public function select($c) { $out = array(); if (isset($_GET['search']) && !empty($_GET['search'])) { $search = '%' . $_GET['search'] . '%'; $search_in = ' AND `studio404_media_item`.`title` LIKE :search '; } else { $search = 'a'; $search_in = ' AND `studio404_media_item`.`id`!=:search '; } //page type $get_page_type = new get_page_type(); $page_type = $get_page_type->type($_SESSION["C"], $_GET['id']); $sql = 'SELECT `studio404_media_item`.`idx` AS smi_idx, `studio404_media_item`.`date` AS smi_date, `studio404_media_item`.`title` AS smi_title, `studio404_media_item`.`tags` AS smi_tags, `studio404_media_item`.`slug` AS smi_slug, `studio404_media_item`.`position` AS smi_position, `studio404_media_item`.`visibility` AS smi_visibility FROM `studio404_media_attachment`, `studio404_media`, `studio404_media_item` WHERE `studio404_media_attachment`.`connect_idx`=:sma_connect_id AND `studio404_media_attachment`.`page_type`=:sma_page_type AND `studio404_media_attachment`.`lang`=:lang AND `studio404_media_attachment`.`status`!=:status AND `studio404_media_attachment`.`idx`=`studio404_media`.`idx` AND `studio404_media`.`lang`=:lang AND `studio404_media`.`status`!=:status AND `studio404_media`.`idx`=`studio404_media_item`.`media_idx` AND `studio404_media_item`.`lang`=:lang AND `studio404_media_item`.`status`!=:status ' . $search_in . ' ORDER BY `studio404_media_item`.`position` ASC '; $exe_array = array(":sma_connect_id" => $_GET['id'], ":sma_page_type" => $page_type, ":status" => 1, ":search" => $search, ":lang" => LANG_ID); $path = '?action=gallery&type=photogallerypage&id=' . $_GET['id'] . '&pn='; $itemsPerPage = 10; $pager = new pager(); $pager = $pager->action($c, $sql, $exe_array, $path, $itemsPerPage); $out['table'] = $this->table($c, $pager[0], $exe_array); $out['pager'] = $pager[1]; return $out; }
public function select($c) { $out = array(); if (isset($_GET['search']) && !empty($_GET['search'])) { $search = '%' . $_GET['search'] . '%'; $search_in = ' AND (`title` LIKE :search OR `code` LIKE :search)'; } else { $search = 'a'; $search_in = ' AND `id`!=:search '; } //page type $get_page_type = new get_page_type(); $page_type = $get_page_type->type($_SESSION["C"], $_GET['id']); $sql = 'SELECT `idx`,`title`, `code` FROM `studio404_vectormap` WHERE `lang`=:lang ' . $search_in . ' ORDER BY `title` ASC'; $exe_array = array(":search" => $search, ":lang" => LANG_ID); $path = '?action=vectormap&pn='; $itemsPerPage = 20; $pager = new pager(); $pager = $pager->action($c, $sql, $exe_array, $path, $itemsPerPage); $out['table'] = $this->table($c, $pager[0], $exe_array); $out['pager'] = $pager[1]; return $out; }
public function content_images($fetch, $c, $media_type = "photo") { if (isset($_GET["type"]) && $_GET["type"] == 'videogallerypage') { $ext = 'mp4,avi'; } else { $ext = 'jpeg,jpg,gif,png'; } $out = '<div class="button makeFileDragable2" style="background-color:green; float:left"> <a href="#" style="color:white"><i class="fa fa-arrows"></i><span id="dragText2">Start sorting</span> </a> </div>'; if ($_GET["type"] == 'videogallerypage') { $out .= '<div class="button addYtVideo" style="background-color:green; float:left; margin-left:10px;"> <a href="#" style="color:white"><i class="fa fa-plus"></i><span id="dragText2">Add youtube video</span> </a> </div>'; } $out .= '<div class="clearfix"></div>'; $out .= '<input type="file" name="bgfile3" id="bgfile3" style="position:absolute; visibility:hidden" />'; $out .= '<div class="dropArea2">'; $out .= '<div class="Droptitle2"> Drag and drop photo (' . $ext . ') <span id="progress2">0%</span> </div>'; $out .= '<div class="dragElements2">'; /////////////// start $conn = $this->conn($c); if (isset($_GET['newsidx'])) { $sp_idx = $_GET['newsidx']; } else { if (isset($_GET['cidx'])) { $sp_idx = $_GET['cidx']; } else { if (isset($_GET['midx'])) { $sp_idx = $_GET['midx']; } else { $sp_idx = $_GET['id']; } } } // get page type $get_page_type = new get_page_type(); $page_type = $get_page_type->type($_SESSION["C"], $_GET['id']); $sql = 'SELECT `studio404_gallery_file`.