}
}
}
db_free_result($result);
break;
}
if (!zerolen($image_path) && !is_url($image_path)) {
if (!file_exists($image_path) || !is_readable($image_path)) {
$image_path = "";
} elseif ($config['setup_images'][$type]['md5_check'] == 'Y') {
$image_md5 = md5_file($image_path);
}
}
if (!zerolen($image_path) && $config['setup_images'][$type]['md5_check'] == 'Y' && $image_md5 !== $md5) {
$image_path = "";
}
}
if (zerolen($image_path)) {
# when image is not available, use the "default image"
$type = $orig_type;
$image_path = cw_get_default_image($type);
$tmp = cw_get_image_size($image_path);
$image_size = $tmp[0];
$image_type = empty($tmp[3]) ? "image/gif" : $tmp[3];
}
header("Content-Type: " . $image_type);
if ($image_size > 0) {
header("Content-Length: " . $image_size);
}
cw_readfile($image_path, true);
exit;
<?php
if (!$addons['Salesman']) {
cw_header_location('index.php');
}
cw_load('files');
if ($userfile_type != "application/x-shockwave-flash" && substr($userfile_name, -4) == '.swf') {
$userfile_type = "application/x-shockwave-flash";
}
if ($action == 'close') {
$banner_type = '';
$mode = 'close';
$banner_id = '';
} elseif ($action == "upload" && cw_is_image_userfile($userfile, $userfile_size, $userfile_type)) {
$userfile = cw_move_uploaded_file("userfile");
list($img_size, $img_width, $img_height) = cw_get_image_size($userfile);
$image = addslashes(cw_file_get($userfile, true));
if (!is_numeric($image_width) || !is_numeric($image_height) || $image_width < 1 || $image_height < 1) {
if ($img_width && $img_height) {
$image_width = $img_width;
$image_height = $img_height;
} elseif ($width && $height) {
$image_width = $width;
$image_height = $height;
}
}
db_query("INSERT INTO {$tables['salesman_banners_elements']} (data, data_type, data_x, data_y) VALUES ('{$image}', '{$userfile_type}', '{$image_width}', '{$image_height}')");
@unlink($userfile);
$banner_type = "M";
} elseif ($action == 'add' && $add && $add['banner']) {
if ($add['banner_type'] == 'G') {
$tmp['is_copied'] = false;
$tmp['source'] = 'U';
$data[] = $tmp;
}
}
}
if (is_array($data)) {
foreach ($data as $k => $val) {
if (isset($val['file_path']) && !cw_is_allowed_file($val['file_path']) || !isset($val['file_path']) || zerolen($val['file_path'])) {
if ($val['is_copied']) {
@unlink($val['file_path']);
}
unset($data[$k]);
continue;
}
list($val['file_size'], $val['image_x'], $val['image_y'], $val['image_type']) = cw_get_image_size($val['file_path']);
if ($val['file_size'] == 0) {
if ($data['is_copied']) {
unlink($val['file_path']);
}
unset($data[$k]);
continue;
}
if (!isset($val['filename'])) {
$val['filename'] = basename($val['file_path']);
}
$val['id'] = $id;
$val['type'] = $type;
$val['date'] = cw_core_get_time();
if ($available_images[$type]['multiple'] == 2) {
$file_upload_data[$type][] = $val;
<?php
cw_load('files', 'user');
$filename = $_GET['file'];
$file_exists = false;
#
# Check if file exists
#
$allowed_path = realpath(cw_user_get_files_location());
if (!@file_exists($filename)) {
$filename = realpath($allowed_path . DIRECTORY_SEPARATOR . $filename);
$file_exists = file_exists($filename);
} else {
$filename = realpath($filename);
$file_exists = !strncmp($filename, $allowed_path, strlen($allowed_path));
}
if ($file_exists) {
#
# Output file content
#
$imageinfo = cw_get_image_size($filename);
if (!empty($imageinfo)) {
header("Content-type: " . ($imageinfo[3] ? $imageinfo[3] : "application/octet-stream"));
} else {
header("Content-type: application/force-download");
header("Content-Disposition: attachment; filename=" . basename($filename));
}
cw_readfile($filename);
}
exit;
function cw_image_get_watermarked($path)
{
global $config;
$opacity = $config['Watermarks']['opacity'];
if (!file_exists($path)) {
return false;
}
$orig_fn = $path;
$wmrkd_fn = preg_replace("'^(.*)(\\.[a-z]+)\$'i", "\$1.wmrkd\$2", $path);
cw_load('in_images');
$wmrk_fn = cw_in_images_assign('watermark_url');
