//Разришенные форматы $allowed_files = array('jpg', 'jpeg', 'jpe', 'png', 'gif'); //Загружаем картинку на сайт if (in_array(strtolower($img_format), $allowed_files) and preg_match("/http:\\/\\/(.*?)(.jpg|.png|.gif|.jpeg|.jpe)/i", $rImgUrl)) { //Директория загрузки фото $upload_dir = ROOT_DIR . '/uploads/attach/' . $user_id; //Если нет папки юзера, то создаём её if (!is_dir($upload_dir)) { @mkdir($upload_dir, 0777); @chmod($upload_dir, 0777); } //Подключаем класс для фотографий include ENGINE_DIR . '/classes/images.php'; if (@copy($rImgUrl, $upload_dir . '/' . $image_name . '.' . $img_format)) { $tmb = new thumbnail($upload_dir . '/' . $image_name . '.' . $img_format); $tmb->size_auto('100x80'); $tmb->jpeg_quality(100); $tmb->save($upload_dir . '/' . $image_name . '.' . $img_format); $attach_files = str_replace($attach_type[4], '/uploads/attach/' . $user_id . '/' . $image_name . '.' . $img_format, $attach_files); } } $cnt_attach_link++; } } } $attach_files = str_replace('vote|', 'hack|', $attach_files); $attach_files = str_replace(array('|', '»', '"'), array('|', '»', '"'), $attach_files); //Голосование $vote_title = ajax_utf8(textFilter($_POST['vote_title'], false, true)); $vote_answer_1 = ajax_utf8(textFilter($_POST['vote_answer_1'], false, true)); $ansers_list = array();
} if ($size > $REX['ADDON']['max_size'][$mypage]) { print 'Error size to big: max ' . $REX['ADDON']['max_size'][$mypage] . ' px'; exit; } // start thumb class $thumb = new thumbnail($imagepath); // check method if ($mode == 'w') { $thumb->size_width($size); } if ($mode == 'h') { $thumb->size_height($size); } if ($mode == 'c') { $thumb->size_crop($size, $hmode); } elseif ($hmode != '') { $thumb->size_height($hmode); } if ($mode == 'a') { $thumb->size_auto($size); } foreach ($rex_filter as $filter) { $thumb->addFilter($filter); } // jpeg quality $thumb->jpeg_quality($REX['ADDON']['jpeg_quality'][$mypage]); // save cache $thumb->generateImage($cachepath); exit; }
$image_name = totranslit(stripslashes($img_name_arr[0])) . "." . $type; } if (strpos($image_name, "php") !== false) { die("Hacking attempt!"); } if (is_uploaded_file($image) and !$stop) { if (intval($user_group[$member_id['user_group']]['max_foto']) > 0) { if ($image_size < 100000) { $allowed_extensions = array("jpg", "png", "jpe", "jpeg", "gif"); if (in_array($type, $allowed_extensions) and $image_name) { include_once ENGINE_DIR . '/classes/thumb.class.php'; $res = @move_uploaded_file($image, ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type); if ($res) { @chmod(ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type, 0666); $thumb = new thumbnail(ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type); if ($thumb->size_auto($user_group[$member_id['user_group']]['max_foto'])) { $thumb->jpeg_quality($config['jpeg_quality']); $thumb->save(ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type); } else { if ($type == "gif") { @rename(ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type, ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type); } else { $thumb->jpeg_quality($config['jpeg_quality']); $thumb->save(ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type); } } @chmod(ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type, 0666); $foto_name = "foto_" . $row['user_id'] . "." . $type; $db->query("UPDATE " . USERPREFIX . "_users set foto='{$foto_name}' WHERE user_id = '{$id}'"); } else { $stop .= $lang['news_err_14'];
<?php require_once '../classes/image.class.php'; $size = 600; $image = new thumbnail($_GET['src']); //$image->size_width($size); //Фіксована ширина //$image->size_height($size); //Фіксована висота $image->size_auto($size); //Фіксована ширина або висота //$image->size_crop($size); //Одинакові ширина та висота //$image->size_width_height($size,$size_h); //Довільна ширина та висота $image->add_logo("watermark.png"); //Додати лого до картинки $image->show();
// во первых, проверка, чтобы картинка была только в папке uploads, ибо нефик!. //Покачто закомментировал т.к. на локалке работает всё нормально, нужно проверять на хостинге. /*$url = explode('/uploads/', $url); if(count($url) != 2) continue; // да ну нафиг, если в нескольких папках uploads $url = ROOT_DIR . '/uploads/' . $url[1]; if(!is_file($url)) continue;*/ $info = pathinfo($url); if (isset($info['extension'])) { $info['extension'] = strtolower($info['extension']); if (in_array($info['extension'], array('jpg', 'jpeg', 'gif', 'png'))) { $original_img = str_replace(ROOT_DIR, '', $url); $file_name = strtolower(basename($url)); $file_name = $img_size . "_" . $file_name; if (!file_exists($dir . $file_name)) { $thumb = new thumbnail($url); $thumb->size_auto($img_size); $thumb->save($dir . $file_name); } if ($img_size == 0) { $image[] = $original_img; } else { $image[] = $config['http_home_url'] . "uploads/blockpro/" . $file_name; } } } } if (count($image)) { $i = 0; foreach ($image as $url) { $i++; $tplb->copy_template = str_replace('{image-' . $i . '}', $url, $tplb->copy_template);
