function getAvatar($small = true)
{
$image_id = $this->data['avatar'];
if ($small) {
return ImgStore::getUrl($image_id, Config::SIZES_AVATAR_SMALL);
} else {
return ImgStore::getUrl($image_id, Config::SIZES_AVATAR_NORMAL);
}
}
function edit()
{
if (isset($_FILES['userpic']) && !$_FILES['userpic']['error']) {
$result = ImgStore::upload($_FILES['userpic']['tmp_name'], Config::$sizes[Config::T_SIZE_AVATAR]);
Database::query('UPDATE `user` SET `avatar`=' . $result . ' WHERE `id`=' . CurrentUser::$id);
}
$error = array();
if (isset($_POST['old'])) {
$old = $_POST['old'];
$new_1 = $_POST['new_1'];
$new_2 = $_POST['new_2'];
if ($new_1 == $new_2) {
$old_real = Database::sql2single('SELECT `password` FROM `user` WHERE `id`=' . CurrentUser::$id);
if (md5($old) === $old_real) {
Database::query('UPDATE `user` SET `password`=' . Database::escape(md5($new_1)) . ' WHERE `id`=' . CurrentUser::$id);
} else {
$error['old'] = 'Введен неверный пароль';
}
} else {
$error['new_1'] = 'Пароли не совпадают';
}
}
$fields_editable = array('first_name' => '/[a-zA-Zа-яА-ЯёЁь]+$/isU', 'last_name' => '/[a-zA-Zа-яА-ЯёЁь]+$/isU', 'middle_name' => '/[a-zA-Zа-яА-ЯёЁь]+$/isU', 'nickname' => '/[a-zA-Zа-яА-ЯёЁь0-9]+$/isU');
foreach ($fields_editable as $fieldname => $pattern) {
if (isset($_POST[$fieldname])) {
if (preg_match($pattern, trim($_POST[$fieldname]))) {
$to_update[] = $fieldname . '=' . Database::escape(trim($_POST[$fieldname]));
} else {
$error[$fieldname] = 'Неправильный формат';
}
}
}
if (count($error)) {
Site::passWrite('error_edit', $error);
Site::passWrite('value_edit', $_POST);
return;
} else {
if (count($to_update)) {
try {
Database::query('UPDATE `user` SET ' . implode(',', $to_update) . ' WHERE `id`=' . CurrentUser::$id);
} catch (Exception $e) {
$error['nickname'] = 'Никнейм занят. Попробуйте придумать другой';
Site::passWrite('error_edit', $error);
Site::passWrite('value_edit', $_POST);
return;
}
}
header('Location: /u/' . CurrentUser::$id);
}
}
<pre><?php
$dev_mode = 1;
$core_path = 'core/';
ini_set('display_errors', $dev_mode);
require_once $core_path . 'config.php';
require_once $core_path . 'include.php';
if (isset($_POST['x'])) {
echo date('Y-m-d H:i:s') . "\n";
//$props = ImgStore::getImageProperties($_FILES['photo']['tmp_name'], $full = true);
//dpe($props);
$image_id = ImgStore::upload($_FILES['photo']['tmp_name'], array(1 => '100x100x0', 2 => '500x500x1', 3 => '250x250x1'));
echo date('Y-m-d H:i:s') . "\n";
echo '<img src="' . ImgStore::getUrl($image_id, 0) . '">' . "\n";
echo '<img src="' . ImgStore::getUrl($image_id, 1) . '">' . "\n";
}
?>
<form enctype="multipart/form-data" method="post">
<input type="hidden" name="x">
<input type="file" name="photo" >
<input type="submit">
</form>
foreach ($tasks as $task) {
echo "\n";
if (isset($originals[$task['image_id']])) {
$or = $originals[$task['image_id']];
$orig_file_path = ImgStore::getFileLocalPath($or['image_id'], $or['size_id']);
log_('task#' . $task['id'] . ' original imageid#' . $or['image_id'] . ' ' . $or['width'] . 'x' . $or['height'] . ', ' . round($or['bytes'] / 1024 / 1024 * 1000) / 1000 . ' Mb');
if (!is_readable($orig_file_path)) {
$to_delete[$task['id']] = $task['id'];
$to_error[$task['id']] = ImgStore::ERROR_NOT_READABLE;
log_($orig_file_path . ' is not readable');
} else {
log_($orig_file_path . ' is readable, processing to ' . $task['width_requested'] . 'x' . $task['height_requested']);
$target_file_path = ImgStore::getFileLocalPath($task['image_id'], $task['size_id']);
$settings = array('width' => $or['width'], 'height' => $or['height'], 'crop_method' => $task['crop_method'], 'width_requested' => $task['width_requested'], 'height_requested' => $task['height_requested'], 'size_id' => $task['size_id']);
log_('saving to ' . $target_file_path);
