Пример #1
0
     $total_comments = intval(trim($_POST['total_comments']));
     $total_favorites = intval(trim($_POST['total_favorites']));
     $status = intval(trim($_POST['status']));
     if (strlen($title) < 3) {
         $errors[] = 'Game title field cannot be blank!';
     } elseif (strlen($tags) < 3) {
         $errors[] = 'Game keyword(tags) field cannot be blank!';
     } elseif ($category === 0) {
         $errors[] = 'Select at least one category and no more then 3!';
     }
     if (!$errors) {
         if ($_FILES['thumb']['tmp_name'] != '' && is_uploaded_file($_FILES['thumb']['tmp_name'])) {
             require $config['BASE_DIR'] . '/classes/image.class.php';
             $src = $_FILES['thumb']['tmp_name'];
             $dst = $config['BASE_DIR'] . '/media/games/tmb/' . $GID . '.jpg';
             $image = new VImageConv();
             $image->process($src, $dst, 'MAX_WIDTH', 256, 144);
             $image->canvas(256, 144, '000000', true);
         }
         $sql = "UPDATE game SET title = '" . mysql_real_escape_string($title) . "', tags = '" . mysql_real_escape_string($tags) . "',\n                                    category = '" . $category . "', type = '" . mysql_real_escape_string($type) . "',\n                                    be_commented = '" . mysql_real_escape_string($be_commented) . "',\n                                    be_rated = '" . mysql_real_escape_string($be_rated) . "', rate = '" . mysql_real_escape_string($rate) . "',\n                                    ratedby = '" . mysql_real_escape_string($ratedby) . "', total_plays = '" . mysql_real_escape_string($total_plays) . "',\n                                    total_comments = '" . mysql_real_escape_string($total_comments) . "', total_favorites = '" . mysql_real_escape_string($total_favorites) . "',\n                                    status = '" . mysql_real_escape_string($status) . "' WHERE GID = '" . mysql_real_escape_string($GID) . "' LIMIT 1";
         $conn->execute($sql);
         $messages[] = 'Game information updated successfuly!';
     }
 }
 $sql = "SELECT * FROM game WHERE GID = '" . $GID . "' LIMIT 1";
 $rs = $conn->execute($sql);
 if (mysql_affected_rows() == 1) {
     $game = $rs->getrows();
 } else {
     $errors[] = 'Invalid Game ID. This game does not exist!';
 }
Пример #2
0
     $total_comments = intval(trim($_POST['total_comments']));
     $total_favorites = intval(trim($_POST['total_favorites']));
     $status = intval(trim($_POST['status']));
     if (strlen($title) < 3) {
         $errors[] = 'Game title field cannot be blank!';
     } elseif (strlen($tags) < 3) {
         $errors[] = 'Game keyword(tags) field cannot be blank!';
     } elseif ($category === 0) {
         $errors[] = 'Select at least one category and no more then 3!';
     }
     if (!$errors) {
         if ($_FILES['thumb']['tmp_name'] != '' && is_uploaded_file($_FILES['thumb']['tmp_name'])) {
             require $config['BASE_DIR'] . '/classes/image.class.php';
             $src = $_FILES['thumb']['tmp_name'];
             $dst = $config['BASE_DIR'] . '/media/games/tmb/' . $GID . '.jpg';
             $image = new VImageConv();
             $image->process($src, $dst, 'MAX_WIDTH', 160, 120);
             $image->canvas(160, 120, '000000', true);
         }
         $sql = "UPDATE game SET title = '" . mysql_real_escape_string($title) . "', tags = '" . mysql_real_escape_string($tags) . "',\n                                    category = '" . $category . "', type = '" . mysql_real_escape_string($type) . "',\n                                    be_commented = '" . mysql_real_escape_string($be_commented) . "',\n                                    be_rated = '" . mysql_real_escape_string($be_rated) . "', rate = '" . mysql_real_escape_string($rate) . "',\n                                    ratedby = '" . mysql_real_escape_string($ratedby) . "', total_plays = '" . mysql_real_escape_string($total_plays) . "',\n                                    total_comments = '" . mysql_real_escape_string($total_comments) . "', total_favorites = '" . mysql_real_escape_string($total_favorites) . "',\n                                    status = '" . mysql_real_escape_string($status) . "' WHERE GID = '" . mysql_real_escape_string($GID) . "' LIMIT 1";