function FileUpload() { global $config, $db, $lang, $member_id, $user_group; $_IP = get_ip(); $added_time = time() + $config['date_adjust'] * 60; if (!is_dir(ROOT_DIR . "/uploads/posts/" . FOLDER_PREFIX)) { @mkdir(ROOT_DIR . "/uploads/posts/" . FOLDER_PREFIX, 0777); @chmod(ROOT_DIR . "/uploads/posts/" . FOLDER_PREFIX, 0777); @mkdir(ROOT_DIR . "/uploads/posts/" . FOLDER_PREFIX . "thumbs", 0777); @chmod(ROOT_DIR . "/uploads/posts/" . FOLDER_PREFIX . "thumbs", 0777); } if (!is_dir(ROOT_DIR . "/uploads/files/" . FOLDER_PREFIX)) { @mkdir(ROOT_DIR . "/uploads/files/" . FOLDER_PREFIX, 0777); @chmod(ROOT_DIR . "/uploads/files/" . FOLDER_PREFIX, 0777); } if (!is_dir(ROOT_DIR . "/uploads/posts/" . FOLDER_PREFIX)) { return $this->msg_error($lang['upload_error_0'] . " /uploads/posts/" . FOLDER_PREFIX, 403); } if (!is_dir(ROOT_DIR . "/uploads/files/" . FOLDER_PREFIX)) { return $this->msg_error($lang['upload_error_0'] . " /uploads/files/" . FOLDER_PREFIX, 403); } if (!is_writable(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX)) { return $this->msg_error($lang['upload_error_1'] . " /uploads/" . $this->upload_path . FOLDER_PREFIX . " " . $lang['upload_error_2'], 403); } if (!is_writable(ROOT_DIR . "/uploads/files/" . FOLDER_PREFIX)) { return $this->msg_error($lang['upload_error_1'] . " /uploads/files/" . FOLDER_PREFIX . " " . $lang['upload_error_2'], 403); } if (!is_writable(ROOT_DIR . "/uploads/posts/" . FOLDER_PREFIX . "thumbs")) { return $this->msg_error($lang['upload_error_1'] . " /uploads/posts/" . FOLDER_PREFIX . "thumbs/ " . $lang['upload_error_2'], 403); } if (!$this->file) { return $this->msg_error($lang['upload_error_3'], 405); } $filename = $this->check_filename($this->file->getFileName()); $size = $this->file->getFileSize(); if (!$filename) { return $this->msg_error($lang['upload_error_4'], 405); } $filename_arr = explode(".", $filename); $type = end($filename_arr); if (!$type) { return $this->msg_error($lang['upload_error_4'], 405); } $error_code = $this->file->getErrorCode(); if ($error_code) { return $this->msg_error($error_code, 405); } if ($size == 0) { return $this->msg_error($lang['upload_error_5'], 403); } if ($config['files_allow'] == "yes" and $user_group[$member_id['user_group']]['allow_file_upload'] and in_array($type, $this->allowed_files)) { if (intval($user_group[$member_id['user_group']]['max_file_size']) and $size > $user_group[$member_id['user_group']]['max_file_size'] * 1024) { return $this->msg_error($lang['files_too_big'], 500); } if ($this->area != "template" and $user_group[$member_id['user_group']]['max_files']) { $row = $db->super_query("SELECT COUNT(*) as count FROM " . PREFIX . "_files WHERE author = '{$this->author}' AND news_id = '{$this->news_id}'"); $count_files = $row['count']; if ($count_files and $count_files >= $user_group[$member_id['user_group']]['max_files']) { return $this->msg_error($lang['error_max_files'], 403); } } $uploaded_filename = $this->file->saveFile(ROOT_DIR . "/uploads/files/" . FOLDER_PREFIX, $filename, $this->use_prefix); if ($uploaded_filename) { @chmod(ROOT_DIR . "/uploads/files/" . FOLDER_PREFIX . $uploaded_filename, 0666); $added_time = time() + $config['date_adjust'] * 60; if ($user_group[$member_id['user_group']]['allow_admin']) { $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$added_time}', '{$_IP}', '36', '{$uploaded_filename}')"); } if ($this->area == "template") { $db->query("INSERT INTO " . PREFIX . "_static_files (static_id, author, date, name, onserver) values ('{$this->news_id}', '{$this->author}', '{$added_time}', '{$filename}', '" . FOLDER_PREFIX . "{$uploaded_filename}')"); $id = $db->insert_id(); if (in_array($type, $this->allowed_video)) { if ($type == "mp3") { $file_link = $config['http_home_url'] . "engine/skins/images/mp3_file.png"; $data_url = $config['http_home_url'] . "uploads/files/" . FOLDER_PREFIX . $uploaded_filename; $file_play = "audio"; } elseif ($type == "swf") { $file_link = $config['http_home_url'] . "engine/skins/images/file_flash.png"; $data_url = $config['http_home_url'] . "uploads/files/" . FOLDER_PREFIX . $uploaded_filename; $file_play = "flash"; } else { $file_link = $config['http_home_url'] . "engine/skins/images/video_file.png"; $data_url = $config['http_home_url'] . "uploads/files/" . FOLDER_PREFIX . $uploaded_filename; $file_play = "video"; } } else { $file_link = $config['http_home_url'] . "engine/skins/images/all_file.png"; $data_url = "#"; $file_play = ""; } $return_box = "<div class=\"uploadedfile\"><div class=\"info\">{$filename}</div><div class=\"uploadimage\"><a