return fclose($handle); } if (!function_exists('mime_content_type')) { function mime_content_type($f) { $f = escapeshellarg($f); return trim( `file -bi $f` ); } } if($Path != "") { if(isset($_GET["Zip"]) && $_GET["Zip"] == 1 && $NeedZip) die(ZipDir($lsdir)); if(isset($_GET["Info"]) && $_GET["Info"] == 1) die(FileInfo($Path)); if(isset($_GET["Img"]) && $_GET["Img"] == 1) die(CreateThumbnail($Path)); if(isset($_GET["DownLoad"]) && $_GET["DownLoad"] == 1) die(Download($Path)); } if(isset($_GET['Delete'])) { $file = base64_decode($_GET['Delete']); if(isset($_GET['Confirm']) && $_GET['Confirm']) { unlink($ExploreDir.'/'.$file); die(header('Location: ./?Path='.base64_encode($Path))); } else { die('<a href="?Path='.base64_encode($Path).'&Delete='.$_GET['Delete'].'&Confirm=1">Delete file <b>'.$file.'</b>?</a>'); }
function prepare_upload($field, $controltype, $postfilename, $value, $table, $id, &$pageObject) { $abs = GetFieldData($table, $field, "Absolute", false); $file =& $_FILES["value_" . GoodFieldName($field) . "_" . $id]; if ($file["error"] || $value == "") { return false; } if (substr($controltype, 6, 1) == "1") { if (strlen($postfilename)) { $pageObject->filesToDelete[] = new DeleteFile($postfilename, GetUploadFolder($field, $table), $abs); if (GetCreateThumbnail($field, $table)) { $pageObject->filesToDelete[] = new DeleteFile(GetThumbnailPrefix($field, $table) . $postfilename, GetUploadFolder($field, $table), $abs); } } return ""; } if (substr($controltype, 6, 1) == "0") { return false; } if (strlen($file['tmp_name'])) { if (!ResizeOnUpload($field, $table)) { $pageObject->filesToMove[] = new MoveFile($file['tmp_name'], $value, GetUploadFolder($field, $table), $abs); } else { $contents = myfile_get_contents($file['tmp_name']); $ext = CheckImageExtension($file["name"]); $thumb = CreateThumbnail($contents, GetNewImageSize($field, $table), $ext); $pageObject->filesToSave[] = new SaveFile($thumb, $value, GetUploadFolder($field, $table), $abs); } } return $value; }
$Show[$key] = 1; } else { $Show[$key] = 0; } next($Show); } } $Show['Nickname'] = 1; // Nickname muss angezeigt werden $Update = aArrayIntoString($Show); // Array zu String DBU(DBTabProfiles, "ID='" . $_SESSION['ID'] . "'", $Update); // Anzeigestatus speichern if ($_FILES['Profilbild']['size'] > 0) { // Profilbild speichern CreateThumbnail(120, $_FILES['Profilbild'], AvatarVerzeichnis . "/" . $_SESSION['Nickname'] . ".jpg"); } } // Anzeigen des eigenen Profils im Editiermodus ... $Array = DBQ("SELECT * FROM " . DBTabUsers . " WHERE ID='" . $_SESSION['ID'] . "'"); $Array = $Array[0]; $Show = DBQ("SELECT * FROM " . DBTabProfiles . " WHERE ID='" . $_SESSION['ID'] . "'"); if (is_array($Show)) { $Show = $Show[0]; } if (is_array($Show)) { reset($Show); while ($key = key($Show)) { $current = current($Show); if ($current == 1) { $current = 'checked="checked"';
function readWebValue(&$avalues, &$blobfields, $strWhereClause, $oldValuesRead, &$filename_values) { $filename = ""; $this->getPostValueAndType(); if (FieldSubmitted($this->goodFieldName . "_" . $this->id)) { $fileNameForPrepareFunc = securityCheckFileName(postvalue("filename_" . $this->goodFieldName . "_" . $this->id)); if ($this->pageObject->pageType != PAGE_EDIT) { $prepearedFile = prepare_file($this->webValue, $this->field, "file2", $fileNameForPrepareFunc, $this->id); if ($prepearedFile !