function process_post_data()
{
global $HTTP_POST_VARS, $CONFIG;
global $lang_errors;
$pid = (int) $HTTP_POST_VARS['id'];
$aid = (int) $HTTP_POST_VARS['aid'];
$pwidth = (int) $HTTP_POST_VARS['pwidth'];
$pheight = (int) $HTTP_POST_VARS['pheight'];
$title = $HTTP_POST_VARS['title'];
$caption = $HTTP_POST_VARS['caption'];
$keywords = $HTTP_POST_VARS['keywords'];
$user1 = $HTTP_POST_VARS['user1'];
$user2 = $HTTP_POST_VARS['user2'];
$user3 = $HTTP_POST_VARS['user3'];
$user4 = $HTTP_POST_VARS['user4'];
$read_exif = isset($HTTP_POST_VARS['read_exif']);
$reset_vcount = isset($HTTP_POST_VARS['reset_vcount']);
$reset_votes = isset($HTTP_POST_VARS['reset_votes']);
$del_comments = isset($HTTP_POST_VARS['del_comments']) || $delete;
$query = "SELECT category, filepath, filename FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='{$pid}'";
$result = db_query($query);
if (!mysql_num_rows($result)) {
cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$pic = mysql_fetch_array($result);
mysql_free_result($result);
if (!(GALLERY_ADMIN_MODE || USER_ADMIN_MODE)) {
if ($pic['category'] != FIRST_USER_CAT + USER_ID) {
cpg_die(ERROR, $lang_errors['perm_denied'] . "<br />(picture category = {$pic['category']}/ {$pid})", __FILE__, __LINE__);
}
if (!isset($user_album_set[$aid])) {
cpg_die(ERROR, $lang_errors['perm_denied'] . "<br />(target album = {$aid})", __FILE__, __LINE__);
}
}
$update = "aid = '" . $aid . "'";
if (is_movie($pic['filename'])) {
$update .= ", pwidth = " . $pwidth;
$update .= ", pheight = " . $pheight;
}
$update .= ", title = '" . addslashes($title) . "'";
$update .= ", caption = '" . addslashes($caption) . "'";
$update .= ", keywords = '" . addslashes($keywords) . "'";
$update .= ", user1 = '" . addslashes($user1) . "'";
$update .= ", user2 = '" . addslashes($user2) . "'";
$update .= ", user3 = '" . addslashes($user3) . "'";
$update .= ", user4 = '" . addslashes($user4) . "'";
if ($reset_vcount) {
$update .= ", hits = '0'";
}
if ($reset_votes) {
$update .= ", pic_rating = '0', votes = '0'";
}
if ($del_comments) {
$query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'";
$result = db_query($query);
} else {
$query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
$result = db_query($query);
}
}
function print_gallery_sounds($sounds)
{
if (count($sounds) > 0) {
echo "<!-- Begin Sounds-->\n";
echo "<div id='sounds'>\n";
echo "\t<h3>Audio Files</h3>\n";
echo "\t<ul>\n";
foreach ($sounds as $sound) {
if (is_movie($sound, array("mp3"))) {
echo "\t<li>\n";
echo "\t\t";
print_movie($sound, "swf_player");
echo "</a></li>\n";
echo "\t</li>\n";
}
echo "\t</ul>\n";
echo "</div>\n";
echo "<!-- End Sounds-->\n\n";
}
}
}
function is_known_filetype($file)
{
return is_image($file) || is_movie($file) || is_audio($file) || is_document($file);
}
function process_post_data()
{
global $CONFIG, $mb_utf8_regex;
global $lang_errors, $lang_editpics_php;
$pid = (int) $_POST['id'];
$aid = (int) $_POST['aid'];
$pwidth = (int) $_POST['pwidth'];
$pheight = (int) $_POST['pheight'];
$title = $_POST['title'];
$caption = $_POST['caption'];
$keywords = $_POST['keywords'];
$user1 = $_POST['user1'];
$user2 = $_POST['user2'];
$user3 = $_POST['user3'];
$user4 = $_POST['user4'];
$galleryicon = (int) $_POST['galleryicon'];
$isgalleryicon = $galleryicon === $pid;
// need to implement "Read EXIF info again" checkbox; comment out for now
// $read_exif = isset($_POST['read_exif']);
$reset_vcount = isset($_POST['reset_vcount']);
$reset_votes = isset($_POST['reset_votes']);
$del_comments = isset($_POST['del_comments']) || $delete;
$result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a WHERE a.aid = p.aid AND pid = '{$pid}'");
if (!mysql_num_rows($result)) {
cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$pic = mysql_fetch_array($result);
mysql_free_result($result);
if (!(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
$update = "aid = '" . $aid . "'";
if (is_movie($pic['filename'])) {
$update .= ", pwidth = " . $pwidth;
$update .= ", pheight = " . $pheight;
}
$update .= ", title = '" . addslashes($title) . "'";
$update .= ", caption = '" . addslashes($caption) . "'";
$update .= ", keywords = '" . addslashes($keywords) . "'";
$update .= ", user1 = '" . addslashes($user1) . "'";
$update .= ", user2 = '" . addslashes($user2) . "'";
$update .= ", user3 = '" . addslashes($user3) . "'";
$update .= ", user4 = '" . addslashes($user4) . "'";
if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) {
$sql = 'update ' . $CONFIG['TABLE_PICTURES'] . ' set galleryicon=0 where owner_id=' . $pic['owner_id'] . ';';
cpg_db_query($sql);
$update .= ", galleryicon = " . addslashes($galleryicon);
}
if ($reset_vcount) {
$update .= ", hits = '0'";
resetDetailHits($pid);
}
if ($reset_votes) {
$update .= ", pic_rating = '0', votes = '0'";
resetDetailVotes($pid);
}
if ($del_comments) {
$query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'";
$result = cpg_db_query($query);
} else {
$query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
$result = cpg_db_query($query);
}
// rename a file
if ($_POST['filename'] != $pic['filename']) {
if ($CONFIG['thumb_use'] == 'ht' && $pic['pheight'] > $CONFIG['picture_width']) {
$condition = true;
} elseif ($CONFIG['thumb_use'] == 'wd' && $pic['pwidth'] > $CONFIG['picture_width']) {
$condition = true;
} elseif ($CONFIG['thumb_use'] == 'any' && max($pic['pwidth'], $pic['pheight']) > $CONFIG['picture_width']) {
$condition = true;
} else {
$condition = false;
}
if ($CONFIG['make_intermediate'] && $condition) {
$prefices = array('fullsize', 'normal', 'thumb');
} else {
$prefices = array('fullsize', 'thumb');
}
if (!is_image($pic['filename'])) {
$prefices = array('fullsize');
}