list($new_width, $new_height, $target_width, $target_height) = ImgStore::resize($orig_file_path, $settings, $target_file_path);
$bytes = filesize($target_file_path);
log_('saved as ' . $new_width . 'x' . $new_height . '[requested ' . $target_width . 'x' . $target_height . '], ' . round($bytes / 1024 / 1024 * 1000) / 1000 . ' Mb');
Database::query('UPDATE `images` SET
`width`=' . $new_width . ',
`height`=' . $new_height . ',
`ready`=1,
`server_id`=' . ImgStore::SERVER_ORIG . ',
`bytes` =' . $bytes . ' WHERE `id`=' . $task['id']);
}
} else {
log_('task# ' . $task['id'] . ' original missed!');
$to_delete[$task['id']] = $task['id'];
}
}
}
function _list($opts = array())
{
$has_paging = !isset($opts['no_paging']);
$show_sortings = isset($opts['show_sortings']);
$per_page = isset($opts['per_page']) ? $opts['per_page'] : 10;
$per_page = min(100, max(1, (int) $per_page));
$cond = new Conditions();
if (isset($opts['historical']) && $opts['historical']) {
$cond->setSorting(array('eventTime' => array('order' => 'desc', 'title' => 'по исторической дате')), array('eventTime' => array('order' => 'desc', 'title' => 'по исторической дате')));
} else {
$cond->setSorting(array('createTime' => array('order' => 'desc', 'title' => 'по дате')), array('createTime' => array('order' => 'desc', 'title' => 'по дате')));
}
$cond->setPaging(100000, $per_page);
$where = array('1');
if (isset($opts['where'])) {
foreach ($opts['where'] as $w) {
$where[] = $w;
}
}
$order = $cond->getSortingField() . ' ' . $cond->getSortingOrderSQL();
$limit = $cond->getLimit();
$query = 'SELECT SQL_CALC_FOUND_ROWS A.child_name as child_name,A.birthDate as birthDate,AE.*, LE.*,AE.description as description, LE.description as event_description, LE.title as event_title,AE.title as title, AE.creator_id as user_id,AE.id as id, LE.id as lib_event_id, LET.id as lib_template_id, AE.id as id
FROM `album_events` AE
LEFT JOIN `album` A ON A.id=AE.album_id
LEFT JOIN `lib_events` LE ON LE.id=AE.event_id
LEFT JOIN `lib_event_templates` LET ON LET.id=LE.template_id
WHERE (' . implode(' AND ', $where) . ')
ORDER BY ' . $order . ' LIMIT ' . $limit . '';
$events = Database::sql2array($query, 'id');
$uids = array();
if (count($events)) {
$field_values = Database::sql2array('SELECT AEF.*,LETF.title as event_field_title,T.* FROM `album_events_fields` AEF
JOIN `lib_event_templates_fields` LETF ON LETF.field_id=AEF.field_id
JOIN `lib_event_templates_fields_types` T ON T.id=LETF.type
WHERE `event_id` IN(' . implode(',', array_keys($events)) . ')');
} else {
$field_values = array();
}
foreach ($field_values as $values) {
$events[$values['event_id']]['fields'][$values['field_id']] = $values;
}
foreach ($events as $event) {
if ($event['user_id']) {
$uids[$event['user_id']] = $event['user_id'];
}
}
if (count($uids)) {
$users = Users::getByIdsLoaded($uids);
} else {
$users = array();
}
foreach ($events as &$event) {
$event['user'] = isset($users[$event['user_id']]) ? $users[$event['user_id']]->data : array();
$event['template_id'] = $event['template_id'] ? $event['template_id'] : 1;
$image_id = $event['picture'];
$event['pic_small'] = $image_id ? ImgStore::getUrl($image_id, Config::SIZES_PICTURE_SMALL) : false;
$event['pic_normal'] = $image_id ? ImgStore::getUrl($image_id, Config::SIZES_PICTURE_NORMAL) : false;
$event['pic_big'] = $image_id ? ImgStore::getUrl($image_id, Config::SIZES_PICTURE_BIG) : false;
$event['pic_orig'] = $image_id ? ImgStore::getUrl($image_id, 0) : false;
}
$cond->setPaging(Database::sql2single('SELECT FOUND_ROWS()'), $per_page);
$data['events'] = $events;
$data['conditions'] = $cond->getConditions();
if (!$show_sortings) {
foreach ($data['conditions'] as $key => $group) {
if ($group['mode'] == 'sorting') {
unset($data['conditions'][$key]);
}
}
}
return $data;
}
<?php
ini_set('display_errors', 1);
