<?php require_once "header.php"; if (isset($_GET['id'])) { $object = ItemPic::get_by_id($_GET['id']); } else { header("location: index.php?negative"); } if (!$session->is_logged_in()) { header("location: index.php?negative"); } else { $loggeduser = User::get_by_id($session->userid); if ($loggeduser->enabled == DISABLED) { header("location: index.php?disabled"); } } $pathinfo = pathinfo($_SERVER["PHP_SELF"]); $basename = $pathinfo["basename"]; $currentFile = str_replace(".php", "", $basename); ?> <div class="container-fluid"> <div class="row-fluid"> <div class="span1"></div> <div class="span9"> <form id="theform" class="form-horizontal" action="#" method="post" enctype="multipart/form-data"> <fieldset> <legend> Update </legend>
<?php require_once "../initialize.php"; $message = ""; if (isset($_POST['itemid']) && $_POST['itemid'] != "" && isset($_POST['itemtype']) && $_POST['itemtype'] != "") { $object = new ItemPic(); $object->itemid = $_POST['itemid']; $object->itemtype = $_POST['itemtype']; $object->pending = $_POST['pending']; $object->enabled = $_POST['enabled']; if (isset($_FILES['picture'])) { $file = new File($_FILES['picture']); $object->picture = $file->data; } $object->create(); $log = new Log($session->userid, $clientip, "WEB", "CREATED ITEM PIC: " . $object->id); $log->create(); $message .= "success"; } else { $message = "You have missed a required field."; } echo $message;
} if (isset($_GET['enabled'])) { $where .= " AND " . C_ITEMPIC_ENABLED . equallike($_GET['enabled'], "int"); } //====================================================== if (isset($_GET['limit'])) { $limit = " LIMIT " . $_GET['limit'] . " "; } if (isset($_GET['sortby']) && isset($_GET['sortorder'])) { $sort = " ORDER BY " . $_GET['sortby'] . " " . $_GET['sortorder'] . " "; } if (isset($_GET['sortby']) && !isset($_GET['sortorder'])) { $sort = " ORDER BY " . $_GET['sortby'] . $sortorder . " "; } //====================================================== $items = ItemPic::get_by_sql("SELECT * FROM " . T_ITEMPICS . " WHERE " . $where . $sort . $limit); $filename = 0; if (!isset($_GET['blob'])) { foreach ($items as $item) { $filename++; $random = rand(0, 1); file_put_contents("images/" . $filename . "x" . $random . ".jpg", base64_decode($item->picture)); $item->picture = HOST . "includes/webservices/images/" . $filename . "x" . $random . ".jpg"; } } echo str_replace('\\/', '/', json_encode($items)); function equallike($field, $type) { $string = ""; if ($type == "string") { if (isset($_GET['equal'])) {
$html .= " <td>type: " . $item->itemtype . "</td>"; $html .= " <td>override: " . ($item->override == 1 ? "Yes" : "No") . "</td>"; $html .= " <td>" . $theitem->name . "</td>"; $html .= " <td>" . $thedesc . "</td>"; $html .= " <td><a class='btn btn-primary' href='updatefeatureditem.php?id=" . $item->id . "'>Update</a></td>"; $html .= " <td><button class='btn btn-danger btndelete'>Delete <span hidden>" . $item->id . "</span></button></td>"; $html .= "</tr>"; } $filename = 0; echo $html; } else { echo "no data"; } } else { if ($_GET['itemtype'] == "itempic") { $items = ItemPic::get_all(); if (count($items) > 0) { foreach ($items as $item) { $filename++; $random = rand(0, 1); file_put_contents("images/" . $filename . "x" . $random . ".jpg", base64_decode($item->picture)); $item->picture = HOST . "includes/webservices/images/" . $filename . "x" . $random . ".jpg"; $html .= "<tr>"; $html .= " <td>type " . $item->itemtype . "</td>"; $html .= " <td><img src='" . $item->picture . "' height='40' width='40'/></td>"; $html .= " <td><a class='btn btn-primary' href='updateitempic.php?id=" . $item->id . "'>Update</a></td>"; $html .= " <td><button class='btn btn-danger btndelete'>Delete <span hidden>" . $item->id . "</span></button></td>"; $html .= "</tr>"; } $filename = 0; echo $html;
<?php require_once "../initialize.php"; $message = ""; if (isset($_POST['itemid']) && $_POST['itemid'] != "" && isset($_POST['itemtype']) && $_POST['itemtype'] != "") { $object = ItemPic::get_by_id($_POST['itempicid']); $object->itemid = $_POST['itemid']; $object->itemtype = $_POST['itemtype']; $object->pending = $_POST['pending']; $object->enabled = $_POST['enabled']; $file = new File($_FILES['picture']); if ($file->valid) { $object->picture = $file->data; } else { $object->picture = base64_decode($object->picture); } $object->update(); $log = new Log($session->userid, $clientip, "WEB", "UPDATED ITEM PIC: " . $object->id); $log->create(); $message .= "success"; } else { $message = "You have missed a required field."; } echo $message;