コード例 #1
0
    function login()
    {
        if (strlen($_POST[username]) && strlen($_POST[password])) {
            $ROWS = config::fetch_all_array("SELECT  sno,name,ip,date_format(lastlogin,'%d-%M-%Y %h:%i:%s')as lastlogin FROM " . $this->tblpfx . "user WHERE userid='" . addslashes($_POST[username]) . "' AND pwd='" . addslashes($_POST[password]) . "'", 1);
            if (strlen($ROWS[sno]) > 0) {
                $_SESSION[adminid] = $ROWS[sno];
                $_SESSION[adminname] = $ROWS[name];
                $_SESSION[adminrights] = $ROWS[rightoptions];
                $_SESSION[adminlasttime] = $ROWS[lastlogin];
                $_SESSION[adminlastip] = $ROWS[ip];
                $_SESSION[sessid] = session_id();
                config::query("update " . $this->tblpfx . "user SET ip='" . $_SERVER['REMOTE_ADDR'] . "',lastlogin=now() where sno='{$_SESSION['adminid']}'");
                if (strlen($_GET[red])) {
                    echo "<script>window.location.href='?pg=" . $_GET[red] . "';</script>";
                } else {
                    echo "<script>window.location.href='?success=y';</script>";
                }
                exit;
            } else {
                echo "<script>alert('Invalid Login Detail..');window.location.href='?pg=lgn';</script>";
                exit;
            }
        }
        if (strlen($username) && strlen($password)) {
            echo '
			<div align="center" style="color:red;font-weight:bold;">Invalid Login Detail.</div>';
        }
        if (isset($_SESSION[adminid])) {
            echo "<script>alert('Invalid Login Detail.');window.location.href='?';</script>";
            exit;
        }
    }
コード例 #2
0
ファイル: aboutus.php プロジェクト: ranjansimon/sacredspaces
 function showcase()
 {
     if (strlen($_POST[setposition])) {
         while (list($key, $val) = each($_POST)) {
             if (strstr($key, "chk_")) {
                 $key = str_replace("chk_", "", $key);
                 config::query("UPDATE " . $this->tblpfx . "showcase SET position='" . addslashes($val) . "' WHERE sno='{$key}'");
             }
         }
         echo "<script>window.location.href='?pg=" . $this->pg . "';</script>";
     }
     if (strlen($this->delid)) {
         config::query("DELETE FROM " . $this->tblpfx . "showcase WHERE sno='" . $this->delid . "'");
         unlink($this->path . $this->delid . "-" . $_GET[img]);
         echo "<script>window.location.href='?pg=" . $this->pg . "&success=3';</script>";
     }
     if (strlen($_POST[submit])) {
         if (strlen($_FILES[filename][name])) {
             $filename = $_FILES[filename][name];
             $additional .= ",filename='" . addslashes($filename) . "'";
         } elseif ($_POST[shall_typ] == "L") {
             if (!stristr($_POST[linkname], 'http')) {
                 $_POST[linkname] = "http://" . $_POST[linkname];
             }
             $additional .= ",filename='" . addslashes($_POST[linkname]) . "'";
         }
         if (intval($this->upd) > 0) {
             config::insertdb("showcase", "update", " sno='" . $this->upd . "'", $additional);
             $success = 2;
         } else {
             $this->upd = config::insertdb("showcase", "insert", "", $additional);
             $success = 1;
         }
         if (strlen($_FILES[filename][name])) {
             $filename = $this->upd . "-" . $filename;
             move_uploaded_file($_FILES["filename"]["tmp_name"], $this->path . $filename);
         }
         echo "<script>window.location.href='?pg=" . $this->pg . "&success={$success}'</script>";
     }
     $linkdisplay = " style='display:none;'";
     $filedisplay = "";
     if ($this->upd > 0) {
         $UPDATEROWS = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "showcase WHERE sno='" . $this->upd . "'", 1);
         if (strlen($UPDATEROWS[filename]) && $UPDATEROWS[typ] == "F") {
             $filename = "<a herf='" . $this->path . $UPDATEROWS[sno] . "-" . $UPDATEROWS[filename] . "' target='_blank'>{$UPDATEROWS[filename]}</a>";
             //$linkdisplay="";
         } else {
             $linkdisplay = "";
             $filedisplay = " style='display:none;'";
         }
     } else {
         $QUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "showcase ORDER BY position asc, sno desc");
     }
