function getAvatar($small = true) { $image_id = $this->data['avatar']; if ($small) { return ImgStore::getUrl($image_id, Config::SIZES_AVATAR_SMALL); } else { return ImgStore::getUrl($image_id, Config::SIZES_AVATAR_NORMAL); } }
function edit() { if (isset($_FILES['userpic']) && !$_FILES['userpic']['error']) { $result = ImgStore::upload($_FILES['userpic']['tmp_name'], Config::$sizes[Config::T_SIZE_AVATAR]); Database::query('UPDATE `user` SET `avatar`=' . $result . ' WHERE `id`=' . CurrentUser::$id); } $error = array(); if (isset($_POST['old'])) { $old = $_POST['old']; $new_1 = $_POST['new_1']; $new_2 = $_POST['new_2']; if ($new_1 == $new_2) { $old_real = Database::sql2single('SELECT `password` FROM `user` WHERE `id`=' . CurrentUser::$id); if (md5($old) === $old_real) { Database::query('UPDATE `user` SET `password`=' . Database::escape(md5($new_1)) . ' WHERE `id`=' . CurrentUser::$id); } else { $error['old'] = 'Введен неверный пароль'; } } else { $error['new_1'] = 'Пароли не совпадают'; } } $fields_editable = array('first_name' => '/[a-zA-Zа-яА-ЯёЁь]+$/isU', 'last_name' => '/[a-zA-Zа-яА-ЯёЁь]+$/isU', 'middle_name' => '/[a-zA-Zа-яА-ЯёЁь]+$/isU', 'nickname' => '/[a-zA-Zа-яА-ЯёЁь0-9]+$/isU'); foreach ($fields_editable as $fieldname => $pattern) { if (isset($_POST[$fieldname])) { if (preg_match($pattern, trim($_POST[$fieldname]))) { $to_update[] = $fieldname . '=' . Database::escape(trim($_POST[$fieldname])); } else { $error[$fieldname] = 'Неправильный формат'; } } } if (count($error)) { Site::passWrite('error_edit', $error); Site::passWrite('value_edit', $_POST); return; } else { if (count($to_update)) { try { Database::query('UPDATE `user` SET ' . implode(',', $to_update) . ' WHERE `id`=' . CurrentUser::$id); } catch (Exception $e) { $error['nickname'] = 'Никнейм занят. Попробуйте придумать другой'; Site::passWrite('error_edit', $error); Site::passWrite('value_edit', $_POST); return; } } header('Location: /u/' . CurrentUser::$id); } }
<pre><?php $dev_mode = 1; $core_path = 'core/'; ini_set('display_errors', $dev_mode); require_once $core_path . 'config.php'; require_once $core_path . 'include.php'; if (isset($_POST['x'])) { echo date('Y-m-d H:i:s') . "\n"; //$props = ImgStore::getImageProperties($_FILES['photo']['tmp_name'], $full = true); //dpe($props); $image_id = ImgStore::upload($_FILES['photo']['tmp_name'], array(1 => '100x100x0', 2 => '500x500x1', 3 => '250x250x1')); echo date('Y-m-d H:i:s') . "\n"; echo '<img src="' . ImgStore::getUrl($image_id, 0) . '">' . "\n"; echo '<img src="' . ImgStore::getUrl($image_id, 1) . '">' . "\n"; } ?> <form enctype="multipart/form-data" method="post"> <input type="hidden" name="x"> <input type="file" name="photo" > <input type="submit"> </form>
foreach ($tasks as $task) { echo "\n"; if (isset($originals[$task['image_id']])) { $or = $originals[$task['image_id']]; $orig_file_path = ImgStore::getFileLocalPath($or['image_id'], $or['size_id']); log_('task#' . $task['id'] . ' original imageid#' . $or['image_id'] . ' ' . $or['width'] . 'x' . $or['height'] . ', ' . round($or['bytes'] / 1024 / 1024 * 1000) / 1000 . ' Mb'); if (!is_readable($orig_file_path)) { $to_delete[$task['id']] = $task['id']; $to_error[$task['id']] = ImgStore::ERROR_NOT_READABLE; log_($orig_file_path . ' is not readable'); } else { log_($orig_file_path . ' is readable, processing to ' . $task['width_requested'] . 'x' . $task['height_requested']); $target_file_path = ImgStore::getFileLocalPath($task['image_id'], $task['size_id']); $settings = array('width' => $or['width'], 'height' => $or['height'], 'crop_method' => $task['crop_method'], 'width_requested' => $task['width_requested'], 'height_requested' => $task['height_requested'], 'size_id' => $task['size_id']); log_('saving to ' . $target_file_path); list($new_width, $new_height, $target_width, $target_height) = ImgStore::resize($orig_file_path, $settings, $target_file_path); $bytes = filesize($target_file_path); log_('saved as ' . $new_width . 