public function uploadItemResources($aResources,$itemId)
{
if($aResources != '') {
$itemResourceManager = ItemResource::newInstance();
$folder = osc_uploads_path().(floor($itemId/100))."/";
$numImagesItems = osc_max_images_per_item();
$numImages = $itemResourceManager->countResources($itemId);
foreach ($aResources['error'] as $key => $error) {
if($numImagesItems==0 || ($numImagesItems>0 && $numImages<$numImagesItems)) {
if ($error == UPLOAD_ERR_OK) {
$tmpName = $aResources['tmp_name'][$key];
$imgres = ImageResizer::fromFile($tmpName);
$extension = osc_apply_filter('upload_image_extension', $imgres->getExt());
$mime = osc_apply_filter('upload_image_mime', $imgres->getMime());
// Create normal size
$normal_path = $path = $tmpName."_normal";
$size = explode('x', osc_normal_dimensions());
$img = ImageResizer::fromFile($tmpName)->autoRotate()->resizeTo($size[0], $size[1]);
if( osc_is_watermark_text() ) {
$img->doWatermarkText(osc_watermark_text(), osc_watermark_text_color());
} else if ( osc_is_watermark_image() ){
$img->doWatermarkImage();
}
$img->saveToFile($path, $extension);
// Create preview
$path = $tmpName."_preview";
$size = explode('x', osc_preview_dimensions());
ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path, $extension);
// Create thumbnail
$path = $tmpName."_thumbnail";
$size = explode('x', osc_thumbnail_dimensions());
ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path, $extension);
$numImages++;
$itemResourceManager->insert(array(
'fk_i_item_id' => $itemId
));
$resourceId = $itemResourceManager->dao->insertedId();
if(!is_dir($folder)) {
if (!@mkdir($folder, 0755, true)) {
return 3; // PATH CAN NOT BE CREATED
}
}
osc_copy($tmpName.'_normal', $folder.$resourceId.'.'.$extension);
osc_copy($tmpName.'_preview', $folder.$resourceId.'_preview.'.$extension);
osc_copy($tmpName.'_thumbnail', $folder.$resourceId.'_thumbnail.'.$extension);
if( osc_keep_original_image() ) {
$path = $folder.$resourceId.'_original.'.$extension;
osc_copy($tmpName, $path);
}
@unlink($tmpName."_normal");
@unlink($tmpName."_preview");
@unlink($tmpName."_thumbnail");
@unlink($tmpName);
$s_path = str_replace(osc_base_path(), '', $folder);
$itemResourceManager->update(
array(
's_path' => $s_path
,'s_name' => osc_genRandomPassword()
,'s_extension' => $extension
,'s_content_type' => $mime
)
,array(
'pk_i_id' => $resourceId
,'fk_i_item_id' => $itemId
)
);
osc_run_hook('uploaded_file', ItemResource::newInstance()->findByPrimaryKey($resourceId));
}
}
}
unset($itemResourceManager);
}
return 0; // NO PROBLEMS
}
public function uploadItemResources($aResources, $itemId)
{
if ($aResources != '') {
$wat = new Watermark();
$itemResourceManager = ItemResource::newInstance();
$numImagesItems = osc_max_images_per_item();
$numImages = $itemResourceManager->countResources($itemId);
foreach ($aResources['error'] as $key => $error) {
if ($numImagesItems == 0 || $numImagesItems > 0 && $numImages < $numImagesItems) {
if ($error == UPLOAD_ERR_OK) {
$numImages++;
$tmpName = $aResources['tmp_name'][$key];
$itemResourceManager->insert(array('fk_i_item_id' => $itemId));
$resourceId = $itemResourceManager->dao->insertedId();
// Create normal size
$normal_path = $path = osc_content_path() . 'uploads/' . $resourceId . '.jpg';
$size = explode('x', osc_normal_dimensions());
ImageResizer::fromFile($tmpName)->resizeTo($size[0], $size[1])->saveToFile($path);
if (osc_is_watermark_text()) {
$wat->doWatermarkText($path, osc_watermark_text_color(), osc_watermark_text(), 'image/jpeg');
} elseif (osc_is_watermark_image()) {
$wat->doWatermarkImage($path, 'image/jpeg');
}
// Create preview
$path = osc_content_path() . 'uploads/' . $resourceId . '_preview.jpg';
$size = explode('x', osc_preview_dimensions());
ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path);
// Create thumbnail
