if ($_POST['send']) { //Neuen Avatar hochladen if (is_uploaded_file($_FILES['avatar']['tmp_name'])) { require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $ext = $mm->getext($_FILES['avatar']['name']); $newfile = 'avatar_' . $user->info['userid'] . '_' . time() . '.' . strtolower($ext); //AVATARE AUTOMATISCH VERKLEINERN if ($set['user']['avatar_resize']) { require BASEDIR . 'lib/class.image.php'; $img = new image(); if (!in_array($ext, $extensions)) { message($apx->lang->get('MSG_NOTALLOWED'), 'javascript:history.back()'); } else { $tempname = 'avatar_' . md5(microtime()) . '.tmp'; $mm->uploadfile($_FILES['avatar'], 'temp', $tempname); $info = getimagesize(BASEDIR . getpath('uploads') . 'temp/' . $tempname); //Kein Bild => löschen und Ende if ($info[0] == 0 || $info[1] == 0) { $mm->deletefile('temp/' . $tempname); message($apx->lang->get('MSG_MAXDIM'), 'javascript:history.back()'); require 'lib/_end.php'; } //Bild zu groß => verkleinern if ($info[0] > $set['user']['avatar_maxdim'] || $info[1] > $set['user']['avatar_maxdim']) { if ($ext == 'GIF') { $ext = 'jpg'; } $newfile = 'avatar_' . $user->info['userid'] . '_' . time() . '.' . strtolower($ext); list($picture, $picturetype) = $img->getimage('temp/' . $tempname); $scaled = $img->resize($picture, $set['user']['avatar_maxdim'], $set['user']['avatar_maxdim'], 1, 0);
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } $info = $db->first("SELECT title,image,link FROM " . PRE . "_affiliates WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1"); if ($_POST['send'] == 1) { require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $ext = $mm->getext($_FILES['image']['name']); if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['link']) { infoNotComplete(); } elseif ($_FILES['image']['tmp_name'] && !in_array($ext, array('GIF', 'JPG', 'JPE', 'JPEG', 'PNG'))) { info($apx->lang->get('INFO_NOIMAGE')); } else { //Bild aktualisieren if ($_FILES['image']['tmp_name']) { list($oldpic) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); if ($oldpic) { $mm->deletefile($oldpic); } $newfile = 'affiliate-' . intval($_REQUEST['id']) . '.' . strtolower($ext); $mm->uploadfile($_FILES['image'], 'affiliates', $newfile); $_POST['image'] = 'affiliates/' . $newfile; } elseif ($_POST['delimage']) { list($oldpic) = $db->first("SELECT image FROM " . PRE . "_affiliates WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $mm->deletefile($oldpic); $_POST['image'] = ''; } $db->dupdate(PRE . '_affiliates', 'title,link' . iif(isset($_POST['image']), ',image'), "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('AFFILIATES_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('affiliates.show')); } } else { $_POST['title'] = $info['title']; $_POST['link'] = $info['link']; $imageWidth = ''; if ($info['image']) { $size = @getimagesize(BASEDIR . getpath('uploads') . $info['image']); if ($size[0] && $size[0] > 300) { $imageWidth = 300; } } $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('LINK', compatible_hsc($_POST['link'])); $apx->tmpl->assign('IMAGE', iif($info['image'], getpath('uploads') . $info['image'])); $apx->tmpl->assign('IMAGE_WIDTH', $imageWidth); $apx->tmpl->assign('DELIMAGE', (int) $_POST['delimage']); $apx->tmpl->parse('edit'); } }