'x' . $new_height . '[requested ' . $target_width . 'x' . $target_height . '], ' . round($bytes / 1024 / 1024 * 1000) / 1000 . ' Mb'); Database::query('UPDATE `images` SET `width`=' . $new_width . ', `height`=' . $new_height . ', `ready`=1, `server_id`=' . ImgStore::SERVER_ORIG . ', `bytes` =' . $bytes . ' WHERE `id`=' . $task['id']); } } else { log_('task# ' . $task['id'] . ' original missed!'); $to_delete[$task['id']] = $task['id']; } } }
function _list($opts = array()) { $has_paging = !isset($opts['no_paging']); $show_sortings = isset($opts['show_sortings']); $per_page = isset($opts['per_page']) ? $opts['per_page'] : 10; $per_page = min(100, max(1, (int) $per_page)); $cond = new Conditions(); if (isset($opts['historical']) && $opts['historical']) { $cond->setSorting(array('eventTime' => array('order' => 'desc', 'title' => 'по исторической дате')), array('eventTime' => array('order' => 'desc', 'title' => 'по исторической дате'))); } else { $cond->setSorting(array('createTime' => array('order' => 'desc', 'title' => 'по дате')), array('createTime' => array('order' => 'desc', 'title' => 'по дате'))); } $cond->setPaging(100000, $per_page); $where = array('1'); if (isset($opts['where'])) { foreach ($opts['where'] as $w) { $where[] = $w; } } $order = $cond->getSortingField() . ' ' . $cond->getSortingOrderSQL(); $limit = $cond->getLimit(); $query = 'SELECT SQL_CALC_FOUND_ROWS A.child_name as child_name,A.birthDate as birthDate,AE.*, LE.*,AE.description as description, LE.description as event_description, LE.title as event_title,AE.title as title, AE.creator_id as user_id,AE.id as id, LE.id as lib_event_id, LET.id as lib_template_id, AE.id as id FROM `album_events` AE LEFT JOIN `album` A ON A.id=AE.album_id LEFT JOIN `lib_events` LE ON LE.id=AE.event_id LEFT JOIN `lib_event_templates` LET ON LET.id=LE.template_id WHERE (' . implode(' AND ', $where) . ') ORDER BY ' . $order . ' LIMIT ' . $limit . ''; $events = Database::sql2array($query, 'id'); $uids = array(); if (count($events)) { $field_values = Database::sql2array('SELECT AEF.*,LETF.title as event_field_title,T.* FROM `album_events_fields` AEF JOIN `lib_event_templates_fields` LETF ON LETF.field_id=AEF.field_id JOIN `lib_event_templates_fields_types` T ON T.id=LETF.type WHERE `event_id` IN(' . implode(',', array_keys($events)) . ')'); } else { $field_values = array(); } foreach ($field_values as $values) { $events[$values['event_id']]['fields'][$values['field_id']] = $values; } foreach ($events as $event) { if ($event['user_id']) { $uids[$event['user_id']] = $event['user_id']; } } if (count($uids)) { $users = Users::getByIdsLoaded($uids); } else { $users = array(); } foreach ($events as &$event) { $event['user'] = isset($users[$event['user_id']]) ? $users[$event['user_id']]->data : array(); $event['template_id'] = $event['template_id'] ? $event['template_id'] : 1; $image_id = $event['picture']; $event['pic_small'] = $image_id ? ImgStore::getUrl($image_id, Config::SIZES_PICTURE_SMALL) : false; $event['pic_normal'] = $image_id ? ImgStore::getUrl($image_id, Config::SIZES_PICTURE_NORMAL) : false; $event['pic_big'] = $image_id ? ImgStore::getUrl($image_id, Config::SIZES_PICTURE_BIG) : false; $event['pic_orig'] = $image_id ? ImgStore::getUrl($image_id, 0) : false; } $cond->setPaging(Database::sql2single('SELECT FOUND_ROWS()'), $per_page); $data['events'] = $events; $data['conditions'] = $cond->getConditions(); if (!$show_sortings) { foreach ($data['conditions'] as $key => $group) { if ($group['mode'] == 'sorting') { unset($data['conditions'][$key]); } } } return $data; }
