo']); if ($site_logo) { $site_logo = $url . '/upload/' . $site_logo['full']; mysql_query("UPDATE cfg_site SET `site_logo`='{$site_logo}'"); } infobox(t("Configurações atualizadas com sucesso.")); }
$file_ary = array(); $file_count = count($file_post['name']); $file_keys = array_keys($file_post); for ($i = 0; $i < $file_count; $i++) { foreach ($file_keys as $key) { $file_ary[$i][$key] = $file_post[$key][$i]; } } return $file_ary; } if ($_FILES['fileToUpload']) { $file_ary = reArrayFiles($_FILES['fileToUpload']); $target_dir = "../images/{$table}/"; $fileArrayCount = count($file_ary); for ($i = 0; $i <= $fileArrayCount - 1; $i++) { imageupload($file_ary[$i], $target_dir); } } function imageupload($file, $target_dir) { $target_file = $target_dir . basename($file["name"]); $uploadOk = 1; $imageFileType = pathinfo($target_file, PATHINFO_EXTENSION); // Check if image file is a actual image or fake image if (isset($_POST["submit"])) { $check = getimagesize($file["tmp_name"]); if ($check !== false) { echo "File is an image - " . $check["mime"] . "."; $uploadOk = 1; } else { echo "File is not an image.";
if ($sectionname == 'proj-add') { $projectname = $_POST['projectname']; $projectdescription = $_POST['description']; $image1toupload = $_FILES['file1ToUpload']; $imagename1 = $_FILES['file1ToUpload']['name']; $image2toupload = $_FILES['file2ToUpload']; $imagename2 = $_FILES['file2ToUpload']['name']; $image3toupload = $_FILES['file3ToUpload']; $imagename3 = $_FILES['file3ToUpload']['name']; $img1 = "images/projects/{$imagename1}"; $img2 = "images/projects/{$imagename2}"; $img3 = "images/projects/{$imagename3}"; $target_dir = "../../images/projects/"; imageupload($image1toupload, $target_dir); imageupload($image2toupload, $target_dir); imageupload($image3toupload, $target_dir); $sql = "INSERT INTO projects(projectname,description,image1, image2, image3) VALUES('{$projectname}','{$projectdescription}','{$img1}','{$img2}','{$img3}')"; $q1 = mysqli_query($link, $sql); if (!q1) { header("Location: change.php?sectionname=project-add&success=false"); } else { /*header("Refresh:0; url=../index.php");*/ header("Location: change.php?sectionname=project-add&success=true"); } } } } } } } }
function newmodulepost() { requirelogin(); $_POST = array_map('protect', $_POST); $nome = $_POST['nome']; $descricao = nl2br($_POST['descricao']); $imagem = imageupload($_FILES['imagem']); $imagem = $imagem['full']; $link = $_POST['link']; if (!preg_match("/^(htt|ft)(p|ps):\\/\\/(.*)\\.(zip|tar\\.gz)\$/", $link) and !preg_match("/(rapidshare|masteruploading|easy-share|sourceforge|uploading|megaupload|share|upload)/", $link)) { infobox("Erro: O link de download apresentou erros.<br/>\n Ele deve ter as extensões \".zip\" ou \".tar.gz\" e estar nos seguintes protocolos:\n <br/>HTTP ou FTP, com ou sem SSL.<br/>\n <a href=\"#\" onClick=\"javascript:history.back();\">Voltar</a>", true, true); } $user = mysql_fetch_array(mysql_query("SELECT login FROM accounts WHERE `id`='{$_SESSION['id']}'")); $user = $user['login']; mysql_query("INSERT INTO comunidade VALUES ('', 'm', '{$nome}', '{$descricao}', '{$imagem}', '{$link}', '{$user}')"); redir("comu/modules"); }
function sendpost() { requirelogin(); $owner = $_SESSION['id']; $_POST = array_map('protect', $_POST); $i = 0; $j = $_POST['len']; $album = $_POST['album']; while ($i <= $j) { $foto = imageupload($_FILES["foto{$i}"]); if ($foto) { mysql_query("INSERT INTO photos (`foto`, `owner`, `album`)\n VALUES ('{$foto['full']}', '{$owner}', '{$album}');"); } $i++; } note(t("adicionou fotos."), $_SESSION['id']); infobox(t("Fotos enviadas com sucesso!")); }
$path = $_SERVER['DOCUMENT_ROOT']; require_once 'fileUpload.php'; if (isset($_POST['name'])) { $target_dir = $path . "/images/"; $name = $_POST['name']; $url = $_POST['url']; $keyword = $_POST['keyword']; $langNative = $_POST['langNative']; $image = $_FILES['image']['name']; require $path . '/php/dbConnect.php'; $chekQuery = "SELECT name FROM languages WHERE keyword = '{$keyword}'"; $chekQueryResult = mysqli_query($link, $chekQuery); $count = mysqli_num_rows($chekQueryResult); if ($count != 1) { imageupload($_FILES['image'], $target_dir); $insertQuery = "INSERT INTO languages(name, url, keyword, langNative, image) VALUES ('{$name}', '{$url}', '{$keyword}', '{$langNative}', '/images/{$image}' )"; $insertResult = mysqli_query($link, $insertQuery) or die(mysqli_error($link)); if ($insertResult) { $query = "ALTER TABLE translations ADD COLUMN {$keyword} text"; $result = mysqli_query($link, $query) or die(mysqli_error($link)); $query2 = "ALTER TABLE textTranslations ADD COLUMN {$keyword} text"; $result2 = mysqli_query($link, $query2) or die(mysqli_error($link)); if ($result and $result2) { echo "Kalba sekmingai įterpta"; } else { echo "Klaida, įrašas " . $keyword . " jau egzistuoja"; } } } } else {
timelineContent(); break; case 'profileContent': profileContent($loginid); break; case 'profileCover': profileCover($loginid); break; case 'profileeditContent': profileeditContent($loginid); break; case 'profileEditsave': profileEditsave($loginid, $curfullname, $curiname, $motto); break; case 'imageupload': imageupload($loginid, $date); break; case 'avatarupload': avatarupload($loginid, $date); break; case 'headerupload': headerupload($loginid, $date); break; case 'videoupload': videoupload($loginid, $date); break; case 'fetchvideo': fetchvideo($loginid, $date, $url); break; case 'searchFront': searchFront($loginid, $date, $type);
function modifypost() { global $site; requirelogin(); $_POST = array_map('protect', $_POST); if ($_FILES['foto']) { $upload = imageupload($_FILES['foto']); if ($upload) { mysql_query("UPDATE accounts SET foto='{$upload['full']}' WHERE id='{$_SESSION['id']}'"); } else { infobox(t("São permitidas apenas imagens em formato JPEG.")); } } $nome = $_POST['nome']; $sexo = $_POST['sexo']; if ($sexo != 'm' or $sexo != 'f') { $sexo = 'o'; } $data = explode("/", $_POST['data']); $data = mktime(0, 0, 0, $data[1], $data[0], $data[2]); $sobre = $_POST['sobre']; if ($site['campo'] != '-') { $campo = $_POST['campo']; } else { $campo = '-'; } $id = $_SESSION['id']; mysql_query("UPDATE accounts SET nome='{$nome}', sexo='{$sexo}', nascimento='{$data}', sobre='{$sobre}', campo='{$campo}' WHERE id='{$id}'"); infobox(t("Configurações atualizadas com sucesso!") . "<br/>" . url("home", t("Ir para o início"))); }