} $message .= $apx->lang->get('MSG_NOUPLOAD', array('FILE' => $file['name'])) . ' '; $message .= $apx->lang->get('MSG_WRONGTYPE'); continue; } elseif ($file['size'] > $typeinfo[$ext][0]) { if ($message) { $message .= '<br />'; } $message .= $apx->lang->get('MSG_NOUPLOAD', array('FILE' => $file['name'])) . ' '; $message .= $apx->lang->get('MSG_TOOBIG', array('MAXSIZE' => $typeinfo[$ext][0])); continue; } $fileid = str_replace(' ', '_', $mm->getname($file['name'])) . '_' . time(); $newname = $fileid . '.' . $ext; $thumbnailPath = ''; $mm->uploadfile($_FILES['file' . $i], 'forum', $newname); //Thumbnail erzeugen if (in_array($ext, array('gif', 'jpg', 'jpe', 'jpeg', 'png'))) { require_once BASEDIR . 'lib/class.image.php'; $img = new image(); $thumbnailPath = 'forum/' . $fileid . '_thumb.' . $ext; list($picture, $picturetype) = $img->getimage('forum/' . $newname); //////// THUMBNAIL $thumbnail = $img->resize($picture, 120, 90, true); $img->saveimage($thumbnail, $picturetype, $thumbnailPath); //Cleanup imagedestroy($picture); imagedestroy($thumbnail); unset($picture, $thumbnail); } $db->query("INSERT INTO " . PRE . "_forum_attachments (hash,postid,file,thumbnail,name,size,mime,time) VALUES ('" . addslashes($_REQUEST['hash']) . "','" . $_REQUEST['postid'] . "','" . addslashes('forum/' . $newname) . "','" . addslashes($thumbnailPath) . "','" . addslashes($file['name']) . "','" . intval($file['size']) . "','" . addslashes($file['type']) . "','" . time() . "')");
if ($captchafailed) { message($apx->lang->get('MSG_WRONGCODE'), 'javascript:history.back()'); } elseif (!$_POST['send_username'] && !$user->info['userid'] || !$_POST['catid'] || !$_POST['title'] || !$_POST['text'] || !$_FILES['file']['tmp_name']) { message('back'); } elseif ($spam + $set['downloads']['spamprot'] * 60 > time()) { message($apx->lang->get('MSG_BLOCKSPAM', array('SEC' => $spam + $set['downloads']['spamprot'] * 60 - time())), 'back'); } else { $ext = substr(strrchr($_FILES['file']['name'], '.'), 1); list($special) = $db->first("SELECT special FROM " . PRE . "_mediarules WHERE extension='" . strtoupper($ext) . "' LIMIT 1"); if ($special == 'block') { message($apx->lang->get('MSG_NOTALLOWED'), 'back'); } require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $stamp = md5(microtime()); $mm->uploadfile($_FILES['file'], 'downloads/uploads', $stamp . '-' . $_FILES['file']['name']); if ($user->info['userid']) { $_POST['userid'] = $user->info['userid']; $_POST['send_username'] = $_POST['send_email'] = ''; } else { $_POST['userid'] = 0; } $_POST['file'] = $_FILES['file']['name']; $_POST['tempfile'] = 'downloads/uploads/' . $stamp . '-' . $_FILES['file']['name']; $_POST['addtime'] = time(); $_POST['send_ip'] = get_remoteaddr(); $_POST['local'] = 1; $_POST['secid'] = 'all'; $_POST['text'] = strtr(strip_tags($_POST['text']), array("\r\n" => "<br />\r\n", "\n" => "<br />\n")); if ($set['downloads']['coms']) { $_POST['allowcoms'] = 1;
function edit() { global $set, $db, $apx; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } //Sektions-Liste if (!is_array($_POST['secid']) || $_POST['secid'][0] == 'all') { $_POST['secid'] = array('all'); } $info = $db->first("SELECT secid,`group`,title,text,image,link,starttime,endtime FROM " . PRE . "_teaser WHERE id='" . intval($_REQUEST['id']) . "' LIMIT 1"); if ($_POST['send'] == 1) { require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $ext = $mm->getext($_FILES['image']['name']); if (!checkToken()) { infoInvalidToken(); } elseif (!$_POST['title'] || !