function add_picture($aid, $filepath, $filename, $position = 0, $title = '', $caption = '', $keywords = '', $user1 = '', $user2 = '', $user3 = '', $user4 = '', $category = 0, $raw_ip = '', $hdr_ip = '', $iwidth = 0, $iheight = 0) { global $CONFIG, $USER_DATA, $PIC_NEED_APPROVAL, $CURRENT_PIC_DATA; global $lang_errors, $lang_db_input_php; $image = $CONFIG['fullpath'] . $filepath . $filename; $normal = $CONFIG['fullpath'] . $filepath . $CONFIG['normal_pfx'] . $filename; $thumb = $CONFIG['fullpath'] . $filepath . $CONFIG['thumb_pfx'] . $filename; $orig = $CONFIG['fullpath'] . $filepath . $CONFIG['orig_pfx'] . $filename; // $mini = $CONFIG['fullpath'] . $filepath . $CONFIG['mini_pfx'] . $filename; $work_image = $image; if (!is_known_filetype($image)) { return array('error' => $lang_db_input_php['err_invalid_fext'] . ' ' . $CONFIG['allowed_file_extensions'], 'halt_upload' => 0); } elseif (is_image($filename)) { $imagesize = cpg_getimagesize($image); if ($CONFIG['read_iptc_data']) { // read IPTC data $iptc = get_IPTC($image); if (is_array($iptc) && !$title && !$caption && !$keywords) { //if any of those 3 are filled out we don't want to override them, they may be blank on purpose. $title = isset($iptc['Headline']) ? trim($iptc['Headline']) : $title; $caption = isset($iptc['Caption']) ? trim($iptc['Caption']) : $caption; $keywords = isset($iptc['Keywords']) ? implode($CONFIG['keyword_separator'], $iptc['Keywords']) : $keywords; } } // resize picture if it's bigger than the max width or height for uploaded pictures if (max($imagesize[0], $imagesize[1]) > $CONFIG['max_upl_width_height']) { if (USER_IS_ADMIN && $CONFIG['auto_resize'] == 1 || !USER_IS_ADMIN && $CONFIG['auto_resize'] > 0) { $resize_method = $CONFIG['picture_use'] == "thumb" ? $CONFIG['thumb_use'] == "ex" ? "any" : $CONFIG['thumb_use'] : $CONFIG['picture_use']; resize_image($image, $image, $CONFIG['max_upl_width_height'], $CONFIG['thumb_method'], $resize_method, 'false'); $imagesize = cpg_getimagesize($image); } elseif (USER_IS_ADMIN) { // skip resizing for admin $picture_original_size = true; } else { @unlink($uploaded_pic); $msg = sprintf($lang_db_input_php['err_fsize_too_large'], $CONFIG['max_upl_width_height'], $CONFIG['max_upl_width_height']); return array('error' => $msg, 'halt_upload' => 1); } } // create backup of full sized picture if watermark is enabled for full sized pictures if (!file_exists($orig) && $CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) { if (!copy($image, $orig)) { return false; } else { $work_image = $orig; } } if (!file_exists($thumb)) { // create thumbnail if (($result = resize_image($work_image, $thumb, $CONFIG['thumb_width'], $CONFIG['thumb_method'], $CONFIG['thumb_use'], "false", 1)) !== true) { return $result; } } if ($CONFIG['make_intermediate'] && cpg_picture_dimension_exceeds_intermediate_limit($imagesize[0], $imagesize[1]) && !file_exists($normal)) { // create intermediate sized picture $resize_method = $CONFIG['picture_use'] == "thumb" ? $CONFIG['thumb_use'] == "ex" ? "any" : $CONFIG['thumb_use'] : $CONFIG['picture_use']; $watermark = $CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'resized') ? 'true' : 'false'; if (($result = resize_image($work_image, $normal, $CONFIG['picture_width'], $CONFIG['thumb_method'], $resize_method, $watermark)) !