class=\"uploadfile\" href=\"{$data_url}\" data-src=\"{$id}:{$filename}\" data-type=\"file\" data-play=\"{$file_play}\"><img style=\"width:auto;height:auto;max-width:100px;max-height:90px;\" src=\"" . $file_link . "\" /></a></div><div class=\"info\"><input type=\"checkbox\" id=\"file\" name=\"static_files[]\" value=\"{$id}\" data-type=\"file\"> " . formatsize($size) . "</div></div>"; } else { $db->query("INSERT INTO " . PREFIX . "_files (news_id, name, onserver, author, date) values ('{$this->news_id}', '{$filename}', '" . FOLDER_PREFIX . "{$uploaded_filename}', '{$this->author}', '{$added_time}')"); $id = $db->insert_id(); if (in_array($type, $this->allowed_video)) { if ($type == "mp3") { $file_link = $config['http_home_url'] . "engine/skins/images/mp3_file.png"; $data_url = $config['http_home_url'] . "uploads/files/" . FOLDER_PREFIX . $uploaded_filename; $file_play = "audio"; } elseif ($type == "swf") { $file_link = $config['http_home_url'] . "engine/skins/images/file_flash.png"; $data_url = $config['http_home_url'] . "uploads/files/" . FOLDER_PREFIX . $uploaded_filename; $file_play = "flash"; } else { $file_link = $config['http_home_url'] . "engine/skins/images/video_file.png"; $data_url = $config['http_home_url'] . "uploads/files/" . FOLDER_PREFIX . $uploaded_filename; $file_play = "video"; } } else { $file_link = $config['http_home_url'] . "engine/skins/images/all_file.png"; $data_url = "#"; $file_play = ""; } $return_box = "<div class=\"uploadedfile\"><div class=\"info\">{$filename}</div><div class=\"uploadimage\"><a class=\"uploadfile\" href=\"{$data_url}\" data-src=\"{$id}:{$filename}\" data-type=\"file\" data-play=\"{$file_play}\"><img style=\"width:auto;height:auto;max-width:100px;max-height:90px;\" src=\"" . $file_link . "\" /></a></div><div class=\"info\"><input type=\"checkbox\" id=\"file\" name=\"files[]\" value=\"{$id}\" data-type=\"file\"> " . formatsize($size) . "</div></div>"; } } else { return $this->msg_error($lang['images_uperr_3'], 403); } } elseif (in_array($type, $this->allowed_extensions) and $user_group[$member_id['user_group']]['allow_image_upload']) { if (intval($config['max_up_size']) and $size > $config['max_up_size'] * 1024 and !$config['max_up_side']) { return $this->msg_error($lang['images_big'], 500); } if ($this->area != "template" and $this->area != "adminupload" and $user_group[$member_id['user_group']]['max_images']) { $row = $db->super_query("SELECT images FROM " . PREFIX . "_images WHERE author = '{$this->author}' AND news_id = '{$this->news_id}'"); if ($row['images']) { $count_images = count(explode("|||", $row['images'])); } else { $count_images = false; } if ($count_images and $count_images >= $user_group[$member_id['user_group']]['max_images']) { return $this->msg_error($lang['error_max_images'], 403); } } $uploaded_filename = $this->file->saveFile(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX, $filename, $this->use_prefix); if ($uploaded_filename) { $added_time = time() + $config['date_adjust'] * 60; @chmod(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename, 0666); $i_info = @getimagesize(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename); if (!in_array($i_info[2], array(1, 2, 3))) { @unlink(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename); return $this->msg_error($lang['upload_error_6'], 500); } $thumb = new thumbnail(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename); if ($this->area != "template" and $this->area != "adminupload") { $row = $db->super_query("SELECT COUNT(*) as count FROM " . PREFIX . "_images WHERE news_id = '{$this->news_id}' AND author = '{$this->author}'"); if (!$row['count']) { $inserts = FOLDER_PREFIX . $uploaded_filename; $db->query("INSERT INTO " . PREFIX . "_images (images, author, news_id, date) values ('{$inserts}', '{$this->author}', '{$this->news_id}', '{$added_time}')"); } else { $row = $db->super_query("SELECT images FROM " . PREFIX . "_images WHERE news_id = '{$this->news_id}' AND author = '{$this->author}'"); if ($row['images'] == "") { $listimages = array(); } else { $listimages = explode("|||", $row['images']); } foreach ($listimages as $dataimages) { if ($dataimages == FOLDER_PREFIX . $uploaded_filename) { $error_image = "stop"; } } if ($error_image != "stop") { $listimages[] = FOLDER_PREFIX . $uploaded_filename; $row['images'] = implode("|||", $listimages); $db->query("UPDATE " . PREFIX . "_images SET images='{$row['images']}' WHERE news_id = '{$this->news_id}' AND author = '{$this->author}'"); } } } if ($this->area == "template") { $inserts = FOLDER_PREFIX . $uploaded_filename; $db->query("INSERT INTO " . PREFIX . "_static_files (static_id, author, date, name) values ('{$this->news_id}', '{$this->author}', '{$added_time}', '{$inserts}')"); $id = $db->insert_id(); } if ($user_group[$member_id['user_group']]['allow_admin']) { $db->query("INSERT INTO " . USERPREFIX . "_admin_logs (name, date, ip, action, extras) values ('" . $db->safesql($member_id['name']) . "', '{$added_time}', '{$_IP}', '36', '{$uploaded_filename}')"); } if ($this->make_thumb) { if ($thumb->size_auto($this->t_size, $this->t_seite)) { $thumb->jpeg_quality($config['jpeg_quality']); if ($this->make_watermark) { $thumb->insert_watermark($config['max_watermark']); } $thumb->save(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . "thumbs/" . $uploaded_filename); @chmod(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . "thumbs/" . $uploaded_filename, 0666); } } if ($member_id['user_group'] == 1) { if ($this->make_watermark or $config['max_up_side']) { $thumb = new thumbnail(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename); $thumb->jpeg_quality($config['jpeg_quality']); $re_save = false; if (intval($config['max_up_side']) > 1 and $thumb->size_auto($config['max_up_side'], $config['o_seite'])) { $re_save = true; } if ($this->make_watermark) { $thumb->insert_watermark($config['max_watermark']); $re_save = true; } if ($re_save) { $thumb->save(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename); } } } else { $thumb = new thumbnail(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename); $thumb->jpeg_quality($config['jpeg_quality']); if ($config['max_up_side']) { $thumb->size_auto($config['max_up_side'], $config['o_seite']); } if ($this->make_watermark) { $thumb->insert_watermark($config['max_watermark']); } $thumb->save(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename); } if ($config['max_up_side']) { $i_info = @getimagesize(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename); } if (file_exists(ROOT_DIR . "/uploads/" . $this->upload_path . FOLDER_PREFIX . "thumbs/" . $uploaded_filename)) { $img_url = $config['http_home_url'] . "uploads/" . $this->upload_path . FOLDER_PREFIX . "thumbs/" . $uploaded_filename; $thumb_data = "yes"; } else { $img_url = $config['http_home_url'] . "uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename; $thumb_data = "no"; } $data_url = $config['http_home_url'] . "uploads/" . $this->upload_path . FOLDER_PREFIX . $uploaded_filename; if ($this->area != "template") { $return_box = "<div class=\"uploadedfile\"><div class=\"info\">{$filename}</div><div class=\"uploadimage\"><a class=\"uploadfile\" href=\"{$data_url}\" data-src=\"{$data_url}\" data-thumb=\"{$thumb_data}\" data-type=\"image\"><img style=\"width:auto;height:auto;max-width:100px;max-height:90px;\" src=\"" . $img_url . "\" /></a></div><div class=\"info\"><input type=\"checkbox\" name=\"images[" . FOLDER_PREFIX . $uploaded_filename . "]\" value=\"" . FOLDER_PREFIX . $uploaded_filename . "\" data-thumb=\"{$thumb_data}\" data-type=\"image\" data-src=\"{$data_url}\"> {$i_info[0]}x{$i_info[1]}</div></div>"; } else { $return_box = "<div class=\"uploadedfile\"><div class=\"info\">{$filename}</div><div class=\"uploadimage\"><a class=\"uploadfile\" href=\"{$data_url}\" data-src=\"{$data_url}\" data-thumb=\"{$thumb_data}\" data-type=\"image\"><img style=\"width:auto;height:auto;max-width:100px;max-height:90px;\" src=\"" . $img_url . "\" /></a></div><div class=\"info\"><input type=\"checkbox\" name=\"static_files[]\" value=\"{$id}\" data-thumb=\"{$thumb_data}\" data-type=\"image\" data-src=\"{$data_url}\"> {$i_info[0]}x{$i_info[1]}</div></div>"; } } else { return $this->msg_error($lang['images_uperr_3'], 403); } } else { return $this->msg_error($lang['images_uperr_2'], 403); } $return_box = addcslashes($return_box, "\t\n\r\"\\/"); return htmlspecialchars("{\"success\":true, \"returnbox\":\"{$return_box}\"}", ENT_NOQUOTES, $config['charset']); }
//Проверям если, формат верный то пропускаем if (in_array(strtolower($type), $allowed_files)) { $config['max_photo_size'] = $config['max_photo_size'] * 1000; if ($image_size < $config['max_photo_size']) { $res_type = strtolower('.' . $type); if (move_uploaded_file($image_tmp, $album_dir . $image_rename . $res_type)) { //Подключаем класс для фотографий include ENGINE_DIR . '/classes/images.php'; //Создание оригинала $tmb = new thumbnail($album_dir . $image_rename . $res_type); $tmb->size_auto('770'); $tmb->jpeg_quality('85'); $tmb->save($album_dir . $image_rename . $res_type); //Создание маленькой копии $tmb = new thumbnail($album_dir . $image_rename . $res_type); $tmb->size_auto('140x100'); $tmb->jpeg_quality('90'); $tmb->save($album_dir . 'c_' . $image_rename . $res_type); $date = date('Y-m-d H:i:s', $server_time); //Генерируем position фотки для "обзо фотографий" $position_all = $_SESSION['position_all']; if ($position_all) { $position_all = $position_all + 1; $_SESSION['position_all'] = $position_all; } else { $position_all = 100000; $_SESSION['position_all'] = $position_all; } //Вставляем фотографию $db->query("INSERT INTO `" . PREFIX . "_photos` (album_id, photo_name, user_id, date, position) VALUES ('{$aid}', '{$image_rename}{$res_type}', '{$user_id}', '{$date}', '{$position_all}')"); $ins_id = $db->insert_id();