$_POST['link']) { infoNotComplete(); } elseif ($_FILES['image']['tmp_name'] && !in_array($ext, array('GIF', 'JPG', 'JPE', 'JPEG', 'PNG'))) { info($apx->lang->get('INFO_NOIMAGE')); } else { //Bild aktualisieren if ($_FILES['image']['tmp_name']) { list($oldpic) = $db->first("SELECT image FROM " . PRE . "_teaser WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); if ($oldpic) { $mm->deletefile($oldpic); } $newfile = 'teaser-' . intval($_REQUEST['id']) . '.' . strtolower($ext); $mm->uploadfile($_FILES['image'], 'teaser', $newfile); $_POST['image'] = 'teaser/' . $newfile; } elseif ($_POST['delimage']) { list($oldpic) = $db->first("SELECT image FROM " . PRE . "_teaser WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); $mm->deletefile($oldpic); $_POST['image'] = ''; } $_POST['secid'] = serialize_section($_POST['secid']); //Veröffentlichung $addfields = ''; if ($apx->user->has_right('teaser.enable') && isset($_POST['t_day_1'])) { $_POST['starttime'] = maketime(1); $_POST['endtime'] = maketime(2); if ($_POST['starttime']) { if (!$_POST['endtime'] || $_POST['endtime'] <= $_POST['starttime']) { $_POST['endtime'] = 3000000000; } $addfields = ',starttime,endtime'; } } $db->dupdate(PRE . '_teaser', 'secid,group,title,text,link' . iif(isset($_POST['image']), ',image') . $addfields, "WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); logit('TEASER_EDIT', 'ID #' . $_REQUEST['id']); printJSRedirect(get_index('teaser.show')); } } else { $_POST['group'] = $info['group']; $_POST['title'] = $info['title']; $_POST['text'] = $info['text']; $_POST['link'] = $info['link']; $_POST['starttime'] = $info['starttime']; $_POST['endtime'] = $info['endtime']; $_POST['secid'] = unserialize_section($info['secid']); $imageWidth = ''; if ($info['image']) { $size = @getimagesize(BASEDIR . getpath('uploads') . $info['image']); if ($size[0] && $size[0] > 300) { $imageWidth = 300; } } //Bannergruppen auflisten $grouplist = ''; foreach ($set['teaser']['groups'] as $id => $title) { $grouplist .= '<option value="' . $id . '"' . iif($id == $_POST['group'], ' selected="selected"') . '>' . replace($title) . '</option>'; } //Veröffentlichung if ($_POST['starttime']) { maketimepost(1, $_POST['starttime']); if ($_POST['endtime'] < 2147483647) { maketimepost(2, $_POST['endtime']); } } //Veröffentlichung if ($apx->user->has_right('teaser.enable') && isset($_POST['t_day_1'])) { $apx->tmpl->assign('STARTTIME', choosetime(1, 0, maketime(1))); $apx->tmpl->assign('ENDTIME', choosetime(2, 1, maketime(2))); } $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('SECID', $_POST['secid']); $apx->tmpl->assign('GROUPS', $grouplist); $apx->tmpl->assign('TITLE', compatible_hsc($_POST['title'])); $apx->tmpl->assign('TEXT', compatible_hsc($_POST['text'])); $apx->tmpl->assign('LINK', compatible_hsc($_POST['link'])); $apx->tmpl->assign('IMAGE', iif($info['image'], getpath('uploads') . $info['image'])); $apx->tmpl->assign('IMAGE_WIDTH', $imageWidth); $apx->tmpl->assign('DELIMAGE', (int) $_POST['delimage']); $apx->tmpl->parse('edit'); } }
function misc_mailform() { global $set, $db, $apx, $user; if ($_SERVER['REQUEST_METHOD'] != 'POST') { return; } if (!isset($set['formmailer']['sendto'][$_POST['sendto']])) { die('sendto is not a valid mail-ID!'); } $apx->lang->drop('sendform', 'formmailer'); //Zusätzliche Felder prüfen ob ausgefüllt $addnl_failed = false; foreach ($_POST as $key => $value) { if (in_array($key, array('subject', 'sendto', 'copytome'))) { continue; } if (substr($key, -9) != '_required') { continue; } if (!