     $messagearray = array("", "ShowCase Added<br>By default the last updated will appear first. To change the order please use Set Position", "ShowCase Updated", "ShowCase Deleted");
     $message = $_GET[success];
     $message = $messagearray[$message];
     include "template/showcase.tpl";
 }
コード例 #3
0
 function photodisplay()
 {
     if (strlen($_POST[setposition])) {
         while (list($key, $val) = each($_POST)) {
             if (strstr($key, "chk_")) {
                 $key = str_replace("chk_", "", $key);
                 config::query("UPDATE " . $this->tblpfx . "photogallery SET position='" . addslashes($val) . "' WHERE sno='{$key}'");
             }
         }
         echo "<script>window.location.href='?pg=" . $this->pg . "&albumid=" . $this->albumid . "&albumtitle=" . $this->albumtitle . "&success=3';</script>";
     }
     if (strlen($this->delid)) {
         config::query("DELETE FROM " . $this->tblpfx . "photogallery WHERE sno='" . $this->delid . "'");
         unlink($this->path . $this->delid . "-" . $_GET[img]);
         echo "<script>window.location.href='?pg=" . $this->pg . "&albumid=" . $this->albumid . "&albumtitle=" . $this->albumtitle . "&success=3';</script>";
     }
     if (strlen($_POST[submit])) {
         if (strlen($_FILES[filename][name])) {
             $filename = $_FILES[filename][name];
             $additional .= ",imagename='" . addslashes($filename) . "'";
         }
         $CHKQRY = config::fetch_all_array("SELECT COUNT(*) FROM " . $this->tblpfx . "photogallery WHERE imagename='" . addslashes($filename) . "'", 1);
         if ($CHKQRY[0] == 0) {
             if ($_POST[tagdate_Month] < 10) {
                 $_POST[tagdate_Month] = "0" . ($_POST[tagdate_Month] + 1);
             }
             if ($_POST[tagdate_Day] < 10) {
                 $_POST[tagdate_Day] = "0" . $_POST[tagdate_Day];
             }
             $additional .= ",tagdate='{$_POST['tagdate_Year']}-{$_POST['tagdate_Month']}-{$_POST['tagdate_Day']}',albumid='" . addslashes($this->albumid) . "'";
             if (intval($this->upd) > 0) {
                 config::insertdb("photogallery", "update", " sno='" . $this->upd . "'", $additional);
                 $success = 2;
             } else {
                 $this->upd = config::insertdb("photogallery", "insert", "", $additional);
                 $success = 1;
             }
             if (strlen($_FILES[filename][name])) {
                 $filename = $this->upd . "-" . $filename;
                 //copy($_FILES[filename][tmp_name],$this->path."large/".$filename);
                 if (!is_dir($this->path)) {
                     mkdir($this->path);
                     chmod($this->path, 0777);
                     mkdir($this->path . "large/");
                     chmod($this->path . "large/", 0777);
                 }
                 list($width, $height) = getimagesize($_FILES["filename"]["tmp_name"]);
                 $newheight = 145;
                 $newwidth = $width / $height * $newheight;
                 if ($newwidth > 218) {
                     $newwidth = 218;
                 }
                 $image = new imageresize();
                 $image->load($_FILES["filename"]["tmp_name"]);
                 $image->resize($newwidth, 145);
                 $image->save($this->path . $filename);
                 ///large image
                 if ($height > 470) {
                     $newheight = 470;
                     $newwidth = $width / $height * $newheight;
                 } elseif ($width > 700) {
                     $newwidth = 700;
                     $newheight = $height / $width * $newwidth;
                 } else {
                     $newheight = $height;
                     $newwidth = $width;
                 }
                 $image->load($_FILES["filename"]["tmp_name"]);
                 $image->resize($newwidth, $newheight);
                 $image->save($this->path . "large/" . $filename);
             }
             echo "<script>window.location.href='?pg=" . $this->pg . "&albumid=" . $this->albumid . "&albumtitle=" . $this->albumtitle . "&success={$success}'</script>";
         } else {
             $errormessage = "<div class='error'>Duplicate Image not allowed</div>";
             while (list($key, $val) = each($_POST)) {
                 if (strstr($key, "shall_")) {
                     $key = str_replace("shall_", "", $key);