         $conn->execute($sql);
         $messages[] = 'Game information updated successfuly!';
     }
 }
 $sql = "SELECT * FROM game WHERE GID = '" . $GID . "' LIMIT 1";
 $rs = $conn->execute($sql);
 if (mysql_affected_rows() == 1) {
     $game = $rs->getrows();
 } else {
     $errors[] = 'Invalid Game ID. This game does not exist!';
 }
Пример #3
0
    } else {
        $sql = "SELECT category_id FROM game_categories\n                       WHERE category_name = '" . mysql_real_escape_string($name) . "' LIMIT 1";
        $conn->execute($sql);
        if ($conn->Affected_Rows() > 0) {
            $errors[] = 'Category name \'' . htmlspecialchars($name, ENT_QUOTES, 'UTF-8') . ' is already used. Please choose another name!';
        } else {
            $channel['name'] = $name;
        }
    }
    if ($_FILES['picture']['tmp_name'] == '') {
        $errors[] = 'Please provide a category image!';
    }
    if (!$errors) {
        $sql = "INSERT INTO game_categories (category_name) VALUES ('" . mysql_real_escape_string($name) . "')";
        $conn->execute($sql);
        $chid = $conn->Insert_ID();
        require $config['BASE_DIR'] . '/classes/image.class.php';
        $image = new VImageConv();
        $image->process($_FILES['picture']['tmp_name'], $chimg . '/' . $chid . '.jpg', 'MAX_WIDTH', 384, 216);
        $image->canvas(384, 216, '000000', true);
        if ($errors) {
            $sql = "DELETE FROM game_categories WHERE category_id = '" . mysql_real_escape_string($chid) . "' LIMIT 1";
            $conn->execute($sql);
        }
    }
    if (!$errors) {
        $msg = 'Category Successfuly added!';
        VRedirect::go('channels.php?m=listgame&msg=' . $msg);
    }
}
$smarty->assign('channel', $channel);
Пример #4
0
            $image->process($avatar_tmp, $dst, 'MAX_HEIGHT', 240, 200);
            $image->resize(true);
            if (file_exists($dst) && filesize($dst) > 100) {
                $_SESSION['message'] = $lang['user.avatar_upload_msg'];
                $_SESSION['uploaded'] = true;
                VRedirect::go($config['BASE_URL'] . '/user/avatar');
            }
        }
    }
}
if (isset($_POST['avatar_crop_submit'])) {
    $filter = new VFilter();
    $x = $filter->get('x1', 'INTEGER');
    $y = $filter->get('y1', 'INTEGER');
    $width = $filter->get('width', 'INTEGER');
    $height = $filter->get('height', 'INTEGER');
    $uid = $user['UID'];
    $src = $config['BASE_DIR'] . '/media/users/orig/' . $uid . '.jpg';
    $dst = $config['BASE_DIR'] . '/media/users/' . $uid . '.jpg';
    $image = new VImageConv();
    $image->process($src, $dst, 'EXACT', 100, 120);
    $image->crop($x, $y, $width, $height, true);
    if (file_exists($dst) && filesize($dst) > 100) {
        $sql = "UPDATE signup SET photo = '" . intval($user['UID']) . ".jpg' WHERE UID = " . intval($uid) . " LIMIT 1";
        $conn->execute($sql);
        $_SESSION['message'] = $lang['user.avatar_crop_msg'];
        VRedirect::go($config['BASE_URL'] . '/user/avatar');
    }
}
$smarty->assign('crop', $crop);
$smarty->assign('uploaded', $uploaded);
Пример #5
0
         } elseif ($imagesize['2'] == 2) {
             $ext = 'jpg';
         } elseif ($imagesize['2'] == 3) {
             $ext = 'png';
         }
         if ($ext == '') {
             $errors[] = 'Invalid image format uploaded. Allowed formats: jpg, gif and png!';
         }
     }
     if (!$errors) {
         $src = $_FILES['avatar']['tmp_name'];
         $dst_tmp = $config['BASE_DIR'] . '/tmp/avatars/' . $UID . '.' . $ext;