== false) { $this->webValue = $prepearedFile["value"]; $filename = $prepearedFile["filename"]; } else { $this->webValue = false; } } else { if (substr($this->webType, 0, 4) == "file") { $prepearedFile = prepare_file($this->webValue, $this->field, $this->webType, $fileNameForPrepareFunc, $this->id); if ($prepearedFile !== false) { $this->webValue = $prepearedFile["value"]; $filename = $prepearedFile["filename"]; } else { $this->webValue = false; } } else { if (substr($this->webType, 0, 6) == "upload") { if ($this->webType == "upload1") { // file deletion, read filename from the database if (!$oldValuesRead) { $rsold = db_query($this->pageObject->gQuery->gSQLWhere($strWhereClause), $this->conn); $dataold = db_fetch_array($rsold); $oldValuesRead = true; } $fileNameForPrepareFunc = $dataold[$this->field]; } $this->webValue = prepare_upload($this->field, $this->webType, $fileNameForPrepareFunc, $this->webValue, "", $this->id, $this->pageObject); } } } } else { $this->webValue = false; } if (!($this->webValue === false)) { if ($this->webValue) { if ($this->pageObject->pSetEdit->getCreateThumbnail($this->field)) { $ext = CheckImageExtension(GetUploadedFileName("value_" . $this->goodFieldName . "_" . $this->id)); $thumb = CreateThumbnail($this->webValue, $this->pageObject->pSetEdit->getThumbnailSize($this->field), $ext); $blobfields[] = $this->pageObject->pSetEdit->getStrThumbnail($this->field); $avalues[$blobfields[count($blobfields) - 1]] = $thumb; } if ($this->pageObject->pSetEdit->getResizeOnUpload($this->field)) { $ext = CheckImageExtension(GetUploadedFileName("value_" . $this->goodFieldName . "_" . $this->id)); $this->webValue = CreateThumbnail($this->webValue, $this->pageObject->pSetEdit->getNewImageSize($this->field), $ext); } } else { if ($this->pageObject->pageType == PAGE_EDIT && $this->pageObject->pSetEdit->getCreateThumbnail($this->field)) { $blobfields[] = $this->pageObject->pSetEdit->getStrThumbnail($this->field); $avalues[$blobfields[count($blobfields) - 1]] = ""; } } $blobfields[] = $this->field; $avalues[$this->field] = $this->webValue; } if ($filename && $this->pageObject->pSetEdit->getStrFilename($this->field)) { $filename_values[$this->pageObject->pSetEdit->getStrFilename($this->field)] = $filename; } }
function readWebValue(&$avalues, &$blobfields, $strWhereClause, $oldValuesRead, &$filename_values = null) { $this->getPostValueAndType(); if (FieldSubmitted($this->goodFieldName . "_" . $this->id)) { $fileNameForPrepareFunc = securityCheckFileName(postvalue("filename_" . $this->goodFieldName . "_" . $this->id)); if ($this->pageObject->pageType != PAGE_EDIT) { $this->webValue = prepare_upload($this->field, "upload2", $fileNameForPrepareFunc, $fileNameForPrepareFunc, "", $this->id, $this->pageObject); } else { if (substr($this->webType, 0, 4) == "file") { $prepearedFile = prepare_file($this->webValue, $this->field, $this->webType, $fileNameForPrepareFunc, $this->id); if ($prepearedFile !== false) { $this->webValue = $prepearedFile["value"]; $filename = $prepearedFile["filename"]; } else { $this->webValue = false; } } else { if (substr($this->webType, 0, 6) == "upload") { if ($fileNameForPrepareFunc) { $this->webValue = $fileNameForPrepareFunc; } if ($this->webType == "upload1") { // file deletion, read filename from the database if (!$oldValuesRead) { $rsold = db_query($this->pageObject->gQuery->gSQLWhere($strWhereClause), $this->conn); $dataold = db_fetch_array($rsold); $oldValuesRead = true; } $fileNameForPrepareFunc = $dataold[$this->field]; } $this->webValue = prepare_upload($this->field, $this->webType, $fileNameForPrepareFunc, $this->webValue, "", $this->id, $this->pageObject); } } } } else { $this->webValue = false; } if (!