function wallpaper_add_uploaded_image()
{
$err = check_image();
if ($err !== false && !is_array($err)) {
$filename = check_filename($_FILES['uploaded_image']['name'], 'original_' . time());
if (move_uploaded_file($_FILES['uploaded_image']['tmp_name'], UPLOAD_PATH . $filename)) {
//extension
$extension = exif_imagetype(UPLOAD_PATH . $filename);
switch ($extension) {
case IMAGETYPE_JPEG:
$extension = 'jpg';
break;
case IMAGETYPE_PNG:
$extension = 'png';
break;
case IMAGETYPE_GIF:
$extension = 'gif';
break;
case IMAGETYPE_BMP:
$extension = 'bmp';
break;
}
//add to database
$query = 'INSERT INTO ' . WALLPAPERS_TABLE . '(timestamp, extension) VALUES(UNIX_TIMESTAMP(), "' . $extension . '")';
mysql_query($query) or report_sql_error($query, __FILE__, __LINE__);
$id = mysql_insert_id();
return array('filename' => $filename, 'id' => $id);
} else {
return array('errors' => array('Kunde inte ladda upp bilden. Filename: ' . $filename));
}
} else {
return $err;
}
}
if ($_FILES['avatar']['tmp_name'] == '') {
$errors[] = $lang['global.file_empty'];
} elseif (!is_uploaded_file($_FILES['avatar']['tmp_name'])) {
$errors[] = $lang['user.avatar_invalid'];
} else {
$filename = substr($_FILES['avatar']['name'], strrpos($_FILES['avatar']['name'], DIRECTORY_SEPARATOR) + 1);
$extension = strtolower(substr($filename, strrpos($filename, '.') + 1));
$extensions_allowed = explode(',', $config['image_allowed_extensions']);
$size = filesize($_FILES['avatar']['tmp_name']);
if (!in_array($extension, $extensions_allowed)) {
$errors[] = translate('user.avatar_ext_invalid', $config['image_allowed_extensions']);
} elseif ($size > $config['image_max_size']) {
$errors[] = translate('user.avatar_size_invalid', round($config['image_max_size'] / 1024 / 1024));
} elseif (!getimagesize($_FILES['avatar']['tmp_name'])) {
$errors[] = 'Invalid image format uploaded! Application error!';
} elseif (!check_image($_FILES['avatar']['tmp_name'], $extension)) {
$errors[] = 'Invalid image format uploaded! Application error!';
}
}
if (!$errors) {
$image_name = $user['UID'] . '.' . $extension;
$avatar_tmp = $config['BASE_DIR'] . '/tmp/avatars/' . $image_name;
if (!move_uploaded_file($_FILES['avatar']['tmp_name'], $avatar_tmp)) {
$errors[] = $lang['user.avatar_failed'];
}
if (!$errors) {
$dst = $config['BASE_DIR'] . '/media/users/orig/' . $image_name;
$image = new VImageConv();
$image->process($avatar_tmp, $dst, 'MAX_HEIGHT', 240, 200);
$image->resize(true);
if (file_exists($dst) && filesize($dst) > 100) {
$auth = new Auth();
$auth->check();
if (isset($_SESSION['uid']) && $uid != $_SESSION['uid']) {
session_write_close();
header('Location: ' . $config['BASE_URL'] . '/error/album_permission');
die;
}
if (isset($_POST['add_photos_submit'])) {
$photos = 0;
$filter = new VFilter();
$image = new VImageConv();
foreach ($_FILES as $key => $values) {
if ($values['tmp_name'] != '') {
if (is_uploaded_file($values['tmp_name']) && ($check = getimagesize($values['tmp_name']))) {
$ext = strtolower(substr($values['name'], strrpos($values['name'], '.') + 1));
if (!check_image($values['tmp_name'], $ext)) {
continue;
}
$photo_expl = explode('_', $key);
$photo_nr = $photo_expl['1'];
$caption = $filter->get('caption_' . $photo_nr);
$sql_add = NULL;
if ($caption != '') {
$sql_add = ", caption = '" . mysql_real_escape_string($caption) . "'";