$value) { $addnl_failed = true; } } //Absenden if ($addnl_failed) { message('back'); } else { //Text erstellen $text = ''; foreach ($_POST as $key => $value) { if (in_array($key, array('subject', 'sendto', 'copytome'))) { continue; } //Bei required-Feldern Namen kürzen if (substr($key, -9) == '_required') { $key = substr($key, 0, strlen($key) - 9); } $text .= $key . ': ' . $value . "\n"; } //Betreff if ($_POST['subject']) { $subject = $_POST['subject']; } else { $subject = 'apexx Formmailer'; } //Mediamanger initialisieren $attachments = array(); require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $temphash = md5(microtime()); //Dateien hochladen if (is_array($_FILES) && count($_FILES)) { foreach ($_FILES as $fileinfo) { if (!$fileinfo['tmp_name']) { continue; } if (!is_uploaded_file($fileinfo['tmp_name'])) { continue; } $tempname = 'contact_' . $temphash . '_' . $fileinfo['name'] . '.tmp'; $mm->uploadfile($fileinfo, 'temp', $tempname); $attachments[] = array('filename' => $fileinfo['name'], 'source' => $tempname, 'type' => $fileinfo['type']); } } //Normale eMail senden if (!count($attachments)) { if ($set['main']['mailbotname']) { $from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>'; } else { $from = 'From:' . $set['main']['mailbot']; } $sendtomail = $set['formmailer']['sendto'][$_POST['sendto']]; mail($sendtomail, $subject, $text, $from); } else { $boundary = md5(uniqid(time())); if ($set['main']['mailbotname']) { $from = 'From:' . $set['main']['mailbotname'] . '<' . $set['main']['mailbot'] . '>'; } else { $from = 'From:' . $set['main']['mailbot']; } $header = "MIME-Version: 1.0\n"; $header .= $from . "\n"; $header .= "Content-Type: multipart/mixed; boundary=\"" . $boundary . "\"\n"; $body = "--" . $boundary . "\n"; $body .= "Content-Type: text/plain\n"; $body .= "Content-Transfer-Encoding: 7bit\n\n"; $body .= $text . "\n\n"; //Dateianhänge codieren $filedata = ''; foreach ($attachments as $source) { $sourcepath = BASEDIR . getpath('uploads') . 'temp/' . $source['source']; $filedata = fread(fopen($sourcepath, 'r'), filesize($sourcepath)); $body .= "--" . $boundary . "\n"; $body .= "Content-Type: " . $source['type'] . "; name=\"" . $source['filename'] . "\"\n"; $body .= "Content-Transfer-Encoding: base64\n"; $body .= "Content-Disposition: attachment; filename=\"" . $source['filename'] . "\"\n\n"; $body .= chunk_split(base64_encode($filedata)); $body .= "\n"; } $body .= "--{$boundary}--\n"; //eMail abschicken $sendtomail = $set['formmailer']['sendto'][$_POST['sendto']]; mail($sendtomail, $_POST['subject'], $body, $header); //Anhänge vom Server löschen foreach ($attachments as $tempfile) { $mm->deletefile('temp/' . $tempfile['source']); } } message($apx->lang->get('MSG_OK'), mklink('index.php', 'index.html')); } }
function pictures() { global $set, $db, $apx; //Notwendig weil 1.7.0 beim Kopieren ein Bild mit ID 0 erzeugt hatte :/ if (isset($_REQUEST['delpic'])) { $_REQUEST['delpic'] = (int) $_REQUEST['delpic']; } else { $_REQUEST['delpic'] = null; } //Bilder auslesen list($pictures, $nextid) = $db->first("SELECT pictures,pictures_nextid FROM " . PRE . "_articles WHERE id='" . $_REQUEST['id'] . "'"); $pictures = unserialize($pictures); if (!is_array($pictures)) { $pictures = array(); } //Bild löschen if (isset($_REQUEST['delpic']) && isset($pictures[$_REQUEST['delpic']])) { if ($_POST['delpic']) { if (!checkToken()) { printInvalidToken(); } else { $picinfo = $pictures[$_REQUEST['delpic']]; require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); if ($picinfo['thumbnail'] && file_exists(BASEDIR . getpath('uploads') . $picinfo['thumbnail'])) { $mm->deletefile($picinfo['thumbnail']); } if ($picinfo['picture'] && file_exists(BASEDIR . getpath('uploads') . $picinfo['picture'])) { $mm->deletefile($picinfo['picture']); } unset($pictures[$_REQUEST['delpic']]); $db->query("UPDATE " . PRE . "_articles SET pictures='" . addslashes(serialize($pictures)) . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics'); } } else { tmessageOverlay('picdel', array('ID' => $_REQUEST['id'], 'DELPIC' => $_REQUEST['delpic'])); } } elseif ($_POST['send']) { require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); require_once BASEDIR . 'lib/class.image.php'; $img = new image(); //Bilder abarbeiten for ($i = 1; $i <= 5; $i++) { if (!$_FILES['upload' . $i]['tmp_name']) { continue; } $ext = strtolower($mm->getext($_FILES['upload' . $i]['name'])); if ($ext == 'gif') { $ext = 'jpg'; } $newname = 'pic' . '-' . $_POST['id'] . '-' . $nextid . '.' . $ext; $newfile = 'articles/gallery/' . $newname; $thumbname = 'pic' . '-' . $_POST['id'] . '-' . $nextid . '-thumb.' . $ext; $thumbfile = 'articles/gallery/' . $thumbname; //Erfolgreichen Upload prüfen if (!$mm->uploadfile($_FILES['upload' . $i], 'articles/gallery', $newname)) { continue; } //Bild einlesen list($picture, $picturetype) = $img->getimage($newfile); //////// THUMBNAIL $thumbnail = $img->resize($picture, $set['articles']['thumbwidth'], $set['articles']['thumbheight'], $set['articles']['artpic_quality']); $img->saveimage($thumbnail, $picturetype, $thumbfile); //////// BILD //Bild skalieren if ($picture !== false && !$_POST['noresize' . $i] && $set['articles']['picwidth'] && $set['articles']['picheight']) { $scaled = $img->resize($picture, $set['articles']['picwidth'], $set['articles']['picheight'], $set['articles']['artpic_quality'], 0); if ($scaled != $picture) { imagedestroy($picture); } $picture = $scaled; } //Wasserzeichen einfügen if ($picture !== false && $set['articles']['watermark'] && $_POST['watermark' . $i]) { $watermarked = $img->watermark($picture, $set['articles']['watermark'], $set['articles']['watermark_position'], $set['articles']['watermark_transp']); if ($watermarked != $picture) { imagedestroy($picture); } $picture = $watermarked; } //Bild erstellen $img->saveimage($picture, $picturetype, $newfile); //Cleanup imagedestroy($picture); imagedestroy($thumbnail); unset($picture, $thumbnail); $pictures[$nextid] = array('picture' => $newfile, 'thumbnail' => $thumbfile); ++$nextid; } //Bilder eintragen $db->query("UPDATE " . PRE . "_articles SET pictures='" . addslashes(serialize($pictures)) . "',pictures_nextid='" . intval($nextid) . "' WHERE id='" . $_REQUEST['id'] . "' LIMIT 1"); //Artikel beenden if ($_POST['submit_finish']) { $this->finish_article(); return; } else { printJSRedirect('action.php?action=' . $_REQUEST['action'] . '&id=' . $_REQUEST['id'] . '&pubnow=' . $_REQUEST['pubnow'] . '&pageid=pics'); } } else { echo '<h2>' . $apx->lang->get(iif($this->type == 'normal', 'ARTICLE', strtoupper($this->type))) . ': ' . $this->title . '</h2>'; //Bilderserie auflisten foreach ($pictures as $id => $res) { ++$i; $picdata[$i]['ID'] = $id; $picdata[$i]['IMAGE'] = HTTPDIR . getpath('uploads') . $res['thumbnail']; $picdata[$i]['LINK'] = HTTPDIR . getpath('uploads') . $res['picture']; $picdata[$i]['OPTIONS'] .= optionHTMLOverlay('del.gif', $_REQUEST['action'], 'id=' . $_REQUEST['id'] . '&pageid=pics&delpic=' . $id . '&pubnow=' . $_REQUEST['pubnow'], $apx->lang->get('CORE_DEL')); } $apx->tmpl->assign('SET_WATERMARK', iif($set['articles']['watermark'], 1, 0)); $apx->tmpl->assign('SET_NORESIZE', iif($set['articles']['picwidth'] && $set['articles']['picheight'], 1, 0)); $apx->tmpl->assign('PIC', $picdata); $apx->tmpl->assign('PUBNOW', (int) $_REQUEST['pubnow']); $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('ACTION', iif($_REQUEST['action'] == 'articles.add', 'add', 'edit')); $apx->tmpl->parse('pictures'); } }
