public function select($c)
{
$out = array();
if (isset($_GET['search']) && !empty($_GET['search'])) {
$search = '%' . $_GET['search'] . '%';
$search_in = ' AND `studio404_media_item`.`title` LIKE :search ';
} else {
$search = 'a';
$search_in = ' AND `studio404_media_item`.`id`!=:search ';
}
//page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['id']);
$sql = 'SELECT
`studio404_media_item`.`idx` AS smi_idx,
`studio404_media_item`.`date` AS smi_date,
`studio404_media_item`.`title` AS smi_title,
`studio404_media_item`.`tags` AS smi_tags,
`studio404_media_item`.`slug` AS smi_slug,
`studio404_media_item`.`position` AS smi_position,
`studio404_media_item`.`visibility` AS smi_visibility
FROM
`studio404_media_attachment`, `studio404_media`, `studio404_media_item`
WHERE
`studio404_media_attachment`.`connect_idx`=:sma_connect_id AND
`studio404_media_attachment`.`page_type`=:sma_page_type AND
`studio404_media_attachment`.`lang`=:lang AND
`studio404_media_attachment`.`status`!=:status AND
`studio404_media_attachment`.`idx`=`studio404_media`.`idx` AND
`studio404_media`.`lang`=:lang AND
`studio404_media`.`status`!=:status AND
`studio404_media`.`idx`=`studio404_media_item`.`media_idx` AND
`studio404_media_item`.`lang`=:lang AND
`studio404_media_item`.`status`!=:status ' . $search_in . '
ORDER BY
`studio404_media_item`.`position` ASC
';
$exe_array = array(":sma_connect_id" => $_GET['id'], ":sma_page_type" => $page_type, ":status" => 1, ":search" => $search, ":lang" => LANG_ID);
$path = '?action=gallery&type=photogallerypage&id=' . $_GET['id'] . '&pn=';
$itemsPerPage = 10;
$pager = new pager();
$pager = $pager->action($c, $sql, $exe_array, $path, $itemsPerPage);
$out['table'] = $this->table($c, $pager[0], $exe_array);
$out['pager'] = $pager[1];
return $out;
}
public function select($c)
{
$out = array();
if (isset($_GET['search']) && !empty($_GET['search'])) {
$search = '%' . $_GET['search'] . '%';
$search_in = ' AND (`title` LIKE :search OR `code` LIKE :search)';
} else {
$search = 'a';
$search_in = ' AND `id`!=:search ';
}
//page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['id']);
$sql = 'SELECT `idx`,`title`, `code` FROM `studio404_vectormap` WHERE `lang`=:lang ' . $search_in . ' ORDER BY `title` ASC';
$exe_array = array(":search" => $search, ":lang" => LANG_ID);
$path = '?action=vectormap&pn=';
$itemsPerPage = 20;
$pager = new pager();
$pager = $pager->action($c, $sql, $exe_array, $path, $itemsPerPage);
$out['table'] = $this->table($c, $pager[0], $exe_array);
$out['pager'] = $pager[1];
return $out;
}
public function content_images($fetch, $c, $media_type = "photo")
{
if (isset($_GET["type"]) && $_GET["type"] == 'videogallerypage') {
$ext = 'mp4,avi';
} else {
$ext = 'jpeg,jpg,gif,png';
}
$out = '<div class="button makeFileDragable2" style="background-color:green; float:left">
<a href="#" style="color:white"><i class="fa fa-arrows"></i><span id="dragText2">Start sorting</span> </a>
</div>';
if ($_GET["type"] == 'videogallerypage') {
$out .= '<div class="button addYtVideo" style="background-color:green; float:left; margin-left:10px;">
<a href="#" style="color:white"><i class="fa fa-plus"></i><span id="dragText2">Add youtube video</span> </a>
</div>';
}
$out .= '<div class="clearfix"></div>';
$out .= '<input type="file" name="bgfile3" id="bgfile3" style="position:absolute; visibility:hidden" />';
$out .= '<div class="dropArea2">';
$out .= '<div class="Droptitle2">
Drag and drop photo (' . $ext . ')
<span id="progress2">0%</span>
</div>';
$out .= '<div class="dragElements2">';
/////////////// start
$conn = $this->conn($c);
if (isset($_GET['newsidx'])) {
$sp_idx = $_GET['newsidx'];
} else {
if (isset($_GET['cidx'])) {
$sp_idx = $_GET['cidx'];
} else {
if (isset($_GET['midx'])) {
$sp_idx = $_GET['midx'];
} else {
$sp_idx = $_GET['id'];
}
}
}
// get page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['id']);
$sql = 'SELECT
`studio404_gallery_file`.`id` AS sgf_id,
`studio404_gallery_file`.`idx` AS sgf_idx,
`studio404_gallery_file`.`title` AS sgf_title,
`studio404_gallery_file`.`file` AS sgf_file,
