} } $img->setDescription('Uploaded file'); //$img->save($newFileName); } else { if ($ext == 'tem') { if (!empty($files["{$name}.jpg"])) { // a tem file is uploaded with the image // already taken care of with the image $newFileName = safeFileName("{$mydir}/{$name}.jpg"); } else { if (!empty($files["{$name}.png"])) { $newFileName = safeFileName("{$mydir}/{$name}.png"); } else { if (!empty($files["{$name}.gif"])) { $newFileName = safeFileName("{$mydir}/{$name}.gif"); } else { // a tem is being uploaded by itself $name = $_FILES['upload']['name'][$i]; $existingimgfile = $newFileName; if (file_exists(IMAGEBASEDIR . $existingimgfile)) { // a tem already exists for this image in the user directory $img = new PsychoMorph_ImageTem($existingimgfile, $tmp_name); } else { // there is no image for this tem $img = new PsychoMorph_Tem($tmp_name); } //$img->save($newFileName); } } }
<?php $pageName = isset($_GET['action']) ? safeFileName($_GET['action']) : 'list'; if (!empty($pageName) && file_exists($config->absolute_path . '/admin/pages/noscripts/' . $pageName . '.php')) { $smarty->assign('CONTENT', 'noscripts/' . $pageName . '.tpl'); require $config->absolute_path . '/admin/pages/noscripts/' . $pageName . '.php'; } else { jump('?page=noscripts'); }
<?php // modify the selected tem files by deleting points and chnaging lines // need to add adding points require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); include_once DOC_ROOT . '/include/classes/psychomorph.class.php'; $return = array('error' => true, 'errorText' => ''); $filename = $_POST['img']; $temfile = IMAGEBASEDIR . safeFileName($filename); //$tem = new PsychoMorph_Tem($temfile); $img_jpg = preg_replace('@\\.tem$@', '.jpg', $temfile); $img_png = preg_replace('@\\.tem$@', '.png', $temfile); $img_gif = preg_replace('@\\.tem$@', '.gif', $temfile); if (file_exists($img_jpg)) { $tem = new PsychoMorph_ImageTem($img_jpg); $ext = 'jpg'; } else { if (file_exists($img_png)) { $tem = new PsychoMorph_ImageTem($img_png); $ext = 'png'; } else { if (file_exists($img_gif)) { $tem = new PsychoMorph_ImageTem($img_gif); $ext = 'gif'; } else { $tem = new PsychoMorph_Tem($temfile); $ext = 'tem'; } } }
public function save($filepath = null, $overWrite = false) { // if filepath is empty, just save with original name, // if filepath is a string, check for overwrite and save with that name // if filepath is an array, create new path name from subfolder, prefix and suffix if (empty($filepath)) { $filepath = $this->getPath(); } else { if (is_array($filepath)) { // create new directory if does not exist $oldpath = $this->getPath(); $ext = pathinfo($oldpath, PATHINFO_EXTENSION); $name = pathinfo($oldpath, PATHINFO_FILENAME); if (array_key_exists('name', $filepath)) { $name = $filepath['name']; } if (in_array($filepath['ext'], array('jpg', 'gif', 'png', 'tem'))) { $ext = $filepath['ext']; } $subfolder = safeFileName($filepath['subfolder']); $prefix = str_replace('/', '_', safeFileName($filepath['prefix'])); $suffix = str_replace('/', '_', safeFileName($filepath['suffix'])); $basedir = IMAGEBASEDIR . $subfolder . '/'; $basedir = str_replace('//', '/', $basedir); if (!is_dir($basedir)) { if (!mkdir($basedir, DIRPERMS, true)) { //$return['errorText'] .= "The new directory <code>$subfolder</code> could not be created. "; return false; } } $newpath = $basedir . $prefix . $name . $suffix . '.' . $ext; $filepath = $this->_validateFilePath($newpath); if (!$overWrite && is_file($filepath)) { // path exists and $overWrite is not set to true return false; } } else { $filepath = $this->_validateFilePath($filepath); $basedir = pathinfo($filepath, PATHINFO_DIRNAME); if (!empty($filepath) && (!$overWrite && is_file($filepath)) && $this->_path !== $filepath) { // path exists and $overWrite is not set to true // and _path isn't already set to this filepath return false; } if (!is_dir($basedir)) { if (!mkdir($basedir, DIRPERMS, true)) { //$return['errorText'] .= "The new directory <code>$subfolder</code> could not be created. "; echo "cannot make {$basedir} for {$filepath}"; return false; } } } } if ($this->_saveFile($filepath)) { $this->_path = $filepath; return $this; } return false; }