foreach ($prefices as $prefix) {
$oldname = urldecode(get_pic_url($pic, $prefix));
$filename = replace_forbidden($_POST['filename']);
$newname = str_replace($pic['filename'], $filename, $oldname);
$old_mime = cpg_get_type($oldname);
$new_mime = cpg_get_type($newname);
if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__);
}
if (!is_known_filetype($newname)) {
cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__);
}
if (file_exists($newname)) {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__);
}
if (!file_exists($oldname)) {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__);
}
if (rename($oldname, $newname)) {
cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$filename}' WHERE pid = '{$pid}' LIMIT 1");
} else {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__);
}
}
}
}
function theme_display_fullsize_pic()
{
global $CONFIG, $THEME_DIR, $FORBIDDEN_SET, $LINEBREAK, $pid;
global $lang_errors, $lang_fullsize_popup, $lang_charset;
$superCage = Inspekt::makeSuperCage();
if (!USER_ID && $CONFIG['allow_unlogged_access'] <= 2) {
printf($lang_errors['login_needed'], '', '', '', '');
die;
} elseif (USER_ID && USER_ACCESS_LEVEL <= 2) {
printf($lang_errors['access_intermediate_only'], '', '', '', '');
die;
}
if ($superCage->get->keyExists('picfile')) {
if (!GALLERY_ADMIN_MODE) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
//$picfile = $_GET['picfile'];
//$picfile = $superCage->get->getPath('picfile'); // doesn't work with HTML entities
$matches = $superCage->get->getMatched('picfile', '/^[0-9A-Za-z~ \\/_.-]+$/');
$picfile = $matches[0];
$picname = $CONFIG['fullpath'] . $picfile;
$imagesize = @getimagesize($picname);
$imagedata = array('name' => $picfile, 'path' => path2url($picname), 'geometry' => $imagesize[3]);
} elseif ($pid) {
$sql = "SELECT filepath, filename, url_prefix, pwidth, pheight FROM {$CONFIG['TABLE_PICTURES']} AS p " . "WHERE pid='{$pid}' {$FORBIDDEN_SET}";
$result = cpg_db_query($sql);
if (!mysql_num_rows($result)) {
cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$row = mysql_fetch_assoc($result);
if (is_image($row['filename'])) {
$pic_url = get_pic_url($row, 'fullsize');
$geom = 'width="' . $row['pwidth'] . '" height="' . $row['pheight'] . '"';
$imagedata = array('name' => $row['filename'], 'path' => $pic_url, 'geometry' => $geom);
} else {
$pic_html = theme_html_picture();
if (is_movie($row['filename'])) {
$mime_content = cpg_get_type($row['filename']);
$ctrl_offset['mov'] = 15;
$ctrl_offset['wmv'] = 45;
$ctrl_offset['swf'] = 0;
$ctrl_offset['rm'] = 0;
$ctrl_offset_default = 45;
$ctrl_height = isset($ctrl_offset[$mime_content['extension']]) ? $ctrl_offset[$mime_content['extension']] : $ctrl_offset_default;
preg_match('/width="([0-9]+)".*height="([0-9]+)"/', $pic_html, $matches);
$width = $matches[1] + $CONFIG['fullsize_padding_x'];
$height = $matches[2] + $CONFIG['fullsize_padding_y'] + $ctrl_height;
$resize_window = '<script type="text/javascript">window.resizeTo(' . $width . ', ' . $height . ')</script>';
}
preg_match('/<td align="center" style="{SLIDESHOW_STYLE}">.*(.*)<\\/td>/Us', $pic_html, $matches);
$pic_html = $matches[1] . $resize_window;
}
}
if (!USER_ID && $CONFIG['allow_unlogged_access'] <= 2 || USER_ID && USER_ACCESS_LEVEL <= 2) {
// adjust the size of the window if we don't have to catter for a full-size pop-up, but only a text message
$row['pwidth'] = 200;
$row['pheight'] = 100;
}
$charset = $CONFIG['charset'] == 'language file' ? $lang_charset : $CONFIG['charset'];
$fullsize_html = <<<EOT
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset={$charset}" />
<title>{$CONFIG['gallery_name']}: {$lang_fullsize_popup['click_to_close']}</title>
<style type="text/css">
body { margin: 0; padding: 0; background-color: gray; }
img { margin:0; padding:0; border:0; }
#content { margin:0 auto; padding:0; border:0; }
table { border:0; width:{$row['pwidth']}px; height:{$row['pheight']}px; border-collapse:collapse}
td { vertical-align: middle; text-align:center; }
</style>
<script type="text/javascript" src="js/jquery-1.4.2.js"></script>
<script type="text/javascript" src="js/jquery.dimensions.pack.js"></script>
<script type="text/javascript" src="js/displayimage.fullsize.js"></script>
</head>
<body style="margin:0px; padding:0px; background-color: gray;">
EOT;
if ($pic_html) {
$fullsize_html .= $pic_html;
} else {
if ($CONFIG['transparent_overlay'] == 1) {
$fullsize_html .= <<<EOT
<table cellpadding="0" cellspacing="0" align="center" style="padding:0px;">
<tr>
EOT;
$fullsize_html .= '<td align="center" valign="middle" background="' . htmlspecialchars($imagedata['path']) . '" ' . $imagedata['geometry'] . ' class="image">';
$fullsize_html .= '<div id="content">';
$fullsize_html .= '<a href="javascript: window.close()" style="border:none"><img src="images/image.gif?id=' . floor(rand() * 1000 + rand()) . '&fullsize=yes" ' . $imagedata['geometry'] . ' alt="' . htmlspecialchars($imagedata['name']) . '" title="' . htmlspecialchars($imagedata['name']) . $LINEBREAK . $lang_fullsize_popup['click_to_close'] . '" /></a><br />' . $LINEBREAK;
$fullsize_html .= <<<EOT
</div>
</td>
</tr>
</table>
EOT;
} else {
$fullsize_html .= ' <div id="content">' . $LINEBREAK;
$fullsize_html .= '<a href="javascript: window.close()"><img src="' . htmlspecialchars($imagedata['path']) . '" ' . $imagedata['geometry'] . ' id="fullsize_image" alt="' . htmlspecialchars($imagedata['name']) . '" title="' . htmlspecialchars($imagedata['name']) . $LINEBREAK . $lang_fullsize_popup['click_to_close'] . '" /></a><br />' . $LINEBREAK . ' </div>' . $LINEBREAK;
}
}
$fullsize_html .= <<<EOT
</body>
</html>
EOT;
$fullsize_html = CPGPluginAPI::filter('fullsize_html', $fullsize_html);