$path = osc_content_path() . 'uploads/' . $resourceId . '_thumbnail.jpg';
$size = explode('x', osc_thumbnail_dimensions());
ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path);
if (osc_keep_original_image()) {
$path = osc_content_path() . 'uploads/' . $resourceId . '_original.jpg';
move_uploaded_file($tmpName, $path);
}
$s_path = 'oc-content/uploads/';
$resourceType = 'image/jpeg';
$itemResourceManager->update(array('s_path' => $s_path, 's_name' => osc_genRandomPassword(), 's_extension' => 'jpg', 's_content_type' => $resourceType), array('pk_i_id' => $resourceId, 'fk_i_item_id' => $itemId));
osc_run_hook('uploaded_file', ItemResource::newInstance()->findByPrimaryKey($resourceId));
}
}
}
unset($itemResourceManager);
}
}
public static function photos_javascript()
{
?>
<script type="text/javascript">
var photoIndex = 0;
function gebi(id) { return document.getElementById(id); }
function ce(name) { return document.createElement(name); }
function re(id) {
var e = gebi(id);
e.parentNode.removeChild(e);
}
function addNewPhoto() {
var max = <?php
echo osc_max_images_per_item();
?>
;
var num_img = $('input[name="photos[]"]').size() + $("a.delete").size();
if((max!=0 && num_img<max) || max==0) {
var id = 'p-' + photoIndex++;
var i = ce('input');
i.setAttribute('type', 'file');
i.setAttribute('name', 'photos[]');
var a = ce('a');
a.style.fontSize = 'x-small';
a.style.paddingLeft = '10px';
a.setAttribute('href', '#');
a.setAttribute('divid', id);
a.onclick = function() { re(this.getAttribute('divid')); return false; }
a.appendChild(document.createTextNode('<?php
_e('Remove');
?>
'));
var d = ce('div');
d.setAttribute('id', id);
d.setAttribute('style','padding: 4px 0;')
d.appendChild(i);
d.appendChild(a);
gebi('photos').appendChild(d);
} else {
alert('<?php
_e('Sorry, you have reached the maximum number of images per ad');
?>
');
}
}
// Listener: automatically add new file field when the visible ones are full.
setInterval("add_file_field()", 250);
/**
* Timed: if there are no empty file fields, add new file field.
*/
function add_file_field() {
var count = 0;
$('input[name="photos[]"]').each(function(index) {
if ( $(this).val() == '' ) {
count++;
}
});
var max = <?php
echo osc_max_images_per_item();
?>
;
var num_img = $('input[name="photos[]"]').size() + $("a.delete").size();
if (count == 0 && (max==0 || (max!=0 && num_img<max))) {
addNewPhoto();
}
}
</script>
<?php
}
?>
</label>
<div class="separate-top-medium">
<label>
<input type="checkbox" <?php
echo osc_images_enabled_at_items() ? 'checked="checked"' : '';
?>
name="enableField#images@items" value="1" />
<?php
_e('Attach images');
?>
</label>
</div>
<div class="separate-top-medium">
<?php
printf(__('Attach %s images per listing'), '<input type="text" class="input-small" name="numImages@items" value="' . osc_max_images_per_item() . '" />');
?>
<div class="help-box"><?php
_e('If the value is zero, it means an unlimited number of images is allowed');
?>
</div>
</div>
</div>
</div>
</div>
<div class="form-actions">
<input type="submit" id="save_changes" value="<?php
echo osc_esc_html(__('Save changes'));
?>
" class="btn btn-submit" />
</div>
<meta name="googlebot" content="noindex, nofollow" />
<script type="text/javascript">
twitter_theme.text_select_subcategory = "<?php
_e('Select a subcategory...', 'twitter_bootstrap');
?>
" ;
twitter_theme.category_selected_id = "<?php
echo item_selected_category_id();
?>
" ;
twitter_theme.subcategory_selected_id = "<?php
echo item_selected_subcategory_id();
?>
" ;
twitter_theme.max_number_photos = <?php
echo osc_max_images_per_item();
?>
;
twitter_theme.photo_remove_text = "<?php
_e('Remove', 'twitter_bootstrap');
?>
" ;
twitter_theme.max_images_fields_txt = "<?php
_e('Sorry, you have reached the maximum number of images per ad', 'twitter_bootstrap');