<?php require_once "../init.php"; session_start(); #get the page:: $page = isset($_GET['page']) ? safeFileName($_GET['page']) : null; if (empty($page) && isset($_POST['page'])) { $page = safeFileName($_POST['page']); } $controller = dirname(__FILE__) . DIRECTORY_SEPARATOR . 'pages' . DIRECTORY_SEPARATOR . $page . '.php'; $req = isset($_POST) ? $_POST : $_GET; if (file_exists($controller)) { require_once $controller; Ajax::output('Success'); } else { Ajax::outputError('Bad Request'); }
<?php // creates a new directory require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => true, 'errorText' => '', 'user' => ''); $newdir = safeFileName($_POST['dirname']); $basedir = $_POST['basedir']; if ($newdir == '') { $return['errorText'] .= 'The new directory needs a name.'; } else { if (!chdir(IMAGEBASEDIR . $basedir)) { $return['errorText'] .= "The base directory <code>{$basedir}</code> could not be accessed."; } else { if (is_file($newdir)) { $return['errorText'] .= "The directory <code>{$basedir}/{$newdir}</code> already exists."; } else { if (!mkdir($newdir, DIRPERMS)) { $return['errorText'] .= "The directory <code>{$basedir}/{$newdir}</code> could not be created."; } else { $return['error'] = false; } } } } scriptReturn($return); exit;
<?php // rename a directory require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => true, 'errorText' => '', 'post' => $_POST); $newdir = preg_replace('@/$@', '', safeFileName($_POST['newdir'])); // remove trailing slash $olddir = preg_replace('@/$@', '', safeFileName($_POST['olddir'])); // remove trailing slash $basedir = preg_replace('@[^?;:{}/]+$@', '', $olddir); // remove last dir name $olddir = preg_replace('@^' . $basedir . '@', '', $olddir); if ($newdir == '') { $return['errorText'] .= 'You cannot change the directory name to “' . $_POST['newdir'] . '”'; } else { if (!is_dir(IMAGEBASEDIR . $basedir) || !chdir(IMAGEBASEDIR . $basedir)) { $return['errorText'] .= 'Could not change directory to ' . $basedir; } else { if (is_dir($newdir)) { $return['errorText'] .= $basedir . $newdir . ' already exists'; } else { if (!rename($olddir, $newdir)) { $return['errorText'] .= "Could not rename {$olddir} to {$newdir}"; } else { chmod($newdir, DIRPERMS); $return['error'] = false; $return['newdir'] = $basedir . $newdir; $old = '/' . $basedir . '/' . $olddir . '/'; $new = '/' . $basedir . '/' . $newdir . '/'; $old = str_replace('//', '/', $old);
<?php // removes a directory require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => true, 'errorText' => '', 'post' => $_POST); foreach ($_POST['dirname'] as $postdir) { $dir = preg_replace('@/$@', '', safeFileName($postdir)); // remove trailing slash $basedir = explode('/', $dir); $deletedir = array_pop($basedir); $basedir = '/' . implode('/', $basedir); $basedir = preg_replace('@/$@', '', str_replace('//', '/', $basedir)); $mydir = IMAGEBASEDIR; if (!chdir(IMAGEBASEDIR . $basedir)) { $return['errorText'] .= "Could not change directory to <code>{$basedir}</code>."; } else { if (strpos(getcwd() . '/', $mydir) !== 0) { $return['errorText'] .= "The directory <code>{$basedir}</code> is not in your image directory."; } else { if (!is_dir($deletedir)) { $return['errorText'] .= "The directory <code>{$basedir}/{$deletedir}</code> could not be found."; } else { // check if there are any files in this directory and delete any images or tems // for safety, only goes one level down and doesn't delete directories $allowed_ext = array('jpg', 'png', 'gif', 'tem', 'txt', 'pca', 'csv', 'fimg', 'pci'); $handle = opendir($deletedir); $count = 0; while (false !== ($entry = readdir($handle))) { if ($entry != "." && $entry != "..") { $ext = pathinfo($entry, PATHINFO_EXTENSION);