`id` AS sgf_id, `studio404_gallery_file`.`idx` AS sgf_idx, `studio404_gallery_file`.`title` AS sgf_title, `studio404_gallery_file`.`file` AS sgf_file, `studio404_gallery_file`.`filev` AS sgf_filev FROM `studio404_gallery_attachment`,`studio404_gallery`, `studio404_gallery_file` WHERE `studio404_gallery_attachment`.`connect_idx`=:sp_idx AND `studio404_gallery_attachment`.`lang`=:lang AND `studio404_gallery_attachment`.`pagetype`=:page_type AND `studio404_gallery_attachment`.`status`!=:status AND `studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND `studio404_gallery`.`lang`=:lang AND `studio404_gallery`.`status`!=:status AND `studio404_gallery`.`idx`=`studio404_gallery_file`.`gallery_idx` AND `studio404_gallery_file`.`lang`=:lang AND `studio404_gallery_file`.`media_type`=:media_type AND `studio404_gallery_file`.`status`!=:status ORDER BY `studio404_gallery_file`.`position` ASC '; $prepare = $conn->prepare($sql); $prepare->execute(array(":sp_idx" => $sp_idx, ":lang" => LANG_ID, ":media_type" => $media_type, ":page_type" => $page_type, ":status" => 1)); $prepare->setFetchMode(PDO::FETCH_CLASS, "get_files"); if ($media_type == "video") { $out .= '<input type="file" name="bgfile" id="bgfile" value="" style="position:absolute; visibility:hidden">'; } while ($r = $prepare->fetch()) { $out .= '<div class="filebox2" id="flexbox2-' . $r->sgf_idx . '">'; $out .= '<div class="action_panel2">'; if (true == strpos($r->sgf_file, '://')) { $url = $r->sgf_file; } else { $url = "/" . $r->sgf_file; } $out .= '<a href="' . $url . '" target="_blank"><i class="fa fa-eye"></i></a>'; $out .= '<a href="javascript:;" onclick="openPromt2(\'' . $r->sgf_idx . '\')"><i class="fa fa-pencil-square-o"></i></a>'; if ($media_type == "video") { $out .= '<a href="javascript:;" onclick="upload_filev(\'' . $r->sgf_idx . '\')"><i class="fa fa-camera"></i></a>'; } $out .= '<a href="javascript:;" onclick="askBeforeDelete(\'' . $media_type . '\',\'' . $r->sgf_idx . '\')"><i class="fa fa-times"></i></a>'; $out .= '</div>'; if ($media_type == "video") { if ($r->sgf_filev == "false") { $out .= '<div class="extention2"><img src="/images/video_icon.png" width="100%" /></div>'; } else { $out .= '<div class="extention2"><img src="/' . $r->sgf_filev . '" width="100%" /></div>'; } } else { $out .= '<div class="extention2"><img src="/' . $r->sgf_file . '" width="100%" /></div>'; } $out .= '<div class="filename2 n2-' . $r->sgf_idx . '" id="fid2-' . $r->sgf_id . '">' . $r->sgf_title . '</div>'; $out .= '</div>'; } /////////////// end $out .= '</div><div class="clearfix"></div>'; $out .= '</div>'; return $out; }
function __construct() { set_time_limit($_SESSION["C"]["time.limit"]); $conn = $this->conn($_SESSION["C"]); $allowfiletypes = array("doc", "docx", "xls", "xlsx", "zip", "rar", "pdf"); $allowfiletypes2 = array("jpg", "jpeg", "gif", "png", "mp4", "avi"); if ((isset($_POST) or isset($_GET)) && (count($_POST) > 0 or count($_GET) > 0)) { $files = glob(DIR . '_cache/*'); // get all file names foreach ($files as $file) { // iterate files if (is_file($file)) { @unlink($file); } // delete file } } if (!isset($_GET['extention']) && !isset($_GET['filename']) && !isset($_GET['removefile']) && !isset($_GET['idxes']) && !isset($_GET['idxes2']) && !isset($_GET['idxes3']) && !isset($_GET['idxes_photos']) && !isset($_POST['youtubeLink'])) { $str = file_get_contents("php://input"); $filename = md5(time()) . ".jpg"; $path = 'files_pre/' . $filename; file_put_contents($path, $str); echo $path; } else { if (isset($_GET['pageidx'], $_GET['extention'], $_GET['token']) && in_array($_GET['extention'], $allowfiletypes)) { $pageidx = isset($_GET['newsidx']) && $_GET['newsidx'] != "false" ? $_GET['newsidx'] : $_GET['pageidx']; // get page type $get_page_type = new get_page_type(); $page_type = $get_page_type->type($_SESSION["C"], $_GET['pageidx']); $str = file_get_contents("php://input"); $timegenerate = md5(time()); $filename = $timegenerate . "." . $_GET['extention']; $path = 'files_pre/' . $filename; $color_array = array("pdf" => "#e74c3c", "doc" => "#2ecc71", "docx" => "#27ae60", "xls" => "#1abc9c", "xlsx" => "#16a085", "zip" => "#4aa3df", "rar" => "#2980b9"); file_put_contents($path, $str); // check if exists attachment $sql = 'SELECT `studio404_gallery`.`idx` AS `sg_idx` FROM `studio404_gallery_attachment`,`studio404_gallery` WHERE `studio404_gallery_attachment`.`connect_idx`=:connect_idx AND `studio404_gallery_attachment`.`status`!=:status AND `studio404_gallery_attachment`.`pagetype`=:page_type AND `studio404_gallery_attachment`.`lang`=:lang AND `studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND `studio404_gallery`.`status`!=:status '; $prepare = $conn->prepare($sql); $prepare->execute(array(":connect_idx" => $pageidx, ":page_type" => $page_type, ":lang" => (int) $_GET['l'], ":status" => 1)); $fetch = $prepare->fetch(PDO::FETCH_ASSOC); if ($fetch['sg_idx']) { // select max idx gallery photo try { $sql2 = 'SELECT `id`, MAX(`idx`) as maxid FROM `studio404_gallery_file` WHERE `lang`=:lang AND `status`!=:status'; $prepare2 = $conn->prepare($sql2); $prepare2->execute(array("lang" => (int) $_GET['l'], ":status" => 1)); $fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC); $maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1; $fileid = $fetch2['id']; } catch (Exeption $e) { $maxid = 1; } // select max position of gallery photo try { $sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status'; $prepare3 = $conn->prepare($sql3); $prepare3->execute(array(":media_type" => 'document', ":lang" => (int) $_GET['l'], ":gallery_idx" => $fetch['sg_idx'], ":status" => 1)); $fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC); $maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1; } catch (Exeption $e) { $maxpos = 1; } // move file to file folder $path_new = "files/document/" . $timegenerate . "." . $_GET["extention"]; if (@copy($path, $path_new)) { @unlink($path); } $filesize = @filesize($path_new); //insert gallery photo $sql4 = 'INSERT INTO `studio404_gallery_file` SET `idx`=:idx, `date`=:datex, `gallery_idx`=:gallery_idx, `file`=:file, `media_type`=:media_type, `title`=:title, `description`=:description, `filesize`=:filesize, `insert_admin`=:insert_admin, `position`=:position, `lang`=:lang, `status`=:status '; $prepare4 = $conn->prepare($sql4); $prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $path_new, ":media_type" => "document", ":title" => "Not defined", ":description" => "Not defined", ":filesize" => $filesize, ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => (int) $_GET['l'], ":status" => 0)); //get inserted file id with current language $sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status'; $prepare5 = $conn->prepare($sql5); $prepare5->execute(array(":media_type" => 'document', ":idx" => $maxid, ":lang" => (int) $_GET['l'], ":status" => 1)); $fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC); $out = '<div class="filebox" style="background-color:' . $color_array[$_GET['extention']] . '" id="flexbox-' . $maxid . '">'; $out .= '<div class="action_panel">'; $out .= '<a href="/' . $path_new . '" target="_blank"><i class="fa fa-eye"></i></a>'; $out .= '<a href="javascript:;" onclick="openPromt(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>'; $out .= '<a href="javascript:;" onclick="removeFile(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>'; $out .= '</div>'; $out .= '<div class="extention">' . $_GET['extention'] . '</div>'; $out .