                     $UPDATEROWS[$key] = $val;
                 }
             }
         }
     }
     //if($UPDATEROWS[tagdate]=='' && $UPDATEROWS[city]=='' && $UPDATEROWS[religion]=='' && $UPDATEROWS[film]=='' && $UPDATEROWS[camera]=='' && $UPDATEROWS[lens]=='' && $UPDATEROWS[typeimg]=='')
     if ($this->upd > 0) {
         $UPDATEROWS = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "photogallery WHERE sno='" . $this->upd . "'", 1);
         $UPDATEROWS[tagdate] = config::datechange($UPDATEROWS[tagdate], "-", "-", "1");
         if ($UPDATEROWS[tagdate] == "00-00-0000") {
             $UPDATEROWS[tagdate] = "";
         }
         if (!strlen($UPDATEROWS[tagdate])) {
             $UPDATEROWS[tagdate] = date("d-m-Y");
         }
     } elseif (strlen($this->upd)) {
         $ALBUMROWS = config::fetch_all_array("SELECT tagdate,city,religion,typeimg,lens,film,camera FROM " . $this->tblpfx . "album WHERE sno='" . $this->albumid . "'", 1);
         $UPDATEROWS[tagdate] = config::datechange($ALBUMROWS[tagdate], "-", "-", "1");
         $UPDATEROWS[country] = $ALBUMROWS[country];
         $UPDATEROWS[city] = $ALBUMROWS[city];
         $UPDATEROWS[religion] = $ALBUMROWS[religion];
         $UPDATEROWS[film] = $ALBUMROWS[film];
         $UPDATEROWS[camera] = $ALBUMROWS[camera];
         $UPDATEROWS[lens] = $ALBUMROWS[lens];
         $UPDATEROWS[typeimg] = $ALBUMROWS[typeimg];
         if ($UPDATEROWS[tagdate] == "00-00-0000") {
             $UPDATEROWS[tagdate] = "";
         }
     }
     $QUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "photogallery a where albumid='" . $this->albumid . "' ORDER BY position asc, sno desc");
     if (strlen($this->upd)) {
         $TAGQUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "tags a ORDER BY title");
     }
     $messagearray = array("", "Images uploaded<br>By default the last updated will appear first. To change the order please use Set Position", "Images Updated", "Images Deleted");
     $message = $_GET[success];
     $message = $messagearray[$message];
     if (!strlen($UPDATEROWS[tagdate])) {
         $UPDATEROWS[tagdate] = date("d-m-Y");
     }
     include "template/photogallery.tpl";
 }
コード例 #4
0
 function displaytags()
 {
     $tagary = array("C" => "City", "R" => "Religion", "P" => "Camera", "L" => "Lens", "F" => "Film", "I" => "Type of Image");
     $fieldarray = array("C" => "city", "R" => "religion", "P" => "camera", "L" => "lens", "F" => "film", "I" => "typeimg");
     if (!strlen($this->typ)) {
         $this->typ = "C";
     }
     $fieldname = $fieldarray[$this->typ];
     if (strlen($this->delid)) {
         config::query("DELETE FROM " . $this->tblpfx . "tags WHERE sno='" . $this->delid . "' AND typ='" . $this->typ . "'");
         config::query("update " . $this->tblpfx . "album SET {$fieldname}='' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "'");
         config::query("update " . $this->tblpfx . "photogallery SET {$fieldname}='' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "'");
         config::query("update " . $this->tblpfx . "homegallery SET {$fieldname}='' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "'");
         echo "<script>window.location.href='?pg=" . $this->pg . "&typ=" . $this->typ . "&success=3';</script>";
     }
     if (strlen($_POST[submit])) {
         $additional = ",typ='" . $this->typ . "'";
         $CHKDUB = config::fetch_all_array("SELECT count(*) from " . $this->tblpfx . "tags WHERE sno!='" . $this->upd . "' AND title='" . addslashes($_POST["shall_title"]) . "' and typ='" . $this->typ . "'", 1);
         if ($CHKDUB[0] == 0) {
             if (intval($this->upd) > 0) {
                 config::insertdb("tags", "update", " sno='" . $this->upd . "'", $additional);
                 $success = 2;
             } else {
                 $this->upd = config::insertdb("tags", "insert", "", $additional);
                 $success = 1;
             }
             if ($_POST[oldtag] != $_POST[shall_title] && strlen($_POST[shall_title])) {
                 config::query("update " . $this->tblpfx . "album SET {$fieldname}='" . stripslashes($_POST[shall_title]) . "' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "' and {$fieldname}!=''");
                 config::query("update " . $this->tblpfx . "photogallery SET {$fieldname}='" . stripslashes($_POST[shall_title]) . "' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "' and {$fieldname}!=''");