($this->webValue === false)) { if ($this->pageObject->pSet->getResizeOnUpload($this->field) || $this->pageObject->pSet->getCreateThumbnail($this->field)) { $contents = GetUploadedFileContents("value_" . $this->goodFieldName . "_" . $this->id); } if ($this->webValue && $this->pageObject->pSet->getCreateThumbnail($this->field)) { $ext = CheckImageExtension(GetUploadedFileName("value_" . $this->goodFieldName . "_" . $this->id)); $thumb = CreateThumbnail($contents, $this->pageObject->pSet->getThumbnailSize($this->field), $ext); $this->pageObject->filesToSave[] = new SaveFile($thumb, $this->pageObject->pSet->GetStrThumbnail($this->goodFieldName) . $this->webValue, $this->pageObject->pSet->getUploadFolder($this->field), $this->pageObject->pSet->isAbsolute($this->field)); } $avalues[$this->field] = $this->webValue; } }
/** * */ function readWebValue(&$avalues, &$blobfields, $legacy1, $legacy2, &$filename_values) { $this->getPostValueAndType(); if (FieldSubmitted($this->goodFieldName . "_" . $this->id)) { $fileNameForPrepareFunc = securityCheckFileName(postvalue("filename_" . $this->goodFieldName . "_" . $this->id)); if ($this->pageObject->pageType != PAGE_EDIT) { $this->webValue = prepare_upload($this->field, "upload2", $fileNameForPrepareFunc, $fileNameForPrepareFunc, "", $this->id, $this->pageObject); } else { if (substr($this->webType, 0, 4) == "file") { $prepearedFile = prepare_file($this->webValue, $this->field, $this->webType, $fileNameForPrepareFunc, $this->id); if ($prepearedFile !== false) { $this->webValue = $prepearedFile["value"]; $filename = $prepearedFile["filename"]; } else { $this->webValue = false; } } else { if (substr($this->webType, 0, 6) == "upload") { if ($fileNameForPrepareFunc) { $this->webValue = $fileNameForPrepareFunc; } if ($this->webType == "upload1") { // file deletion, read filename from the database $oldValues = $this->pageObject->getOldRecordData(); $fileNameForPrepareFunc = $oldValues[$this->field]; } $this->webValue = prepare_upload($this->field, $this->webType, $fileNameForPrepareFunc, $this->webValue, "", $this->id, $this->pageObject); } } } } else { $this->webValue = false; } if (!($this->webValue === false)) { if ($this->webValue && $this->pageObject->pSetEdit->getCreateThumbnail($this->field)) { $contents = GetUploadedFileContents("value_" . $this->goodFieldName . "_" . $this->id); $ext = CheckImageExtension(GetUploadedFileName("value_" . $this->goodFieldName . "_" . $this->id)); $thumb = CreateThumbnail($contents, $this->pageObject->pSetEdit->getThumbnailSize($this->field), $ext); $this->pageObject->filesToSave[] = new SaveFile($thumb, $this->pageObject->pSetEdit->GetStrThumbnail($this->field) . $this->webValue, $this->pageObject->pSetEdit->getUploadFolder($this->field), $this->pageObject->pSetEdit->isAbsolute($this->field)); } $avalues[$this->field] = $this->webValue; } }
if (!is_dir($folder)) { mkdir($folder); } if (!@$_FILES['image']) { exit; } $name = $_FILES['image']['name']; $extension = get_extension($name); $filename = sha1(@microtime()) . '.' . $extension; $target = $folder . $filename; move_uploaded_file($_FILES["image"]["tmp_name"], $target); function get_extension($file) { return substr(strrchr($file, '.'), 1); } CreateThumbnail($target, 1920, 1920); $result = array("upload" => array("links" => array("original" => $target))); echo json_encode($result); function CreateThumbnail($srcFile, $toW, $toH, $toFile = "") { if ($toFile == "") { $toFile = $srcFile; } $info = ""; //返回含有4个单元的数组,0-宽,1-高,2-图像类型,3-宽高的文本描述。 //失败返回false并产生警告。 $data = getimagesize($srcFile, $info); if (!$data) { return false; } //将文件载入到资源变量im中