?>
" ;
twitter_theme.country_select_id = "<?php
echo get_country_id(osc_item() != null ? osc_item() : array());
?>
" ;
twitter_theme.region_select_id = "<?php
?>
</div>
<?php
if (osc_images_enabled_at_items()) {
?>
<div class="box photos">
<h2><?php
_e('Photos', 'modern');
?>
</h2>
<?php
ItemForm::photos();
?>
<div id="photos">
<?php
if (osc_max_images_per_item() == 0 || osc_max_images_per_item() != 0 && osc_count_item_resources() < osc_max_images_per_item()) {
?>
<div class="row">
<input type="file" name="photos[]" />
</div>
<?php
}
?>
</div>
<a href="#" onclick="addNewPhoto(); return false;"><?php
_e('Add new photo', 'modern');
?>
</a>
</div>
<?php
}
public static function ajax_photos($resources = null)
{
if ($resources == null) {
$resources = osc_get_item_resources();
}
$aImages = array();
if (Session::newInstance()->_getForm('photos') != '') {
$aImages = Session::newInstance()->_getForm('photos');
$aImages = $aImages['name'];
Session::newInstance()->_drop('photos');
Session::newInstance()->_dropKeepForm('photos');
}
?>
<div id="restricted-fine-uploader"></div>
<div style="clear:both;"></div>
<?php
if (count($aImages) > 0 || $resources != null && is_array($resources) && count($resources) > 0) {
?>
<h3><?php
_e('Images already uploaded');
?>
</h3>
<ul class="qq-upload-list">
<?php
foreach ($resources as $_r) {
$img = $_r['pk_i_id'] . '.' . $_r['s_extension'];
?>
<li class=" qq-upload-success">
<span class="qq-upload-file"><?php
echo $img;
?>
</span>
<a class="qq-upload-delete" href="#" photoid="<?php
echo $_r['pk_i_id'];
?>
" itemid="<?php
echo $_r['fk_i_item_id'];
?>
" photoname="<?php
echo $_r['s_name'];
?>
" photosecret="<?php
echo Params::getParam('secret');
?>
" style="display: inline; cursor:pointer;"><?php
_e('Delete');
?>
</a>
<div class="ajax_preview_img"><img src="<?php
echo osc_apply_filter('resource_path', osc_base_url() . $_r['s_path']) . $_r['pk_i_id'] . '_thumbnail.' . $_r['s_extension'];
?>
" alt="<?php
echo osc_esc_html($img);
?>
"></div>
</li>
<?php
}
?>
<?php
foreach ($aImages as $img) {
?>
<li class=" qq-upload-success">
<span class="qq-upload-file"><?php
echo $img;
$img = osc_esc_html($img);
?>
</span>
<a class="qq-upload-delete" href="#" ajaxfile="<?php
echo $img;
?>
" style="display: inline; cursor:pointer;"><?php
_e('Delete');
?>
</a>
<div class="ajax_preview_img"><img src="<?php
echo osc_base_url();
?>
oc-content/uploads/temp/<?php
echo $img;
?>
" alt="<?php
echo $img;
?>
"></div>
<input type="hidden" name="ajax_photos[]" value="<?php
echo $img;
?>
">
</li>
<?php
}
?>
</ul>
<?php
}
?>
<div style="clear:both;"></div>
<?php
$aExt = explode(',', osc_allowed_extension());
foreach ($aExt as $key => $value) {
$aExt[$key] = "'" . $value . "'";
}
$allowedExtensions = join(',', $aExt);
$maxSize = (int) osc_max_size_kb() * 1024;
$maxImages = (int) osc_max_images_per_item();
?>
<script>
$(document).ready(function() {
$('.qq-upload-delete').on('click', function(evt) {
evt.preventDefault();
var parent = $(this).parent()
var result = confirm('<?php
echo osc_esc_js(__("This action can't be undone. Are you sure you want to continue?"));
?>
');
var urlrequest = '';
if($(this).attr('ajaxfile')!=undefined) {
urlrequest = 'ajax_photo='+$(this).attr('ajaxfile');
} else {
urlrequest = 'id='+$(this).attr('photoid')+'&item='+$(this).attr('itemid')+'&code='+$(this).attr('photoname')+'&secret='+$(this).attr('photosecret');
}
if(result) {
$.ajax({
type: "POST",
url: '<?php
echo osc_base_url(true);
?>
?page=ajax&action=delete_image&'+urlrequest,
dataType: 'json',
success: function(data){
parent.remove();
}
});
}
});
$('#restricted-fine-uploader').on('click','.primary_image', function(event){
if(parseInt($("div.primary_image").index(this))>0){
var a_src = $(this).parent().find('.ajax_preview_img img').attr('src');