== true) { return $result; } } // watermark full sized picture if ($CONFIG['enable_watermark'] == '1' && ($CONFIG['which_files_to_watermark'] == 'both' || $CONFIG['which_files_to_watermark'] == 'original')) { $wm_max_upl_width_height = $picture_original_size ? max($imagesize[0], $imagesize[1]) : $CONFIG['max_upl_width_height']; // use max aspect of original image if it hasn't been resized earlier if (($result = resize_image($work_image, $image, $wm_max_upl_width_height, $CONFIG['thumb_method'], 'any', 'true')) !== true) { return $result; } } } else { $imagesize[0] = $iwidth; $imagesize[1] = $iheight; } clearstatcache(); $image_filesize = filesize($image); $total_filesize = is_image($filename) ? $image_filesize + (file_exists($normal) ? filesize($normal) : 0) + filesize($thumb) : $image_filesize; // Test if disk quota exceeded if (!GALLERY_ADMIN_MODE && $USER_DATA['group_quota'] && $category == FIRST_USER_CAT + USER_ID) { $result = cpg_db_query("SELECT sum(total_filesize) FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND category = '" . (FIRST_USER_CAT + USER_ID) . "'"); $record = mysql_fetch_array($result); $total_space_used = $record[0]; mysql_free_result($result); if ($total_space_used + $total_filesize >> 10 > $USER_DATA['group_quota']) { @unlink($image); if (is_image($image)) { @unlink($normal); @unlink($thumb); } $msg = $lang_errors['quota_exceeded'] . '<br /> <br />' . strtr($lang_errors['quota_exceeded_details'], array('[quota]' => $USER_DATA['group_quota'], '[space]' => $total_space_used >> 10)); return array('error' => $msg, 'halt_upload' => 1); } } // Test if picture requires approval if (GALLERY_ADMIN_MODE) { $approved = 'YES'; } elseif (!$USER_DATA['priv_upl_need_approval'] && $category == FIRST_USER_CAT + USER_ID) { $approved = 'YES'; } elseif (!$USER_DATA['pub_upl_need_approval'] && $category < FIRST_USER_CAT) { $approved = 'YES'; } else { $approved = 'NO'; } $PIC_NEED_APPROVAL = $approved == 'NO'; // User ID is recorded when in admin mode $user_id = USER_ID; // Populate Array to pass to plugins, then to SQL $CURRENT_PIC_DATA['aid'] = $aid; $CURRENT_PIC_DATA['filepath'] = $filepath; $CURRENT_PIC_DATA['filename'] = $filename; $CURRENT_PIC_DATA['filesize'] = $image_filesize; $CURRENT_PIC_DATA['total_filesize'] = $total_filesize; $CURRENT_PIC_DATA['pwidth'] = $imagesize[0]; $CURRENT_PIC_DATA['pheight'] = $imagesize[1]; $CURRENT_PIC_DATA['owner_id'] = $user_id; $CURRENT_PIC_DATA['title'] = $title; $CURRENT_PIC_DATA['caption'] = $caption; $CURRENT_PIC_DATA['keywords'] = $keywords; $CURRENT_PIC_DATA['approved'] = $approved; $CURRENT_PIC_DATA['user1'] = $user1; $CURRENT_PIC_DATA['user2'] = $user2; $CURRENT_PIC_DATA['user3'] = $user3; $CURRENT_PIC_DATA['user4'] = $user4; $CURRENT_PIC_DATA['pic_raw_ip'] = $raw_ip; $CURRENT_PIC_DATA['pic_hdr_ip'] = $hdr_ip; $CURRENT_PIC_DATA['position'] = $position; $CURRENT_PIC_DATA['guest_token'] = USER_ID == 0 ? cpg_get_guest_token() : ''; $CURRENT_PIC_DATA = CPGPluginAPI::filter('add_file_data', $CURRENT_PIC_DATA); if (USER_ID > 0 || $CONFIG['allow_guests_enter_file_details'] == 1) { $query = "INSERT INTO {$CONFIG['TABLE_PICTURES']} (aid, filepath, filename, filesize, total_filesize, pwidth, pheight, ctime, owner_id, title, caption, keywords, approved, user1, user2, user3, user4, pic_raw_ip, pic_hdr_ip, position, guest_token) VALUES ('{$CURRENT_PIC_DATA['aid']}', '" . addslashes($CURRENT_PIC_DATA['filepath']) . "', '" . addslashes($CURRENT_PIC_DATA['filename']) . "', '{$CURRENT_PIC_DATA['filesize']}', '{$CURRENT_PIC_DATA['total_filesize']}', '{$CURRENT_PIC_DATA['pwidth']}', '{$CURRENT_PIC_DATA['pheight']}', '" . time() . "', '{$CURRENT_PIC_DATA['owner_id']}', '{$CURRENT_PIC_DATA['title']}', '{$CURRENT_PIC_DATA['caption']}', '{$CURRENT_PIC_DATA['keywords']}', '{$CURRENT_PIC_DATA['approved']}', '{$CURRENT_PIC_DATA['user1']}', '{$CURRENT_PIC_DATA['user2']}', '{$CURRENT_PIC_DATA['user3']}', '{$CURRENT_PIC_DATA['user4']}', '{$CURRENT_PIC_DATA['pic_raw_ip']}', '{$CURRENT_PIC_DATA['pic_hdr_ip']}', '{$CURRENT_PIC_DATA['position']}', '{$CURRENT_PIC_DATA['guest_token']}')"; } else { $query = "INSERT INTO {$CONFIG['TABLE_PICTURES']} (aid, filepath, filename, filesize, total_filesize, pwidth, pheight, ctime, owner_id, title, caption, keywords, approved, user1, user2, user3, user4, pic_raw_ip, pic_hdr_ip, position, guest_token) VALUES ('{$CURRENT_PIC_DATA['aid']}', '" . addslashes($CURRENT_PIC_DATA['filepath']) . "', '" . addslashes($CURRENT_PIC_DATA['filename']) . "', '{$CURRENT_PIC_DATA['filesize']}', '{$CURRENT_PIC_DATA['total_filesize']}', '{$CURRENT_PIC_DATA['pwidth']}', '{$CURRENT_PIC_DATA['pheight']}', '" . time() . "', '{$CURRENT_PIC_DATA['owner_id']}', '', '', '', '{$CURRENT_PIC_DATA['approved']}', '{$CURRENT_PIC_DATA['user1']}', '{$CURRENT_PIC_DATA['user2']}', '{$CURRENT_PIC_DATA['user3']}', '{$CURRENT_PIC_DATA['user4']}', '{$CURRENT_PIC_DATA['pic_raw_ip']}', '{$CURRENT_PIC_DATA['pic_hdr_ip']}', '{$CURRENT_PIC_DATA['position']}', '{$CURRENT_PIC_DATA['guest_token']}')"; } $result = cpg_db_query($query); // Put the pid in current_pic_data and call the plugin filter for file data success $CURRENT_PIC_DATA['pid'] = mysql_insert_id($CONFIG['LINK_ID']); CPGPluginAPI::action('add_file_data_success', $CURRENT_PIC_DATA); //return $result; return true; }
$sql = "SELECT * " . " FROM {$CONFIG['TABLE_PICTURES']} " . " WHERE approved = 'NO' AND aid IN {$albStr} " . " ORDER BY pid " . " LIMIT {$start}, {$count}"; } else { $sql = "SELECT * " . " FROM {$CONFIG['TABLE_PICTURES']} " . " WHERE approved = 'NO' " . " ORDER BY pid " . " LIMIT {$start}, {$count}"; } $result = cpg_db_query($sql); $form_target = $CPG_PHP_SELF . '?mode=upload_approval&start=' . $start . '&count=' . $count; $title = $lang_editpics_php['upl_approval']; $help = ''; } else { $sql = "SELECT COUNT(*) FROM {$CONFIG['TABLE_PICTURES']} WHERE aid = '{$album_id}'"; // If non-admin user but allowed to upload in this album, then we need to fetch only the photos uploaded by that user if (defined('USER_UPLOAD_ALLOWED')) { $owner_str = " AND owner_id = " . USER_ID; // If user is a guest, check if it's the same guest if (USER_ID == 0) { $owner_str .= " AND guest_token = '" . cpg_get_guest_token() . "'"; } // If users don't retain control over their pics in public galleries, show only the most recent uploads if ($CONFIG['users_can_edit_pics'] == 0) { $user_edit_pics_lifetime = $CONFIG['form_token_lifetime'] * 5; $owner_str .= " AND ctime > '" . (time() - $user_edit_pics_lifetime) . "'"; } } else { $owner_str = ''; } // Display only the uploaded files from the last queue after flash upload if ($superCage->get->keyExists('newer_than') && $CONFIG['editpics_ignore_newer_than'] != 1) { $owner_str .= " AND ctime > '" . $superCage->get->getInt('newer_than') . "'"; } $result = cpg_db_query($sql . $owner_str); list($pic_count) = $result->fetchRow(true);