function login() { if (strlen($_POST[username]) && strlen($_POST[password])) { $ROWS = config::fetch_all_array("SELECT sno,name,ip,date_format(lastlogin,'%d-%M-%Y %h:%i:%s')as lastlogin FROM " . $this->tblpfx . "user WHERE userid='" . addslashes($_POST[username]) . "' AND pwd='" . addslashes($_POST[password]) . "'", 1); if (strlen($ROWS[sno]) > 0) { $_SESSION[adminid] = $ROWS[sno]; $_SESSION[adminname] = $ROWS[name]; $_SESSION[adminrights] = $ROWS[rightoptions]; $_SESSION[adminlasttime] = $ROWS[lastlogin]; $_SESSION[adminlastip] = $ROWS[ip]; $_SESSION[sessid] = session_id(); config::query("update " . $this->tblpfx . "user SET ip='" . $_SERVER['REMOTE_ADDR'] . "',lastlogin=now() where sno='{$_SESSION['adminid']}'"); if (strlen($_GET[red])) { echo "<script>window.location.href='?pg=" . $_GET[red] . "';</script>"; } else { echo "<script>window.location.href='?success=y';</script>"; } exit; } else { echo "<script>alert('Invalid Login Detail..');window.location.href='?pg=lgn';</script>"; exit; } } if (strlen($username) && strlen($password)) { echo ' <div align="center" style="color:red;font-weight:bold;">Invalid Login Detail.</div>'; } if (isset($_SESSION[adminid])) { echo "<script>alert('Invalid Login Detail.');window.location.href='?';</script>"; exit; } }
function showcase() { if (strlen($_POST[setposition])) { while (list($key, $val) = each($_POST)) { if (strstr($key, "chk_")) { $key = str_replace("chk_", "", $key); config::query("UPDATE " . $this->tblpfx . "showcase SET position='" . addslashes($val) . "' WHERE sno='{$key}'"); } } echo "<script>window.location.href='?pg=" . $this->pg . "';</script>"; } if (strlen($this->delid)) { config::query("DELETE FROM " . $this->tblpfx . "showcase WHERE sno='" . $this->delid . "'"); unlink($this->path . $this->delid . "-" . $_GET[img]); echo "<script>window.location.href='?pg=" . $this->pg . "&success=3';</script>"; } if (strlen($_POST[submit])) { if (strlen($_FILES[filename][name])) { $filename = $_FILES[filename][name]; $additional .= ",filename='" . addslashes($filename) . "'"; } elseif ($_POST[shall_typ] == "L") { if (!stristr($_POST[linkname], 'http')) { $_POST[linkname] = "http://" . $_POST[linkname]; } $additional .= ",filename='" . addslashes($_POST[linkname]) . "'"; } if (intval($this->upd) > 0) { config::insertdb("showcase", "update", " sno='" . $this->upd . "'", $additional); $success = 2; } else { $this->upd = config::insertdb("showcase", "insert", "", $additional); $success = 1; } if (strlen($_FILES[filename][name])) { $filename = $this->upd . "-" . $filename; move_uploaded_file($_FILES["filename"]["tmp_name"], $this->path . $filename); } echo "<script>window.location.href='?pg=" . $this->pg . "&success={$success}'</script>"; } $linkdisplay = " style='display:none;'"; $filedisplay = ""; if ($this->upd > 0) { $UPDATEROWS = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "showcase WHERE sno='" . $this->upd . "'", 1); if (strlen($UPDATEROWS[filename]) && $UPDATEROWS[typ] == "F") { $filename = "<a herf='" . $this->path . $UPDATEROWS[sno] . "-" . $UPDATEROWS[filename] . "' target='_blank'>{$UPDATEROWS[filename]}</a>"; //$linkdisplay=""; } else { $linkdisplay = ""; $filedisplay = " style='display:none;'"; } } else { $QUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "showcase ORDER BY position asc, sno desc"); } $messagearray = array("", "ShowCase Added<br>By default the last updated will appear first. To change the order please use Set Position", "ShowCase Updated", "ShowCase Deleted"); $message = $_GET[success]; $message = $messagearray[$message]; include "template/showcase.tpl"; }