var a_title = $(this).parent().find('.ajax_preview_img img').attr('alt');
var a_input = $(this).parent().find('input').attr('value');
// info
var a1 = $(this).parent().find('span.qq-upload-file').text();
var a2 = $(this).parent().find('span.qq-upload-size').text();
var li_first = $('ul.qq-upload-list li').get(0);
var b_src = $(li_first).find('.ajax_preview_img img').attr('src');
var b_title = $(li_first).find('.ajax_preview_img img').attr('alt');
var b_input = $(li_first).find('input').attr('value');
var b1 = $(li_first).find('span.qq-upload-file').text();
var b2 = $(li_first).find('span.qq-upload-size').text();
$(li_first).find('.ajax_preview_img img').attr('src', a_src);
$(li_first).find('.ajax_preview_img img').attr('alt', a_title);
$(li_first).find('input').attr('value', a_input);
$(li_first).find('span.qq-upload-file').text(a1);
$(li_first).find('span.qq-upload-size').text(a2);
$(this).parent().find('.ajax_preview_img img').attr('src', b_src);
$(this).parent().find('.ajax_preview_img img').attr('alt', b_title);
$(this).parent().find('input').attr('value', b_input);
$(this).parent().find('span.qq-upload-file').text(b1);
$(this).parent().find('span.qq-upload-file').text(b2);
}
});
$('#restricted-fine-uploader').on('click','.primary_image', function(event){
$(this).addClass('over primary');
});
$('#restricted-fine-uploader').on('mouseenter mouseleave','.primary_image', function(event){
if(event.type=='mouseenter') {
if(!$(this).hasClass('primary')) {
$(this).addClass('primary');
}
} else {
if(parseInt($("div.primary_image").index(this))>0){
$(this).removeClass('primary');
}
}
});
$('#restricted-fine-uploader').on('mouseenter mouseleave','li.qq-upload-success', function(event){
if(parseInt($("li.qq-upload-success").index(this))>0){
if(event.type=='mouseenter') {
$(this).find('div.primary_image').addClass('over');
} else {
$(this).find('div.primary_image').removeClass('over');
}
}
});
window.removed_images = 0;
$('#restricted-fine-uploader').on('click', 'a.qq-upload-delete', function(event) {
window.removed_images = window.removed_images+1;
$('#restricted-fine-uploader .flashmessage-error').remove();
});
$('#restricted-fine-uploader').fineUploader({
request: {
endpoint: '<?php
echo osc_base_url(true) . "?page=ajax&action=ajax_upload";
?>
'
},
multiple: true,
validation: {
allowedExtensions: [<?php
echo $allowedExtensions;
?>
],
sizeLimit: <?php
echo $maxSize;
?>
,
itemLimit: <?php
echo $maxImages;
?>
},
messages: {
tooManyItemsError: '<?php
echo osc_esc_js(__('Too many items ({netItems}) would be uploaded. Item limit is {itemLimit}.'));
?>
',
onLeave: '<?php
echo osc_esc_js(__('The files are being uploaded, if you leave now the upload will be cancelled.'));
?>
',
typeError: '<?php
echo osc_esc_js(__('{file} has an invalid extension. Valid extension(s): {extensions}.'));
?>
',
sizeError: '<?php
echo osc_esc_js(__('{file} is too large, maximum file size is {sizeLimit}.'));
?>
',
emptyError: '<?php
echo osc_esc_js(__('{file} is empty, please select files again without it.'));
?>
'
},
deleteFile: {
enabled: true,
method: "POST",
forceConfirm: false,
endpoint: '<?php
echo osc_base_url(true) . "?page=ajax&action=delete_ajax_upload";
?>
'
},
retry: {
showAutoRetryNote : true,
showButton: true
},
text: {
uploadButton: '<?php
echo osc_esc_js(__('Click or Drop for upload images'));
?>
',
waitingForResponse: '<?php
echo osc_esc_js(__('Processing...'));
?>
',
retryButton: '<?php
echo osc_esc_js(__('Retry'));
?>
',
cancelButton: '<?php
echo osc_esc_js(__('Cancel'));
?>
',
failUpload: '<?php
echo osc_esc_js(__('Upload failed'));
?>
',
deleteButton: '<?php
echo osc_esc_js(__('Delete'));
?>
',
deletingStatusText: '<?php
echo osc_esc_js(__('Deleting...'));
?>
',
formatProgress: '<?php
echo osc_esc_js(__('{percent}% of {total_size}'));
?>
'
}