$end = array_pop(explode('/', $_SERVER['REQUEST_URI']));
list($image_id, $size) = explode('-', $end);
$image_id = (int) $image_id;
$size = (int) $size;
if ($image_id) {
$core_path = 'core/';
require_once $core_path . 'config.php';
require_once $core_path . 'include.php';
$authorized = CurrentUser::authorize_cookie();
if ($authorized) {
$owner = Database::sql2single('SELECT `creator_id` FROM `album_events` WHERE `picture`=' . $image_id);
if ($owner == CurrentUser::$id) {
header('Content-type: image/jpeg');
header('Content-Disposition: inline; filename=protected_' . $image_id . '-' . $size . '.jpg');
header('X-Accel-Redirect: /images_private/' . str_replace(ImgStore::ROOT_PRIVATE_FOLDER, '', ImgStore::getFileLocalPath($image_id, $size, $private = true)));
exit(0);
} else {
die('Изображение является приватным и доступно только владельцу');
}
} else {
die('Изображение является приватным и доступно только владельцу');
}
}
if (filesize($real_private_path)) {
$amazon_dest = str_replace(ImgStore::$server_urls[ImgStore::SERVER_AMAZONS3], '', $fetch_url);
$res = Amazon::delete($amazon_dest);
log_('deleted ' . $amazon_dest . ' from amazon with code:' . $res);
Database::query('UPDATE `images` SET `server_id`=' . ImgStore::SERVER_PRIVATE . ', `private_real`=1 WHERE `id`=' . $image['id']);
}
} else {
// get from local file, delete amazon copy
$amazon_dest = str_replace(ImgStore::$server_urls[ImgStore::SERVER_AMAZONS3], '', ImgStore::getUrl($image['image_id'], $image['size_id'], 0));
$res = Amazon::delete($amazon_dest);
log_('deleted ' . $amazon_dest . ' from amazon with code:' . $res);
//
$real_path = ImgStore::getFileLocalPath($image['image_id'], $image['size_id']);
log_($image['id'] . ' at original server in ' . $real_path . ' ' . filesize($real_path) . ' bytes');
// change location to private folder
$real_private_path = ImgStore::getFileLocalPath($image['image_id'], $image['size_id'], $private = true);
log_('will be moved to ' . $real_private_path);
if (copy($real_path, $real_private_path)) {
log_('succesfully copied');
Database::query('UPDATE `images` SET `server_id`=' . ImgStore::SERVER_PRIVATE . ', `private_real`=1 WHERE `id`=' . $image['id']);
unlink($real_path);
} else {
log_('cant copy');
}
}
}
}
}
}
function log_($txt)
{
function showConnectOk()
{
$code = isset($_GET['code']) ? $_GET['code'] : false;
if (!$code) {
$out['error'] = 'Неудачная попытка авторизации';
} else {
// getting token
$postdata = http_build_query(array('grant_type' => 'authorization_code', 'client_id' => Config::APP_ID_OK, 'client_secret' => Config::APP_SECRET_OK, 'code' => $code, 'redirect_uri' => 'http://balbum.ru/connect/ok'));
$opts = array('http' => array('method' => 'POST', 'header' => 'Content-type: application/x-www-form-urlencoded', 'content' => $postdata));
$context = stream_context_create($opts);
$data = json_decode(file_get_contents('http://api.odnoklassniki.ru/oauth/token.do', false, $context), true);
if (isset($data['access_token'])) {
//got access_token
Database::query('UPDATE `user` SET
`ok_access_token`=' . Database::escape($data['access_token']) . ',
`ok_refresh_token`=' . Database::escape($data['refresh_token']) . ',
`ok_access_token_expire`=' . time() . '
WHERE `id`=' . CurrentUser::$id);
$out['success'] = true;
// ask vk api for user name
$method_url = 'http://api.odnoklassniki.ru/fb.do?client_id=' . Config::APP_ID_OK . '&access_token=' . $data['access_token'] . '&application_key=' . Config::APP_KEY_OK . '&method=users.getCurrentUser&sig=' . md5('application_key=' . Config::APP_KEY_OK . 'client_id=' . Config::APP_ID_OK . 'method=users.getCurrentUser' . md5($data['access_token'] . Config::APP_SECRET_OK));
$udata = json_decode(file_get_contents($method_url), true);
if ($udata) {
Database::query('UPDATE `user` SET
`ok_id`=' . Database::escape($udata['uid']) . ' WHERE `id`=' . CurrentUser::$id);