echo $fullsize_html;
}
/**
* Function to return html required for displaying the flv palyer
*/
function video2flash_ffmpeg_file_data($pic_data)
{
global $CONFIG;
$file = $CONFIG['fullpath'] . $pic_data['filepath'] . $pic_data['filename'];
$picture_url = get_pic_url($pic_data, 'fullsize');
preg_match("/(.+)\\.(.*?)\\Z/", $pic_data['filename'], $matches);
$flv = $CONFIG['fullpath'] . $pic_data['filepath'] . $matches[1] . '.flv';
// We will replace the file html only if it is a valid movie and we have the flv file
if (is_movie($file) && file_exists($flv)) {
$thumb = $CONFIG['fullpath'] . $pic_data['filepath'] . $CONFIG['thumb_pfx'] . $matches[1] . ".jpg";
$flashvars = '';
if (file_exists($thumb)) {
$flashvars = '&image=' . $CONFIG['ecards_more_pic_target'] . $thumb;
}
if ($CONFIG['video2flash_ffmpeg_player_autostart'] == 'yes') {
$flashvars = '&autostart=true';
}
$pic_data['html'] = <<<EOT
<object classid="clsid:d27cdb6e-ae6d-11cf-96b8-444553540000" codebase="http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=6,0,0,0" width="{$CONFIG['video2flash_ffmpeg_player_width']}" height="{$CONFIG['video2flash_ffmpeg_player_height']}">
<param name="movie" value="plugins/video2flash_ffmpeg/player.swf?file={$CONFIG['ecards_more_pic_target']}{$flv}{$flashvars}" />
<param name="quality" value="high" />
<param name="wmode" value="transparent" />
<embed src="plugins/video2flash_ffmpeg/player.swf?file={$CONFIG['ecards_more_pic_target']}{$flv}{$flashvars}" quality="high" wmode="transparent" width="{$CONFIG['video2flash_ffmpeg_player_width']}" height="{$CONFIG['video2flash_ffmpeg_player_height']}" type="application/x-shockwave-flash" pluginspage="http://www.macromedia.com/go/getflashplayer" />
</object>
EOT;
}
// print_r($pic_data);
return $pic_data;
}
function form_pic_info($text)
{
global $CURRENT_PIC, $THUMB_ROWSPAN, $CONFIG;
global $lang_byte_units, $lang_editpics_php, $lang_common, $loop_counter, $row_style_class, $icon_array, $cpg_udb;
if (!is_movie($CURRENT_PIC['filename'])) {
$pic_info = sprintf($lang_editpics_php['pic_info_str'], $CURRENT_PIC['pwidth'], $CURRENT_PIC['pheight'], $CURRENT_PIC['filesize'] >> 10, $CURRENT_PIC['hits'], $CURRENT_PIC['votes']);
} else {
$pic_info = sprintf($lang_editpics_php['pic_info_str'], '<input type="text" name="pwidth' . $CURRENT_PIC['pid'] . '" value="' . $CURRENT_PIC['pwidth'] . '" size="5" maxlength="5" class="textinput" />', '<input type="text" name="pheight' . $CURRENT_PIC['pid'] . '" value="' . $CURRENT_PIC['pheight'] . '" size="5" maxlength="5" class="textinput" />', $CURRENT_PIC['filesize'] >> 10, $CURRENT_PIC['hits'], $CURRENT_PIC['votes']);
}
if (UPLOAD_APPROVAL_MODE) {
if ($CURRENT_PIC['owner_id']) {
$pic_info .= ' - <a href="profile.php?uid=' . $CURRENT_PIC['owner_id'] . '">' . $cpg_udb->get_user_name($CURRENT_PIC['owner_id']) . '</a>';
}
}
$thumb_url = get_pic_url($CURRENT_PIC, 'thumb');
$thumb_link = 'displayimage.php?pid=' . $CURRENT_PIC['pid'];
$filename = htmlspecialchars($CURRENT_PIC['filename']);
$filepath = htmlspecialchars($CURRENT_PIC['filepath']);
$isgalleryicon_selected = $CURRENT_PIC['galleryicon'] ? 'checked="checked" ' : '';
$isgalleryicon_disabled = !isset($CURRENT_PIC['category']) || $CURRENT_PIC['category'] < FIRST_USER_CAT ? ' style="display:none;" ' : '';
if ($loop_counter == 0) {
$row_style_class = 'tableb';
} else {
$row_style_class = 'tableb tableb_alternate';
}
$loop_counter++;
if ($loop_counter > 1) {
$loop_counter = 0;
}
if ($CURRENT_PIC['approved'] == 'YES') {
$pic_approval_checked = 'checked="checked"';
} else {
$pic_approval_checked = '';
}
// The approve checkbox is shown only if the user is admin or moderator.
$approve_html = '';
if (GALLERY_ADMIN_MODE || MODERATOR_MODE) {
$approve_html = <<<EOT
<td class="{$row_style_class}" width="40" valign="top">
<input type="checkbox" name="approved{$CURRENT_PIC['pid']}" id="approve{$CURRENT_PIC['pid']}" value="YES" {$pic_approval_checked} class="checkbox" title="{$lang_editpics_php['approve_pic']}" /><label for="approve{$CURRENT_PIC['pid']}" class="clickable_option">{$icon_array['file_approve']}</label>
</td>
EOT;
}
// The reset hits box will only be displayed if a file has more than zero hits
if ($CURRENT_PIC['hits'] == 0) {
$hits_reset_disabled = 'disabled="disabled"';
} else {
$hits_reset_disabled = '';
}
// The reset votes box will only be displayed if a file has more than zero votes
if ($CURRENT_PIC['votes'] == 0) {
$votes_reset_disabled = 'disabled="disabled"';
} else {
$votes_reset_disabled = '';
}
echo <<<EOT
<tr>
<td colspan="3">
<table border="0" cellspacing="0" cellpadding="0" width="100%">
<tr>
<td class="{$row_style_class}" colspan="6">
{$icon_array['file_name']}{$lang_common['filename']}: <tt>{$CONFIG['site_url']}{$CONFIG['fullpath']}{$filepath}{$filename}</tt>
</td>
</tr>
<tr>
<td class="{$row_style_class}"> </td>
<td class="{$row_style_class}" width="40" valign="top">
<input type="checkbox" name="delete{$CURRENT_PIC['pid']}" id="delete{$CURRENT_PIC['pid']}" value="1" class="checkbox" title="{$lang_editpics_php['del_pic']}" /><label for="delete{$CURRENT_PIC['pid']}" class="clickable_option">{$icon_array['delete']}</label>
</td>
{$approve_html}
<td class="{$row_style_class}" width="70">
<input type="checkbox" name="reset_vcount{$CURRENT_PIC['pid']}" id="reset_vcount{$CURRENT_PIC['pid']}" value="1" class="checkbox" title="{$lang_editpics_php['reset_view_count']}" {$hits_reset_disabled} /><label for="reset_vcount{$CURRENT_PIC['pid']}" class="clickable_option" title="{$lang_editpics_php['reset_view_count']}">{$icon_array['reset_views']} ({$CURRENT_PIC['hits']})</label>
</td>
<td class="{$row_style_class}" width="70">