         if (move_uploaded_file($src, $dst_tmp)) {
             require $config['BASE_DIR'] . '/classes/image.class.php';
             $dst = $config['BASE_DIR'] . '/media/users/orig/' . $UID . '.jpg';
             $image = new VImageConv();
             $image->process($dst_tmp, $dst, 'MAX_HEIGHT', 240, 200);
             $image->resize(true);
             $src = $dst;
             $dst = $config['BASE_DIR'] . '/media/users/' . $UID . '.jpg';
             $image->process($src, $dst, 'EXACT', 100, 120);
             $image->resize(true);
             $photo_new = TRUE;
         } else {
             $errors[] = 'Failed to move uploaded file (invalid permissions?)!';
         }
     }
 }
 if (!$errors) {
     $sql_add = NULL;
     if ($password != '') {
Пример #6
0
defined('_VALID') or die('Restricted Access!');
require $config['BASE_DIR'] . '/classes/auth.class.php';
require $config['BASE_DIR'] . '/classes/image.class.php';
require $config['BASE_DIR'] . '/classes/filter.class.php';
$auth = new Auth();
$auth->check();
if (isset($_SESSION['uid']) && $uid != $_SESSION['uid']) {
    session_write_close();
    header('Location: ' . $config['BASE_URL'] . '/error/album_permission');
    die;
}
if (isset($_POST['add_photos_submit'])) {
    $photos = 0;
    $filter = new VFilter();
    $image = new VImageConv();
    foreach ($_FILES as $key => $values) {
        if ($values['tmp_name'] != '') {
            if (is_uploaded_file($values['tmp_name']) && ($check = getimagesize($values['tmp_name']))) {
                $ext = strtolower(substr($values['name'], strrpos($values['name'], '.') + 1));
                if (!check_image($values['tmp_name'], $ext)) {
                    continue;
                }
                $photo_expl = explode('_', $key);
                $photo_nr = $photo_expl['1'];
                $caption = $filter->get('caption_' . $photo_nr);
                $sql_add = NULL;
                if ($caption != '') {
                    $sql_add = ", caption = '" . mysql_real_escape_string($caption) . "'";
                }
                $sql = "INSERT INTO photos SET AID = " . $aid . $sql_add;
Пример #7
0
 } else {
     $album['category'] = $category;
 }
 if ($_FILES['photo_1']['tmp_name'] == '') {
     $errors[] = 'Please select at least one photo for your album!';
 } elseif (!is_uploaded_file($_FILES['photo_1']['tmp_name'])) {
     $errors[] = 'First album photo is not a valid uploaded file!';
 }
 if (!$errors) {
     require $config['BASE_DIR'] . '/classes/image.class.php';
     $album['type'] = $type == 'public' ? 'public' : 'private';
     $sql = "INSERT INTO albums (UID, name, category, tags, type, addtime, adddate, status) \n                           VALUES (" . $uid . ", '" . mysql_real_escape_string($name) . "', " . $category . ", \n                                   '" . mysql_real_escape_string($tags) . "', '" . $type . "', " . time() . ", '" . date('Y-m-d') . "', '1')";
     $conn->execute($sql);
     $album_id = mysql_insert_id();
     $photos = 0;
     $image = new VImageConv();
     foreach ($_FILES as $key => $values) {
         if ($values['tmp_name'] != '') {
             if (is_uploaded_file($values['tmp_name'])) {
                 ++$photos;
                 $photo_expl = explode('_', $key);
                 $photo_nr = $photo_expl['1'];
                 $caption = $filter->get('caption_' . $photo_nr);
                 $sql_add = NULL;
                 if ($caption != '') {
                     $sql_add = ", caption = '" . mysql_real_escape_string($caption) . "'";
                 }
                 $sql = "INSERT INTO photos SET AID = " . $album_id . $sql_add;
                 $conn->execute($sql);
                 $photo_id = mysql_insert_id();
                 $src = $values['tmp_name'];
Пример #8
0
<?php

defined('_VALID') or die('Restricted Access!');