$wmrk_fn = $wmrk_fn['image_path'];
if (file_exists($wmrkd_fn) && file_exists($wmrk_fn) && filemtime($wmrkd_fn) >= filemtime($wmrk_fn) && filemtime($wmrkd_fn) >= filemtime($orig_fn)) {
return $wmrkd_fn;
}
if (!file_exists($wmrk_fn)) {
return $orig_fn;
}
$attrs_wmrk = cw_get_image_size($wmrk_fn);
$attrs_img = cw_get_image_size($orig_fn);
$im_w = $attrs_img[1];
$im_h = $attrs_img[2];
$im_type = $attrs_img[3];
$wm_w = $attrs_wmrk[1];
$wm_h = $attrs_wmrk[2];
$wm_type = $attrs_wmrk[3];
$image = imagecreatefromstring(file_get_contents($orig_fn));
$watermark_or = imagecreatefromstring(file_get_contents($wmrk_fn));
if ($wm_w > $im_w / 1.5) {
$sw = 1.5 * $wm_w / $im_w;
} else {
$sw = 1;
}
if ($wm_h > $im_h / 2) {
$sh = 2 * $wm_h / $im_h;
} else {
$sh = 1;
}
if ($sw > $sh) {
$scl = $sw;
} else {
$scl = $sh;
}
$watermark = imagecreatetruecolor($wm_w / $scl, $wm_h / $scl);
imagecolortransparent($watermark, imagecolorallocate($watermark, 0, 0, 0));
imagecopyresized($watermark, $watermark_or, 0, 0, 0, 0, $wm_w / $scl, $wm_h / $scl, $wm_w, $wm_h);
imagedestroy($watermark_or);
$wm_w = $wm_w / $scl;
$wm_h = $wm_h / $scl;
$left = ($im_w - $wm_w) / 2;
$right = ($im_h - $wm_h) / 2;
#imagecopyresampled($image, $watermark, $left, $right, 0, 0, $wm_w/$scl, $wm_h/$scl, $wm_w, $wm_h);
imagecopymerge($image, $watermark, $left, $right, 0, 0, $wm_w, $wm_h, $opacity);
switch ($im_type) {
case 'image/jpeg':
imagejpeg($image, $wmrkd_fn, 100);
break;
case 'image/gif':
imagegif($image, $wmrkd_fn);
break;
case 'image/png':
imagepng($image, $wmrkd_fn, 9);
break;
default:
imagejpeg($image, $wmrkd_fn, 100);
}
return $wmrkd_fn;
}
function cw_attach_images($message)
{
global $http_location, $app_web_dir, $app_main_dir, $current_location, $smarty, $app_http_host;
# Get images location
$hash = array();
if (preg_match_all("/\\ssrc=['\"]?([^\\s'\">]+)['\">\\s]/SsUi", $message, $preg)) {
$hash = $preg[1];
}
if (empty($hash)) {
return array($message, array());
}
# Get images data
$names = array();
$images = array();
$app_web_skin_dir = str_replace($app_main_dir, $app_web_dir, $smarty->template_dir);
foreach ($hash as $v) {
$orig_name = $v;
$parse = parse_url($v);
$data = "";
$file_path = "";
if (empty($parse['scheme'])) {
# Web-path without domain name
$v = str_replace($app_web_skin_dir . "/", "", $parse['path']);
$file_path = $smarty->template_dir . "/" . str_replace("/", DIRECTORY_SEPARATOR, $v);
$v = "http://" . $app_http_host . $app_web_skin_dir . "/" . $v;
if (!empty($parse['query'])) {
$v .= "?" . $parse['query'];
}
} elseif (strpos($v, $current_location) === 0) {
# Web-path with domain name
$file_path = $app_main_dir . str_replace("/", DIRECTORY_SEPARATOR, substr($v, strlen($current_location)));
}
if (!empty($file_path) && strpos($file_path, ".php") === false && strpos($file_path, ".asp") === false) {
# Get image content as local file
if (file_exists($file_path) && is_readable($file_path)) {
$fp = @fopen($file_path, "rb");
if ($fp) {
if (filesize($file_path) > 0) {
$data = fread($fp, filesize($file_path));
}
fclose($fp);
}
} else {
continue;
}
}
if (!empty($images[$v])) {
continue;
}
$tmp = array("name" => basename($v), "url" => $v, "data" => $data);
if ($names[$tmp['name']]) {
$cnt = 1;
$name = $tmp['name'];
while ($names[$tmp['name']]) {
$tmp['name'] = $name . $cnt++;
}
}
$names[$tmp['name']] = true;
if (empty($tmp['data'])) {
# Get image content as URL
if ($fp = @fopen($tmp['url'], "rb")) {
do {
$tmpdata = fread($fp, 8192);
if (strlen($tmpdata) == 0) {
break;
}
$tmp['data'] .= $tmpdata;
} while (true);
fclose($fp);
} else {
continue;
}
}
list($tmp1, $tmp2, $tmp3, $tmp['type']) = cw_get_image_size(empty($data) ? $tmp['url'] : $file_path);
if (empty($tmp['type'])) {
continue;
}
$message = preg_replace("/(['\"\\(])" . preg_quote($orig_name, "/") . "(['\"\\)])/Ss", "\\1cid:" . $tmp['name'] . "\\2", $message);
$images[$tmp['url']] = $tmp;
}
return array($message, $images);
}