<?php ini_set('display_errors', 1); $end = array_pop(explode('/', $_SERVER['REQUEST_URI'])); list($image_id, $size) = explode('-', $end); $image_id = (int) $image_id; $size = (int) $size; if ($image_id) { $core_path = 'core/'; require_once $core_path . 'config.php'; require_once $core_path . 'include.php'; $authorized = CurrentUser::authorize_cookie(); if ($authorized) { $owner = Database::sql2single('SELECT `creator_id` FROM `album_events` WHERE `picture`=' . $image_id); if ($owner == CurrentUser::$id) { header('Content-type: image/jpeg'); header('Content-Disposition: inline; filename=protected_' . $image_id . '-' . $size . '.jpg'); header('X-Accel-Redirect: /images_private/' . str_replace(ImgStore::ROOT_PRIVATE_FOLDER, '', ImgStore::getFileLocalPath($image_id, $size, $private = true))); exit(0); } else { die('Изображение является приватным и доступно только владельцу'); } } else { die('Изображение является приватным и доступно только владельцу'); } }
if (filesize($real_private_path)) { $amazon_dest = str_replace(ImgStore::$server_urls[ImgStore::SERVER_AMAZONS3], '', $fetch_url); $res = Amazon::delete($amazon_dest); log_('deleted ' . $amazon_dest . ' from amazon with code:' . $res); Database::query('UPDATE `images` SET `server_id`=' . ImgStore::SERVER_PRIVATE . ', `private_real`=1 WHERE `id`=' . $image['id']); } } else { // get from local file, delete amazon copy $amazon_dest = str_replace(ImgStore::$server_urls[ImgStore::SERVER_AMAZONS3], '', ImgStore::getUrl($image['image_id'], $image['size_id'], 0)); $res = Amazon::delete($amazon_dest); log_('deleted ' . $amazon_dest . ' from amazon with code:' . $res); // $real_path = ImgStore::getFileLocalPath($image['image_id'], $image['size_id']); log_($image['id'] . ' at original server in ' . $real_path . ' ' . filesize($real_path) . ' bytes'); // change location to private folder $real_private_path = ImgStore::getFileLocalPath($image['image_id'], $image['size_id'], $private = true); log_('will be moved to ' . $real_private_path); if (copy($real_path, $real_private_path)) { log_('succesfully copied'); Database::query('UPDATE `images` SET `server_id`=' . ImgStore::SERVER_PRIVATE . ', `private_real`=1 WHERE `id`=' . $image['id']); unlink($real_path); } else { log_('cant copy'); } } } } } } function log_($txt) {
function showConnectOk() { $code = isset($_GET['code']) ? $_GET['code'] : false; if (!$code) { $out['error'] = 'Неудачная попытка авторизации'; } else { // getting token $postdata = http_build_query(array('grant_type' => 'authorization_code', 'client_id' => Config::APP_ID_OK, 'client_secret' => Config::APP_SECRET_OK, 'code' => $code, 'redirect_uri' => 'http://balbum.ru/connect/ok')); $opts = array('http' => array('method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata)); $context = stream_context_create($opts); $data = json_decode(file_get_contents('http://api.odnoklassniki.ru/oauth/token.do', false, $context), true); if (isset($data['access_token'])) { //got access_token Database::query('UPDATE `user` SET `ok_access_token`=' . Database::escape($data['access_token']) . ', `ok_refresh_token`=' . Database::escape($data['refresh_token']) . ', `ok_access_token_expire`=' . time() . ' WHERE `id`=' . CurrentUser::$id); $out['success'] = true; // ask vk api for user name $method_url = 'http://api.odnoklassniki.ru/fb.do?client_id=' . Config::APP_ID_OK . '&access_token=' . $data['access_token'] . '&application_key=' . Config::APP_KEY_OK . '&method=users.getCurrentUser&sig=' . md5('application_key=' . Config::APP_KEY_OK . 'client_id=' . Config::APP_ID_OK . 