function image_upload_process_handler() { global $db, $smarty, $main_smarty, $linkres; include_once 'image_upload_settings.php'; $module_error = false; // Debug Info image_upload_printdebug("START: image_upload_process_handler."); // Get the image real name, temp name, submission ID $imageFilename = $_FILES[module_imageupload_filename_field]['name']; $sourceFile = $_FILES[module_imageupload_filename_field]['tmp_name']; if ($sourceFile != "") { if (isset($_POST['id'])) { $linkID = strip_tags($_POST['id']); } else { $module_error = true; $module_errors[] = "- Submission entry id not found."; } // Get new names $destFile = module_imageupload_fullsize_prefix . $linkID; $destPath = module_imageupload_basedir . module_imageupload_imagedir; // Get image dimensions $thisImage = getimagesize($sourceFile); $thisImageFileSize = filesize($sourceFile); $thisImageWidth = $thisImage[0]; $thisImageHeight = $thisImage[1]; $thisImageMimeType = $thisImage['mime']; // Debug Info image_upload_printdebug("Original image filename = " . $imageFilename); image_upload_printdebug("Temp image filename = " . $sourceFile); image_upload_printdebug("Link ID = " . $linkID); image_upload_printdebug("Raw File size = " . $thisImageFileSize); image_upload_printdebug("Formatted File size = " . formatbytes($thisImageFileSize)); image_upload_printdebug("Max allowed file size = " . module_imageupload_upload_maxsize * 1000 * 1000); image_upload_printdebug("Max allowed image x height = " . module_imageupload_upload_maxwidth . "x" . module_imageupload_upload_maxheight); image_upload_printdebug("Destination file = " . $destFile); image_upload_printdebug("Destination path = " . $destPath); image_upload_printdebug("Image data = " . $thisImageWidth . "x" . $thisImageHeight . " (" . $thisImageMimeType . ")"); // Test image against max width / height constraints if ($thisImageWidth > module_imageupload_upload_maxwidth || $thisImageHeight > module_imageupload_upload_maxheight) { $module_error = true; $module_errors[] = "- This image exceeds the " . module_imageupload_upload_maxwidth . "x" . module_imageupload_upload_maxheight . " (width x height) maximum."; } // Test image against max file size constraints if ($thisImageFileSize > module_imageupload_upload_maxsize * 1000 * 1000) { $module_error = true; $module_errors[] = "- This image exceeds the allowed file size of " . module_imageupload_upload_maxsize . "MB"; } // Determine Mime Type if (!$module_error) { switch ($thisImageMimeType) { case "image/jpeg": $module_error = false; $tempExt = ".jpg"; break; case "image/gif": $module_error = false; $tempExt = ".gif"; break; case "image/png": $module_error = false; $tempExt = ".png"; break; case "image/wbmp": $module_error = false; $tempExt = ".wbmp"; break; default: if ($imageAttached) { $module_error = true; $module_errors[] = "- Unknown image type. Only JPG, PNG, GIF and WMBP allowed."; } } } // Process file, remove re-posts, and convert if necessary if (!$module_error) { if (file_exists($destPath . $destFile . $tempExt)) { @unlink($destPath . $destFile . $tempExt); } // Convert image if not JPG switch ($thisImageMimeType) { case "image/jpeg": // No conversion needed // Debug Info image_upload_printdebug("No image conversion necessary."); if (!move_uploaded_file($sourceFile, $destPath . $destFile . $tempExt)) { $module_error = true; $module_errors[] = "- Error processing image."; // Delete original @unlink($destPath . $destFile . $tempExt); } break; case "image/gif": case "image/png": case "image/wbmp": // Include image converter class @(include_once 'plugins/class.imageconverter.inc.php'); // Debug Info image_upload_printdebug("Conversion of image file beginning..."); if (move_uploaded_file($sourceFile, $destPath . $destFile . $tempExt)) { $tempDest = $destPath . $destFile . $tempExt; // Convert image to JPG $img = new ImageConverter($tempDest, "jpg", $destPath); @unlink($tempDest); // Get converted image dimensions $destImage = getimagesize($destPath . $destFile . ".jpg"); $destImageWidth = $destImage[0]; $destImageHeight = $destImage[1]; $destImageMimeType = $destImage['mime']; @unlink($tempDest); // Debug Info image_upload_printdebug("Dest Filename = " . $destPath . $destFile . ".jpg"); image_upload_printdebug("Dest image width = " . $destImageWidth); image_upload_printdebug("Dest image height = " . $destImageHeight); image_upload_printdebug("Dest image mime type = " . $destImageMimeType); } else { // Debug Info image_upload_printdebug("Unable to move source file to dest for conversion. Deleting source file."); $module_error = true; $module_error_message = module_imageupload_errorcode_2; // Delete original @unlink($sourceFile); } break; } } // Check if we need to resize image to meet fullsize width or height setting if (!