} else { if (($_FILES["image"]["type"] == "image/gif" || $_FILES["image"]["type"] == "image/jpeg" || $_FILES["image"]["type"] == "image/jpg" || $_FILES["image"]["type"] == "image/pjpeg" || $_FILES["image"]["type"] == "image/x-png" || $_FILES["image"]["type"] == "image/png") && $_FILES["image"]["size"] < 10485760) { if ($_FILES["image"]["error"] > 0) { $uploaderror = "Error: " . $_FILES["img"]["error"] . "<br>"; } else { $mysqli = new mysqli("localhost", "root", "iamthebuddha", "images"); if ($mysqli->connect_error) { die("Error: (" . $mysqli->connect_errno . ") " . $mysqli->connect_error); } $ext = pathinfo($_FILES["image"]["name"], PATHINFO_EXTENSION); //get extension of uploaded file so that we can save it with the same extension but a different name $timeuploaded = time(); $path = $UPLOADS_FOLDER . $timeuploaded . "." . $ext; $thumbpath = $THUMBS_FOLDER . $timeuploaded . "s." . $ext; //add an s to make it different from the normal image (i chose "s" specifically because that's what 4chan does) $name = $_FILES["image"]["name"]; $success = $mysqli->query("\n INSERT INTO uploads (Path, ThumbnailPath, Name)\n VALUES ('{$path}', '{$thumbpath}', '{$name}')\n "); if ($success == false) { $uploaderror = $mysqli->error; } else { move_uploaded_file($_FILES["image"]["tmp_name"], $path); CreateThumbnail($path, $thumbpath, 100); } $mysqli->close(); } } else { $uploaderror = "That filetype is not supported."; } } } }
extract($Array, EXTR_OVERWRITE); include "Content/Edit.php"; } elseif (isset($_GET['EditMyGalerie']) && isset($_FILES['Bild']) && $_FILES['Bild']['size'] > 0) { $MyPics = DBQ("SELECT ID FROM Bilder WHERE BesitzerID = '" . $_SESSION['ID'] . "'"); if (isset($MyPics) && count($MyPics) > MAXPICSCOUNT) { include "Content/TooManyPicsInGal.html"; } else { $AllPics = DBQ("SELECT * FROM Bilder"); $AllPics = count($AllPics); $ThumbCount = DirCount(BilderVerzeichnis . "/Thumbnails/"); $PicCount = DirCount(BilderVerzeichnis . "/Orginale/"); $ThumbName = $ThumbCount . "-" . $_FILES['Bild']['name'] . ".jpg"; $PicName = $PicCount . "-" . $_FILES['Bild']['name']; DBIN("Bilder", "BesitzerID,ID,Dateiname,Thumbnail,Titel", "'" . $_SESSION['ID'] . "','" . $AllPics . "','" . $PicName . "','" . $ThumbName . "','" . $_POST['Titel'] . "'"); // Eintrag in die Datenbank CreateThumbnail(120, $_FILES['Bild'], BilderVerzeichnis . "/Thumbnails/" . $ThumbName); // Thumbnail erstellen copy($_FILES['Bild']['tmp_name'], BilderVerzeichnis . "/Orginale/" . $PicName); // Datei kopieren } } elseif (isset($_GET['EditMyGalerie'])) { if (isset($_GET['Remove']) && isset($_GET['ID'])) { // Ein Bild Löschen $Bild = DBQ("SELECT * FROM Bilder WHERE ID='" . $_GET['ID'] . "'"); $Bild = $Bild[0]; if ($Bild['BesitzerID'] == $_SESSION['ID']) { /// KOMMENTARE LÖSCHEN HIER EINFUEGEN WENN BEREIT!!! unlink(BilderVerzeichnis . "/Thumbnails/" . $Bild['Thumbnail']); unlink(BilderVerzeichnis . "/Orginale/" . $Bild['Dateiname']); DBD("Bilder", "ID=" . $_GET['ID']); } else {