= '<div class="filename n-' . $maxid . '" id="fid-' . $fetch5['id'] . '">Not defined</div>'; $out .= '</div>'; echo $out; } } else { if (isset($_GET['id'], $_GET['filename'])) { $sql = 'UPDATE `studio404_gallery_file` SET `title`=:title WHERE `id`=:id'; $prepare = $conn->prepare($sql); $prepare->execute(array(":title" => $_GET['filename'], ":id" => $_GET['id'])); } else { if (isset($_GET['idx'], $_GET['idxes2'])) { $sql = 'UPDATE `studio404_gallery_file` SET `status`=:status WHERE `idx`=:idx AND lang=:lang AND `media_type`=:media_type'; $prepare = $conn->prepare($sql); $prepare->execute(array(":status" => 1, ":media_type" => "document", ":idx" => $_GET['idx'], ":lang" => $_GET['l'])); $position = 1; $unserialize = unserialize($_GET['idxes2']); foreach ($unserialize as $idx) { $sql2 = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status'; $prepare2 = $conn->prepare($sql2); $prepare2->execute(array(":media_type" => "document", ":position" => $position, ":idx" => $idx, ":status" => 1, ":lang" => $_GET["l"])); $position++; } echo "Done"; } else { if (isset($_GET['idx'], $_GET['idxes3'])) { $media_type = isset($_GET["media_type"]) && $_GET["media_type"] == "video" ? "video" : "photo"; $sql = 'UPDATE `studio404_gallery_file` SET `status`=:status WHERE `idx`=:idx'; $prepare = $conn->prepare($sql); $prepare->execute(array(":status" => 1, ":idx" => $_GET['idx'])); $position = 1; if ($_GET["idxes3"] != "empty") { foreach ($_GET['idxes3'] as $idx) { $sql2 = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status'; $prepare2 = $conn->prepare($sql2); $prepare2->execute(array(":media_type" => $media_type, ":position" => $position, ":idx" => $idx, ":status" => 1)); $position++; } } } else { if (isset($_GET['idxes'])) { $position = 1; foreach ($_GET['idxes'] as $idx) { $sql = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status'; $prepare = $conn->prepare($sql); $prepare->execute(array(":media_type" => "document", ":position" => $position, ":idx" => $idx, ":status" => 1)); $position++; } } else { if (isset($_GET['idxes_photos'])) { $position = 1; $media_type = isset($_GET["type"]) && $_GET["type"] == "videogallerypage" ? "video" : "photo"; $unserialize = unserialize($_GET['idxes_photos']); foreach ($unserialize as $idx) { $sql = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status'; $prepare = $conn->prepare($sql); $prepare->execute(array(":media_type" => $media_type, ":position" => $position, ":idx" => $idx, ":status" => 1)); $position++; } } else { if (isset($_GET['pageidx'], $_GET['extention'], $_GET['token']) && in_array($_GET['extention'], $allowfiletypes2)) { $pageidx = isset($_GET['newsidx']) && $_GET['newsidx'] != "false" ? $_GET['newsidx'] : $_GET['pageidx']; $media_type = isset($_GET["media"]) && $_GET["media"] == "false" ? "video" : "photo"; // get page type $get_page_type = new get_page_type(); $page_type = $get_page_type->type($_SESSION["C"], $_GET['pageidx']); // photo upload $str = file_get_contents("php://input"); $timegenerate = md5(time()); $filename = $timegenerate . "." . $_GET['extention']; $path = 'files_pre/' . $filename; file_put_contents($path, $str); // check if exists attachment $sql = 'SELECT `studio404_gallery`.`idx` AS `sg_idx` FROM `studio404_gallery_attachment`,`studio404_gallery` WHERE `studio404_gallery_attachment`.`connect_idx`=:connect_idx AND `studio404_gallery_attachment`.`pagetype`=:pagetype AND `studio404_gallery_attachment`.`status`!=:status AND `studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND `studio404_gallery`.`status`!