public function update_by_admin($id = null) { //turn access $this->ACL->turn(array('users', 'edit_users')); $id = (int) $id; // ID зарегистрированного пользователя не может быть меньше // единицы - значит функция вызвана по ошибке if ($id < 1) { redirect('/users/'); } // Если профиль пытается редактировать не зарегистрированный // пользователь - функция вызвана по ошибке if (!isset($_SESSION['user'])) { redirect('/'); } // Получаем данные о пользователе из БД $user = $this->Model->getById($id); if (!$user) { return $this->showInfoMessage(__('Can not find user'), '/users/'); } if (is_object($this->AddFields) && $user) { $user = $this->AddFields->mergeRecords(array($user), true); $user = $user[0]; } $fields = array('name', 'email', 'oldEmail', 'icq', 'jabber', 'pol', 'city', 'telephone', 'byear', 'bmonth', 'bday', 'url', 'about', 'signature'); $fields_settings = (array) Config::read('fields', 'users'); $fields_settings = array_merge($fields_settings, array('email')); foreach ($fields as $field) { ${$field} = isset($_POST[$field]) ? trim($_POST[$field]) : ''; } if ('1' === $pol) { $pol = 'm'; } else { if ('2' === $pol) { $pol = 'f'; } else { $pol = ''; } } // Обрезаем лишние пробелы $newpassword = !empty($_POST['newpassword']) ? trim($_POST['newpassword']) : ''; $confirm = !empty($_POST['confirm']) ? trim($_POST['confirm']) : ''; // Обрезаем переменные до длины, указанной в параметре maxlength тега input $newpassword = mb_substr($newpassword, 0, 30); $confirm = mb_substr($confirm, 0, 30); $email = mb_substr($email, 0, 60); $oldEmail = mb_substr($user->getEmail(), 0, 60); $icq = mb_substr($icq, 0, 12); $jabber = mb_substr($jabber, 0, 100); $city = mb_substr($city, 0, 50); $telephone = number_format(mb_substr((int) $telephone, 0, 20), 0, '', ''); $byear = intval(mb_substr($byear, 0, 4)); $bmonth = intval(mb_substr($bmonth, 0, 2)); $bday = intval(mb_substr($bday, 0, 2)); $url = mb_substr($url, 0, 60); $about = mb_substr($about, 0, 1000); $signature = mb_substr($signature, 0, 500); $errors = $this->Register['Validate']->check($this->Register['action']); // Additional fields if (is_object($this->AddFields)) { try { $_addFields = $this->AddFields->checkFields(); } catch (Exception $e) { $errors[] = $this->AddFields->getErrors(); } } // Если заполнено поле "Текущий пароль" - значит пользователь // хочет изменить его или поменять свой e-mail $changePassword = false; $changeEmail = false; // want to change password if (!empty($newpassword)) { $changePassword = true; } // user want to change email if ($email != $oldEmail) { $changeEmail = true; } // if new and old emails are equal, we needn't check password if ($email == $oldEmail) { $this->Register['Validate']->disableFieldCheck('password'); } $tmp_key = rand(0, 9999999); if (!empty($_FILES['avatar']['name'])) { touchDir(ROOT . '/sys/tmp/images/', 0777); $path = ROOT . '/sys/tmp/images/' . $tmp_key . '.jpg'; if (!isset($check_image) && move_uploaded_file($_FILES['avatar']['tmp_name'], $path)) { chmod($path, 0644); @($sizes = resampleImage($path, $path, 100)); if (!$sizes) { @unlink($path); $errors[] = __('Some error in avatar'); } } else { $errors[] = __('Some error in avatar'); } } $status = (int) $_POST['status']; $timezone = (int) $_POST['timezone']; if ($timezone < -12 or $timezone > 12) { $timezone = 0; } // Errors if (!empty($errors)) { $_SESSION['FpsForm'] = array_merge(array('name' => null, 'status' => null, 'email' => null, 'timezone' => null, 'icq' => null, 'url' => null, 'about' => null, 'signature' => null, 'pol' => $pol, 'telephone' => null, 'city' => null, 'jabber' => null, 'byear' => null, 'bmonth' => null, 'bday' => null), $_POST); $_SESSION['FpsForm']['errors'] = $errors; redirect('/users/edit_form_by_admin/' . $id); } // Если выставлен флажок "Удалить загруженный ранее файл" if (isset($_POST['unlink']) and is_file(ROOT . '/sys/avatars/' . $id . '.jpg')) { unlink(ROOT . '/sys/avatars/' . $id . '.jpg'); } if (file_exists(ROOT . '/sys/tmp/images/' . $tmp_key . '.jpg')) { if (copy(ROOT . '/sys/tmp/images/' . $tmp_key . '.jpg', ROOT . '/sys/avatars/' . $id . '.jpg')) { chmod(ROOT . '/sys/avatars/' . $id . '.jpg', 0644); } unlink(ROOT . '/sys/tmp/images/' . $tmp_key . '.jpg'); } // Все поля заполнены правильно - записываем изменения в БД if ($changePassword) { $user->setPassw(md5($newpassword)); } if ($changeEmail) { $user->setEmail($email); } if (isset($_POST['activation'])) { $user->setActivation(''); } $user->setName($name); $user->setStatus($status); $user->setTimezone($timezone); $user->setUrl($url); $user->setIcq($icq); $user->setJabber($jabber); $user->setCity($city); $user->setTelephone($telephone); $user->setPol($pol); $user->setByear($byear); $user->setBmonth($bmonth); $user->setBday($bday); $user->setAbout($about); $user->setSignature($signature); $user->save(); // Additional fields saving if (is_object($this->AddFields)) { $this->AddFields->save($id, $_addFields); } if ($this->Log) { $this->Log->write('editing user by adm', 'user id(' . $id . ') adm id(' . $_SESSION['user']['id'] . ')'); } return $this->showInfoMessage(__('Operation is successful'), getProfileUrl($id)); }
die; } if ($params[0] == 'loads') { $attach = $FpsDB->select('loads_attaches', DB_FIRST, array('cond' => array('filename' => $params[1]))); if (count($attach) < 1) { die; } } // Size of future image if (!empty($params[2])) { $sample_size = (int) $params[2]; } else { $sample_size = $Register['Config']->read('img_preview_size'); } // Min allowed size if ($sample_size < 50) { $sample_size = 50; } // New path $tmpdir = ROOT . '/sys/tmp/img_cache/' . $sample_size . '/' . $params[0] . '/'; if (!file_exists($tmpdir)) { mkdir($tmpdir, 0777, true); } if (!file_exists($tmpdir . $params[1])) { $dest_path = ROOT . '/sys/files/' . $params[0] . '/' . $params[1]; resampleImage($dest_path, $tmpdir . $params[1], $sample_size); } header('Content-type: image/' . substr($ext, 1, 3)); echo file_get_contents($tmpdir . $params[1]); } die;
function imageUpload($flag_flow) { global $cfg, $db; authenticate('access_admin', false, true); if (ini_get('file_uploads') == false) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]File uploads disabled in the php.ini.'); } if ($_FILES['image_front']['error'] == UPLOAD_ERR_NO_FILE && $_FILES['image_back']['error'] == UPLOAD_ERR_NO_FILE) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]There is no file uploaded'); } if ($_FILES['image_front']['error'] != UPLOAD_ERR_OK && $_FILES['image_front']['error'] != UPLOAD_ERR_NO_FILE) { if ($_FILES['image_front']['error'] == UPLOAD_ERR_INI_SIZE) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]The file is larger than the value set in php.ini for upload_max_file'); } elseif ($_FILES['image_front']['error'] == UPLOAD_ERR_PARTIAL) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]The file is not fully uploaded'); } elseif ($_FILES['image_front']['error'] == UPLOAD_ERR_NO_TMP_DIR) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]PHP, the directory for the temporary file not found'); } elseif ($_FILES['image_front']['error'] == UPLOAD_ERR_CANT_WRITE) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]PHP could not write the temporary file'); } else { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Error code: ' . $_FILES['image_front']['error']); } } if ($_FILES['image_back']['error'] != UPLOAD_ERR_OK && $_FILES['image_back']['error'] != UPLOAD_ERR_NO_FILE) { if ($_FILES['image_back']['error'] == UPLOAD_ERR_INI_SIZE) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]The file is larger than the value set in php.ini for upload_max_file'); } elseif ($_FILES['image_back']['error'] == UPLOAD_ERR_PARTIAL) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]The file is not fully uploaded'); } elseif ($_FILES['image_back']['error'] == UPLOAD_ERR_NO_TMP_DIR) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]PHP, the directory for the temporary file not found'); } elseif ($_FILES['image_back']['error'] == UPLOAD_ERR_CANT_WRITE) { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]PHP could not write the temporary file'); } else { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Error code: ' . $_FILES['image_back']['error']); } } $album_id = post('album_id'); $query = mysql_query('SELECT relative_file FROM track WHERE album_id = "' . mysql_real_escape_string($album_id) . '"'); $track = mysql_fetch_assoc($query); $image_dir = $cfg['media_dir'] . $track['relative_file']; $image_dir = substr($image_dir, 0, strrpos($image_dir, '/') + 1); if ($track == false) { message(__FILE__, __LINE__, 'error', '[b]Error[/b][br]album_id not found in database'); } if ($_FILES['image_front']['error'] == UPLOAD_ERR_OK) { $imagesize = @getimagesize($_FILES['image_front']['tmp_name']) or message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Unsupported file.'); if ($imagesize[2] == IMAGETYPE_JPEG) { $image = $image_dir . $cfg['image_front'] . '.jpg'; $delete = $image_dir . $cfg['image_front'] . '.png'; } elseif ($imagesize[2] == IMAGETYPE_PNG) { $image = $image_dir . $cfg['image_front'] . '.png'; $delete = $image_dir . $cfg['image_front'] . '.jpg'; } else { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Unsupported file.'); } if (copy($_FILES['image_front']['tmp_name'], $image) == false) { message(__FILE__, __LINE__, 'error', '[b]Failed to copy[/b][br]from: ' . $_FILES['image_front']['tmp_name'] . '[br]to: ' . $image); } if (is_file($delete) && @unlink($delete) == false) { message(__FILE__, __LINE__, 'error', '[b]Failed to delete file:[/b][br]' . $delete); } $flag = 3; // stored $filemtime = filemtime($image); $filesize = filesize($image); $image_id = $album_id . '_' . base_convert(NJB_IMAGE_SIZE * 100 + NJB_IMAGE_QUALITY, 10, 36) . base_convert($filemtime, 10, 36) . base_convert($filesize, 10, 36); $relative_image = substr($image, strlen($cfg['media_dir'])); mysql_query('UPDATE bitmap SET image = "' . mysql_real_escape_string(resampleImage($image)) . '", filesize = ' . (int) $filesize . ', filemtime = ' . (int) $filemtime . ', flag = ' . (int) $flag . ', image_front = "' . mysql_real_escape_string($relative_image) . '", image_front_width = ' . (int) $imagesize[0] . ', image_front_height = ' . (int) $imagesize[1] . ', image_id = "' . mysql_real_escape_string($image_id) . '" WHERE album_id = "' . mysql_real_escape_string($album_id) . '"'); mysql_query('UPDATE album SET image_id = "' . mysql_real_escape_string($image_id) . '" WHERE album_id = "' . mysql_real_escape_string($album_id) . '"'); } if ($_FILES['image_back']['error'] == UPLOAD_ERR_OK) { $imagesize = @getimagesize($_FILES['image_back']['tmp_name']) or message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Unsupported file.'); if ($imagesize[2] == IMAGETYPE_JPEG) { $image = $image_dir . $cfg['image_back'] . '.jpg'; $delete = $image_dir . $cfg['image_back'] . '.png'; } elseif ($imagesize[2] == IMAGETYPE_PNG) { $image = $image_dir . $cfg['image_back'] . '.png'; $delete = $image_dir . $cfg['image_back'] . '.jpg'; } else { message(__FILE__, __LINE__, 'error', '[b]Upload error[/b][br]Unsupported file.'); } if (copy($_FILES['image_back']['tmp_name'], $image) == false) { message(__FILE__, __LINE__, 'error', '[b]Failed to copy[/b][br]from: ' . $_FILES['image_back']['tmp_name'] . '[br]to: ' . $image); } if (is_file($delete) && @unlink($delete) == false) { message(__FILE__, __LINE__, 'error', '[b]Failed to delete file:[/b][br]' . $delete); } $relative_image = substr($image, strlen($cfg['media_dir'])); mysql_query('UPDATE bitmap SET image_back = "' . mysql_real_escape_string($relative_image) . '" WHERE album_id = "' . mysql_real_escape_string($album_id) . '"'); } if ($flag_flow == 9) { header('Location: ' . NJB_HOME_URL . 'index.php?action=view3&album_id=' . $album_id); exit; } else { imageUpdate($flag_flow); } }