`studio404_gallery_file`.`filev` AS sgf_filev
FROM
`studio404_gallery_attachment`,`studio404_gallery`, `studio404_gallery_file`
WHERE
`studio404_gallery_attachment`.`connect_idx`=:sp_idx AND
`studio404_gallery_attachment`.`lang`=:lang AND
`studio404_gallery_attachment`.`pagetype`=:page_type AND
`studio404_gallery_attachment`.`status`!=:status AND
`studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND
`studio404_gallery`.`lang`=:lang AND
`studio404_gallery`.`status`!=:status AND
`studio404_gallery`.`idx`=`studio404_gallery_file`.`gallery_idx` AND
`studio404_gallery_file`.`lang`=:lang AND
`studio404_gallery_file`.`media_type`=:media_type AND
`studio404_gallery_file`.`status`!=:status
ORDER BY `studio404_gallery_file`.`position` ASC
';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":sp_idx" => $sp_idx, ":lang" => LANG_ID, ":media_type" => $media_type, ":page_type" => $page_type, ":status" => 1));
$prepare->setFetchMode(PDO::FETCH_CLASS, "get_files");
if ($media_type == "video") {
$out .= '<input type="file" name="bgfile" id="bgfile" value="" style="position:absolute; visibility:hidden">';
}
while ($r = $prepare->fetch()) {
$out .= '<div class="filebox2" id="flexbox2-' . $r->sgf_idx . '">';
$out .= '<div class="action_panel2">';
if (true == strpos($r->sgf_file, '://')) {
$url = $r->sgf_file;
} else {
$url = "/" . $r->sgf_file;
}
$out .= '<a href="' . $url . '" target="_blank"><i class="fa fa-eye"></i></a>';
$out .= '<a href="javascript:;" onclick="openPromt2(\'' . $r->sgf_idx . '\')"><i class="fa fa-pencil-square-o"></i></a>';
if ($media_type == "video") {
$out .= '<a href="javascript:;" onclick="upload_filev(\'' . $r->sgf_idx . '\')"><i class="fa fa-camera"></i></a>';
}
$out .= '<a href="javascript:;" onclick="askBeforeDelete(\'' . $media_type . '\',\'' . $r->sgf_idx . '\')"><i class="fa fa-times"></i></a>';
$out .= '</div>';
if ($media_type == "video") {
if ($r->sgf_filev == "false") {
$out .= '<div class="extention2"><img src="/images/video_icon.png" width="100%" /></div>';
} else {
$out .= '<div class="extention2"><img src="/' . $r->sgf_filev . '" width="100%" /></div>';
}
} else {
$out .= '<div class="extention2"><img src="/' . $r->sgf_file . '" width="100%" /></div>';
}
$out .= '<div class="filename2 n2-' . $r->sgf_idx . '" id="fid2-' . $r->sgf_id . '">' . $r->sgf_title . '</div>';
$out .= '</div>';
}
/////////////// end
$out .= '</div><div class="clearfix"></div>';
$out .= '</div>';
return $out;
}
function __construct()
{
set_time_limit($_SESSION["C"]["time.limit"]);
$conn = $this->conn($_SESSION["C"]);
$allowfiletypes = array("doc", "docx", "xls", "xlsx", "zip", "rar", "pdf");
$allowfiletypes2 = array("jpg", "jpeg", "gif", "png", "mp4", "avi");
if ((isset($_POST) or isset($_GET)) && (count($_POST) > 0 or count($_GET) > 0)) {
$files = glob(DIR . '_cache/*');
// get all file names
foreach ($files as $file) {
// iterate files
if (is_file($file)) {
@unlink($file);
}
// delete file
}
}
if (!isset($_GET['extention']) && !isset($_GET['filename']) && !isset($_GET['removefile']) && !isset($_GET['idxes']) && !isset($_GET['idxes2']) && !isset($_GET['idxes3']) && !isset($_GET['idxes_photos']) && !isset($_POST['youtubeLink'])) {
$str = file_get_contents("php://input");
$filename = md5(time()) . ".jpg";
$path = 'files_pre/' . $filename;
file_put_contents($path, $str);
echo $path;
} else {
if (isset($_GET['pageidx'], $_GET['extention'], $_GET['token']) && in_array($_GET['extention'], $allowfiletypes)) {
$pageidx = isset($_GET['newsidx']) && $_GET['newsidx'] != "false" ? $_GET['newsidx'] : $_GET['pageidx'];
// get page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['pageidx']);
$str = file_get_contents("php://input");
$timegenerate = md5(time());
$filename = $timegenerate . "." . $_GET['extention'];
$path = 'files_pre/' . $filename;
$color_array = array("pdf" => "#e74c3c", "doc" => "#2ecc71", "docx" => "#27ae60", "xls" => "#1abc9c", "xlsx" => "#16a085", "zip" => "#4aa3df", "rar" => "#2980b9");
file_put_contents($path, $str);
// check if exists attachment
$sql = 'SELECT
`studio404_gallery`.`idx` AS `sg_idx`
FROM