=:status '; $prepare = $conn->prepare($sql); $prepare->execute(array(":connect_idx" => $pageidx, ":pagetype" => $page_type, ":status" => 1)); $fetch = $prepare->fetch(PDO::FETCH_ASSOC); if ($fetch['sg_idx']) { // select max idx gallery photo $sql2 = 'SELECT `id`, MAX(`idx`) AS maxid FROM `studio404_gallery_file`'; $prepare2 = $conn->prepare($sql2); $prepare2->execute(); $fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC); $maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1; $fileid = $fetch2['id']; // select max position of gallery photo try { $sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status'; $prepare3 = $conn->prepare($sql3); $prepare3->execute(array(":media_type" => $media_type, ":lang" => LANG_ID, ":gallery_idx" => $fetch['sg_idx'], ":status" => 1)); $fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC); $maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1; } catch (Exeption $e) { $maxpos = 1; } // move file to file folder $path_new = "files/" . $media_type . "/" . $timegenerate . "." . $_GET["extention"]; if (@copy($path, $path_new)) { @unlink($path); } $filesize = @filesize($path_new); //insert gallery photo $sql4 = 'INSERT INTO `studio404_gallery_file` SET `idx`=:idx, `date`=:datex, `gallery_idx`=:gallery_idx, `file`=:file, `media_type`=:media_type, `title`=:title, `description`=:description, `filesize`=:filesize, `insert_admin`=:insert_admin, `position`=:position, `lang`=:lang, `status`=:status '; $prepare4 = $conn->prepare($sql4); $prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $path_new, ":media_type" => $media_type, ":title" => "Not defined", ":description" => "Not defined", ":filesize" => $filesize, ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => (int) $_GET['l'], ":status" => 0)); //get inserted file id with current language $sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status'; $prepare5 = $conn->prepare($sql5); $prepare5->execute(array(":media_type" => $media_type, ":idx" => $maxid, ":lang" => LANG_ID, ":status" => 1)); $fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC); $out = '<div class="filebox2" id="flexbox2-' . $maxid . '">'; $out .= '<div class="action_panel2">'; $out .= '<a href="/' . $path_new . '" class="fancybox"><i class="fa fa-eye"></i></a>'; $out .= '<a href="javascript:;" onclick="openPromt2(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>'; $out .= '<a href="javascript:;" onclick="removeFile2(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>'; $out .= '</div>'; if ($media_type == "video") { $out .= '<div class="extention2"><img src="/images/video_icon.png" width="100%" /></div>'; } else { $out .= '<div class="extention2"><img src="/' . $path_new . '" width="100%" /></div>'; } $out .= '<div class="filename2 n2-' . $maxid . '" id="fid2-' . $fetch5['id'] . '">Not defined</div>'; $out .= '</div>'; echo $out; } } else { if (isset($_POST['youtubeLink'])) { /////////////////////////////////////////////////////////////////////// $pageidx = isset($_POST['yt_mid']) ? $_POST['yt_mid'] : 0; $media_type = "video"; $page_type = "videogallerypage"; $sql = 'SELECT `studio404_gallery`.`idx` AS `sg_idx` FROM `studio404_gallery_attachment`,`studio404_gallery` WHERE `studio404_gallery_attachment`.`connect_idx`=:connect_idx AND `studio404_gallery_attachment`.`pagetype`=:pagetype AND `studio404_gallery_attachment`.`status`!=:status AND `studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND `studio404_gallery`.`status`!=:status '; $prepare = $conn->prepare($sql); $prepare->execute(array(":connect_idx" => $pageidx, ":pagetype" => $page_type, ":status" => 1)); $fetch = $prepare->fetch(PDO::FETCH_ASSOC); if ($fetch['sg_idx']) { // select max idx gallery photo try { $sql2 = 'SELECT `id`, MAX(`idx`) as maxid FROM `studio404_gallery_file` WHERE `lang`=:lang AND `status`!