'method=users.getCurrentUser' . md5($data['access_token'] . Config::APP_SECRET_OK)); $udata = json_decode(file_get_contents($method_url), true); if ($udata) { Database::query('UPDATE `user` SET `ok_id`=' . Database::escape($udata['uid']) . ' WHERE `id`=' . CurrentUser::$id); $out['name'] = $udata['name']; $out['pic'] = str_replace('photoType=4', 'photoType=6', $udata['pic_1']); $user = Users::getByIdLoaded(CurrentUser::$id); // if no any avatar, set vk avatar as site avatar if (!$user->data['avatar'] && $out['pic']) { $tmp_name = '/tmp/' . md5(time() . CurrentUser::$id); file_put_contents($tmp_name, file_get_contents($out['pic'])); $result = ImgStore::upload($tmp_name, Config::$sizes[Config::T_SIZE_AVATAR]); if ($result) { Database::query('UPDATE `user` SET `avatar`=' . $result . ' WHERE `id`=' . CurrentUser::$id); } } Database::query('UPDATE `user` SET `ok_name`=' . Database::escape($out['name']) . ' WHERE `id`=' . CurrentUser::$id); } } else { $out['error'] = 'Неудачная попытка авторизации'; } } return $out; }
foreach ($to_export as $image) { if ($limit['uploaded_bytes'] > $day_limit_bytes) { log_('LIMIT REACHED[BYTES]:' . $limit['uploaded_bytes'] . ' FROM ' . $day_limit_bytes); exit(0); } else { log_('LIMIT [BYTES]:' . $limit['uploaded_bytes'] . ' FROM ' . $day_limit_bytes); } if ($limit['uploaded_count'] > $day_limit_count) { log_('LIMIT REACHED[COUNT]:' . $limit['uploaded_count'] . ' FROM ' . $day_limit_count); exit(0); } else { log_('LIMIT [COUNT]:' . $limit['uploaded_count'] . ' FROM ' . $day_limit_count); } $real_path = ImgStore::getFileLocalPath($image['image_id'], $image['size_id']); log_($real_path . ' ' . floor($image['bytes'] / 1024 / 1024 * 1000) / 1000 . 'Mb'); $target_path = str_replace(ImgStore::$server_urls[ImgStore::SERVER_ORIG], '', ImgStore::getUrl($image['image_id'], $image['size_id'], 0)); log_('saving to ' . $target_path); $result = Amazon::store($real_path, $target_path); if ($result) { $limit['uploaded_count']++; $limit['uploaded_bytes'] += $image['bytes']; log_('Stored at amazon at ' . ImgStore::$server_urls[ImgStore::SERVER_AMAZONS3] . $target_path); Database::query('UPDATE `images` SET `server_id`=' . ImgStore::SERVER_AMAZONS3 . ', `amazon_stored_time`=' . time() . ' WHERE `id`=' . $image['id']); } else { log_('Cant store file to amazon'); Database::query('UPDATE `images` SET `amazon_stored_time`=' . time() . ' WHERE `id`=' . $image['id']); } Database::query('REPLACE INTO `amazon_limit` SET `day`=' . $day . ', `uploaded_bytes`=' . $limit['uploaded_bytes'] . ',`uploaded_count`=' . $limit['uploaded_count']); }
function editEvent() { $error = array(); $album_id = (int) $_POST['album_id']; if (isset($_POST['id'])) { $event_id = max(0, (int) $_POST['id']); $template_id = Database::sql2single('SELECT `template_id` FROM `album_events` AE JOIN `lib_events` LE ON LE.id=AE.event_id WHERE AE.`id`=' . $event_id); } else { if (isset($_POST['template_id'])) { $template_id = max(0, (int) $_POST['template_id']); } } $event_event_id = 0; if (isset($_POST['event_id'])) { $template_id = Database::sql2single('SELECT `template_id` FROM `lib_events` LE WHERE LE.`id`=' . (int) $_POST['event_id']); $event_event_id = (int) $_POST['event_id']; } if (!$template_id) { $template_id = 1; } $q = $q_ = array(); Database::query('START TRANSACTION'); if (!$event_id) { $event_data = Database::sql2row('SELECT * FROM `lib_events` WHERE `id`=' . (int) $event_event_id); if (isset($event_data['multiple']) && !$event_data['multiple']) { // несколько раз нельзя $exists = Database::sql2single('SELECT `id` FROM `album_events` WHERE `album_id`=' . $album_id . ' AND `event_id`=' . $event_data['id']); if ($exists) { throw new Exception('У Вас уже есть такое событие, и добавлять несколько копий этого события бессмысленно'); } } $query = 'INSERT INTO `album_events` SET id=NULL,createTime=' . time() . ''; Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_EVENT); if ($template_id > 1) { Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_THEMED_EVENT); } Database::query($query); $event_id = Database::lastInsertId(); } else { $check = Database::sql2single('SELECT `creator_id` FROM `album_events` WHERE `album_id`=' . $album_id . ' AND `id`=' . $event_id); if ((int) $check !