function photodisplay() { if (strlen($_POST[setposition])) { while (list($key, $val) = each($_POST)) { if (strstr($key, "chk_")) { $key = str_replace("chk_", "", $key); config::query("UPDATE " . $this->tblpfx . "photogallery SET position='" . addslashes($val) . "' WHERE sno='{$key}'"); } } echo "<script>window.location.href='?pg=" . $this->pg . "&albumid=" . $this->albumid . "&albumtitle=" . $this->albumtitle . "&success=3';</script>"; } if (strlen($this->delid)) { config::query("DELETE FROM " . $this->tblpfx . "photogallery WHERE sno='" . $this->delid . "'"); unlink($this->path . $this->delid . "-" . $_GET[img]); echo "<script>window.location.href='?pg=" . $this->pg . "&albumid=" . $this->albumid . "&albumtitle=" . $this->albumtitle . "&success=3';</script>"; } if (strlen($_POST[submit])) { if (strlen($_FILES[filename][name])) { $filename = $_FILES[filename][name]; $additional .= ",imagename='" . addslashes($filename) . "'"; } $CHKQRY = config::fetch_all_array("SELECT COUNT(*) FROM " . $this->tblpfx . "photogallery WHERE imagename='" . addslashes($filename) . "'", 1); if ($CHKQRY[0] == 0) { if ($_POST[tagdate_Month] < 10) { $_POST[tagdate_Month] = "0" . ($_POST[tagdate_Month] + 1); } if ($_POST[tagdate_Day] < 10) { $_POST[tagdate_Day] = "0" . $_POST[tagdate_Day]; } $additional .= ",tagdate='{$_POST['tagdate_Year']}-{$_POST['tagdate_Month']}-{$_POST['tagdate_Day']}',albumid='" . addslashes($this->albumid) . "'"; if (intval($this->upd) > 0) { config::insertdb("photogallery", "update", " sno='" . $this->upd . "'", $additional); $success = 2; } else { $this->upd = config::insertdb("photogallery", "insert", "", $additional); $success = 1; } if (strlen($_FILES[filename][name])) { $filename = $this->upd . "-" . $filename; //copy($_FILES[filename][tmp_name],$this->path."large/".$filename); if (!is_dir($this->path)) { mkdir($this->path); chmod($this->path, 0777); mkdir($this->path . "large/"); chmod($this->path . "large/", 0777); } list($width, $height) = getimagesize($_FILES["filename"]["tmp_name"]); $newheight = 145; $newwidth = $width / $height * $newheight; if ($newwidth > 218) { $newwidth = 218; } $image = new imageresize(); $image->load($_FILES["filename"]["tmp_name"]); $image->resize($newwidth, 145); $image->save($this->path . $filename); ///large image if ($height > 470) { $newheight = 470; $newwidth = $width / $height * $newheight; } elseif ($width > 700) { $newwidth = 700; $newheight = $height / $width * $newwidth; } else { $newheight = $height; $newwidth = $width; } $image->load($_FILES["filename"]["tmp_name"]); $image->resize($newwidth, $newheight); $image->save($this->path . "large/" . $filename); } echo "<script>window.location.href='?pg=" . $this->pg . "&albumid=" . $this->albumid . "&albumtitle=" . $this->albumtitle . "&success={$success}'</script>"; } else { $errormessage = "<div class='error'>Duplicate Image not allowed</div>"; while (list($key, $val) = each($_POST)) { if (strstr($key, "shall_")) { $key = str_replace("shall_", "", $key); $UPDATEROWS[$key] = $val; } } } } //if($UPDATEROWS[tagdate]=='' && $UPDATEROWS[city]=='' && $UPDATEROWS[religion]=='' && $UPDATEROWS[film]=='' && $UPDATEROWS[camera]=='' && $UPDATEROWS[lens]=='' && $UPDATEROWS[typeimg]=='') if ($this->upd > 0) { $UPDATEROWS = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "photogallery WHERE sno='" . $this->upd . "'", 1); $UPDATEROWS[tagdate] = config::datechange($UPDATEROWS[tagdate], "-", "-", "1"); if ($UPDATEROWS[tagdate] == "00-00-0000") { $UPDATEROWS[tagdate] = ""; } if (!strlen($UPDATEROWS[tagdate])) { $UPDATEROWS[tagdate] = date("d-m-Y"); } } elseif (strlen($this->upd)) { $ALBUMROWS = config::fetch_all_array("SELECT tagdate,city,religion,typeimg,lens,film,camera FROM " . $this->tblpfx . "album WHERE sno='" . $this->albumid . "'", 1); $UPDATEROWS[tagdate] = config::datechange($ALBUMROWS[tagdate], "-", "-", "1"); $UPDATEROWS[country] = $ALBUMROWS[country]; $UPDATEROWS[city] = $ALBUMROWS[city]; $UPDATEROWS[religion] = $ALBUMROWS[religion]; $UPDATEROWS[film] = $ALBUMROWS[film]; $UPDATEROWS[camera] = $ALBUMROWS[camera]; $UPDATEROWS[lens] = $ALBUMROWS[lens]; $UPDATEROWS[typeimg] = $ALBUMROWS[typeimg]; if ($UPDATEROWS[tagdate] == "00-00-0000") { $UPDATEROWS[tagdate] = ""; } } $QUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "photogallery a where albumid='" . $this->albumid . "' ORDER BY position asc, sno desc"); if (strlen($this->upd)) { $TAGQUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "tags a ORDER BY title"); } $messagearray = array("", "Images uploaded<br>By default the last updated will appear first. To change the order please use Set Position", "Images Updated", "Images Deleted"); $message = $_GET[success]; $message = $messagearray[$message]; if (!strlen($UPDATEROWS[tagdate])) { $UPDATEROWS[tagdate] = date("d-m-Y"); } include "template/photogallery.tpl"; }
function displaytags() { $tagary = array("C" => "City", "R" => "Religion", "P" => "Camera", "L" => "Lens", "F" => "Film", "I" => "Type of Image"); $fieldarray = array("C" => "city", "R" => "religion", "P" => "camera", "L" => "lens", "F" => "film", "I" => "typeimg"); if (!strlen($this->typ)) { $this->typ = "C"; } $fieldname = $fieldarray[$this->typ]; if (strlen($this->delid)) { config::query("DELETE FROM " . $this->tblpfx . "tags WHERE sno='" . $this->delid . "' AND typ='" . $this->typ . "'"); config::query("update " . $this->tblpfx . "album SET {$fieldname}='' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "'"); config::query("update " . $this->tblpfx . "photogallery SET {$fieldname}='' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "'"); config::query("update " . $this->tblpfx . "homegallery SET {$fieldname}='' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "'"); echo "<script>window.location.href='?pg=" . $this->pg . "&typ=" . $this->typ . "&success=3';</script>"; } if (strlen($_POST[submit])) { $additional = ",typ='" . $this->typ . "'"; $CHKDUB = config::fetch_all_array("SELECT count(*) from " . $this->tblpfx . "tags WHERE sno!='" . $this->upd . "' AND title='" . addslashes($_POST["shall_title"]) . "' and typ='" . $this->typ . "'", 1); if ($CHKDUB[0] == 0) { if (intval($this->upd) > 0) { config::insertdb("tags", "update", " sno='" . $this->upd . "'", $additional); $success = 2; } else { $this->upd = config::insertdb("tags", "insert", "", $additional); $success = 1; } if ($_POST[oldtag] != $_POST[shall_title] && strlen($_POST[shall_title])) { config::query("update " . $this->tblpfx . "album SET {$fieldname}='" . stripslashes($_POST[shall_title]) . "' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "' and {$fieldname}!