                 config::query("update " . $this->tblpfx . "homegallery SET {$fieldname}='" . stripslashes($_POST[shall_title]) . "' WHERE {$fieldname}='" . stripslashes($_POST[oldtag]) . "' and {$fieldname}!=''");
             }
             if (strlen($_GET[red])) {
                 if (stristr($_GET[red], 'photo-')) {
                     $expld = explode("-", $_GET[red]);
                     $redval = "?pg={$expld['0']}&upd={$_GET[altid]}&albumid={$expld['1']}&albumtitle={$expld['2']}";
                 } else {
                     $redval = "?pg={$_GET[red]}&upd={$_GET[altid]}";
                 }
                 echo "<script>window.location.href='{$redval}'</script>";
             } else {
                 echo "<script>window.location.href='?pg=" . $this->pg . "&typ=" . $this->typ . "&success={$success}'</script>";
             }
         } else {
             echo "<script>alert('Duplicate Entry not allowed.');</script>";
             $UPDATEROWS[title] = $_POST[shall_title];
             $UPDATEROWS[reff] = $_POST[shall_reff];
         }
     }
     if ($this->upd > 0) {
         $UPDATEROWS = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "tags WHERE sno='" . $this->upd . "' AND typ='" . $this->typ . "'", 1);
     }
     $messagearray = array("", "Tag Created", "Tag Updated", "Tag Deleted");
     $message = $_GET[success];
     $message = $messagearray[$message];
     $QUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "tags WHERE typ='" . $this->typ . "' ORDER BY title");
     if (strlen($this->upd)) {
         if (strlen($_GET[red])) {
             if (stristr($_GET[red], 'photo-')) {
                 $expld = explode("-", $_GET[red]);
                 $cancle = "?pg={$expld['0']}&upd={$_GET[altid]}&albumid={$expld['1']}&albumtitle={$expld['2']}";
             } else {
                 $cancle = "?pg={$_GET[red]}&upd={$_GET[altid]}";
             }
         } else {
             $cancle = "?pg=" . $this->pg . "&amp;typ=" . $this->typ;
         }
     }
     include "template/tags.tpl";
 }
コード例 #5
0
 function displayhomegallery()
 {
     if (strlen($_POST[setposition])) {
         while (list($key, $val) = each($_POST)) {
             if (strstr($key, "chk_")) {
                 $key = str_replace("chk_", "", $key);
                 config::query("UPDATE " . $this->tblpfx . "homegallery SET position='" . addslashes($val) . "' WHERE sno='{$key}'");
             }
         }
         self::filecreation();
         echo "<script>alert('Records has been updated successfully');window.location.href='?pg=" . $this->pg . "';</script>";
     }
     if (strlen($this->delid)) {
         config::query("DELETE FROM " . $this->tblpfx . "homegallery WHERE sno='" . $this->delid . "'");
         self::filecreation();
         echo "<script>window.location.href='?pg=" . $this->pg . "&success=3';</script>";
     }
     if (strlen($_POST[submit])) {
         if (strlen($_FILES[filename][name])) {
             $filename = $_FILES[filename][name];
             $additional .= ",imagename='" . addslashes($filename) . "'";
         }
         $CHKQRY = config::fetch_all_array("SELECT COUNT(*) FROM " . $this->tblpfx . "homegallery WHERE imagename='" . addslashes($filename) . "'", 1);
         if ($CHKQRY[0] == 0) {
             if ($_POST[tagdate_Month] < 10) {
                 $_POST[tagdate_Month] = "0" . ($_POST[tagdate_Month] + 1);
             }
             if ($_POST[tagdate_Day] < 10) {
                 $_POST[tagdate_Day] = "0" . $_POST[tagdate_Day];
             }
             $additional .= ",tagdate='{$_POST['tagdate_Year']}-{$_POST['tagdate_Month']}-{$_POST['tagdate_Day']}'";
             if (intval($this->upd) > 0) {
                 config::insertdb("homegallery", "update", " sno='" . $this->upd . "'", $additional);
                 $success = 2;
             } else {
                 $this->upd = config::insertdb("homegallery", "insert", "", $additional);
                 $success = 1;
             }
             if (strlen($_FILES[filename][name])) {
                 $filename = $this->upd . "-" . $filename;
                 $image = new imageresize();
                 $image->load($_FILES["filename"]["tmp_name"]);
                 $image->resize(698, 464);