function CreateContent($Content, $Type, $Time = 0, $Owner, $META) { if ($Time <= 0) { $Time = time(); } $Time = date("y-m-d H:i:s"); switch ($Type) { case "Bild": // // $Content enthält hier den Titel des Bildes // $Meta muss ein Array sein, der von einem hochgeladenen Bild stammt. // $Time wird automatisch erzeugt, wenn nicht angegeben ... // $ContentID = GenerateContentID("Bilder"); $ThumbCount = $ContentID; $PicCount = $ContentID; $ThumbName = $ThumbCount . "-" . $META['Bild']['name'] . ".jpg"; $PicName = $PicCount . "-" . $META['Bild']['name']; $Info = getimagesize($META['Bild']['tmp_name']); print_r($Info); // DEBUG CreateThumbnail(THUMBMAXSIZE, $META['Bild'], BilderVerzeichnis . "/Thumbnails/" . $ThumbName); // Thumbnail erstellen if ($Info[0] > SCALEDMAXSIZE or $Info[1] > SCALEDMAXSIZE) { CreateThumbnail(SCALEDMAXSIZE, $META['Bild'], BilderVerzeichnis . "/Skaliert/" . $ThumbName); // Skalierte Version erstellen $ScaledName = $ThumbName; } else { copy($META['Bild']['tmp_name'], BilderVerzeichnis . "/Skaliert/" . $PicName); // Orginal-Datei kopieren $ScaledName = $PicName; } if ($Info[0] > PICMAXSIZE or $Info[1] > PICMAXSIZE) { CreateThumbnail(PICMAXSIZE, $META['Bild'], BilderVerzeichnis . "/Orginale/" . $ThumbName); // Orginal Version erstellen $PicName = $ThumbName; } else { copy($META['Bild']['tmp_name'], BilderVerzeichnis . "/Orginale/" . $PicName); // Orginal-Datei kopieren } DBIN(DBTabPictures, "BesitzerID,ID,Dateiname,Skaliert,Thumbnail,Titel,Time", "'" . $Owner . "','" . $ContentID . "','" . $PicName . "','" . $ScaledName . "','" . $ThumbName . "','" . $Content . "','" . $Time . "'"); // Eintrag in die Datenbank return true; break; case "Review": break; case "Software": break; case "Hardware": break; case "Kommentar": $ContentID = GenerateContentID("Kommentare"); $Schluessel = "BesitzerID,ID,Titel,Inhalt,ZuID,ZuType,Time"; if (strlen($Content) > MAXLENGTHKOMMENTAR) { $Content = substr($Content, 0, MAXLENGTHKOMMENTAR); } $Werte = "'" . $Owner . "','" . $ContentID . "','" . $META['Titel'] . "','" . $Content . "','" . $META['ZuID'] . "','" . $META['ZuType'] . "','" . $Time . "'"; DBIN(DBTabComments, $Schluessel, $Werte); return true; break; default: return false; break; } }
/** * @intellisense */ function prepare_upload($field, $controltype, $postfilename, $value, $table, $id, &$pageObject) { $abs = $pageObject->pSet->isAbsolute($field); $file=&$_FILES["value_".GoodFieldName($field)."_".$id]; $sbstr1 = substr($controltype,6,1); if($file["error"] || $value == "") { if($file["error"] != 4 && $sbstr1 != "1") return false; } if($sbstr1 == "1") { if(strlen($postfilename)) { $pageObject->filesToDelete[]=new DeleteFile($postfilename, $pageObject->pSet->getUploadFolder($field), $abs); if($pageObject->pSet->getCreateThumbnail($field,$table)) $pageObject->filesToDelete[]=new DeleteFile($pageObject->pSet->getStrThumbnail($field).$postfilename, $pageObject->pSet->getUploadFolder($field), $abs); } return ""; } if(substr($controltype,6,1)=="0") return false; if(strlen($file['tmp_name'])) { if(!$pageObject->pSet->getResizeOnUpload($field)) { $pageObject->filesToMove[] = new MoveFile($file['tmp_name'],$value, $pageObject->pSet->getUploadFolder($field),$abs); } else { $contents = myfile_get_contents($file['tmp_name']); $ext = CheckImageExtension($file["name"]); $thumb = CreateThumbnail($contents, $pageObject->pSet->getNewImageSize($field), $ext); $pageObject->filesToSave[] = new SaveFile($thumb,$value, $pageObject->pSet->getUploadFolder($field),$abs); } } return $value; }