<input type="checkbox" name="reset_votes{$CURRENT_PIC['pid']}" id="reset_votes{$CURRENT_PIC['pid']}" value="1" class="checkbox" title="{$lang_editpics_php['reset_votes']}" {$votes_reset_disabled} /><label for="reset_votes{$CURRENT_PIC['pid']}" class="clickable_option"><img src="images/rating.png" border="0" width="16" height="16" alt="" title="{$lang_editpics_php['reset_votes']}" /> ({$CURRENT_PIC['votes']})</label>
</td>
<td class="{$row_style_class}" width="40">
<input type="checkbox" name="del_comments{$CURRENT_PIC['pid']}" id="del_comments{$CURRENT_PIC['pid']}" value="1" class="checkbox" title="{$lang_editpics_php['del_comm']}" /><label for="del_comments{$CURRENT_PIC['pid']}" class="clickable_option">{$icon_array['comment_delete']}</label>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td class="{$row_style_class}" style="white-space: nowrap;">
{$text}
</td>
<td class="{$row_style_class}">
<input type="hidden" name="pid[]" value="{$CURRENT_PIC['pid']}" />
{$pic_info}
</td>
<td class="{$row_style_class}" align="center" valign="top" rowspan="{$THUMB_ROWSPAN}">
<a href="{$thumb_link}" target="_blank"><img src="{$thumb_url}" class="image" border="0" alt="" /></a><br />
<span{$isgalleryicon_disabled}><input type="radio" name="galleryicon" id="galleryicon{$CURRENT_PIC['pid']}" value="{$CURRENT_PIC['pid']}" {$isgalleryicon_selected}class="checkbox" /><label for="galleryicon{$CURRENT_PIC['pid']}" class="clickable_option">{$lang_editpics_php['gallery_icon']}</label></span>
</td>
</tr>
EOT;
}
$form_array = array(array($lang_upload_php['album'], 'album', 2), array($lang_upload_php['pic_title'], 'title', 0, 255, 1, $title), array($captionLabel, 'caption', 3, $CONFIG['max_img_desc_length'], isset($iptc['Caption']) ? $iptc['Caption'] : ''), array($lang_upload_php['keywords'], 'keywords', 0, 255, 1, isset($iptc['Keywords']) ? implode(' ', $iptc['Keywords']) : ''), array('control', 'phase_2', 4), array('unique_ID', $_POST['unique_ID'], 4));
// Check for user defined fields.
if (!empty($CONFIG['user_field1_name'])) {
$form_array[] = array($CONFIG['user_field1_name'], 'user1', 0, 255, 1);
}
if (!empty($CONFIG['user_field2_name'])) {
$form_array[] = array($CONFIG['user_field2_name'], 'user2', 0, 255, 1);
}
if (!empty($CONFIG['user_field3_name'])) {
$form_array[] = array($CONFIG['user_field3_name'], 'user3', 0, 255, 1);
}
if (!empty($CONFIG['user_field4_name'])) {
$form_array[] = array($CONFIG['user_field4_name'], 'user4', 0, 255, 1);
}
// Check for movies and audio, and create width and height boxes if true.
if (is_movie($file_set[1]) or is_audio($file_set[1])) {
//Add width and height boxes to the form.
$form_array[] = array($lang_admin_php['th_wd'], 'movie_wd', 0, 4, 1);
$form_array[] = array($lang_admin_php['th_ht'], 'movie_ht', 0, 4, 1);
}
// Create the form and echo more instructions.
create_form($form_array);
// More instructions.
if (count($escrow_array) > '1') {
form_statement($lang_upload_php['place_instr_2']);
}
// Make button say 'Continue.'
close_form($lang_continue);
// Close the table, create footers, and flush the output buffer.
endtable();
pagefooter();
function form_pic_info($text)
{
global $CURRENT_PIC, $THUMB_ROWSPAN, $CONFIG, $lang_byte_units, $lang_editpics_php;
if (!is_movie($CURRENT_PIC['filename'])) {
$pic_info = sprintf($lang_editpics_php['pic_info_str'], $CURRENT_PIC['pwidth'], $CURRENT_PIC['pheight'], $CURRENT_PIC['filesize'] >> 10, $CURRENT_PIC['hits'], $CURRENT_PIC['votes']);
} else {
$pic_info = sprintf($lang_editpics_php['pic_info_str'], '<input type="text" name="pwidth' . $CURRENT_PIC['pid'] . '" value="' . $CURRENT_PIC['pwidth'] . '" size="5" maxlength="5" class="textinput" />', '<input type="text" name="pheight' . $CURRENT_PIC['pid'] . '" value="' . $CURRENT_PIC['pheight'] . '" size="5" maxlength="5" class="textinput" />', $CURRENT_PIC['filesize'] >> 10, $CURRENT_PIC['hits'], $CURRENT_PIC['votes']);
}
if (UPLOAD_APPROVAL_MODE) {
// Commented out by Omni; Duplicate of above
//$pic_info = $CURRENT_PIC['pwidth'].' × '.$CURRENT_PIC['pheight'].' - '.($CURRENT_PIC['filesize'] >> 10).$lang_byte_units[1];
if ($CURRENT_PIC['owner_name']) {
$pic_info .= ' - <a href ="profile.php?uid=' . $CURRENT_PIC['owner_id'] . '" target="_blank">' . $CURRENT_PIC['owner_name'] . '</a>';
}
}
$thumb_url = get_pic_url($CURRENT_PIC, 'thumb');
$thumb_link = 'displayimage.php?&pos=' . -$CURRENT_PIC['pid'];
$filename = htmlspecialchars($CURRENT_PIC['filename']);
echo <<<EOT
<input type="hidden" name="pid[]" value="{$CURRENT_PIC['pid']}">
<tr>
<td class="tableh2" colspan="3">
<b>{$filename}</b>
</td>
</tr>
<tr>
<td class="tableb" style="white-space: nowrap;">
{$text}
</td>
<td class="tableb">
{$pic_info}
</td>
<td class="tableb" align="center" rowspan="{$THUMB_ROWSPAN}">
<a href="{$thumb_link}" target="_blank"><img src="{$thumb_url}" class="image" border="0"><br /></a>
</td>
</tr>
EOT;
}
function process_post_data()
{
global $CONFIG, $USER_DATA, $lang_errors, $lang_editpics_php, $superCage;
//Check if the form token is valid
if (!checkFormToken()) {
cpg_die(ERROR, $lang_errors['invalid_form_token'], __FILE__, __LINE__);
}
$user_album_set = array();
$result = cpg_db_query("SELECT aid FROM {$CONFIG['TABLE_ALBUMS']} WHERE category = " . (FIRST_USER_CAT + USER_ID) . " OR owner = " . USER_ID . " OR uploads = 'YES'");
while ($row = mysql_fetch_assoc($result)) {
$user_album_set[$row['aid']] = 1;
}
mysql_free_result($result);
$pid = $superCage->post->getInt('id');
$aid = $superCage->post->getInt('aid');
$pwidth = $superCage->post->getInt('pwidth');
$pheight = $superCage->post->getInt('pheight');
$title = cpgSanitizeUserTextInput($superCage->post->getEscaped('title'));
$caption = cpgSanitizeUserTextInput($superCage->post->getEscaped('caption'));