//Mediamanger initialisieren $attachments = array(); require BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $temphash = md5(microtime()); //Dateien hochladen for ($i = 1; $i <= 5; $i++) { $fileinfo = $_FILES['attach' . $i]; if (!$fileinfo['tmp_name']) { continue; } if (!is_uploaded_file($fileinfo['tmp_name'])) { continue; } $tempname = 'contact_' . $temphash . '_' . $fileinfo['name'] . '.tmp'; $mm->uploadfile($fileinfo, 'temp', $tempname); $attachments[] = array('filename' => $fileinfo['name'], 'source' => $tempname, 'type' => $fileinfo['type']); } //Normale eMail senden if (!count($attachments)) { mail($sendtomail, $_POST['subject'], $text, 'From: ' . $_POST['name'] . '<' . $_POST['email'] . '>'); } else { $boundary = md5(uniqid(time())); $header = "MIME-Version: 1.0\n"; $header .= "From: " . $_POST['name'] . "<" . $_POST['email'] . ">\n"; $header .= "Content-Type: multipart/mixed; boundary=\"" . $boundary . "\"\n"; $body = "--" . $boundary . "\n"; $body .= "Content-Type: text/plain\n"; $body .= "Content-Transfer-Encoding: 7bit\n\n"; $body .= $text . "\n\n"; //Dateianhänge codieren
if (!$galid) { die('access denied!'); } //BILDER HOCHLADEN if ($_REQUEST['do'] == 'add') { if ($_POST['send']) { require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); //Dateien temporär hochladen $files = array(); for ($i = 1; $i <= 3; $i++) { if (!$_FILES['upload' . $i]['tmp_name']) { continue; } //Erfolgreichen Upload prüfen if (!$mm->uploadfile($_FILES['upload' . $i], 'temp', $mm->getfile($_FILES['upload' . $i]['tmp_name']))) { continue; } $ext = strtolower($mm->getext($_FILES['upload' . $i]['name'])); if ($ext == 'gif') { $ext = 'jpg'; } $files[] = array('ext' => $ext, 'source' => 'temp/' . $mm->getfile($_FILES['upload' . $i]['tmp_name']), 'caption' => $_POST['caption' . $i]); } //Bilderzahl auslesen $piccount = 0; if ($set['user']['gallery_maxpics']) { $data = $db->fetch("SELECT id FROM " . PRE . "_user_gallery WHERE owner='" . $user->info['userid'] . "'"); $galids = get_ids($data, 'id'); if (count($galids)) { list($piccount) = $db->first("SELECT count(id) FROM " . PRE . "_user_pictures WHERE galid IN (" . implode(',', $galids) . ")");
function padd() { global $set, $db, $apx, $html; $_REQUEST['id'] = (int) $_REQUEST['id']; if (!$_REQUEST['id']) { die('missing ID!'); } @set_time_limit(600); if ($_POST['send'] == 1) { if (!checkToken()) { infoInvalidToken(); } else { $files = array(); require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); //ZIP if ($_REQUEST['what'] == 'zip' && $_FILES['zip']['tmp_name']) { $mm->uploadfile($_FILES['zip'], 'gallery/uploads', $mm->getfile($_FILES['zip']['tmp_name'])); $zipfile = zip_open(BASEDIR . getpath('uploads') . 