=''"); config::query("update " . $this->tblpfx . "photogallery SET {$fieldname}='" . stripslashes($_POST[shall_title]) . "' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "' and {$fieldname}!=''"); config::query("update " . $this->tblpfx . "homegallery SET {$fieldname}='" . stripslashes($_POST[shall_title]) . "' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "' and {$fieldname}!=''"); } if (strlen($_GET[red])) { if (stristr($_GET[red], 'photo-')) { $expld = explode("-", $_GET[red]); $redval = "?pg={$expld['0']}&upd={$_GET[altid]}&albumid={$expld['1']}&albumtitle={$expld['2']}"; } else { $redval = "?pg={$_GET[red]}&upd={$_GET[altid]}"; } echo "<script>window.location.href='{$redval}'</script>"; } else { echo "<script>window.location.href='?pg=" . $this->pg . "&typ=" . $this->typ . "&success={$success}'</script>"; } } else { echo "<script>alert('Duplicate Entry not allowed.');</script>"; $UPDATEROWS[title] = $_POST[shall_title]; $UPDATEROWS[reff] = $_POST[shall_reff]; } } if ($this->upd > 0) { $UPDATEROWS = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "tags WHERE sno='" . $this->upd . "' AND typ='" . $this->typ . "'", 1); } $messagearray = array("", "Tag Created", "Tag Updated", "Tag Deleted"); $message = $_GET[success]; $message = $messagearray[$message]; $QUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "tags WHERE typ='" . $this->typ . "' ORDER BY title"); if (strlen($this->upd)) { if (strlen($_GET[red])) { if (stristr($_GET[red], 'photo-')) { $expld = explode("-", $_GET[red]); $cancle = "?pg={$expld['0']}&upd={$_GET[altid]}&albumid={$expld['1']}&albumtitle={$expld['2']}"; } else { $cancle = "?pg={$_GET[red]}&upd={$_GET[altid]}"; } } else { $cancle = "?pg=" . $this->pg . "&typ=" . $this->typ; } } include "template/tags.tpl"; }
function displayhomegallery() { if (strlen($_POST[setposition])) { while (list($key, $val) = each($_POST)) { if (strstr($key, "chk_")) { $key = str_replace("chk_", "", $key); config::query("UPDATE " . $this->tblpfx . "homegallery SET position='" . addslashes($val) . "' WHERE sno='{$key}'"); } } self::filecreation(); echo "<script>alert('Records has been updated successfully');window.location.href='?pg=" . $this->pg . "';</script>"; } if (strlen($this->delid)) { config::query("DELETE FROM " . $this->tblpfx . "homegallery WHERE sno='" . $this->delid . "'"); self::filecreation(); echo "<script>window.location.href='?pg=" . $this->pg . "&success=3';</script>"; } if (strlen($_POST[submit])) { if (strlen($_FILES[filename][name])) { $filename = $_FILES[filename][name]; $additional .= ",imagename='" . addslashes($filename) . "'"; } $CHKQRY = config::fetch_all_array("SELECT COUNT(*) FROM " . $this->tblpfx . "homegallery WHERE imagename='" . addslashes($filename) . "'", 1); if ($CHKQRY[0] == 0) { if ($_POST[tagdate_Month] < 10) { $_POST[tagdate_Month] = "0" . ($_POST[tagdate_Month] + 1); } if ($_POST[tagdate_Day] < 10) { $_POST[tagdate_Day] = "0" . $_POST[tagdate_Day]; } $additional .