`studio404_gallery_attachment`,`studio404_gallery`
WHERE
`studio404_gallery_attachment`.`connect_idx`=:connect_idx AND
`studio404_gallery_attachment`.`status`!=:status AND
`studio404_gallery_attachment`.`pagetype`=:page_type AND
`studio404_gallery_attachment`.`lang`=:lang AND
`studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND
`studio404_gallery`.`status`!=:status
';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":connect_idx" => $pageidx, ":page_type" => $page_type, ":lang" => (int) $_GET['l'], ":status" => 1));
$fetch = $prepare->fetch(PDO::FETCH_ASSOC);
if ($fetch['sg_idx']) {
// select max idx gallery photo
try {
$sql2 = 'SELECT `id`, MAX(`idx`) as maxid FROM `studio404_gallery_file` WHERE `lang`=:lang AND `status`!=:status';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute(array("lang" => (int) $_GET['l'], ":status" => 1));
$fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC);
$maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1;
$fileid = $fetch2['id'];
} catch (Exeption $e) {
$maxid = 1;
}
// select max position of gallery photo
try {
$sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status';
$prepare3 = $conn->prepare($sql3);
$prepare3->execute(array(":media_type" => 'document', ":lang" => (int) $_GET['l'], ":gallery_idx" => $fetch['sg_idx'], ":status" => 1));
$fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC);
$maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1;
} catch (Exeption $e) {
$maxpos = 1;
}
// move file to file folder
$path_new = "files/document/" . $timegenerate . "." . $_GET["extention"];
if (@copy($path, $path_new)) {
@unlink($path);
}
$filesize = @filesize($path_new);
//insert gallery photo
$sql4 = 'INSERT INTO `studio404_gallery_file` SET
`idx`=:idx,
`date`=:datex,
`gallery_idx`=:gallery_idx,
`file`=:file,
`media_type`=:media_type,
`title`=:title,
`description`=:description,
`filesize`=:filesize,
`insert_admin`=:insert_admin,
`position`=:position,
`lang`=:lang,
`status`=:status
';
$prepare4 = $conn->prepare($sql4);
$prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $path_new, ":media_type" => "document", ":title" => "Not defined", ":description" => "Not defined", ":filesize" => $filesize, ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => (int) $_GET['l'], ":status" => 0));
//get inserted file id with current language
$sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status';
$prepare5 = $conn->prepare($sql5);
$prepare5->execute(array(":media_type" => 'document', ":idx" => $maxid, ":lang" => (int) $_GET['l'], ":status" => 1));
$fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC);
$out = '<div class="filebox" style="background-color:' . $color_array[$_GET['extention']] . '" id="flexbox-' . $maxid . '">';
$out .= '<div class="action_panel">';
$out .= '<a href="/' . $path_new . '" target="_blank"><i class="fa fa-eye"></i></a>';
$out .= '<a href="javascript:;" onclick="openPromt(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>';
$out .= '<a href="javascript:;" onclick="removeFile(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>';
$out .= '</div>';
$out .= '<div class="extention">' . $_GET['extention'] . '</div>';
$out .= '<div class="filename n-' . $maxid . '" id="fid-' . $fetch5['id'] . '">Not defined</div>';
$out .= '</div>';
echo $out;
}
} else {
if (isset($_GET['id'], $_GET['filename'])) {
$sql = 'UPDATE `studio404_gallery_file` SET `title`=:title WHERE `id`=:id';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":title" => $_GET['filename'], ":id" => $_GET['id']));
} else {
if (isset($_GET['idx'], $_GET['idxes2'])) {
$sql = 'UPDATE `studio404_gallery_file` SET `status`=:status WHERE `idx`=:idx AND lang=:lang AND `media_type`=:media_type';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":status" => 1, ":media_type" => "document", ":idx" => $_GET['idx'], ":lang" => $_GET['l']));
$position = 1;
$unserialize = unserialize($_GET['idxes2']);
foreach ($unserialize as $idx) {
$sql2 = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute(array(":media_type" => "document", ":position" => $position, ":idx" => $idx, ":status" => 1, ":lang" => $_GET["l"]));