$tem_name = preg_replace('@\\.(jpg|png|gif|JPG)$@', '.tem', $_FILES['upload']['name'][$i]); $temfilename = preg_replace('@\\.(jpg|png|gif|JPG)$@', '.tem', $filename); if (!empty($files[$tem_name])) { move_uploaded_file($files[$tem_name], $temfilename); $temcontents = implode("", file($temfilename)); } else { if (file_exists($temfilename)) { // get existing tem if it exists $temcontents = implode("", file($temfilename)); } else { $temcontents = ''; } } // add EXIF data $exifdata = array(PelTag::IMAGE_DESCRIPTION => $_POST['desc'], PelTag::COPYRIGHT => "webmorph.org: " . $_SESSION['email'] . ': IMG_ID: ' . $imgid, PelTag::USER_COMMENT => $temcontents); addExif($filename, $exifdata); } else { if (substr($_FILES['upload']['name'][$i], -4) == '.tem' || substr($_FILES['upload']['name'][$i], -4) == '.txt') { $tmp_name = $_FILES['upload']['tmp_name'][$i]; $name = $_FILES['upload']['name'][$i]; $filename = safeFileName("{$mydir}/{$name}"); move_uploaded_file($tmp_name, $filename); } } } } } else { echo "There was an error saving your file"; } } }
// read the exif information in a jpeg require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); session_write_close(); $return = array(); include_once DOC_ROOT . '/include/classes/png_reader.class.php'; function human_filesize($bytes) { $sz = 'BKMGTP'; $factor = floor((strlen($bytes) - 1) / 3); $hrsize = $bytes / pow(1024, $factor); $decimals = 1; return sprintf("%.{$decimals}f", $hrsize) . @$sz[$factor]; } $filename = IMAGEBASEDIR . safeFileName($_GET['img']); $return['Name'] = pathinfo($filename, PATHINFO_BASENAME); if (file_exists($filename)) { $size = getimagesize($filename); $return['Kind'] = $size['mime']; $return['Size'] = human_filesize(filesize($filename)); $return['Created'] = date('Y-m-d H:i:s', filemtime($filename)); $return['Dimensions'] = $size[0] . ' x ' . $size[1]; //$return['Owner'] = $_SESSION['email']; if (exif_imagetype($filename) == IMAGETYPE_JPEG) { $exif = exif_read_data($filename); preg_match('/IMG_ID: (?P<id>\\d+)/', $exif['Copyright'], $img); $copyright = explode(":", $exif['Copyright']); $return['Owner'] = $copyright[1] . ' '; $return['Image ID'] = $copyright[3] . ' '; $origdesc = $exif['ImageDescription'];
exit; } // reverse frames if ($_POST['rev'] == 'true') { $backframes = array_reverse($frames); $newframes = array_merge($frames, $backframes); } else { $newframes = $frames; } $loops = $_POST['loops'] > 0 ? $_POST['loops'] : 0; // set framelength $framelength = $_POST['speed'] > 0 ? $_POST['speed'] : 5; $delays = array_fill(0, count($newframes), $framelength); if ($_POST['rev'] == 'true' && $_POST['pause'] > 0) { $delays[0] = $_POST['pause']; $delays[count($frames)] = $_POST['pause']; } $gif = new AnimatedGif($newframes, $delays, $loops); $newFileName = str_replace(array('.jpg', '.gif'), '', safeFileName($_POST['newFileName'])) . '.gif'; if (!($newgif = fopen(IMAGEBASEDIR . $newFileName, "wb"))) { $return['errorText'] .= "<li>Cannot open {$newFileName}.</li>"; } else { if (!fwrite($newgif, $gif->GetAnimation())) { $return['errorText'] .= "<li>Cannot write to {$newFileName}.</li>"; } else { $return['error'] = false; } } $return['gif'] = $newFileName; $return['errorText'] .= "</ul>"; scriptReturn($return);