$module_error) { // Debug Info image_upload_printdebug("Checking image dimensions for possible resizing."); $destFile .= ".jpg"; # Check to see if the image needs to be rescaled. switch (module_imageupload_fullsize_maxtoggle) { case "w": if ($thisImageWidth > module_imageupload_fullsize_width) { // Include image resize functions include_once 'plugins/class.thumbnail.inc.php'; // Debug Info image_upload_printdebug("Image is wider than setting, attempting to reduce."); image_upload_printdebug("Dest Path = " . $destPath); image_upload_printdebug("Dest File = " . $destFile); $convertImage = new thumbnail($destPath . $destFile); $convertImage->size_auto(module_imageupload_fullsize_width); $convertImage->jpeg_quality(module_imageupload_jpg_quality); $convertImage->save($destPath . $destFile, module_imageupload_gdversion); $destImage = getimagesize($destPath . $destFile); $destImageWidth = $destImage[0]; $destImageHeight = $destImage[1]; // Debug Info image_upload_printdebug("Converted image is " . $destImageWidth . "x" . $destImageHeight); } break; case "h": if ($thisImageHeight > module_imageupload_fullsize_height) { // Include image resize functions include_once 'plugins/class.thumbnail.inc.php'; // Debug Info image_upload_printdebug("Image is taller than setting, attempting to reduce."); image_upload_printdebug("Dest Path = " . $destPath); image_upload_printdebug("Dest File = " . $destFile); $convertImage = new thumbnail($destPath . $destFile); $convertImage->size_auto(module_imageupload_fullsize_height); $convertImage->jpeg_quality(module_imageupload_jpg_quality); $convertImage->save($destPath . $destFile, module_imageupload_gdversion); getimagesize($destPath . $destFile); $destImageWidth = $destImage[0]; $destImageHeight = $destImage[1]; // Debug Info image_upload_printdebug("Converted image is " . $destImageWidth . "x" . $destImageHeight); } break; } } if (!$module_error) { // Debug Info image_upload_printdebug("Updating database with image filename."); // Update database $db->query("UPDATE " . table_links . " set " . module_imageupload_filename_field . "='{$destFile}' WHERE link_id='{$linkID}'"); if (module_imageupload_customcaptions) { // Debug Info image_upload_printdebug("Using custom image caption."); $imageCaption = $_POST[module_imageupload_caption_field]; if ($imageCaption != "") { // Debug Info image_upload_printdebug("Custom image caption: " . $imageCaption); $imageCaption = strip_tags($imageCaption); $imageCaption = addslashes($imageCaption); // Debug Info image_upload_printdebug('Updating database with custom image caption'); // Update database $db->query("UPDATE " . table_links . " set " . module_imageupload_caption_field . "='" . $imageCaption . "' WHERE link_id='{$linkID}'"); } } // Debug Info image_upload_printdebug("Database updated."); } else { @unlink($sourceFile); @unlink($destPath . $destFile . ".jpg"); // Output error messages image_upload_printerrors($module_errors); } } // Debug Info image_upload_printdebug("END: image_upload_process_handler."); }
function register_user($social_user) { global $db, $config, $user_group, $popup, $js_popup, $lang; $add_time = time(); $_IP = get_ip(); if (intval($config['reg_group']) < 3) { $config['reg_group'] = 4; } if (function_exists('openssl_random_pseudo_bytes') && (version_compare(PHP_VERSION, '5.3.4') >= 0 || strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN')) { $stronghash = openssl_random_pseudo_bytes(15); } else { $stronghash = md5(uniqid(mt_rand(), TRUE)); } $salt = str_shuffle("abchefghjkmnpqrstuvwxyz0123456789" . sha1($stronghash . microtime())); $password = ''; $hash = ''; for ($i = 0; $i < 11; $i++) { $password .= $salt[GetRandInt(72)]; } $password = md5($password); if ($config['log_hash']) { for ($i = 0; $i < 9; $i++) { $hash .= $salt[GetRandInt(72)]; } } $social_user['nickname'] = $db->safesql($social_user['nickname']); $social_user['email'] = $db->safesql($social_user['email']); $social_user['name'] = $db->safesql($social_user['name']); $db->query("INSERT INTO " . USERPREFIX . "_users (name, password, email, reg_date, lastdate, user_group, info, signature, fullname, favorites, xfields, hash, logged_ip) VALUES ('{$social_user['nickname']}', '" . md5($password) . "', '{$social_user['email']}', '{$add_time}', '{$add_time}', '{$config['reg_group']}', '', '', '{$social_user['name']}', '', '', '{$hash}', '{$_IP}')"); $id = $db->insert_id(); $db->query("INSERT INTO " . USERPREFIX . "_social_login (sid, uid, password, provider, wait) VALUES ('{$social_user['sid']}', '{$id}', '{$password}', '{$social_user['provider']}', '0')"); set_cookie("dle_user_id", $id, 365); set_cookie("dle_password", $password, 365); if ($config['log_hash']) { set_cookie("dle_hash", $hash, 365); } $_SESSION['dle_user_id'] = $id; $_SESSION['dle_password'] = $password; $_SESSION['state'] = 0; if (intval($user_group[$config['reg_group']]['max_foto']) > 0 and $social_user['avatar']) { $n_array = explode(".", $social_user['avatar']); $type = end($n_array); $type = totranslit($type); $allowed_extensions = array("jpg", "png", "gif"); if (in_array($type, $allowed_extensions)) { include_once ENGINE_DIR . '/classes/thumb.class.php'; if (@copy($social_user['avatar'], ROOT_DIR . "/uploads/fotos/" . $id . "." . $type)) { @chmod(ROOT_DIR . "/uploads/fotos/" . $id . "." . $type, 0666); $thumb = new thumbnail(ROOT_DIR . "/uploads/fotos/" . $id . "." . $type); $thumb->size_auto($user_group[$config['reg_group']]['max_foto']); $thumb->jpeg_quality($config['jpeg_quality']); $thumb->save(ROOT_DIR . "/uploads/fotos/foto_" . $id . "." . $type); @unlink(ROOT_DIR . "/uploads/fotos/" . $id . "." . $type); $foto_name = "foto_" . $id . "." . $type; $db->query("UPDATE " . USERPREFIX . "_users SET foto='{$foto_name}' WHERE user_id='{$id}'"); } } } echo str_replace("{text}", $lang['social_login_ok'] . $js_popup, $popup); die; }
$row = $db->super_query("SELECT * FROM " . USERPREFIX . "_users WHERE name = '{$user}' AND password='******'"); if (!$row['user_id']) { die("Access Denied!"); } $db->free(); if (is_uploaded_file($image) and !$stop) { if (intval($user_group[$member_id['user_group']]['max_foto']) > 0) { if (!$config['avatar_size'] or $image_size < $config['avatar_size'] * 1024) { $allowed_extensions = array("jpg", "png", "gif"); if (in_array($type, $allowed_extensions) and $image_name) { include_once ENGINE_DIR . '/classes/thumb.class.php'; $res = @move_uploaded_file($image, ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type); if ($res) { @chmod(ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type, 0666); $thumb = new thumbnail(ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type); $thumb->size_auto($user_group[$config['reg_group']]['max_foto']); $thumb->jpeg_quality($config['jpeg_quality']); $thumb->save(ROOT_DIR . "/uploads/fotos/foto_" . $row['user_id'] . "." . $type); @unlink(ROOT_DIR . "/uploads/fotos/" . $row['user_id'] . "." . $type); $foto_name = "foto_" . $row['user_id'] . "." . $type; $db->query("UPDATE " . USERPREFIX . "_users SET foto='{$foto_name}' WHERE user_id='{$row['user_id']}'"); } else { $stop = $lang['reg_err_12']; } } else { $stop = $lang['reg_err_13']; } } else { $stop = str_replace("{size}", $config['avatar_size'], $lang['news_err_16']); } } else {
$i_left = intval($_POST['i_left']); $i_top = intval($_POST['i_top']); $i_width = intval($_POST['i_width']); $i_height = intval($_POST['i_height']); if ($row['user_photo'] and $i_width >= 100 and $i_height >= 100 and $i_left >= 0 and $i_height >= 0) { include_once ENGINE_DIR . '/classes/images.php'; $tmb = new thumbnail(ROOT_DIR . "/uploads/users/{$user_info['user_id']}/{$row['user_photo']}"); $tmb->size_auto($i_width . "x" . $i_height, 0, "{$i_left}|{$i_top}"); $tmb->jpeg_quality(100); $tmb->save(ROOT_DIR . "/uploads/users/{$user_info['user_id']}/100_{$row['user_photo']}"); $tmb = new thumbnail(ROOT_DIR . "/uploads/users/{$user_info['user_id']}/100_{$row['user_photo']}"); $tmb->size_auto("100x100", 1); $tmb->jpeg_quality(100); $tmb->save(ROOT_DIR . "/uploads/users/{$user_info['user_id']}/100_{$row['user_photo']}"); $tmb = new thumbnail(ROOT_DIR . "/uploads/users/{$user_info['user_id']}/100_{$row['user_photo']}"); $tmb->size_auto("50x50"); $tmb->jpeg_quality(100); $tmb->save(ROOT_DIR . "/uploads/users/{$user_info['user_id']}/50_{$row['user_photo']}"); echo $user_info['user_id']; } else { echo 'err'; } exit; break; default: //Страница Редактирование основное $user_speedbar = $lang['editmyprofile'] . ' » ' . $lang['editmyprofile_genereal']; $tpl->load_template('editprofile.tpl'); $row = $db->super_query("SELECT user_name, user_lastname, user_sex, user_day, user_month, user_year, user_country, user_city, user_sp FROM `" . PREFIX . "_users` WHERE user_id = '{$user_info['user_id']}'"); $tpl->set('{name}', $row['user_name']); $tpl->set('{lastname}', $row['user_lastname']);
$image_rename = substr(md5($server_time + rand(1, 100000)), 0, 20); // имя фотографии $image_size = $_FILES['uploadfile']['size']; // размер файла $type = end(explode(".", $image_name)); // формат файла //Проверям если, формат верный то пропускаем if (in_array(strtolower($type), $allowed_files)) { if ($image_size < 5000000) { $res_type = strtolower('.' . $type); if (move_uploaded_file($image_tmp, $album_dir . $image_rename . $res_type)) { //Подключаем класс для фотографий include ENGINE_DIR . '/classes/images.php'; //Создание оригинала $tmb = new thumbnail($album_dir . $image_rename . $res_type); $tmb->size_auto('570', 1); $tmb->jpeg_quality('100'); $tmb->save($album_dir . $image_rename . $res_type); $img_url = $config['home_url'] . 'uploads/blog/' . $image_rename . $res_type; //Результат для ответа echo $img_url; } else { echo 'big_size'; } } else { echo 'big_size'; } } else { echo 'bad_format'; } }
