Пример #1
0
        $RENDENGINE->render(new Text("Sorry. One of more of the fields were not filled out!"));
        exit;
    }
    $SANTIZER = new InputSanitizer($_POST);
    //Will think of better sanitize flags. Will add validation steps as well. Remember to santize avatar as well.
    $SANTIZER->addFilter("firstname", FILTER_SANITIZE_STRING);
    $SANTIZER->addFilter("lastname", FILTER_SANITIZE_STRING);
    $SANTIZER->addFilter("haircolor", FILTER_SANITIZE_STRING);
    $SANTIZER->addFilter("eyecolor", FILTER_SANITIZE_STRING);
    $SANTIZER->addFilter("height", FILTER_SANITIZE_NUMBER_INT);
    $SANTIZER->addFilter("weight", FILTER_SANITIZE_NUMBER_INT);
    $SANTIZER->addFilter("bustsize", FILTER_SANITIZE_NUMBER_INT);
    $SANTIZER->addFilter("hipsize", FILTER_SANITIZE_NUMBER_INT);
    $SANTIZER->addFilter("waistsize", FILTER_SANITIZE_NUMBER_INT);
    $SANTIZER->addFilter("bodytype", FILTER_SANITIZE_STRING);
    $SANTIZER->addFilter("personality", FILTER_SANITIZE_STRING);
    $SANTIZER->addFilter("description", FILTER_SANITIZE_STRING);
    $sant_array = $SANTIZER->filter();
    $connection = $DB->connect();
    /*Error handling?*/
    $char_ava = new CharacterAvatar($avatar_img);
    $thumb = new ThumbNail($avatar_img);
    $avatar_name = md5(implode("", $sant_array));
    //Hash all values. Assuming values will be "unique enough"
    $avatar_path = $char_ava->createImage($avatar_name);
    $thumb_path = $thumb->createImage($avatar_name);
    //Make the character thumbnail as well.
    $sant_array[] = $avatar_path;
    $sant_array[] = $thumb_path;
    (new sqlDBExecute($connection, "INSERT into CHARACTER VALUES(nextval('Character_CharacterID_seq'),\$1,\$2,\$3,\$4,\$5,\$6,\$7,\$8,\$9,\$10,\$11,\$12,\$13,\$14)", $sant_array))->execute();
}
Пример #2
0
    die($files->getMessage());
}
$success = "";
$uid = $_POST['uid'];
$smarty->assign("action", "upload.php?pre=" . $_POST['uid']);
$userPic = new Pics();
foreach ($files as $file) {
    //print_r($file->getProp());
    if ($file->isValid()) {
        $smarty->assign("uid", $uid);
        $filePre = $_GET['pre'];
        $file->setName('uniq');
        $destDir = './images/';
        $destName = $file->moveTo($destDir);
        $realName = $file->getProp('real');
        $userPic->insertToUP($filePre, $destName);
        /*resize the pictures*/
        $resize = new ThumbNail($destDir . $destName);
        $resize->build($destName);
        $success = $success . "*Uploaded file {$realName} <br>";
    }
}
$smarty->assign("success", $success);
/*
if ($files->isMissing()) {
    $smarty->assign("error","No file selected <br>");
} 
if ($files->isError()) {
    $smarty->assign("error",$file->errorMsg()."<br>");
}
*/