if ($nodes->length < 1) {
echo "{\"success\":false,\"error\":\"Your user account '" . $creator . "' is not specified in the triple store. You are not allowed to upload documents.\"}";
die;
}
}
$creator = $nodes->item(0)->textContent;
}
$content = $_FILES["content"];
if ($_FILES["content"]["error"] !== UPLOAD_ERR_OK) {
echo '{"success":false,"error":' . $_FILES["content"]["error"] . '}';
die;
}
if (isset($_POST['title'])) {
$title = $_POST["title"];
} else {
$title = NULL;
}
$result = handleFileUpload($content["tmp_name"], $file, $creator, NULL, $title);
setNonceForApp($service, $nonce);
/*
if(isset($_SERVER['HTTP_REFERER']))
header("Location: ".$_SERVER["HTTP_REFERER"]);
else
*/
echo json_encode($result);
} else {
echo '{"success":false,"error":"Unsupported method"}';
die;
}
}
}
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with VCMS. If not, see <http://www.gnu.org/licenses/>.
*/
if (!is_object($libGlobal) || !$libAuth->isLoggedin()) {
exit;
}
$libDb->connect();
if ($libAuth->isLoggedin() && isset($_REQUEST['veranstaltungId']) && is_numeric($_REQUEST['veranstaltungId']) && preg_match("/^[0-9]+\$/", $_REQUEST['veranstaltungId']) && isset($_FILES['files']['name'])) {
$allowedExtensions = array('jpg', 'jpeg');
$numerOfFiles = count($_FILES['files']['name']);
$filesResult = array();
for ($i = 0; $i < $numerOfFiles; $i++) {
$fileResult = handleFileUpload($i, $allowedExtensions);
$filesResult[] = $fileResult;
}
$result = array();
$result['files'] = $filesResult;
echo json_encode($result);
}
function handleFileUpload($i, $allowedExtensions)
{
global $libGlobal, $libImage;
$name = $_FILES['files']['name'][$i];
$tmp_name = $_FILES['files']['tmp_name'][$i];
$size = $_FILES['files']['size'][$i];
$pathinfo = pathinfo($name);
$filename = $pathinfo['filename'];
$ext = $pathinfo['extension'];
include '../includes/formvalidation/FormValidation.php';
include '../includes/fileFunctions.php';
if (!isset($_SESSION[USER])) {
$errorCookie = "errorMessage";
$errorCookieValue = "U hebt geen toegang tot de pagina die u hebt getracht te bezoeken!";
setcookie($errorCookie, $errorCookieValue, time() + 60, "/");
header('location: ../index.php');
}
$errors = [];
if (!empty($_POST)) {
$data = $_POST;
$formValidation = new ProductFormValidation($data);
$errors = $formValidation->validateForm();
if (empty($errors)) {
$imageBaseName = basename($_FILES['image']['name']);
if (!handleFileUpload($_FILES)) {
$errorCookie = "errorMessage";
$errorCookieValue = "Er ging iets mis met het uploaden van het bestand";
setcookie($errorCookie, $errorCookieValue, time() + 60, "/");
header('location:index.php');
exit;
}
$query = 'INSERT INTO product (name,description,image,category,price) ' . 'VALUES (:name,:description,:image,:category,:price);';
$stmt = $db->prepare($query);
$stmt->execute(['name' => $data['name'], 'description' => $data['description'], 'image' => $imageBaseName, 'category' => $data['category'], 'price' => (double) $data['price']]);
if ($stmt->rowCount()) {
$cookie_name = "userMessage";
$cookie_value = "Product is met succes toegevoegd!";
setcookie($cookie_name, $cookie_value, time() + 60, "/");
header('location:index.php');
}
} else {
if ($nodes->length < 1) {
?>
<html>
<body>
<p>Your user account is not specified in the triple store. You are not allowed to upload images.</p>
</body>
</html>
<?php
}
}
$uri = $nodes->item(0)->textContent;
if ($_FILES["content"]["error"] == UPLOAD_ERR_OK) {
$tmp_name = $_FILES["content"]["tmp_name"];
$file = $_POST["file"];
handleFileUpload($tmp_name, $file, $uri);
} else {
?>
<html>
<body>
<p>No document uploaded.</p>
</body>
</html><?php
}
} else {
?>
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>TWC Document Manager</title>
<script src="media.js"></script>
<script src="sha1.js"></script>
function handlePicture()
{
handleFileUpload();
}