$out['name'] = $udata['name'];
$out['pic'] = str_replace('photoType=4', 'photoType=6', $udata['pic_1']);
$user = Users::getByIdLoaded(CurrentUser::$id);
// if no any avatar, set vk avatar as site avatar
if (!$user->data['avatar'] && $out['pic']) {
$tmp_name = '/tmp/' . md5(time() . CurrentUser::$id);
file_put_contents($tmp_name, file_get_contents($out['pic']));
$result = ImgStore::upload($tmp_name, Config::$sizes[Config::T_SIZE_AVATAR]);
if ($result) {
Database::query('UPDATE `user` SET `avatar`=' . $result . ' WHERE `id`=' . CurrentUser::$id);
}
}
Database::query('UPDATE `user` SET `ok_name`=' . Database::escape($out['name']) . ' WHERE `id`=' . CurrentUser::$id);
}
} else {
$out['error'] = 'Неудачная попытка авторизации';
}
}
return $out;
}
foreach ($to_export as $image) {
if ($limit['uploaded_bytes'] > $day_limit_bytes) {
log_('LIMIT REACHED[BYTES]:' . $limit['uploaded_bytes'] . ' FROM ' . $day_limit_bytes);
exit(0);
} else {
log_('LIMIT [BYTES]:' . $limit['uploaded_bytes'] . ' FROM ' . $day_limit_bytes);
}
if ($limit['uploaded_count'] > $day_limit_count) {
log_('LIMIT REACHED[COUNT]:' . $limit['uploaded_count'] . ' FROM ' . $day_limit_count);
exit(0);
} else {
log_('LIMIT [COUNT]:' . $limit['uploaded_count'] . ' FROM ' . $day_limit_count);
}
$real_path = ImgStore::getFileLocalPath($image['image_id'], $image['size_id']);
log_($real_path . ' ' . floor($image['bytes'] / 1024 / 1024 * 1000) / 1000 . 'Mb');
$target_path = str_replace(ImgStore::$server_urls[ImgStore::SERVER_ORIG], '', ImgStore::getUrl($image['image_id'], $image['size_id'], 0));
log_('saving to ' . $target_path);
$result = Amazon::store($real_path, $target_path);
if ($result) {
$limit['uploaded_count']++;
$limit['uploaded_bytes'] += $image['bytes'];
log_('Stored at amazon at ' . ImgStore::$server_urls[ImgStore::SERVER_AMAZONS3] . $target_path);
Database::query('UPDATE `images` SET
`server_id`=' . ImgStore::SERVER_AMAZONS3 . ',
`amazon_stored_time`=' . time() . ' WHERE `id`=' . $image['id']);
} else {
log_('Cant store file to amazon');
Database::query('UPDATE `images` SET `amazon_stored_time`=' . time() . ' WHERE `id`=' . $image['id']);
}
Database::query('REPLACE INTO `amazon_limit` SET `day`=' . $day . ', `uploaded_bytes`=' . $limit['uploaded_bytes'] . ',`uploaded_count`=' . $limit['uploaded_count']);
}
function editEvent()
{
$error = array();
$album_id = (int) $_POST['album_id'];
if (isset($_POST['id'])) {
$event_id = max(0, (int) $_POST['id']);
$template_id = Database::sql2single('SELECT `template_id` FROM `album_events` AE
JOIN `lib_events` LE ON LE.id=AE.event_id WHERE AE.`id`=' . $event_id);
} else {
if (isset($_POST['template_id'])) {
$template_id = max(0, (int) $_POST['template_id']);
}
}
$event_event_id = 0;
if (isset($_POST['event_id'])) {
$template_id = Database::sql2single('SELECT `template_id` FROM `lib_events` LE
WHERE LE.`id`=' . (int) $_POST['event_id']);
$event_event_id = (int) $_POST['event_id'];
}
if (!$template_id) {
$template_id = 1;
}
$q = $q_ = array();
Database::query('START TRANSACTION');
if (!$event_id) {
$event_data = Database::sql2row('SELECT * FROM `lib_events` WHERE `id`=' . (int) $event_event_id);
if (isset($event_data['multiple']) && !$event_data['multiple']) {
// несколько раз нельзя
$exists = Database::sql2single('SELECT `id` FROM `album_events` WHERE `album_id`=' . $album_id . ' AND `event_id`=' . $event_data['id']);
if ($exists) {
throw new Exception('У Вас уже есть такое событие, и добавлять несколько копий этого события бессмысленно');
}
}
$query = 'INSERT INTO `album_events` SET id=NULL,createTime=' . time() . '';
Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_EVENT);
if ($template_id > 1) {
Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_THEMED_EVENT);
}
Database::query($query);
$event_id = Database::lastInsertId();