}).on('error', function (event, id, name, errorReason, xhrOrXdr) {
$('#restricted-fine-uploader .flashmessage-error').remove();
$('#restricted-fine-uploader').append('<div class="flashmessage flashmessage-error">' + errorReason + '<a class="close" onclick="javascript:$(\'.flashmessage-error\').remove();" >X</a></div>');
}).on('statusChange', function(event, id, old_status, new_status) {
$(".alert.alert-error").remove();
}).on('complete', function(event, id, fileName, responseJSON) {
if (responseJSON.success) {
var new_id = id - removed_images;
var li = $('.qq-upload-list li')[new_id];
<?php
if (Params::getParam('action') == 'item_add') {
?>
if(parseInt(new_id)==0) {
$(li).append('<div class="primary_image primary"></div>');
} else {
$(li).append('<div class="primary_image"><a title="<?php
echo osc_esc_js(osc_esc_html(__('Make primary image')));
?>
"></a></div>');
}
<?php
}
// @TOFIX @FIXME escape $responseJSON_uploadName below
// need a js function similar to osc_esc_js(osc_esc_html())
?>
$(li).append('<div class="ajax_preview_img"><img src="<?php
echo osc_base_url();
?>
oc-content/uploads/temp/'+responseJSON.uploadName+'" alt="' + responseJSON.uploadName + '"></div>');
$(li).append('<input type="hidden" name="ajax_photos[]" value="'+responseJSON.uploadName+'"></input>');
}
<?php
if (Params::getParam('action') == 'item_edit') {
?>
}).on('validateBatch', function(event, fileOrBlobDataArray) {
// clear alert messages
if($('#restricted-fine-uploader .alert-error').size()>0) {
$('#restricted-fine-uploader .alert-error').remove();
}
var len = fileOrBlobDataArray.length;
var result = canContinue(len);
return result.success;
});
function canContinue(numUpload) {
// strUrl is whatever URL you need to call
var strUrl = "<?php
echo osc_base_url(true) . "?page=ajax&action=ajax_validate&id=" . osc_item_id() . "&secret=" . osc_item_secret();
?>
";
var strReturn = {};
jQuery.ajax({
url: strUrl,
success: function(html) {
strReturn = html;
},
async:false
});
var json = JSON.parse(strReturn);
var total = parseInt(json.count) + $("#restricted-fine-uploader input[name='ajax_photos[]']").size() + (numUpload);
<?php
if ($maxImages > 0) {
?>
if(total<=<?php
echo $maxImages;
?>
) {
json.success = true;
} else {
json.success = false;
$('#restricted-fine-uploader .qq-uploader').after($('<div class="alert alert-error"><?php
echo osc_esc_js(sprintf(__('Too many items were uploaded. Item limit is %d.'), $maxImages));
?>
</div>'));
}
<?php
} else {
?>
json.success = true;
<?php
}
?>
return json;
}
<?php
} else {
?>
});
<?php
}
?>
});
</script>
<?php
}
<td></td>
<td>
<input type="checkbox" <?php
echo osc_images_enabled_at_items() ? 'checked="true"' : '';
?>
name="enableField#images@items" value="1" />
<?php
_e('Attach images');
?>
</td>
</tr>
<tr>
<td></td>
<td class="additional-options">
<?php
printf(__('Attach %s images per item'), '<input type="text" class="micro" name="numImages@items" value="' . osc_max_images_per_item() . '" />');
?>
<span class="help-box"><?php
_e('If the value is zero, it means unlimited number of images');
?>
</span>
</td>
</tr>
<!-- /optional fields -->
<tr class="separate">
<td></td>
<td>
<input type="submit" value="<?php
echo osc_esc_html(__('Save changes'));
?>
" />
function doModel()
{
//specific things for this class
switch ($this->action) {
case 'bulk_actions':
break;
case 'regions':
//Return regions given a countryId
$regions = Region::newInstance()->findByCountry(Params::getParam("countryId"));
echo json_encode($regions);
break;
case 'cities':
//Returns cities given a regionId
$cities = City::newInstance()->findByRegion(Params::getParam("regionId"));
echo json_encode($cities);
break;
case 'location':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"));
foreach ($cities as $k => $city) {
$cities[$k]['label'] = $city['label'] . " (" . $city['region'] . ")";