Auth::checkAdmin();
require $config['BASE_DIR'] . '/classes/image.class.php';
$images = 0;
if (isset($_POST['submit_add_image'])) {
    $image = new VImageConv();
    foreach ($_FILES as $key => $values) {
        if ($values['tmp_name'] != '') {
            if (is_uploaded_file($values['tmp_name'])) {
                $filename = substr($values['name'], strrpos($values['name'], DIRECTORY_SEPARATOR) + 1);
                $extension = strtolower(substr($values['name'], strrpos($values['name'], '.') + 1));
                $extensions_allowed = explode(',', trim($config['image_allowed_extensions']));
                if (in_array($extension, $extensions_allowed)) {
                    $sql = "INSERT INTO notice_images (addtime, extension) VALUES (" . time() . ", '" . $extension . "')";
                    $conn->execute($sql);
                    $image_id = mysql_insert_id();
                    $dst_orig = $config['BASE_DIR'] . '/images/notice_images/' . $image_id . '.' . $extension;
                    if (move_uploaded_file($values['tmp_name'], $dst_orig)) {
                        $src = $dst_orig;
                        $dst = $config['BASE_DIR'] . '/images/notice_images/thumbs/' . $image_id . '.jpg';
                        $image->process($src, $dst, 'MAX_WIDTH', 150, 0);
                        $image->resize(true, true);
                        ++$images;
                    } else {
                        $sql = "DELETE FROM notice_images WHERE image_id = " . $image_id . " LIMIT 1";
                        $conn->execute($sql);
                    }
                }
            }
Пример #9
0
    } else {
        $sql = "SELECT category_id FROM game_categories\n                       WHERE category_name = '" . mysql_real_escape_string($name) . "' LIMIT 1";
        $conn->execute($sql);
        if ($conn->Affected_Rows() > 0) {
            $errors[] = 'Category name \'' . htmlspecialchars($name, ENT_QUOTES, 'UTF-8') . ' is already used. Please choose another name!';
        } else {
            $channel['name'] = $name;
        }
    }
    if ($_FILES['picture']['tmp_name'] == '') {
        $errors[] = 'Please provide a category image!';
    }
    if (!$errors) {
        $sql = "INSERT INTO game_categories (category_name) VALUES ('" . mysql_real_escape_string($name) . "')";
        $conn->execute($sql);
        $chid = $conn->Insert_ID();
        require $config['BASE_DIR'] . '/classes/image.class.php';
        $image = new VImageConv();
        $image->process($_FILES['picture']['tmp_name'], $chimg . '/' . $chid . '.jpg', 'MAX_WIDTH', 140, 105);
        $image->canvas(140, 105, '000000', true);
        if ($errors) {
            $sql = "DELETE FROM game_categories WHERE category_id = '" . mysql_real_escape_string($chid) . "' LIMIT 1";
            $conn->execute($sql);
        }
    }
    if (!$errors) {
        $msg = 'Category Successfuly added!';
        VRedirect::go('channels.php?m=listgame&msg=' . $msg);
    }
}
$smarty->assign('channel', $channel);
Пример #10
0
     } elseif ($imagesize['2'] == 2) {
         $ext = 'jpg';
     } elseif ($imagesize['2'] == 3) {
         $ext = 'png';
     }
     if ($ext == '') {
         $errors[] = 'Invalid image format uploaded. Allowed formats: jpg, gif and png!';
     }
 }
 if (!$errors) {
     $src = $_FILES['avatar']['tmp_name'];
     $dst_tmp = $config['BASE_DIR'] . '/tmp/avatars/' . $UID . '.' . $ext;
     if (move_uploaded_file($src, $dst_tmp)) {
         require $config['BASE_DIR'] . '/classes/image.class.php';
         $dst_orig = $config['BASE_DIR'] . '/media/users/orig/' . $UID . '.jpg';
         $image = new VImageConv();
         $image->process($dst_tmp, $dst_orig, 'MAX_WIDTH', 500, 0);
         $image->resize(true, true);
         list($width, $height) = getimagesize($dst_orig);
         $crop_w = min($width, $height);
         $crop_h = $crop_w;
         if ($width > $height) {