'gallery/uploads/' . $mm->getfile($_FILES['zip']['tmp_name'])); while ($zipentry = zip_read($zipfile)) { if (zip_entry_open($zipfile, $zipentry, 'r')) { if (substr(zip_entry_name($zipentry), -1) == '/') { continue; } $content = zip_entry_read($zipentry, zip_entry_filesize($zipentry)); $zipname = str_replace('/', '%1%', zip_entry_name($zipentry)); $outfilepath = 'gallery/uploads/' . $zipname; zip_entry_close($zipentry); //Datei schreiben $outfile = fopen(BASEDIR . getpath('uploads') . $outfilepath, 'w'); fwrite($outfile, $content); fclose($outfile); $ext = strtolower($mm->getext($outfilepath)); if ($ext == 'gif') { $ext = 'jpg'; } $files[] = array('ext' => $ext, 'source' => $outfilepath, 'watermark' => $_POST['watermark'], 'noresize' => $_POST['noresize'], 'allowcoms' => $_POST['allowcoms'], 'allowrating' => $_POST['allowrating'], 'caption' => $_POST['caption']); } } zip_close($zipfile); $mm->deletefile('gallery/uploads/' . $mm->getfile($_FILES['zip']['tmp_name'])); } elseif ($_REQUEST['what'] == 'ftp') { if (!is_array($_POST['ftp'])) { $_POST['ftp'] = array(); } require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); foreach ($_POST['ftp'] as $key => $file) { $file = $mm->securefile($file); $ext = strtolower($mm->getext($file)); if ($ext == 'gif') { $ext = 'jpg'; } $files[] = array('ext' => $ext, 'source' => 'gallery/uploads/' . $file, 'watermark' => $_POST['watermark' . $key], 'noresize' => $_POST['noresize' . $key], 'allowcoms' => $_POST['allowcoms' . $key], 'allowrating' => $_POST['allowrating' . $key], 'caption' => $_POST['caption' . $key]); } } else { for ($i = 1; $i <= $set['gallery']['addpics']; $i++) { if (!$_FILES['upload' . $i]['tmp_name']) { continue; } //Erfolgreichen Upload prüfen if (!$mm->uploadfile($_FILES['upload' . $i], 'gallery/uploads', $mm->getfile($_FILES['upload' . $i]['tmp_name']))) { continue; } $ext = strtolower($mm->getext($_FILES['upload' . $i]['name'])); if ($ext == 'gif') { $ext = 'jpg'; } $files[] = array('ext' => $ext, 'source' => 'gallery/uploads/' . $mm->getfile($_FILES['upload' . $i]['tmp_name']), 'watermark' => $_POST['watermark' . $i], 'noresize' => $_POST['noresize' . $i], 'allowcoms' => $_POST['allowcoms' . $i], 'allowrating' => $_POST['allowrating' . $i], 'caption' => $_POST['caption' . $i]); } } $this->process_files($files); //Gallery Updatetime $this->setGalleryUpdatetime($_REQUEST['id']); //Weitere Bilder anfügen if ($_POST['addnext']) { printJSRedirect('action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&updateparent=' . $_REQUEST['updateparent']); } else { if ($_REQUEST['updateparent']) { printJSUpdateObject($_REQUEST['updateparent'], get_gallery_list($_REQUEST['id'])); } else { printJSRedirect('action.php?action=gallery.pshow&id=' . $_REQUEST['id']); } } } } else { //Layer $layerdef[] = array('LAYER_UPLOAD', 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&updateparent=' . $_REQUEST['updateparent'], !$_REQUEST['what']); $layerdef[] = array('LAYER_ZIP', 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&what=zip&updateparent=' . $_REQUEST['updateparent'], $_REQUEST['what'] == 'zip'); $layerdef[] = array('LAYER_FTP', 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&what=ftp&updateparent=' . $_REQUEST['updateparent'], $_REQUEST['what'] == 'ftp'); if (!function_exists('zip_open')) { unset($layerdef[1]); } $html->layer_header($layerdef); //ZIP if ($_REQUEST['what'] == 'zip') { $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('SET_OPTIONS', $apx->is_module('comments') && $set['gallery']['coms'] || $apx->is_module('ratings') && $set['gallery']['ratings'] || $set['gallery']['watermark'] || $set['gallery']['picwidth'] && $set['gallery']['picheight']); $apx->tmpl->assign('SET_COMS', $apx->is_module('comments') && $set['gallery']['coms']); $apx->tmpl->assign('SET_RATING', $apx->is_module('ratings') && $set['gallery']['ratings']); $apx->tmpl->assign('SET_WATERMARK', iif($set['gallery']['watermark'], 1, 0)); $apx->tmpl->assign('SET_NORESIZE', iif($set['gallery']['picwidth'] && $set['gallery']['picheight'], 1, 0)); $apx->tmpl->assign('UPDATEPARENT', (int) $_REQUEST['updateparent']); $apx->tmpl->parse('padd_zip'); } elseif ($_REQUEST['what'] == 'ftp') { require_once BASEDIR . 