$position++;
}
echo "Done";
} else {
if (isset($_GET['idx'], $_GET['idxes3'])) {
$media_type = isset($_GET["media_type"]) && $_GET["media_type"] == "video" ? "video" : "photo";
$sql = 'UPDATE `studio404_gallery_file` SET `status`=:status WHERE `idx`=:idx';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":status" => 1, ":idx" => $_GET['idx']));
$position = 1;
if ($_GET["idxes3"] != "empty") {
foreach ($_GET['idxes3'] as $idx) {
$sql2 = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute(array(":media_type" => $media_type, ":position" => $position, ":idx" => $idx, ":status" => 1));
$position++;
}
}
} else {
if (isset($_GET['idxes'])) {
$position = 1;
foreach ($_GET['idxes'] as $idx) {
$sql = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":media_type" => "document", ":position" => $position, ":idx" => $idx, ":status" => 1));
$position++;
}
} else {
if (isset($_GET['idxes_photos'])) {
$position = 1;
$media_type = isset($_GET["type"]) && $_GET["type"] == "videogallerypage" ? "video" : "photo";
$unserialize = unserialize($_GET['idxes_photos']);
foreach ($unserialize as $idx) {
$sql = 'UPDATE `studio404_gallery_file` SET `position`=:position WHERE `media_type`=:media_type AND `idx`=:idx AND `status`!=:status';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":media_type" => $media_type, ":position" => $position, ":idx" => $idx, ":status" => 1));
$position++;
}
} else {
if (isset($_GET['pageidx'], $_GET['extention'], $_GET['token']) && in_array($_GET['extention'], $allowfiletypes2)) {
$pageidx = isset($_GET['newsidx']) && $_GET['newsidx'] != "false" ? $_GET['newsidx'] : $_GET['pageidx'];
$media_type = isset($_GET["media"]) && $_GET["media"] == "false" ? "video" : "photo";
// get page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['pageidx']);
// photo upload
$str = file_get_contents("php://input");
$timegenerate = md5(time());
$filename = $timegenerate . "." . $_GET['extention'];
$path = 'files_pre/' . $filename;
file_put_contents($path, $str);
// check if exists attachment
$sql = 'SELECT
`studio404_gallery`.`idx` AS `sg_idx`
FROM
`studio404_gallery_attachment`,`studio404_gallery`
WHERE
`studio404_gallery_attachment`.`connect_idx`=:connect_idx AND
`studio404_gallery_attachment`.`pagetype`=:pagetype AND
`studio404_gallery_attachment`.`status`!=:status AND
`studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND
`studio404_gallery`.`status`!=:status
';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":connect_idx" => $pageidx, ":pagetype" => $page_type, ":status" => 1));
$fetch = $prepare->fetch(PDO::FETCH_ASSOC);
if ($fetch['sg_idx']) {
// select max idx gallery photo
$sql2 = 'SELECT `id`, MAX(`idx`) AS maxid FROM `studio404_gallery_file`';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute();
$fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC);
$maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1;
$fileid = $fetch2['id'];
// select max position of gallery photo
try {
$sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status';
$prepare3 = $conn->prepare($sql3);
$prepare3->execute(array(":media_type" => $media_type, ":lang" => LANG_ID, ":gallery_idx" => $fetch['sg_idx'], ":status" => 1));
$fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC);
$maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1;
} catch (Exeption $e) {
$maxpos = 1;
}
// move file to file folder
$path_new = "files/" . $media_type . "/" . $timegenerate . "." . $_GET["extention"];
if (@copy($path, $path_new)) {
@unlink($path);
}
$filesize = @filesize($path_new);
//insert gallery photo
$sql4 = 'INSERT INTO `studio404_gallery_file` SET
`idx`=:idx,
`date`=:datex,
`gallery_idx`=:gallery_idx,
`file`=:file,
`media_type`=:media_type,
`title`=:title,
`description`=:description,
`filesize`=:filesize,
`insert_admin`=:insert_admin,
`position`=:position,
`lang`=:lang,
`status`=:status
';
$prepare4 = $conn->prepare($sql4);
$prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $path_new, ":media_type" => $media_type, ":title" => "Not defined", ":description" => "Not defined", ":filesize" => $filesize, ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => (int) $_GET['l'], ":status" => 0));