//Разришенные форматы $allowed_files = array('jpg', 'jpeg', 'jpe', 'png', 'gif'); //Загружаем картинку на сайт if (in_array(strtolower($img_format), $allowed_files) && preg_match("/http:\\/\\//i", $photo) && $result_video_lnk) { //Директория загрузки фото $upload_dir = ROOT_DIR . '/uploads/videos/' . $user_id; //Если нет папки юзера, то создаём её if (!is_dir($upload_dir)) { @mkdir($upload_dir, 0777); @chmod($upload_dir, 0777); } //Подключаем класс для фотографий include ENGINE_DIR . '/classes/images.php'; @copy($photo, $upload_dir . '/' . $image_name . '.' . $img_format); $tmb = new thumbnail($upload_dir . '/' . $image_name . '.' . $img_format); $tmb->size_auto(175); $tmb->jpeg_quality(100); $tmb->save($upload_dir . '/' . $image_name . '.' . $img_format); } if ($result_video_lnk and $title) { $photo = $config['home_url'] . 'uploads/videos/' . $user_id . '/' . $image_name . '.' . $img_format; $db->query("INSERT INTO `" . PREFIX . "_videos` SET owner_user_id = '{$user_id}', video = '{$result_video_lnk}', photo = '{$photo}', title = '{$title}', descr = '{$descr}', add_date = NOW(), privacy = '{$privacy}'"); $dbid = $db->insert_id(); $db->query("UPDATE `" . PREFIX . "_users` SET user_videos_num = user_videos_num+1 WHERE user_id = '{$user_id}'"); $photo = str_replace($config['home_url'], '/', $photo); //Добавляем действия в ленту новостей $generateLastTime = $server_time - 10800; $row = $db->super_query("SELECT ac_id, action_text FROM `" . PREFIX . "_news` WHERE action_time > '{$generateLastTime}' AND action_type = 2 AND ac_user_id = '{$user_id}'"); if ($row) { $db->query("UPDATE `" . PREFIX . "_news` SET action_text = '{$dbid}|{$photo}||{$row['action_text']}', action_time = '{$server_time}' WHERE ac_id = '{$row['ac_id']}'"); } else {
// формат файла //Проверям если, формат верный то пропускаем if (in_array(strtolower($type), $allowed_files)) { if ($image_size < 5000000) { $res_type = strtolower('.' . $type); if (move_uploaded_file($image_tmp, $album_dir . $image_rename . $res_type)) { //Подключаем класс для фотографий include ENGINE_DIR . '/classes/images.php'; //Создание оригинала $tmb = new thumbnail($album_dir . $image_rename . $res_type); $tmb->size_auto('770'); $tmb->jpeg_quality('95'); $tmb->save($album_dir . $image_rename . $res_type); //Создание маленькой копии $tmb = new thumbnail($album_dir . $image_rename . $res_type); $tmb->size_auto('130'); $tmb->jpeg_quality('95'); $tmb->save($album_dir . 'c_' . $image_rename . $res_type); //Вставляем фотографию $db->query("INSERT INTO `" . PREFIX . "_communities_photos` SET photo = '{$image_rename}{$res_type}', public_id = '{$public_id}', add_date = '{$server_time}'"); $db->query("UPDATE `" . PREFIX . "_communities` SET photos_num = photos_num+1 WHERE id = '{$public_id}'"); //Результат для ответа echo $image_rename . $res_type; } else { echo 'big_size'; } } else { echo 'big_size'; } } else { echo 'bad_format';
if (intval($config['reg_group']) < 3) { $config['reg_group'] = 4; } $db->query("INSERT INTO " . USERPREFIX . "_users (name, fullname, password, email, reg_date, lastdate, user_group, info, signature, favorites, xfields, logged_ip) VALUES ('{$login}', '{$fullname}', '{$regpassword}', '{$email}', '{$add_time}', '{$add_time}', '" . $config['reg_group_ulogin'] . "', '', '', '', '', '" . $_IP . "')"); $user_id = $id = $db->insert_id(); if ($ulogin_id) { $db->query("UPDATE " . USERPREFIX . "_ulogin SET user_id =" . $user_id . " where ident ='" . $db->safesql($user['identity']) . "'"); } else { $db->query("INSERT INTO " . USERPREFIX . "_ulogin (user_id, ident, email, seed) values ({$id}, '" . $user['identity'] . "','" . $user['email'] . "', {$seed})"); } $id++; if ($photo) { $fparts = pathinfo($photo); $tmp_name = $fparts['basename']; $type = $fparts['extension']; include_once ENGINE_DIR . '/classes/thumb.class.php'; $res = @copy($photo, ROOT_DIR . "/uploads/fotos/" . $tmp_name); if ($res) { $thumb = new thumbnail(ROOT_DIR . "/uploads/fotos/" . $tmp_name); $thumb->size_auto(100); $thumb->jpeg_quality($config['jpeg_quality']); $thumb->save(ROOT_DIR . "/uploads/fotos/foto_" . $id . "." . $type); @unlink(ROOT_DIR . "/uploads/fotos/" . $tmp_name); $foto_name = "foto_" . $id . "." . $type; $db->query("UPDATE " . USERPREFIX . "_users set foto='{$foto_name}' where user_id={$user_id}"); } } login_ulogin_user($user_id, $password); } unset($_POST['token']); }