}
echo json_encode($cities);
break;
case 'location_countries':
// This is the autocomplete AJAX
$countries = Country::newInstance()->ajax(Params::getParam("term"));
echo json_encode($countries);
break;
case 'location_regions':
// This is the autocomplete AJAX
$regions = Region::newInstance()->ajax(Params::getParam("term"), Params::getParam("country"));
echo json_encode($regions);
break;
case 'location_cities':
// This is the autocomplete AJAX
$cities = City::newInstance()->ajax(Params::getParam("term"), Params::getParam("region"));
echo json_encode($cities);
break;
case 'delete_image':
// Delete images via AJAX
$ajax_photo = Params::getParam('ajax_photo');
$id = Params::getParam('id');
$item = Params::getParam('item');
$code = Params::getParam('code');
$secret = Params::getParam('secret');
$json = array();
if ($ajax_photo != '') {
$files = Session::newInstance()->_get('ajax_files');
$success = false;
foreach ($files as $uuid => $file) {
if ($file == $ajax_photo) {
$filename = $files[$uuid];
unset($files[$uuid]);
Session::newInstance()->_set('ajax_files', $files);
$success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
break;
}
}
echo json_encode(array('success' => $success, 'msg' => $success ? _m('The selected photo has been successfully deleted') : _m("The selected photo couldn't be deleted")));
return false;
}
if (Session::newInstance()->_get('userId') != '') {
$userId = Session::newInstance()->_get('userId');
$user = User::newInstance()->findByPrimaryKey($userId);
} else {
$userId = null;
$user = null;
}
// Check for required fields
if (!(is_numeric($id) && is_numeric($item) && preg_match('/^([a-z0-9]+)$/i', $code))) {
$json['success'] = false;
$json['msg'] = _m("The selected photo couldn't be deleted, the url doesn't exist");
echo json_encode($json);
return false;
}
$aItem = Item::newInstance()->findByPrimaryKey($item);
// Check if the item exists
if (count($aItem) == 0) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't exist");
echo json_encode($json);
return false;
}
if (!osc_is_admin_user_logged_in()) {
// Check if the item belong to the user
if ($userId != null && $userId != $aItem['fk_i_user_id']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
// Check if the secret passphrase match with the item
if ($userId == null && $aItem['fk_i_user_id'] == null && $secret != $aItem['s_secret']) {
$json['success'] = false;
$json['msg'] = _m("The listing doesn't belong to you");
echo json_encode($json);
return false;
}
}
// Does id & code combination exist?
$result = ItemResource::newInstance()->existResource($id, $code);
if ($result > 0) {
$resource = ItemResource::newInstance()->findByPrimaryKey($id);
if ($resource['fk_i_item_id'] == $item) {
// Delete: file, db table entry
if (defined(OC_ADMIN)) {
osc_deleteResource($id, true);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'admin', osc_logged_admin_id());
} else {
osc_deleteResource($id, false);
Log::newInstance()->insertLog('ajax', 'deleteimage', $id, $id, 'user', osc_logged_user_id());
}
ItemResource::newInstance()->delete(array('pk_i_id' => $id, 'fk_i_item_id' => $item, 's_name' => $code));
$json['msg'] = _m('The selected photo has been successfully deleted');
$json['success'] = 'true';
} else {
$json['msg'] = _m("The selected photo does not belong to you");
$json['success'] = 'false';
}
} else {
$json['msg'] = _m("The selected photo couldn't be deleted");
$json['success'] = 'false';
}
echo json_encode($json);
return true;
break;
case 'alerts':
// Allow to register to an alert given (not sure it's used on admin)
$encoded_alert = Params::getParam("alert");
$alert = osc_decrypt_alert(base64_decode($encoded_alert));
// check alert integrity / signature
$stringToSign = osc_get_alert_public_key() . $encoded_alert;