//ini_set('display_errors', 'On'); require_once 'include/initialize.inc.php'; require_once 'include/stream.inc.php'; $image_id = get('image_id'); $track_id = get('track_id'); $quality = get('quality') == 'hq' ? 'hq' : 'lq'; //$quality = 'hq'; $image = get('image'); $album_id = get('album_id'); $action = get('action'); if ($action == 'viewall' && $album_id) { viewall($album_id); } elseif (isset($image_id)) { image($image_id, $quality, $track_id); } elseif (isset($image)) { resampleImage($image); } elseif ($cfg['image_share']) { shareImage(); } exit; function viewall($album_id) { $res = mysql_query('SELECT image_id FROM bitmap WHERE album_id="' . mysql_real_escape_string($album_id) . '"'); if (mysql_num_rows($res) < 2) { exit; } while ($rec = mysql_fetch_assoc($res)) { echo '<img width="50" height="50" src="image.php?image_id=' . $rec['image_id'] . '&quality=hq" />'; } exit; }
function fetchAlbumImages($albumDir, $album_id) { global $cfg, $db, $getID3; $fallBackImage = NJB_HOME_DIR . 'image/no_image.png'; if (is_dir($albumDir) == FALSE) { return array($fallBackImage); } $musicFiles = array(); $imageFiles = array(); $flag = 0; // No image if ($cfg['image_read_embedded'] === TRUE) { // get all files music files of directory $handle = opendir($albumDir); while ($file = readdir($handle)) { $ext = strtolower(preg_replace('/^.*\\./', '', $file)); if (is_file($albumDir . $file) && in_array($ext, $cfg['media_extension']) !== FALSE) { $musicFiles[] = $albumDir . $file; } } closedir($handle); foreach ($musicFiles as $i) { $coverBinary = writeEmbeddedCoverToTempfile($i); if ($coverBinary !== FALSE) { // md5() of extracted images of same album files seems to be different - lets use filesize $imageFiles[filesize($coverBinary)] = $coverBinary; } } } if ($cfg['image_look_current_directory'] === TRUE) { $imageFiles = array_merge($imageFiles, getImages($albumDir)); } if ($cfg['image_look_cover_directory'] === TRUE) { // get all image files of album directory $handle = opendir($albumDir); while ($dirname = readdir($handle)) { if (is_dir($albumDir . $dirname)) { if (in_array(az09($dirname), $cfg['common_artwork_dir_names'])) { $imageFiles = array_merge($imageFiles, getImages($albumDir . $dirname)); } } } closedir($handle); } if ($cfg['image_look_parent_directory'] === TRUE && count($imageFiles) === 0) { $imageFiles = getImages(dirname($albumDir)); } if (count($imageFiles) === 0) { $imageFiles = array($fallBackImage); } $albumUpdated = FALSE; // insert all images into database... foreach ($imageFiles as $image) { $filesize = filesize($image); $filemtime = filemtime($image); $flag = 0; $image_front = ''; $image_back = ''; if (stripos($image, NJB_HOME_DIR) !== FALSE && $image !== $fallBackImage) { $flag = 3; $image_front = str_replace($cfg['media_dir'], '', $image); } $imagesize = @getimagesize($image); if (!$imagesize) { //TODO: logging #message(__FILE__, __LINE__, 'error', '[b]Failed to read image information from:[/b][br]' . $image); error_log('OMPD-import-image error for: ' . $image); } $image_id = $flag == 3 ? $album_id : 'no_image'; $image_id .= '_' . base_convert(NJB_IMAGE_SIZE * 100 + NJB_IMAGE_QUALITY, 10, 36) . base_convert($filemtime, 10, 36) . base_convert($filesize, 10, 36); mysql_query('INSERT INTO bitmap (image, filesize, filemtime, flag, image_front, image_back, image_front_width, image_front_height, image_id, album_id, updated) VALUES ("' . mysql_real_escape_string(resampleImage($image)) . '", ' . (int) $filesize . ', ' . (int) $filemtime . ', ' . (int) $flag . ', "' . mysql_real_escape_string($image_front) . '", "' . mysql_real_escape_string($image_back) . '", ' . ($flag == 3 ? $imagesize[0] : 0) . ', ' . ($flag == 3 ? $imagesize[1] : 0) . ', "' . mysql_real_escape_string($image_id) . '", "' . mysql_real_escape_string($album_id) . '", 1)'); if ($albumUpdated === FALSE) { mysql_query('UPDATE album SET image_id = "' . mysql_real_escape_string($image_id) . '" WHERE album_id = "' . mysql_real_escape_string($album_id) . '" LIMIT 1'); $albumUpdated = TRUE; } if (stripos($image, NJB_HOME_DIR . 'tmp/') === 0) { @unlink($image); } } }