function checkUpload($f, $ext = "", $maxsize = 0, $req = 0)
{
$fname = strtolower(basename($f['name']));
$ftemp = $f["tmp_name"];
$fsize = $f["size"];
$fext = getFileExtention($fname);
$findme = '.php';
if ($fsize == 0) {
if ($req != 0) {
return AYOUMAYCHOOSEFILE . "!";
}
return "";
} else {
if ($ext != "") {
if (strpos($ext, $fext) === false) {
return AWRONGFILEFORMAT . " : {$fname}";
}
}
$pos = strpos($fname, $findme);
if ($pos === true) {
return AWRONGFILEFORMAT . " : {$fname}";
}
$posjs = strpos($fname, ".js");
if ($posjs === true) {
return AWRONGFILEFORMAT . " : {$fname}";
}
$posasp = strpos($fname, ".asp");
if ($posasp === true) {
return AWRONGFILEFORMAT . " : {$fname}";
}
$posaspx = strpos($fname, ".aspx");
if ($posaspx === true) {
return AWRONGFILEFORMAT . " : {$fname}";
}
if ($maxsize > 0) {
if ($fsize > $maxsize) {
return ASCREENSIZE . $maxsize . " byte";
}
}
}
return "";
}
$r = getRecord($tableConfig, "id=" . $oldid);
$sqlUpdateField = "";
if ($_POST['chkClearImg'] == '') {
$extsmall = getFileExtention($_FILES['txtImage']['name']);
if (makeUpload($_FILES['txtImage'], "{$path}/" . $actConfig . "_s" . $oldid . $extsmall)) {
@chmod("{$path}/" . $actConfig . "_s" . $oldid . $extsmall, 0777);
$sqlUpdateField = " image='{$pathdb}/" . $actConfig . "_s" . $oldid . $extsmall . "' ";
}
} else {
if (file_exists('../' . $r['image'])) {
@unlink('../' . $r['image']);
}
$sqlUpdateField = " image='' ";
}
if ($_POST['chkClearImgLarge'] == '') {
$extlarge = getFileExtention($_FILES['txtImageLarge']['name']);
if (makeUpload($_FILES['txtImageLarge'], "{$path}/" . $actConfig . "_l" . $oldid . $extlarge)) {
@chmod("{$path}/" . $actConfig . "_l" . $oldid . $extlarge, 0777);
if ($sqlUpdateField != "") {
$sqlUpdateField .= ",";
}
$sqlUpdateField .= " image_large='{$pathdb}/" . $actConfig . "_l" . $oldid . $extlarge . "' ";
}
} else {
if (file_exists('../' . $r['image_large'])) {
@unlink('../' . $r['image_large']);
}
if ($sqlUpdateField != "") {
$sqlUpdateField .= ",";
}
$sqlUpdateField .= " image_large='' ";
//$errMsg .= checkUpload($_FILES["txtImageLarge"],".jpg;.gif;.bmp;.png",500*1024,0);
if ($errMsg == '') {
if (!empty($_POST['id'])) {
$oldid = $_POST['id'];
$sql = "update " . $tableConfig . " set code='" . $code . "',name='" . $name . "', parent='" . $parent . "',subject='" . $subject . "',short_description='" . $short_description . "',full_description='" . $full_description . "', sort='" . $sort . "', status='" . $status . "',last_modified=now(), lang='" . $lang . "',price='" . $price . "' where id='" . $oldid . "'";
} else {
$sql = "insert into " . $tableConfig . " (code, name, parent, subject, short_description, full_description, sort, status, date_added, last_modified, lang,price) values ('" . $code . "','" . $name . "','" . $parent . "','" . $subject . "','" . $short_description . "','" . $full_description . "','" . $sort . "','" . $status . "',now(),now(),'" . $lang . "','" . $price . "')";
}
if (mysql_query($sql, $conn)) {
if (empty($_POST['id'])) {
$oldid = mysql_insert_id();
}
$r = getRecord($tableConfig, "id=" . $oldid);
$sqlUpdateField = "";
if ($_POST['chkClearImg'] == '') {
$extsmall = getFileExtention($_FILES['txtImage']['name']);
if (makeUpload($_FILES['txtImage'], "{$path}/" . $actConfig . "_s" . $oldid . $extsmall)) {
@chmod("{$path}/" . $actConfig . "_s" . $oldid . $extsmall, 0777);
$sqlUpdateField = " image='{$pathdb}/" . $actConfig . "_s" . $oldid . $extsmall . "' ";
}
} else {
if (file_exists('../' . $r['image'])) {
@unlink('../' . $r['image']);
}
$sqlUpdateField = " image='' ";
}
/*if ($_POST['chkClearImgLarge']==''){
$extlarge=getFileExtention($_FILES['txtImageLarge']['name']);
if (makeUpload($_FILES['txtImageLarge'],"$path/".$actConfig."_l".$oldid.$extlarge)){
@chmod("$path/".$actConfig."_l".$oldid.$extlarge, 0777);
if($sqlUpdateField != "") $sqlUpdateField .= ",";
function checkUpload($f, $ext = "", $maxsize = 0, $req = 0)
{
$fname = strtolower(basename($f['name']));
$ftemp = $f["tmp_name"];
$fsize = $f["size"];
$fext = getFileExtention($fname);
if ($fsize == 0) {
if ($req != 0) {
return "Bạn chưa chọn file !";
}
return "";
} else {
if ($ext != "") {
if (strpos($ext, $fext) === false) {
return "Tập tin không đúng định dạng : {$fname}";
}
}
if ($maxsize > 0) {
if ($fsize > $maxsize) {
return "Kích thước hình phải nhỏ hơn " . $maxsize . " byte";
}
}
}
return "";
}