$signature = hex2b64(hmacsha1(osc_get_alert_private_key(), $stringToSign));
$server_signature = Session::newInstance()->_get('alert_signature');
if ($server_signature != $signature) {
echo '-2';
return false;
}
$email = Params::getParam("email");
$userid = Params::getParam("userid");
if (osc_is_web_user_logged_in()) {
$userid = osc_logged_user_id();
$user = User::newInstance()->findByPrimaryKey($userid);
$email = $user['s_email'];
}
if ($alert != '' && $email != '') {
if (osc_validate_email($email)) {
$secret = osc_genRandomPassword();
if ($alertID = Alerts::newInstance()->createAlert($userid, $email, $alert, $secret)) {
if ((int) $userid > 0) {
$user = User::newInstance()->findByPrimaryKey($userid);
if ($user['b_active'] == 1 && $user['b_enabled'] == 1) {
Alerts::newInstance()->activate($alertID);
echo '1';
return true;
} else {
echo '-1';
return false;
}
} else {
$aAlert = Alerts::newInstance()->findByPrimaryKey($alertID);
osc_run_hook('hook_email_alert_validation', $aAlert, $email, $secret);
}
echo "1";
} else {
echo "0";
}
return true;
} else {
echo '-1';
return false;
}
}
echo '0';
return false;
break;
case 'runhook':
// run hooks
$hook = Params::getParam('hook');
if ($hook == '') {
echo json_encode(array('error' => 'hook parameter not defined'));
break;
}
switch ($hook) {
case 'item_form':
osc_run_hook('item_form', Params::getParam('catId'));
break;
case 'item_edit':
$catId = Params::getParam("catId");
$itemId = Params::getParam("itemId");
osc_run_hook("item_edit", $catId, $itemId);
break;
default:
osc_run_hook('ajax_' . $hook);
break;
}
break;
case 'custom':
// Execute via AJAX custom file
if (Params::existParam('route')) {
$routes = Rewrite::newInstance()->getRoutes();
$rid = Params::getParam('route');
$file = '../';
if (isset($routes[$rid]) && isset($routes[$rid]['file'])) {
$file = $routes[$rid]['file'];
}
} else {
// DEPRECATED: Disclosed path in URL is deprecated, use routes instead
// This will be REMOVED in 3.4
$file = Params::getParam('ajaxfile');
}
if ($file == '') {
echo json_encode(array('error' => 'no action defined'));
break;
}
// valid file?
if (strpos($file, '../') !== false || strpos($file, '..\\') !== false || stripos($file, '/admin/') !== false) {
//If the file is inside an "admin" folder, it should NOT be opened in frontend
echo json_encode(array('error' => 'no valid ajaxFile'));
break;
}
if (!file_exists(osc_plugins_path() . $file)) {
echo json_encode(array('error' => "ajaxFile doesn't exist"));
break;
}
require_once osc_plugins_path() . $file;
break;
case 'check_username_availability':
$username = osc_sanitize_username(Params::getParam('s_username'));
if (!osc_is_username_blacklisted($username)) {
$user = User::newInstance()->findByUsername($username);
if (isset($user['s_username'])) {
echo json_encode(array('exists' => 1, 's_username' => $username));
} else {
echo json_encode(array('exists' => 0, 's_username' => $username));
}
} else {
echo json_encode(array('exists' => 1, 's_username' => $username));
}
break;
case 'ajax_upload':
// Include the uploader class
require_once LIB_PATH . "AjaxUploader.php";
$uploader = new AjaxUploader();
$original = pathinfo($uploader->getOriginalName());
$filename = uniqid("qqfile_") . "." . $original['extension'];
$result = $uploader->handleUpload(osc_content_path() . 'uploads/temp/' . $filename);
$result['uploadName'] = $filename;
echo htmlspecialchars(json_encode($result), ENT_NOQUOTES);
break;
case 'ajax_validate':
$id = Params::getParam('id');
if (!is_numeric($id)) {
echo json_encode(array('success' => false));
die;
}
$secret = Params::getParam('secret');
$item = Item::newInstance()->findByPrimaryKey($id);
if ($item['s_secret'] != $secret) {
echo json_encode(array('success' => false));
die;
}
$nResources = ItemResource::newInstance()->countResources($id);