} else {
$check = Database::sql2single('SELECT `creator_id` FROM `album_events` WHERE `album_id`=' . $album_id . ' AND `id`=' . $event_id);
if ((int) $check !== (int) CurrentUser::$id) {
throw new Exception('It is not your event ' . $check . ' ' . CurrentUser::$id);
}
}
$template_fields = $this->getTemplateFields($template_id);
foreach ($template_fields as $eventName => $field) {
if (!isset($_POST[$eventName]) || !trim($_POST[$eventName])) {
if ($field['important'] && $field['type'] != 'photo') {
$error[$eventName] = 'Обязательно к заполнению';
}
if ($field['important'] && $field['type'] == 'photo') {
if (!isset($_FILES[$eventName])) {
$error[$eventName] = 'Обязательно к заполнению';
}
}
}
if ($field['type'] != 'photo') {
switch ($field['type']) {
case 'eventTitle':
$q_[] = '`title`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName])));
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)';
break;
case 'eventTime':
$_POST[$eventName] = date('Y-m-d H:i:s', strtotime($_POST[$eventName]));
$q_[] = '`eventTime`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName])));
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)';
break;
case 'description':
$q_[] = '`description`=' . Database::escape(htmlspecialchars(trim($_POST[$eventName])));
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,NULL,' . Database::escape(trim($_POST[$eventName])) . ')';
break;
case 'height':
case 'eyecolor':
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',' . Database::escape(trim($_POST[$eventName])) . ',NULL,NULL)';
break;
case 'weight':
$v = $_POST[$eventName] * 1000 / 1000;
if ($v > 200) {
$v = $v / 1000;
}
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',' . Database::escape(trim($v)) . ',NULL,NULL)';
break;
default:
$q[] = '(' . $event_id . ',' . $field['field_id'] . ',NULL,' . Database::escape(trim($_POST[$eventName])) . ',NULL)';
break;
}
}
}
if (count($error)) {
Site::passWrite('error_', $error);
Site::passWrite('value', $_POST);
Database::query('ROLLBACK');
return false;
}
Database::query('COMMIT');
if (count($q)) {
$query = 'REPLACE INTO `album_events_fields`(event_id,field_id,value_int,value_varchar,value_text) VALUES ' . implode(',', $q);
Database::query($query);
}
if (count($q_)) {
$query = 'INSERT INTO `album_events` SET
`createTime`=' . time() . ',
`id`=' . ($event_id ? $event_id : 'NULL') . ',
`event_id`=' . $event_event_id . ',
`album_id`=' . $album_id . ',
`creator_id`=' . CurrentUser::$id . ',
' . implode(',', $q_) . '
ON DUPLICATE KEY UPDATE
`id`=' . ($event_id ? $event_id : 'NULL') . ',
`event_id`=' . $event_event_id . ',
`album_id`=' . $album_id . ',
`creator_id`=' . CurrentUser::$id . ',
' . implode(',', $q_) . '
';
Database::query($query);
$event_id = $event_id ? $event_id : Database::lastInsertId();
}
if (isset($_FILES['photo']) && $_FILES['photo']['tmp_name']) {
if (!$_FILES['photo']['error']) {
$old_image_id = Database::sql2single('SELECT `picture` FROM `album_events` WHERE `id`=' . $event_id);
$result = ImgStore::upload($_FILES['photo']['tmp_name'], Config::$sizes[Config::T_SIZE_PICTURE]);
Database::query('UPDATE `album_events` SET `picture`=' . $result . ' WHERE `id`=' . $event_id);
if ($old_image_id) {
Database::query('UPDATE `images` SET `deleted`=1 WHERE `image_id`=' . $old_image_id);
}
Badges::progressAction(CurrentUser::$id, Badges::ACTION_TYPE_ADD_PHOTO);
} else {
$error['photo'] = 'Недопустимый формат файла';
Site::passWrite('error_', $error);
Site::passWrite('value', $_POST);
return false;
}
}
if (isset($_FILES['photo']) && $_FILES['photo']['error'] != 4 && $_FILES['photo']['error']) {
$error['photo'] = 'Недопустимый формат файла';
Site::passWrite('error_', $error);
Site::passWrite('value', $_POST);
return false;
}
header('Location: /album/' . $album_id . '/event/' . $event_id);
}