}
$sql = "INSERT INTO photos SET AID = " . $aid . $sql_add;
$conn->execute($sql);
$photo_id = mysql_insert_id();
$src = $values['tmp_name'];
$dst = $config['BASE_DIR'] . '/media/photos/tmb/' . $photo_id . '.jpg';
list($width, $height) = getimagesize($src);
check_letter();
break;
//note 形象照
//note 形象照
case 'photo':
check_photo();
break;
//note 内心独白
//note 内心独白
case 'monolog':
check_monolog();
break;
//note 相传图片
//note 相传图片
case 'image':
check_image();
break;
//note 毕业院校
//note 毕业院校
case 'school':
check_school();
break;
//note 成功故事
//note 成功故事
case 'story':
check_story();
break;
//note 故事封面图
//note 故事封面图
case 'storyfirst':
check_storyfirst();
if ($config['use_guild_logos']) {
?>
<!-- form to upload guild logo -->
<form action="" method="post" enctype="multipart/form-data">
<ul>
<li>Upload guild logo [.gif images only, 100x100px size]:<br>
<input type="file" name="file" id="file" accept="image/gif">
<input type="submit" name="submit" value="Upload guild logo">
</li>
</ul>
</form>
<?php
if (!empty($_FILES['file'])) {
check_image($_FILES['file']);
echo '<br><br>';
}
}
?>
<!-- forms to invite character -->
<form action="" method="post">
<ul>
<li>Invite Character to guild:<br>
<input type="text" name="invite" placeholder="Character name">
<input type="submit" value="Invite Character">
</li>
</ul>
</form>
<!-- Guild message of the day motd -->
<form action="" method="post">
$errors[] = $lang['upload.game_thumb_select'];
} elseif (!is_uploaded_file($_FILES['game_thumb_file']['tmp_name'])) {
$errors[] = $lang['upload.game_thumb_invalid'];
} else {
$tmb_filename = substr($_FILES['game_thumb_file']['name'], strrpos($_FILES['game_thumb_file']['name'], DIRECTORY_SEPARATOR) + 1);
$tmb_extension = strtolower(substr($tmb_filename, strrpos($tmb_filename, '.') + 1));
$tmb_allowed_extensions = explode(',', $config['image_allowed_extensions']);
if (!in_array($tmb_extension, $tmb_allowed_extensions)) {
$errors[] = translate($lang['upload.game_thumb_ext_invalid'], $tmb_extension);
} elseif (!getimagesize($_FILES['game_thumb_file']['tmp_name'])) {
$errors[] = 'Invalid image format. Application error!';
} else {
$tmb_size = filesize($_FILES['game_thumb_file']['tmp_name']);
if ($tmb_size > $config['image_max_size']) {
$errors[] = translate('upload.game_thumb_size_invalid', $config['image_max_size']);
} elseif (!check_image($_FILES['game_thumb_file']['tmp_name'], $tmb_extension)) {
$errors[] = 'Invalid image format! Application error!';
}
}
}
$game['privacy'] = $privacy == 'private' ? 'private' : 'public';
$game['anonymous'] = $anonymous == 'yes' ? 'yes' : 'no';
$uid = $anonymous == 'yes' ? getAnonymousUID() : intval($_SESSION['uid']);
if (!$errors) {
$status = $config['approve_games'] == '1' ? 0 : 1;
$sql = "INSERT INTO game\n SET UID = " . $uid . ", title = '" . mysql_real_escape_string($title) . "',\n category = " . $category . ", tags = '" . mysql_real_escape_string($keywords) . "',\n space = '" . $space . "', addtime = '" . time() . "', adddate = '" . date('Y-m-d') . "',\n type = '" . $game['privacy'] . "', status = '" . $status . "'";
$conn->execute($sql);
$game_id = mysql_insert_id();
$game_file = $game_id . '.swf';
$game_path = $config['BASE_DIR'] . '/media/games/swf/' . $game_file;
if (!move_uploaded_file($_FILES['game_file']['tmp_name'], $game_path)) {