$keywords = cpgSanitizeUserTextInput(utf_replace($superCage->post->getEscaped('keywords')));
$user1 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user1'));
$user2 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user2'));
$user3 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user3'));
$user4 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user4'));
$galleryicon = $superCage->post->getInt('galleryicon');
$isgalleryicon = $galleryicon == $pid;
$read_exif = $superCage->post->keyExists('read_exif') ? $superCage->post->getInt('read_exif') : 0;
$reset_vcount = $superCage->post->keyExists('reset_vcount') ? $superCage->post->getInt('reset_vcount') : 0;
$reset_votes = $superCage->post->keyExists('reset_votes') ? $superCage->post->getInt('reset_votes') : 0;
$del_comments = $superCage->post->keyExists('del_comments') ? $superCage->post->getInt('del_comments') : 0;
$result = cpg_db_query("SELECT category, owner_id, url_prefix, filepath, filename, pwidth, pheight, p.aid AS aid FROM {$CONFIG['TABLE_PICTURES']} AS p INNER JOIN {$CONFIG['TABLE_ALBUMS']} AS a ON a.aid = p.aid WHERE pid = '{$pid}'");
if (!mysql_num_rows($result)) {
cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$pic = mysql_fetch_assoc($result);
mysql_free_result($result);
if (!GALLERY_ADMIN_MODE && !MODERATOR_MODE && !USER_ADMIN_MODE && !user_is_allowed() && !$CONFIG['users_can_edit_pics']) {
if ($pic['category'] != FIRST_USER_CAT + USER_ID) {
cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}
if (!isset($user_album_set[$aid])) {
cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
}
}
if (!USER_ID || !(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID)) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
$result = cpg_db_query("SELECT category FROM {$CONFIG['TABLE_ALBUMS']} WHERE aid = '{$aid}'");
if (!mysql_num_rows($result)) {
cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$new_alb = mysql_fetch_assoc($result);
mysql_free_result($result);
cpg_trim_keywords($keywords);
$update = "aid = '{$aid}'";
if (is_movie($pic['filename'])) {
$update .= ", pwidth = " . $pwidth;
$update .= ", pheight = " . $pheight;
}
$update .= ", title = '{$title}'";
$update .= ", caption = '{$caption}'";
$update .= ", keywords = '{$keywords}'";
if (GALLERY_ADMIN_MODE) {
$approved = $superCage->post->getAlpha('approved');
$update .= ", approved = '{$approved}'";
} elseif ($new_alb['category'] < FIRST_USER_CAT && $aid != $pic['aid']) {
$approved = $USER_DATA['pub_upl_need_approval'] ? 'NO' : 'YES';
$update .= ", approved = '{$approved}'";
} elseif ($new_alb['category'] > FIRST_USER_CAT && $aid != $pic['aid'] && $pic['category'] < FIRST_USER_CAT) {
$approved = $USER_DATA['priv_upl_need_approval'] ? 'NO' : 'YES';
$update .= ", approved = '{$approved}'";
}
$update .= ", user1 = '{$user1}'";
$update .= ", user2 = '{$user2}'";
$update .= ", user3 = '{$user3}'";
$update .= ", user4 = '{$user4}'";
if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) {
$sql = "UPDATE {$CONFIG['TABLE_PICTURES']} SET galleryicon = 0 WHERE owner_id = {$pic['owner_id']}";
cpg_db_query($sql);
$update .= ", galleryicon = " . $galleryicon;
}
if ($reset_vcount) {
$update .= ", hits = 0";
resetDetailHits($pid);
}
if ($reset_votes) {
$update .= ", pic_rating = 0, votes = 0";
resetDetailVotes($pid);
}
if ($read_exif) {
// If "read exif info again" is checked then just delete the entry from the exif table.
// The new exif information will automatically be read when someone views the image.
$query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE pid = '{$pid}'";
cpg_db_query($query);
}
if ($del_comments) {
$query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid = '{$pid}'";
cpg_db_query($query);
}
$query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
cpg_db_query($query);
// Executes after a file update is committed
CPGPluginAPI::action('after_edit_file', $pid);
// rename a file
if ($superCage->post->keyExists('filename')) {
$post_filename = $superCage->post->getEscaped('filename');
}
if ($post_filename != $pic['filename']) {
if ($CONFIG['make_intermediate'] && cpg_picture_dimension_exceeds_intermediate_limit($pic['pwidth'], $pic['pheight'])) {
$prefixes = array('fullsize', 'normal', 'thumb');
} else {
$prefixes = array('fullsize', 'thumb');
}
if ($CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) {
$prefixes[] = 'orig';
}
if (!is_image($pic['filename'])) {
$prefixes = array('fullsize');
// Check for custom thumbnails
$mime_content_old = cpg_get_type($pic['filename']);
$mime_content_new = cpg_get_type(replace_forbidden($post_filename));
$file_base_name_old = str_replace('.' . $mime_content_old['extension'], '', basename($pic['filename']));
foreach (array('.gif', '.png', '.jpg') as $thumb_extension) {
if (file_exists($CONFIG['fullpath'] . $pic['filepath'] . $CONFIG['thumb_pfx'] . $file_base_name_old . $thumb_extension)) {
// Thumbnail found, check if it's the only file using that thumbnail
$count = mysql_result(cpg_db_query("SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath = '{$pic['filepath']}' AND filename LIKE '{$file_base_name_old}.%'"), 0);
if ($count == 1) {
$prefixes[] = 'thumb';
$custom_thumb = TRUE;
break;
}
}
}
}
$pic_prefix = array('thumb' => $CONFIG['thumb_pfx'], 'normal' => $CONFIG['normal_pfx'], 'orig' => $CONFIG['orig_pfx'], 'fullsize' => '');
$files_to_rename = array();
foreach ($prefixes as $prefix) {
$oldname = urldecode($CONFIG['fullpath'] . $pic['filepath'] . $pic_prefix[$prefix] . $pic['filename']);
$filename = replace_forbidden($post_filename);
$newname = str_replace($pic['filename'], $filename, $oldname);
if ($custom_thumb == TRUE && $prefix == 'thumb') {