=:status'; $prepare2 = $conn->prepare($sql2); $prepare2->execute(array("lang" => LANG_ID, ":status" => 1)); $fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC); $maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1; $fileid = $fetch2['id']; } catch (Exeption $e) { $maxid = 1; } // select max position of gallery photo try { $sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status'; $prepare3 = $conn->prepare($sql3); $prepare3->execute(array(":media_type" => $media_type, ":lang" => LANG_ID, ":gallery_idx" => $fetch['sg_idx'], ":status" => 1)); $fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC); $maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1; } catch (Exeption $e) { $maxpos = 1; } $sql4 = 'INSERT INTO `studio404_gallery_file` SET `idx`=:idx, `date`=:datex, `gallery_idx`=:gallery_idx, `file`=:file, `media_type`=:media_type, `title`=:title, `description`=:description, `filesize`=:filesize, `insert_admin`=:insert_admin, `position`=:position, `lang`=:lang, `status`=:status '; $prepare4 = $conn->prepare($sql4); $prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $_POST['youtubeLink'], ":media_type" => $media_type, ":title" => "Not defined", ":description" => "Not defined", ":filesize" => "0", ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => (int) $_GET['l'], ":status" => 0)); //get inserted file id with current language $sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status'; $prepare5 = $conn->prepare($sql5); $prepare5->execute(array(":media_type" => $media_type, ":idx" => $maxid, ":lang" => LANG_ID, ":status" => 1)); $fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC); $out = '<div class="filebox2" id="flexbox2-' . $maxid . '">'; $out .= '<div class="action_panel2">'; $out .= '<a href="' . $_POST['youtubeLink'] . '" target="_blank"><i class="fa fa-eye"></i></a>'; $out .= '<a href="javascript:;" onclick="openPromt2(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>'; $out .= '<a href="javascript:;" onclick="upload_filev(\'' . $maxid . '\')"><i class="fa fa-camera"></i></a>'; $out .= '<a href="javascript:;" onclick="removeFile2(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>'; $out .= '</div>'; $out .= '<div class="extention2"><img src="/images/video_icon.png" width="100%" /></div>'; $out .= '<div class="filename2 n2-' . $maxid . '" id="fid2-' . $fetch5['id'] . '">Not defined</div>'; $out .= '</div>'; echo $out; } ///////////////////////////////////////////////////////////////// } else { if (isset($_GET['videoimage']) && is_numeric($_GET['videoimage'])) { $str = file_get_contents("php://input"); $filename = md5(time()) . "." . $_GET['extention']; $path = 'files/photo/' . $filename; file_put_contents($path, $str); $sql = 'UPDATE `studio404_gallery_file` SET `filev`=:filev WHERE `idx`=:idx AND `status`!=:status'; $prepare = $conn->prepare($sql); $prepare->execute(array(":filev" => $path, ":idx" => $_GET['videoimage'], ":status" => 1)); echo $path; } else { echo "error"; exit; } } } } } } } } } } }
public function insertmedia($c, $connect_idx, $lang) { $conn = $this->conn($c); // get page type $get_page_type = new get_page_type(); $page_type = $get_page_type->type($_SESSION["C"], $_GET['newsidx']); //select gallery max idx $sqlg = 'SELECT MAX(`idx`) AS maxid FROM `studio404_gallery` WHERE `lang`=:lang'; $prepareg = $conn->prepare($sqlg); $prepareg->execute(array(":lang" => $lang)); $fetchg = $prepareg->fetch(PDO::FETCH_ASSOC); $maxid = $fetchg['maxid'] ? $fetchg['maxid'] + 1 : 1; // insert gallery $sql_media = 'INSERT INTO `studio404_gallery` SET `idx`=:idx, `date`=:datex, `title`=:title, `lang`=:lang, `status`=:status '; $prepare_media = $conn->prepare($sql_media); $prepare_media->execute(array(":idx" => $maxid, ":datex" => time(), ":title" => $_POST['title'], ":lang" => $lang, ":status" => 0)); // insert gallery attachment $sql_media2 = 'INSERT INTO `studio404_gallery_attachment` SET `idx`=:idx, `connect_idx`=:connect_idx, `pagetype`=:pagetype, `lang`=:lang, `status`=:status '; $prepare_media2 = $conn->prepare($sql_media2); $prepare_media2->execute(array(":idx" => $maxid, ":connect_idx" => $connect_idx, ":pagetype" => $page_type, ":lang" => $lang, ":status" => 0)); }