$result = array('success' => $nResources < osc_max_images_per_item(), 'count' => $nResources);
echo json_encode($result);
break;
case 'delete_ajax_upload':
$files = Session::newInstance()->_get('ajax_files');
$success = false;
$filename = '';
if (isset($files[Params::getParam('qquuid')]) && $files[Params::getParam('qquuid')] != '') {
$filename = $files[Params::getParam('qquuid')];
unset($files[Params::getParam('qquuid')]);
Session::newInstance()->_set('ajax_files', $files);
$success = @unlink(osc_content_path() . 'uploads/temp/' . $filename);
}
echo json_encode(array('success' => $success, 'uploadName' => $filename));
break;
default:
echo json_encode(array('error' => __('no action defined')));
break;
}
// clear all keep variables into session
Session::newInstance()->_dropKeepForm();
Session::newInstance()->_clearVariables();
}
public function uploadItemResources($aResources, $itemId)
{
if ($aResources != '') {
$wat = new Watermark();
$itemResourceManager = ItemResource::newInstance();
$numImagesItems = osc_max_images_per_item();
$numImages = $itemResourceManager->countResources($itemId);
foreach ($aResources['error'] as $key => $error) {
if ($numImagesItems == 0 || $numImagesItems > 0 && $numImages < $numImagesItems) {
if ($error == UPLOAD_ERR_OK) {
$freedisk = 4 * osc_max_size_kb() * 1024;
if (function_exists('disk_free_space')) {
$freedisk = @disk_free_space(osc_content_path() . 'uploads/');
}
if ($freedisk != false) {
$tmpName = $aResources['tmp_name'][$key];
$total_size = 0;
// Create normal size
$normal_path = $path = $tmpName . "_normal";
$size = explode('x', osc_normal_dimensions());
ImageResizer::fromFile($tmpName)->resizeTo($size[0], $size[1])->saveToFile($path);
if (osc_is_watermark_text()) {
$wat->doWatermarkText($path, osc_watermark_text_color(), osc_watermark_text(), 'image/jpeg');
} elseif (osc_is_watermark_image()) {
$wat->doWatermarkImage($path, 'image/jpeg');
}
$sizeTmp = filesize($path);
$total_size += $sizeTmp !== false ? $sizeTmp : osc_max_size_kb() * 1024;
// Create preview
$path = $tmpName . "_preview";
$size = explode('x', osc_preview_dimensions());
ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path);
$sizeTmp = filesize($path);
$total_size += $sizeTmp !== false ? $sizeTmp : osc_max_size_kb() * 1024;
// Create thumbnail
$path = $tmpName . "_thumbnail";
$size = explode('x', osc_thumbnail_dimensions());
ImageResizer::fromFile($normal_path)->resizeTo($size[0], $size[1])->saveToFile($path);
$sizeTmp = filesize($path);
$total_size += $sizeTmp !== false ? $sizeTmp : osc_max_size_kb() * 1024;
if (osc_keep_original_image()) {
$sizeTmp = filesize($tmpName);
$total_size += $sizeTmp !== false ? $sizeTmp : osc_max_size_kb() * 1024;
}
if ($total_size <= $freedisk) {
$numImages++;
$itemResourceManager->insert(array('fk_i_item_id' => $itemId));
$resourceId = $itemResourceManager->dao->insertedId();
osc_copy($tmpName . '_normal', osc_content_path() . 'uploads/' . $resourceId . '.jpg');
osc_copy($tmpName . '_preview', osc_content_path() . 'uploads/' . $resourceId . '_preview.jpg');
osc_copy($tmpName . '_thumbnail', osc_content_path() . 'uploads/' . $resourceId . '_thumbnail.jpg');
if (osc_keep_original_image()) {
$path = osc_content_path() . 'uploads/' . $resourceId . '_original.jpg';
move_uploaded_file($tmpName, $path);
}
$s_path = 'oc-content/uploads/';
$resourceType = 'image/jpeg';
$itemResourceManager->update(array('s_path' => $s_path, 's_name' => osc_genRandomPassword(), 's_extension' => 'jpg', 's_content_type' => $resourceType), array('pk_i_id' => $resourceId, 'fk_i_item_id' => $itemId));
osc_run_hook('uploaded_file', ItemResource::newInstance()->findByPrimaryKey($resourceId));
} else {
return 2;
// IMAGES ARE BIGGER THAN SPACE
}
} else {
return 1;
// NO SPACE LEFT
}
}
}
}
unset($itemResourceManager);
}
return 0;
// NO PROBLEMS
}