             $crop_x = floor(($width - $crop_w) / 2);
             $crop_y = 0;
         } else {
             $crop_x = 0;
             $crop_y = floor(($height - $crop_h) / 2);
         }
         $dst = $config['BASE_DIR'] . '/media/users/' . $UID . '.jpg';
         $image->process($dst_orig, $dst, 'EXACT', $crop_w, $crop_h);
         $image->crop($crop_x, $crop_y, $crop_w, $crop_h, true);
Пример #11
0
                 if ($size < 2 * 1024 * 1024) {
                     $thumb = TRUE;
                 }
             }
         }
     }
 }
 if (!$thumb) {
     $errors[] = 'Please upload at least one video thumb!';
 }
 if (!$errors) {
     $sql = "INSERT INTO video\n\t\t                SET UID = " . $uid . ",\n\t\t\t\t\t\t    title = '" . mysql_real_escape_string($title) . "',\n\t\t\t\t\t\t\tkeyword = '" . mysql_real_escape_string($tags) . "',\n\t\t\t\t\t\t\tchannel = '" . $category . "',\n\t\t\t\t\t\t\ttype = '" . $video['type'] . "',\n\t\t\t\t\t\t\tembed_code = '" . mysql_real_escape_string($embed_code) . "',\n\t\t\t\t\t\t\tduration = " . duration_to_seconds($duration) . ",\n\t\t\t\t\t\t\tvkey = '" . mt_rand() . "',\n\t\t\t\t\t\t\taddtime = " . time() . ",\n\t\t\t\t\t\t\tadddate = '" . date('Y-m-d') . "',\n\t\t\t\t\t\t\tactive = '0'";
     $conn->execute($sql);
     $vid = mysql_insert_id();
     require $config['BASE_DIR'] . '/classes/image.class.php';
     $image = new VImageConv();
     $tmb_dir = $config['BASE_DIR'] . '/media/videos/tmb/' . $vid;
     $tmp_dir = $config['BASE_DIR'] . '/tmp/thumbs/' . $vid;
     @mkdir($tmb_dir);
     @mkdir($tmp_dir);
     $width = (int) $config['img_max_width'];
     $height = (int) $config['img_max_height'];
     $i = 1;
     foreach ($_FILES as $file) {
         $tmb = $i . '.jpg';
         if (move_uploaded_file($file['tmp_name'], $tmp_dir . '/' . $tmb)) {
             $src = $tmp_dir . '/' . $tmb;
             $dst = $tmb_dir . '/' . $tmb;
             $dst_tmp = $tmp_dir . '/' . $tmb . '.tmp.jpg';
             $image->process($src, $dst_tmp, 'MAX_WIDTH', $width, 0);
             $image->resize(true, true);
Пример #12
0
     if (!in_array($extension, $extensions_allowed)) {
         $errors[] = translate('upload.album_ext_invalid', $config['image_allowed_extensions']);
     }
 }
 $album['type'] = $type == 'private' ? 'private' : 'public';
 $album['anonymous'] = $anonymous == 'yes' ? 'yes' : 'no';
 $uid = $anonymous == 'yes' ? getAnonymousUID() : intval($_SESSION['uid']);
 if (!$errors) {
     require $config['BASE_DIR'] . '/classes/image.class.php';
     $type = $type == 'public' ? 'public' : 'private';
     $status = $config['approve_photos'] == '1' ? 0 : 1;
     $sql = "INSERT INTO albums (UID, name, category, tags, type, addtime, adddate, status)\n                       VALUES (" . $uid . ", '" . mysql_real_escape_string($name) . "', " . $category . ",\n                           '" . mysql_real_escape_string($tags) . "', '" . $type . "', " . time() . ", '" . date('Y-m-d') . "', '" . $status . "')";
     $conn->execute($sql);
     $album_id = mysql_insert_id();
     $photos = 0;
     $image = new VImageConv();
     foreach ($_FILES as $key => $values) {
         if ($values['tmp_name'] != '') {
             if (is_uploaded_file($values['tmp_name']) && getimagesize($values['tmp_name'])) {
                 $ext = strtolower(substr($values['name'], strrpos($values['name'], '.') + 1));
                 if (!check_image($values['tmp_name'], $ext)) {
                     continue;
                 }
                 ++$photos;
                 $photo_expl = explode('_', $key);
                 $photo_nr = $photo_expl['1'];
                 $caption = $filter->get('caption_' . $photo_nr);
                 $sql_add = NULL;
                 if ($caption != '') {
                     $sql_add = ", caption = '" . mysql_real_escape_string($caption) . "'";
                 }