function tbxUploadStepOne() { global $t; $v = Validator::Create(); $_REQUEST['tags'] = Tags::Format($_REQUEST['tags']); $v->Register($_REQUEST['title'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Title'), Config::Get('title_min_length'), Config::Get('title_max_length')), Config::Get('title_min_length') . ',' . Config::Get('title_max_length')); $v->Register($_REQUEST['description'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Description'), Config::Get('description_min_length'), Config::Get('description_max_length')), Config::Get('description_min_length') . ',' . Config::Get('description_max_length')); $v->Register(Tags::Count($_REQUEST['tags']), Validator_Type::IS_BETWEEN, _T('Validation:Invalid Num Tags', Config::Get('tags_min'), Config::Get('tags_max')), Config::Get('tags_min') . ',' . Config::Get('tags_max')); // Register user-defined field validators $schema = GetDBSchema(); $v->RegisterFromXml($schema->el('//table[name="tbx_video_custom"]'), 'user', 'create'); // Check blacklist $_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR']; if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_VIDEO)) !== false) { $v->SetError(_T('Validation:Blacklisted', $match['match'])); } // Validate CAPTCHA if (Config::Get('flag_captcha_on_upload')) { Captcha::Verify(); } if (!$v->Validate()) { $t->Assign('g_errors', $v->GetErrors()); $t->AssignByRef('g_form', $_REQUEST); return tbxDisplayUpload(); } $_REQUEST['step_one_data'] = base64_encode(serialize($_REQUEST)); $_REQUEST['step_one_sig'] = sha1($_REQUEST['step_one_data'] . Config::Get('random_value')); $t->Assign('g_file_types', '*.' . str_replace(',', ';*.', Config::Get('upload_extensions'))); $t->Assign('g_cookie', $_COOKIE[LOGIN_COOKIE]); $t->AssignByRef('g_form', $_REQUEST); $t->Display('upload-step-two.tpl'); }
function tbxVideoEdit() { global $t; $DB = GetDB(); $username = AuthenticateUser::GetUsername(); $video = $DB->Row('SELECT * FROM `tbx_video` JOIN `tbx_video_custom` USING (`video_id`) WHERE `username`=? AND `tbx_video`.`video_id`=?', array($username, $_REQUEST['video_id'])); $_REQUEST['tags'] = Tags::Format($_REQUEST['tags']); $v = Validator::Create(); $v->Register(empty($video), Validator_Type::IS_FALSE, _T('Validation:Not your video')); $v->Register($_REQUEST['title'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Title'), Config::Get('title_min_length'), Config::Get('title_max_length')), Config::Get('title_min_length') . ',' . Config::Get('title_max_length')); $v->Register($_REQUEST['description'], Validator_Type::LENGTH_BETWEEN, _T('Validation:Invalid Length', _T('Label:Description'), Config::Get('description_min_length'), Config::Get('description_max_length')), Config::Get('description_min_length') . ',' . Config::Get('description_max_length')); $v->Register(Tags::Count($_REQUEST['tags']), Validator_Type::IS_BETWEEN, _T('Validation:Invalid Num Tags', Config::Get('tags_min'), Config::Get('tags_max')), Config::Get('tags_min') . ',' . Config::Get('tags_max')); // Register user-defined field validators $schema = GetDBSchema(); $v->RegisterFromXml($schema->el('//table[name="tbx_video_custom"]'), 'user', 'create'); // Check blacklist $_REQUEST['ip_address'] = $_SERVER['REMOTE_ADDR']; if (($match = Blacklist::Match($_REQUEST, Blacklist::ITEM_VIDEO)) !== false) { $v->SetError(_T('Validation:Blacklisted', $match['match'])); } if (!$v->Validate()) { $t->Assign('g_errors', $v->GetErrors()); return tbxDisplayVideoEdit(false); } // Strip HTML tags if (Config::Get('flag_video_strip_tags')) { $_REQUEST = String::StripTags($_REQUEST); } // Prepare fields for database Form_Prepare::Standard('tbx_video', 'edit'); Form_Prepare::Custom('tbx_video_custom_schema', 'on_edit'); $_REQUEST['video_id'] = $video['video_id']; $_REQUEST['display_thumbnail'] = $DB->QuerySingleColumn('SELECT `thumbnail_id` FROM `tbx_video_thumbnail` WHERE `video_id`=? AND `thumbnail_id`=?', array($video['video_id'], $_REQUEST['display_thumbnail'])); $_REQUEST['is_private'] = Config::Get('flag_upload_allow_private') ? intval($_REQUEST['is_private']) : 0; $_REQUEST['allow_ratings'] = intval($_REQUEST['allow_ratings']); $_REQUEST['allow_embedding'] = intval($_REQUEST['allow_embedding']); $_REQUEST['allow_comments'] = intval($_REQUEST['allow_comments']) ? 'Yes - Add Immediately' : 'No'; if ($_REQUEST['recorded_day'] && $_REQUEST['recorded_month'] && $_REQUEST['recorded_year']) { $_REQUEST['date_recorded'] = $_REQUEST['recorded_year'] . '-' . $_REQUEST['recorded_month'] . '-' . $_REQUEST['recorded_day']; } if (empty($_REQUEST['display_thumbnail'])) { unset($_REQUEST['display_thumbnail']); } DatabaseUpdate('tbx_video', $_REQUEST); DatabaseUpdate('tbx_video_custom', $_REQUEST); // Handle changes to privacy if ($_REQUEST['is_private'] && !$video['is_private']) { $private_id = sha1(uniqid(mt_rand(), true)); $DB->Update('REPLACE INTO `tbx_video_private` VALUES (?,?)', array($video['video_id'], $private_id)); } else { if (!$_REQUEST['is_private']) { $DB->Update('DELETE FROM `tbx_video_private` WHERE `video_id`=?', array($video['video_id'])); } } $t->ClearCache('video-watch.tpl', $video['video_id']); $t->Assign('g_success', true); tbxDisplayVideoEdit(); }