                 $image->save($this->path . $filename);
             }
             self::filecreation();
             echo "<script>window.location.href='?pg=" . $this->pg . "&success={$success}'</script>";
         } else {
             $errormessage = "<div class='error'>Duplicate Image not allowed</div>";
             while (list($key, $val) = each($_POST)) {
                 if (strstr($key, "shall_")) {
                     $key = str_replace("shall_", "", $key);
                     $UPDATEROWS[$key] = $val;
                 }
             }
         }
     }
     if ($this->upd > 0) {
         $UPDATEROWS = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "homegallery WHERE sno='" . $this->upd . "'", 1);
         //if(strlen($UPDATEROWS[imagename]))
         //$imagename="<img src='".$this->path.$UPDATEROWS[sno]."-".$UPDATEROWS[imagename]."' height='50'>";
         $UPDATEROWS[tagdate] = config::datechange($UPDATEROWS[tagdate], "-", "-", "1");
     }
     if (!strlen($UPDATEROWS[tagdate]) || $UPDATEROWS[tagdate] == "00-00-0000") {
         $UPDATEROWS[tagdate] = date("d-m-Y");
     }
     if (strlen($this->upd)) {
         $TAGQUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "tags a ORDER BY title");
     }
     $messagearray = array("", "Photo Uploaded<br>By default the last updated will appear first. To change the order please use Set Position", "Photo Updated", "Photo Deleted");
     $message = $_GET[success];
     $message = $messagearray[$message];
     $QUERY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "homegallery ORDER BY position asc,sno desc");
     include "template/homegallery.tpl";
 }
コード例 #6
0
 function usermanamgent()
 {
     if (strlen($this->del)) {
         if ($this->del == 1) {
             echo "<script>alert('You are not able to delete this record');window.location.href='?pg=" . $this->pg . "';</script>";
             exit;
         } else {
             config::query("delete from " . $this->tblpfx . "user where sno='" . $this->del . "'");
             echo "<script>alert('Record has been deleted successfully');window.location.href='?pg=" . $this->pg . "';</script>";
             exit;
         }
     }
     if (!strlen($this->upd)) {
         $QUERY = config::fetch_all_array("select * from " . $this->tblpfx . "user");
     } else {
         if (strlen($this->submit)) {
             $rightsopt = $_POST[chk];
             while (list($key, $val) = each($rightsopt)) {
                 $rghtopt .= "#" . $val . "^";
             }
             $additional = ",rightoptions='{$rghtopt}'";
             if (intval($this->upd) == 0) {
                 config::insertdb("user", "insert", "", $additional);
                 echo "<script>alert('Record has been submitted successfully.');window.location.href='?pg=" . $this->pg . "';</script>";
             } else {
                 config::insertdb("user", "update", " sno='" . $this->upd . "'", $additional);
                 if ($this->upd == $_SESSION[adminid]) {
                     session_destroy();
                 }
                 echo "<script>alert('Record has been submitted successfully.');window.location.href='?pg=" . $this->pg . "';</script>";
             }
             exit;
         }
         if (intval($this->upd) > 0) {
             $ROWS = config::fetch_all_array("select * from " . $this->tblpfx . "user where sno='" . $this->upd . "'", 1);
         }
         ${"chk" . intval($ROWS[status])} = "checked";
         $RIGHTQRY = config::fetch_all_array("SELECT * FROM " . $this->tblpfx . "rights ORDER BY sno");
         $i = 0;
         $td = 0;
         foreach ($RIGHTQRY as $RIGHTROWS) {
             $checked = "";
             $td++;
             if (strstr($ROWS[rightoptions], "#" . $RIGHTROWS[sno] . "^")) {
                 $checked = "checked";
             }
             if ($td == 1) {
                 $RIGHTSMESSAGE .= "<tr>";
             }
             $RIGHTSMESSAGE .= "\n\t\t\t\t<td><input type='checkbox' name='chk[{$i}]' value='{$RIGHTROWS['sno']}' id='chk_{$i}' {$checked}> {$RIGHTROWS['rightname']}</td>";
             $i++;
             if ($td == 2) {
                 $RIGHTSMESSAGE .= "</tr>";
                 $td = 0;
             }
         }
         if ($td > 0) {
             $RIGHTSMESSAGE .= "<td></td></tr>";
         }
     }
     include "tmpl/adminuser.html";
 }