<?php // webcam file save require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); checkAllocation(); $return = array('error' => false, 'errorText' => ''); include_once DOC_ROOT . '/include/classes/psychomorph.class.php'; $newFileName = safeFileName($_POST['basedir'] . '/' . $_POST['name']) . '.jpg'; $return['newFileName'] = $newFileName; if (!array_key_exists('imgBase64', $_POST)) { $return['error'] = true; $return['errorText'] .= 'The webcam image did not transfer.'; } else { if (file_exists(IMAGEBASEDIR . $newFileName)) { $return['error'] = true; $return['errorText'] .= preg_replace("/^(\\d{1,11}\\/)/", "/", $newFileName) . ' already exists. Delete, rename, or move it first.'; } else { $img = new PsychoMorph_Image(); $b64 = str_replace('data:image/jpeg;base64,', '', $_POST['imgBase64']); $b64 = str_replace(' ', '+', $b64); $img->setImageBase64($b64); $img->setDescription('Webcam upload'); $img->save($newFileName); } } scriptReturn($return); exit;
// set order $possible_edits = array('align', 'resize', 'rotate', 'crop', 'mask', 'sym', 'mirror'); if ($_POST['theData']['order'] == '' || $_POST['theData']['order'] == 'false') { $edits = $possible_edits; } else { $edits = explode(',', $_POST['theData']['order']); } // run each edit in order foreach ($edits as $edit) { if (in_array($edit, $possible_edits)) { $return[$edit] = imgEdit($edit, $_POST['theData'][$edit], $img); } else { $return['errorText'] .= "'{$edit}' is not a valid edit. "; } } // save image if (array_key_exists('outname', $_POST)) { $newFileName = safeFileName($_POST['outname']); } $img->setOverWrite(false); if ($img->save($newFileName)) { $return['error'] = false; $return['newFileName'] = $img->getImg()->getURL(); } else { $return['errorText'] .= 'The image was not saved. '; } } else { $return['errorText'] .= 'The image to edit was not found.'; } scriptReturn($return); exit;
$aligned_x2 = $_POST['x2']; $aligned_y2 = $_POST['y2']; $align_width = $_POST['width']; $align_height = $_POST['height']; $align_pt1 = $_POST['pt1']; $align_pt2 = $_POST['pt2']; $rgb = $_POST['rgb']; include_once DOC_ROOT . '/include/classes/psychomorph.class.php'; if (array_key_exists('tem', $_POST)) { $img = new PsychoMorph_ImageTem($img, $_POST['tem']); } else { $img = new PsychoMorph_ImageTem($img); } $img->alignEyes($align_width, $align_height, array($aligned_x1, $aligned_y1), array($aligned_x2, $aligned_y2), $align_pt1, $align_pt2, $rgb); if (array_key_exists('newFileName', $_POST)) { $newFileName = safeFileName($_POST['newFileName']); } else { $newFileName = array('subfolder' => $_POST['subfolder'], 'prefix' => $_POST['prefix'], 'suffix' => $_POST['suffix']); } //$img->setOverWrite(true); if ($img->save($newFileName)) { $return['error'] = false; $return['newFileName'] = $img->getImg()->getURL(); } else { $return['errorText'] .= 'The image was not saved. '; } } else { $return['errorText'] .= 'The image to align was not found.'; } scriptReturn($return); exit;
<?php // rename a file in a user's directory require_once $_SERVER['DOCUMENT_ROOT'] . '/include/main_func.php'; auth(); $return = array('error' => true, 'errorText' => ''); $newname = safeFileName($_POST['newname']); $oldurl = safeFileName($_POST['oldurl']); $basedir = explode('/', $oldurl); $oldname = array_pop($basedir); $basedir = implode('/', $basedir); if ($newname == $oldname) { $return['error'] = false; $return['newurl'] = $basedir . '/' . $newname; $return['newFileName'] = $basedir . '/' . $newname; } else { if ($newname == '') { $return['errorText'] .= 'You cannot change the name to “' . $_POST['newname'] . '”'; } else { if (!chdir(IMAGEBASEDIR . $basedir)) { $return['errorText'] .= 'Could not change directory to /' . $basedir; } else { if (is_file($newname)) { $return['errorText'] .= '/' . $basedir . '/' . $newname . ' already exists'; } else { if (!rename($oldname, $newname)) { $return['errorText'] .= "Could not rename {$oldname} to {$newname}"; } else { $return['error'] = false; if (!$_POST['nochangetem']) { // try to change tem if exists