$oldname = str_replace('.' . $mime_content_old['extension'], $thumb_extension, $oldname);
$newname = str_replace('.' . $mime_content_new['extension'], $thumb_extension, $newname);
}
$old_mime = cpg_get_type($oldname);
$new_mime = cpg_get_type($newname);
if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__);
}
if (!is_known_filetype($newname)) {
cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__);
}
if (file_exists($newname)) {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__);
}
if (!file_exists($oldname)) {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__);
}
// Check if there will be no conflicts before doing anything
$files_to_rename[] = array('oldname' => $oldname, 'filename' => $filename, 'newname' => $newname);
}
if (count($files_to_rename) > 0) {
foreach ($files_to_rename as $file) {
if (rename($file['oldname'], $file['newname'])) {
cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$file['filename']}' WHERE pid = '{$pid}' LIMIT 1");
} else {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__);
}
}
}
}
}
function process_post_data()
{
global $CONFIG, $mb_utf8_regex;
global $lang_errors, $lang_editpics_php;
$superCage = Inspekt::makeSuperCage();
$pid = $superCage->post->getInt('id');
$aid = $superCage->post->getInt('aid');
$pwight = $superCage->post->getInt('pwidth');
$pheight = $superCage->post->getInt('pheight');
$title = cpgSanitizeUserTextInput($superCage->post->getEscaped('title'));
$caption = cpgSanitizeUserTextInput($superCage->post->getEscaped('caption'));
$keywords = cpgSanitizeUserTextInput(utf_replace($superCage->post->getEscaped('keywords')));
$user1 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user1'));
$user2 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user2'));
$user3 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user3'));
$user4 = cpgSanitizeUserTextInput($superCage->post->getEscaped('user4'));
$galleryicon = $superCage->post->getInt('galleryicon');
$isgalleryicon = $galleryicon === $pid;
if ($superCage->post->keyExists('read_exif')) {
$read_exif = $superCage->post->getInt('read_exif');
}
if ($superCage->post->keyExists('reset_vcount')) {
$reset_vcount = $superCage->post->getInt('reset_vcount');
}
if ($superCage->post->keyExists('reset_votes')) {
$reset_votes = $superCage->post->getInt('reset_votes');
}
if ($superCage->post->keyExists('del_comments')) {
$del_comments = $superCage->post->getInt('del_comments') || $delete;
}
$result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a WHERE a.aid = p.aid AND pid = '{$pid}'");
if (!mysql_num_rows($result)) {
cpg_die(CRITICAL_ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
}
$pic = mysql_fetch_array($result);
mysql_free_result($result);
if (!(GALLERY_ADMIN_MODE || $pic['category'] == FIRST_USER_CAT + USER_ID || $CONFIG['users_can_edit_pics'] && $pic['owner_id'] == USER_ID) || !USER_ID) {
cpg_die(ERROR, $lang_errors['access_denied'], __FILE__, __LINE__);
}
$update = "aid = '" . $aid . "'";
if (is_movie($pic['filename'])) {
$update .= ", pwidth = " . $pwidth;
$update .= ", pheight = " . $pheight;
}
$update .= ", title = '" . $title . "'";
$update .= ", caption = '" . $caption . "'";
$update .= ", keywords = '" . $keywords . "'";
if (GALLERY_ADMIN_MODE) {
$approved = $superCage->post->getAlpha('approved');
$update .= ", approved = '" . $approved . "'";
}
$update .= ", user1 = '" . $user1 . "'";
$update .= ", user2 = '" . $user2 . "'";
$update .= ", user3 = '" . $user3 . "'";
$update .= ", user4 = '" . $user4 . "'";
if ($isgalleryicon && $pic['category'] > FIRST_USER_CAT) {
$sql = 'update ' . $CONFIG['TABLE_PICTURES'] . ' set galleryicon=0 where owner_id=' . $pic['owner_id'] . ';';
cpg_db_query($sql);
$update .= ", galleryicon = " . $galleryicon;
}
if ($reset_vcount) {
$update .= ", hits = '0'";
resetDetailHits($pid);
}
if ($reset_votes) {
$update .= ", pic_rating = '0', votes = '0'";
resetDetailVotes($pid);
}
if ($read_exif) {
$filepath = urldecode(get_pic_url($pic, 'fullsize'));
// If read exif info again is checked then we will just delete the entry from exif table. The new exif information will automatically be read when someone views the image.
$query = "DELETE FROM {$CONFIG['TABLE_EXIF']} WHERE filename = '{$filepath}'";
cpg_db_query($query);
}
if ($del_comments) {
$query = "DELETE FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}'";
$result = cpg_db_query($query);
} else {
$query = "UPDATE {$CONFIG['TABLE_PICTURES']} SET {$update} WHERE pid='{$pid}' LIMIT 1";
$result = cpg_db_query($query);
}
// rename a file
if ($superCage->post->keyExists('filename') && ($matches = $superCage->post->getMatched('filename', '/^[0-9A-Za-z\\/_.-]+$/'))) {
$post_filename = $matches[0];
}
if ($post_filename != $pic['filename']) {
if ($CONFIG['thumb_use'] == 'ht' && $pic['pheight'] > $CONFIG['picture_width']) {
$condition = true;
} elseif ($CONFIG['thumb_use'] == 'wd' && $pic['pwidth'] > $CONFIG['picture_width']) {
$condition = true;
} elseif ($CONFIG['thumb_use'] == 'any' && max($pic['pwidth'], $pic['pheight']) > $CONFIG['picture_width']) {
$condition = true;
} else {
$condition = false;
}
if ($CONFIG['make_intermediate'] && $condition) {
$prefices = array('fullsize', 'normal', 'thumb');
} else {
$prefices = array('fullsize', 'thumb');
}
if ($CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) {
$prefices[] = 'orig';
}
if (!is_image($pic['filename'])) {
$prefices = array('fullsize');
}
foreach ($prefices as $prefix) {
// OVI
// $oldname = urldecode(get_pic_url($pic, $prefix));
$oldname = urldecode(get_pic_url($pic, $prefix, false, true));
// OVI
$filename = replace_forbidden($post_filename);
$newname = str_replace($pic['filename'], $filename, $oldname);
$old_mime = cpg_get_type($oldname);