= ",tagdate='{$_POST['tagdate_Year']}-{$_POST['tagdate_Month']}-{$_POST['tagdate_Day']}'"; if (intval($this->upd) > 0) { config::insertdb("homegallery", "update", " sno='" . $this->upd . "'", $additional); $success = 2; } else { $this->upd = config::insertdb("homegallery", "insert", "", $additional); $success = 1; } if (strlen($_FILES[filename][name])) { $filename = $this->upd . "-" . $filename; $image = new imageresize(); $image->load($_FILES["filename"]["tmp_name"]); $image->resize(698, 464); $image->save($this->path . $filename); } self::filecreation(); echo "<script>window.location.href='?pg=" . $this->pg . "&success={$success}'</script>"; } else { $errormessage = "<div class='error'>Duplicate Image not allowed</div>"; while (list($key, $val) = each($_POST)) { if (strstr($key, "shall_")) { $key = str_replace("shall_", "", $key); $UPDATEROWS[$key] = $val; } } } } if ($this->upd > 0) { $UPDATEROWS = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "homegallery WHERE sno='" . $this->upd . "'", 1); //if(strlen($UPDATEROWS[imagename])) //$imagename="<img src='".$this->path.$UPDATEROWS[sno]."-".$UPDATEROWS[imagename]."' height='50'>"; $UPDATEROWS[tagdate] = config::datechange($UPDATEROWS[tagdate], "-", "-", "1"); } if (!strlen($UPDATEROWS[tagdate]) || $UPDATEROWS[tagdate] == "00-00-0000") { $UPDATEROWS[tagdate] = date("d-m-Y"); } if (strlen($this->upd)) { $TAGQUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "tags a ORDER BY title"); } $messagearray = array("", "Photo Uploaded<br>By default the last updated will appear first. To change the order please use Set Position", "Photo Updated", "Photo Deleted"); $message = $_GET[success]; $message = $messagearray[$message]; $QUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "homegallery ORDER BY position asc,sno desc"); include "template/homegallery.tpl"; }
function usermanamgent() { if (strlen($this->del)) { if ($this->del == 1) { echo "<script>alert('You are not able to delete this record');window.location.href='?pg=" . $this->pg . "';</script>"; exit; } else { config::query("delete from " . $this->tblpfx . "user where sno='" . $this->del . "'"); echo "<script>alert('Record has been deleted successfully');window.location.href='?pg=" . $this->pg . "';</script>"; exit; } } if (!strlen($this->upd)) { $QUERY = config::fetch_all_array("select * from " . $this->tblpfx . "user"); } else { if (strlen($this->submit)) { $rightsopt = $_POST[chk]; while (list($key, $val) = each($rightsopt)) { $rghtopt .= "#" . $val . "^"; } $additional = ",rightoptions='{$rghtopt}'"; if (intval($this->upd) == 0) { config::insertdb("user", "insert", "", $additional); echo "<script>alert('Record has been submitted successfully.');window.location.href='?pg=" . $this->pg . "';</script>"; } else { config::insertdb("user", "update", " sno='" . $this->upd . "'", $additional); if ($this->upd == $_SESSION[adminid]) { session_destroy(); } echo "<script>alert('Record has been submitted successfully.');window.location.href='?pg=" . $this->pg . "';</script>"; } exit; } if (intval($this->upd) > 0) { $ROWS = config::fetch_all_array("select * from " . $this->tblpfx . "user where sno='" . $this->upd . "'", 1); } ${"chk" . intval($ROWS[status])} = "checked"; $RIGHTQRY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "rights ORDER BY sno"); $i = 0; $td = 0; foreach ($RIGHTQRY as $RIGHTROWS) { $checked = ""; $td++; if (strstr($ROWS[rightoptions], "#" . $RIGHTROWS[sno] . "^")) { $checked = "checked"; } if ($td == 1) { $RIGHTSMESSAGE .= "<tr>"; } $RIGHTSMESSAGE .= "\n\t\t\t\t<td><input type='checkbox' name='chk[{$i}]' value='{$RIGHTROWS['sno']}' id='chk_{$i}' {$checked}> {$RIGHTROWS['rightname']}</td>"; $i++; if ($td == 2) { $RIGHTSMESSAGE .= "</tr>"; $td = 0; } } if ($td > 0) { $RIGHTSMESSAGE .= "<td></td></tr>"; } } include "tmpl/adminuser.html"; }