'lib/class.mediamanager.php'; $mm = new mediamanager(); $extensions = array('jpg', 'jpeg', 'jpe', 'png', 'gif'); $files = array(); $dirs = array(); if (is_dir(BASEDIR . getpath('uploads') . 'gallery/uploads/' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/'))) { $dir = opendir(BASEDIR . getpath('uploads') . 'gallery/uploads/' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/')); while ($file = readdir($dir)) { if ($file == '.' || $file == '..') { continue; } //Ordner if (is_dir(BASEDIR . getpath('uploads') . 'gallery/uploads/' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/') . $file)) { $dirs[] = $file; continue; } //Datei if (!in_array(strtolower($mm->getext($file)), $extensions)) { continue; } $files[] = $file; } closedir($dir); } sort($files); sort($dirs); //Ordner auflisten foreach ($dirs as $dir) { ++$i; $subdir[$i]['NAME'] = $dir; $subdir[$i]['LINK'] = 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&what=ftp&dir=' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/') . $dir; } //Dateien auflisten foreach ($files as $file) { ++$i; $upload[$i]['FILE'] = $file; $upload[$i]['FILEID'] = iif($_REQUEST['dir'], $_REQUEST['dir'] . '/') . $file; $upload[$i]['LINK'] = HTTPDIR . getpath('uploads') . 'gallery/uploads/' . iif($_REQUEST['dir'], $_REQUEST['dir'] . '/') . $file; } //Pfad erstellen $pp = explode('/', $_REQUEST['dir']); if ($_REQUEST['dir'] && count($pp)) { foreach ($pp as $dirname) { ++$i; $path .= iif($path, '/') . $dirname; $pathdata[$i]['NAME'] = $dirname; $pathdata[$i]['LINK'] = 'action.php?action=gallery.padd&id=' . $_REQUEST['id'] . '&what=ftp&dir=' . $path; } } $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('FTP', $upload); $apx->tmpl->assign('DIR', $subdir); $apx->tmpl->assign('PATH', $pathdata); $apx->tmpl->assign('SET_OPTIONS', $apx->is_module('comments') && $set['gallery']['coms'] || $apx->is_module('ratings') && $set['gallery']['ratings'] || $set['gallery']['watermark'] || $set['gallery']['picwidth'] && $set['gallery']['picheight']); $apx->tmpl->assign('SET_COMS', $apx->is_module('comments') && $set['gallery']['coms']); $apx->tmpl->assign('SET_RATING', $apx->is_module('ratings') && $set['gallery']['ratings']); $apx->tmpl->assign('SET_WATERMARK', iif($set['gallery']['watermark'], 1, 0)); $apx->tmpl->assign('SET_NORESIZE', iif($set['gallery']['picwidth'] && $set['gallery']['picheight'], 1, 0)); $apx->tmpl->assign('UPDATEPARENT', (int) $_REQUEST['updateparent']); $apx->tmpl->parse('padd_ftp'); } else { for ($i = 1; $i <= $set['gallery']['addpics']; $i++) { $upload[$i]['ASD'] = 1; } $apx->tmpl->assign('ID', $_REQUEST['id']); $apx->tmpl->assign('UPLOAD', $upload); $apx->tmpl->assign('SET_COMS', $apx->is_module('comments') && $set['gallery']['coms']); $apx->tmpl->assign('SET_RATING', $apx->is_module('ratings') && $set['gallery']['ratings']); $apx->tmpl->assign('SET_WATERMARK', iif($set['gallery']['watermark'], 1, 0)); $apx->tmpl->assign('SET_NORESIZE', iif($set['gallery']['picwidth'] && $set['gallery']['picheight'], 1, 0)); $apx->tmpl->assign('UPDATEPARENT', (int) $_REQUEST['updateparent']); $apx->tmpl->parse('padd_upload'); } //Layer Ende $html->layer_footer(); } }