$new_mime = cpg_get_type($newname);
if ($old_mime['mime'] != $new_mime['mime'] && isset($new_mime['mime'])) {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['mime_conv'], $old_mime['mime'], $new_mime['mime']), __FILE__, __LINE__);
}
if (!is_known_filetype($newname)) {
cpg_die(CRITICAL_ERROR, $lang_editpics_php['forb_ext'], __FILE__, __LINE__);
}
// OVI
//if (file_exists($newname))
//cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['file_exists'], $newname), __FILE__, __LINE__);
//if (!file_exists($oldname))
//cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['src_file_missing'], $oldname), __FILE__, __LINE__);
// OVI
// OVI
$imageContainer = new FileContainer($pic['pid'], $pic['owner_id']);
$imageContainer->original_path = $oldname;
//echo $imageContainer->original_path." ".$newname;exit(1);
global $storage;
if (!$storage->rename_file($imageContainer, $newname)) {
cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__);
}
// OVI
/*if (rename($oldname, $newname))
{
cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '$filename' WHERE pid = '$pid' LIMIT 1");
} else cpg_die(CRITICAL_ERROR, sprintf($lang_editpics_php['rename_failed'], $oldname, $newname), __FILE__, __LINE__);
*/
}
// foreach
// OVI
cpg_db_query("UPDATE {$CONFIG['TABLE_PICTURES']} SET filename = '{$filename}' WHERE pid = '{$pid}' LIMIT 1");
// OVI
}
}
function add_picture($aid, $filepath, $filename, $title = '', $caption = '', $keywords = '', $user1 = '', $user2 = '', $user3 = '', $user4 = '', $category = 0)
{
global $xoopsModuleConfig, $ERROR, $USER_DATA, $PIC_NEED_APPROVAL;
global $xoopsDB, $xoopsUser, $picinID, $_SERVER;
$myts =& MyTextSanitizer::getInstance();
// MyTextSanitizer object
$image = $xoopsModuleConfig['fullpath'] . $filepath . $filename;
$normal = $xoopsModuleConfig['fullpath'] . $filepath . $xoopsModuleConfig['normal_pfx'] . $filename;
$thumb = $xoopsModuleConfig['fullpath'] . $filepath . $xoopsModuleConfig['thumb_pfx'] . $filename;
$imagesize = getimagesize($image);
if (!$imagesize) {
if (is_movie($image)) {
$filename_wo_ext = substr($filename, 0, strrpos($filename, '.'));
$thm_image = get_real_path() . $filepath . $filename_wo_ext . ".thm";
if (file_exists($thm_image)) {
copy($thm_image, $thumb);
copy($thm_image, $normal);
} else {
copy(XOOPS_ROOT_PATH . "/modules/xcgal/images/thumb_avi.jpg", $thumb);
copy(XOOPS_ROOT_PATH . "/modules/xcgal/images/thumb_avi.jpg", $normal);
}
$imagesize[0] = 320;
$imagesize[1] = 240;
} elseif (is_audio($image)) {
$filename_wo_ext = substr($filename, 0, strrpos($filename, '.'));
$thm_image = get_real_path() . $filepath . $filename_wo_ext . ".thm";
if (file_exists($thm_image)) {
copy($thm_image, $thumb);
copy($thm_image, $normal);
} else {
copy(XOOPS_ROOT_PATH . "/modules/xcgal/images/thumb_mp3.jpg", $thumb);
copy(XOOPS_ROOT_PATH . "/modules/xcgal/images/thumb_mp3.jpg", $normal);
}
$imagesize[0] = 320;
$imagesize[1] = 240;
}
} else {
if (!file_exists($thumb)) {
if (!resize_image($image, $thumb, $xoopsModuleConfig['thumb_width'], $xoopsModuleConfig['thumb_method'])) {
return false;
}
}
if (max($imagesize[0], $imagesize[1]) > $xoopsModuleConfig['picture_width'] && $xoopsModuleConfig['make_intermediate'] && !file_exists($normal)) {
if (!resize_image($image, $normal, $xoopsModuleConfig['picture_width'], $xoopsModuleConfig['thumb_method'])) {
return false;
}
}
}
$image_filesize = filesize($image);
$total_filesize = $image_filesize + (file_exists($normal) ? filesize($normal) : 0) + filesize($thumb);
// Test if disk quota exceeded
if (!USER_IS_ADMIN && $USER_DATA['group_quota']) {
if (is_object($xoopsUser)) {
$quota_opt = "owner_id = '" . USER_ID . "'";
} else {
$quota_opt = "ip = '" . $_SERVER['REMOTE_ADDR'] . "'";
}
$result = $xoopsDB->query("SELECT sum(total_filesize) FROM " . $xoopsDB->prefix("xcgal_pictures") . " WHERE {$quota_opt}");
$record = $xoopsDB->fetchArray($result);
$total_space_used = $record['sum(total_filesize)'];
//echo $total_space_used;
$xoopsDB->freeRecordSet($result);
if ($total_space_used + $total_filesize > $USER_DATA['group_quota'] << 10) {
@unlink($image);
@unlink($normal);
@unlink($thumb);
$msg = strtr(_MD_QUOTA_EXCEEDED, array('[quota]' => $USER_DATA['group_quota'], '[space]' => $total_space_used >> 10));
redirect_header('index.php', 2, $msg);
}
}
// Test if picture requires approval
if (!$USER_DATA['priv_upl_need_approval'] && $category == FIRST_USER_CAT + USER_ID) {
$approved = 'YES';
} elseif (!$USER_DATA['pub_upl_need_approval']) {
$approved = 'YES';
} else {
$approved = 'NO';
}
$PIC_NEED_APPROVAL = $approved == 'NO';
// User ID is not recorded when in admin mode (ie. for batch uploads)
$user_id = USER_ID;
$user_name = USER_NAME;
$query = "INSERT INTO " . $xoopsDB->prefix("xcgal_pictures") . " (aid, filepath, filename, filesize, total_filesize, pwidth, pheight, mtime, ctime, owner_id, owner_name, title, caption, keywords, approved, user1, user2, user3, user4, ip) VALUES ('{$aid}', '" . $myts->makeTboxData4Save($filepath) . "', '" . $myts->makeTboxData4Save($filename) . "', '{$image_filesize}', '{$total_filesize}', '{$imagesize[0]}', '{$imagesize[1]}','" . time() . "', '" . time() . "', '{$user_id}','{$user_name}', '{$title}', '{$caption}', '{$keywords}', '{$approved}', '{$user1}', '{$user2}', '{$user3}', '{$user4}','" . $_SERVER['REMOTE_ADDR'] . "')";
$result = $xoopsDB->queryf($query);
if ($approved == 'YES') {
$picinID = $xoopsDB->getInsertId();
}
if ($approved == 'YES' && is_object($xoopsUser)) {
$xoopsUser->incrementPost();
}
return $result;
}
function fmp_get_html($CURRENT_PIC_DATA, $check_only = false)
{
if (in_array($CURRENT_PIC_DATA['extension'], array('mp4', 'flv', 'webm', 'aac', 'mp3', 'ogg'))) {
if ($check_only == true) {