== (int) CurrentUser::$id) { throw new Exception('It is not your event ' . $check . ' ' . CurrentUser::$id); } } $template_fields = $this->getTemplateFields($template_id); foreach ($template_fields as $eventName => $field) { if (!isset($_POST[$eventName]) || !trim($_POST[$eventName])) { if ($field['important'] && $field['type'] != 'photo') { $error[$eventName] = 'Обязательно к заполнению'; } if ($field['important'] && $field['type'] == 'photo') { if (!isset($_FILES[$eventName])) { $error[$eventName] = 'Обязательно к заполнению'; } } } if ($field['type'] != 'photo') { switch ($field['type']) { case 'eventTitle': $q_[] = '`title`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName]))); $q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)'; break; case 'eventTime': $_POST[$eventName] = date('Y-m-d H:i:s', strtotime($_POST[$eventName])); $q_[] = '`eventTime`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName]))); $q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)'; break; case 'description': $q_[] = '`description`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName]))); $q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,NULL,' . Database::escape(trim($_POST[$eventName])) . ')'; break; case 'height': case 'eyecolor': $q[] = '(' . $event_id . ',' . $field['field_id'] . ',' . Database::escape(trim($_POST[$eventName])) . ',NULL,NULL)'; break; case 'weight': $v = $_POST[$eventName] * 1000 / 1000; if ($v > 200) { $v = $v / 1000; } $q[] = '(' . $event_id . ',' . $field['field_id'] . ',' . Database::escape(trim($v)) . ',NULL,NULL)'; break; default: $q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)'; break; } } } if (count($error)) { Site::passWrite('error_', $error); Site::passWrite('value', $_POST); Database::query('ROLLBACK'); return false; } Database::query('COMMIT'); if (count($q)) { $query = 'REPLACE INTO `album_events_fields`(event_id,field_id,value_int,value_varchar,value_text) VALUES ' . implode(',', $q); Database::query($query); } if (count($q_)) { $query = 'INSERT INTO `album_events` SET `createTime`=' . time() . ', `id`=' . ($event_id ? $event_id : 'NULL') . ', `event_id`=' . $event_event_id . ', `album_id`=' . $album_id . ', `creator_id`=' . CurrentUser::$id . ', ' . implode(',', $q_) . ' ON DUPLICATE KEY UPDATE `id`=' . ($event_id ? $event_id : 'NULL') . ', `event_id`=' . $event_event_id . ', `album_id`=' . $album_id . ', `creator_id`=' . CurrentUser::$id . ', ' . implode(',', $q_) . ' '; Database::query($query); $event_id = $event_id ? $event_id : Database::lastInsertId(); } if (isset($_FILES['photo']) && $_FILES['photo']['tmp_name']) { if (!$_FILES['photo']['error']) { $old_image_id = Database::sql2single('SELECT `picture` FROM `album_events` WHERE `id`=' . $event_id); $result = ImgStore::upload($_FILES['photo']['tmp_name'], Config::$sizes[Config::T_SIZE_PICTURE]); Database::query('UPDATE `album_events` SET `picture`=' . $result . ' WHERE `id`=' . $event_id); if ($old_image_id) { Database::query('UPDATE `images` SET `deleted`=1 WHERE `image_id`=' . $old_image_id); } Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_PHOTO); } else { $error['photo'] = 'Недопустимый формат файла'; Site::passWrite('error_', $error); Site::passWrite('value', $_POST); return false; } } if (isset($_FILES['photo']) && $_FILES['photo']['error'] != 4 && $_FILES['photo']['error']) { $error['photo'] = 'Недопустимый формат файла'; Site::passWrite('error_', $error); Site::passWrite('value', $_POST); return false; } header('Location: /album/' . $album_id . '/event/' . $event_id); }