return true;
}
global $CONFIG, $USER;
// Load language file
require_once "./plugins/flash_media_player/lang/english.php";
if ($CONFIG['lang'] != 'english' && file_exists("./plugins/flash_media_player/lang/{$CONFIG['lang']}.php")) {
require_once "./plugins/flash_media_player/lang/{$CONFIG['lang']}.php";
}
$media_file = $CONFIG['ecards_more_pic_target'] . get_pic_url($CURRENT_PIC_DATA, 'fullsize');
// Use thumbnail or intermediate-sized image, if exists
$thumb = get_pic_url($CURRENT_PIC_DATA, 'thumb');
if (file_exists($normal = str_replace($CONFIG['thumb_pfx'], $CONFIG['normal_pfx'], $thumb))) {
$thumb = $normal;
}
// Support for external files / YouTube support
if ($CURRENT_PIC_DATA['filesize'] < 512) {
$file_content = file_get_contents($CONFIG['fullpath'] . $CURRENT_PIC_DATA['filepath'] . $CURRENT_PIC_DATA['filename']);
if (preg_match('/^(http|ftp)s?:\\/\\/.*\\.' . $CURRENT_PIC_DATA['extension'] . '$/i', $file_content, $matches)) {
$media_file = strip_tags($matches[0]);
} elseif (is_movie($CURRENT_PIC_DATA['filename'])) {
$youtube_support = array("http://www.youtube.com/watch?v", "http://www.youtube.com/watch#!v=", "http://www.youtube.com/v/", "http://youtu.be/");
foreach ($youtube_support as $url_format) {
if (stripos($file_content, $url_format) === 0) {
$media_file = $file_content;
break;
}
}
}
}
// Use skin if available
if ($handle = opendir('plugins/flash_media_player/skins/')) {
$skins = array();
while (false !== ($file = readdir($handle))) {
if (stripos($file, '.xml')) {
$skins[] = $file;
}
}
closedir($handle);
if (count($skins) == 1) {
$skin = "\nskin: \"plugins/flash_media_player/skins/{$skins[0]}\",";
}
}
$autostart = $CONFIG['media_autostart'] == 1 ? "true" : "false";
$pic_html = <<<EOT
<script type="text/javascript" src="plugins/flash_media_player/jwplayer.js"></script>
<div id="flash_media_player">{$lang_plugin_flash_media_player['loading_player']}</div>
<script type="text/javascript">
jwplayer("flash_media_player").setup({
autostart: {$autostart},
height: {$CURRENT_PIC_DATA['pheight']},
width: {$CURRENT_PIC_DATA['pwidth']},
file: "{$media_file}",
image: "{$thumb}",{$skin}
});
</script>
EOT;
return $pic_html;
} else {
return false;
}
}
function html_picture()
{
global $xoopsModuleConfig, $CURRENT_PIC_DATA, $CURRENT_ALBUM_DATA, $USER, $_COOKIE;
global $album, $comment_date_fmt;
global $xoopsTpl, $myts;
$pid = $CURRENT_PIC_DATA['pid'];
if (!isset($USER['liv']) || !is_array($USER['liv'])) {
$USER['liv'] = array();
}
// Add 1 to hit counter
if ($album != "topn" && $album != "lasthits" && !in_array($pid, $USER['liv']) && isset($_COOKIE[$xoopsModuleConfig['cookie_name'] . '_data'])) {
add_hit($pid);
if (count($USER['liv']) > 4) {
array_shift($USER['liv']);
}
array_push($USER['liv'], $pid);
}
if ($xoopsModuleConfig['make_intermediate'] && max($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight']) > $xoopsModuleConfig['picture_width']) {
$picture_url = get_pic_url($CURRENT_PIC_DATA, 'normal');
} else {
$picture_url = get_pic_url($CURRENT_PIC_DATA, 'fullsize');
}
$image_size = compute_img_size($CURRENT_PIC_DATA['pwidth'], $CURRENT_PIC_DATA['pheight'], $xoopsModuleConfig['picture_width']);
$xoopsTpl->assign('pid', $pid);
$xoopsTpl->assign('picture_url', $picture_url);
$xoopsTpl->assign('image_size', $image_size['geom']);
if (is_image($CURRENT_PIC_DATA['filename'])) {
$xoopsTpl->assign('file_type', 'image');
if (isset($image_size['reduced'])) {
$winsizeX = $CURRENT_PIC_DATA['pwidth'] + 16;
$winsizeY = $CURRENT_PIC_DATA['pheight'] + 16;
$xoopsTpl->assign('reduced', 1);
$xoopsTpl->assign('winsizeX', $winsizeX);
$xoopsTpl->assign('winsizeY', $winsizeY);
$xoopsTpl->assign('uniqid_rand', uniqid(rand()));
$xoopsTpl->assign('lang_view_fs', _MD_DIS_FULL);
} else {
$xoopsTpl->assign('reduced', 0);
}
} else {
if (is_movie($CURRENT_PIC_DATA['filename'])) {
$xoopsTpl->assign('file_type', 'movie');
}
}
if ($CURRENT_PIC_DATA['title']) {
$xoopsTpl->assign('pic_title', $myts->makeTboxData4Show($CURRENT_PIC_DATA['title']));
} else {
$xoopsTpl->assign('pic_title', '');
}
if ($CURRENT_PIC_DATA['caption']) {
$xoopsTpl->assign('pic_caption', $myts->makeTareaData4Show($CURRENT_PIC_DATA['caption'], 0));
} else {
$xoopsTpl->assign('pic_caption', '');
}
if (USER_ADMIN_MODE && $CURRENT_ALBUM_DATA['category'] == FIRST_USER_CAT + USER_ID || GALLERY_ADMIN_MODE) {
$xoopsTpl->assign('lang_confirm_del', _MD_DIS_CONF_DEL);
$xoopsTpl->assign('lang_del_pic', _MD_DIS_DEL_PIC);
} else {
$xoopsTpl->assign('lang_del_pic', '');
}
if (!USER_CAN_SEE_FULL) {
$xoopsTpl->assign('lang_no_full', 'Full-size images are available only for registered users!');
} else {
$xoopsTpl->assign('lang_no_full', '');
}
}
$nr = 0;
$picture_name = $matches[1] . '.' . $matches[2];
while (file_exists($dest_dir . $picture_name)) {
$picture_name = $matches[1] . '~' . $nr++ . '.' . $matches[2];
}
$uploaded_pic = $dest_dir . $picture_name;
// Move the picture into its final location
if (!move_uploaded_file($_FILES['userpicture']['tmp_name'], $uploaded_pic)) {
redirect_header('index.php', 2, sprintf(_MD_DB_ERR_MOVE, $picture_name, $dest_dir));
}
// Change file permission
chmod($uploaded_pic, octdec($xoopsModuleConfig['default_file_mode']));
// Get picture information
$imginfo = getimagesize($uploaded_pic);
//media
if (!$imginfo && is_movie($uploaded_pic)) {
$imginfo[0] = 320;
$imginfo[1] = 240;
$movie_picture = true;
} elseif (!$imginfo && is_audio($uploaded_pic)) {
$imginfo[0] = 320;
$imginfo[1] = 240;
$movie_picture = true;
} elseif (!$imginfo && is_document($uploaded_pic)) {
$imginfo[0] = 320;
$imginfo[1] = 240;
$movie_picture = true;
} else {
$movie_picture = false;
}
// Check that picture size (in pixels) is lower than the maximum allowed