//get inserted file id with current language
$sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status';
$prepare5 = $conn->prepare($sql5);
$prepare5->execute(array(":media_type" => $media_type, ":idx" => $maxid, ":lang" => LANG_ID, ":status" => 1));
$fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC);
$out = '<div class="filebox2" id="flexbox2-' . $maxid . '">';
$out .= '<div class="action_panel2">';
$out .= '<a href="/' . $path_new . '" class="fancybox"><i class="fa fa-eye"></i></a>';
$out .= '<a href="javascript:;" onclick="openPromt2(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>';
$out .= '<a href="javascript:;" onclick="removeFile2(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>';
$out .= '</div>';
if ($media_type == "video") {
$out .= '<div class="extention2"><img src="/images/video_icon.png" width="100%" /></div>';
} else {
$out .= '<div class="extention2"><img src="/' . $path_new . '" width="100%" /></div>';
}
$out .= '<div class="filename2 n2-' . $maxid . '" id="fid2-' . $fetch5['id'] . '">Not defined</div>';
$out .= '</div>';
echo $out;
}
} else {
if (isset($_POST['youtubeLink'])) {
///////////////////////////////////////////////////////////////////////
$pageidx = isset($_POST['yt_mid']) ? $_POST['yt_mid'] : 0;
$media_type = "video";
$page_type = "videogallerypage";
$sql = 'SELECT
`studio404_gallery`.`idx` AS `sg_idx`
FROM
`studio404_gallery_attachment`,`studio404_gallery`
WHERE
`studio404_gallery_attachment`.`connect_idx`=:connect_idx AND
`studio404_gallery_attachment`.`pagetype`=:pagetype AND
`studio404_gallery_attachment`.`status`!=:status AND
`studio404_gallery_attachment`.`idx`=`studio404_gallery`.`idx` AND
`studio404_gallery`.`status`!=:status
';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":connect_idx" => $pageidx, ":pagetype" => $page_type, ":status" => 1));
$fetch = $prepare->fetch(PDO::FETCH_ASSOC);
if ($fetch['sg_idx']) {
// select max idx gallery photo
try {
$sql2 = 'SELECT `id`, MAX(`idx`) as maxid FROM `studio404_gallery_file` WHERE `lang`=:lang AND `status`!=:status';
$prepare2 = $conn->prepare($sql2);
$prepare2->execute(array("lang" => LANG_ID, ":status" => 1));
$fetch2 = $prepare2->fetch(PDO::FETCH_ASSOC);
$maxid = $fetch2['maxid'] ? $fetch2['maxid'] + 1 : 1;
$fileid = $fetch2['id'];
} catch (Exeption $e) {
$maxid = 1;
}
// select max position of gallery photo
try {
$sql3 = 'SELECT MAX(`position`) as maxpos FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `lang`=:lang AND `gallery_idx`=:gallery_idx AND `status`!=:status';
$prepare3 = $conn->prepare($sql3);
$prepare3->execute(array(":media_type" => $media_type, ":lang" => LANG_ID, ":gallery_idx" => $fetch['sg_idx'], ":status" => 1));
$fetch3 = $prepare3->fetch(PDO::FETCH_ASSOC);
$maxpos = $fetch3['maxpos'] ? $fetch3['maxpos'] + 1 : 1;
} catch (Exeption $e) {
$maxpos = 1;
}
$sql4 = 'INSERT INTO `studio404_gallery_file` SET
`idx`=:idx,
`date`=:datex,
`gallery_idx`=:gallery_idx,
`file`=:file,
`media_type`=:media_type,
`title`=:title,
`description`=:description,
`filesize`=:filesize,
`insert_admin`=:insert_admin,
`position`=:position,
`lang`=:lang,
`status`=:status
';
$prepare4 = $conn->prepare($sql4);
$prepare4->execute(array(":idx" => $maxid, ":datex" => time(), ":gallery_idx" => $fetch['sg_idx'], ":file" => $_POST['youtubeLink'], ":media_type" => $media_type, ":title" => "Not defined", ":description" => "Not defined", ":filesize" => "0", ":insert_admin" => $_SESSION["user404_id"], ":position" => $maxpos, ":lang" => (int) $_GET['l'], ":status" => 0));
//get inserted file id with current language
$sql5 = 'SELECT `id`,`position` FROM `studio404_gallery_file` WHERE `media_type`=:media_type AND `idx`=:idx AND `lang`=:lang AND `status`!=:status';
$prepare5 = $conn->prepare($sql5);
$prepare5->execute(array(":media_type" => $media_type, ":idx" => $maxid, ":lang" => LANG_ID, ":status" => 1));
$fetch5 = $prepare5->fetch(PDO::FETCH_ASSOC);
$out = '<div class="filebox2" id="flexbox2-' . $maxid . '">';
$out .= '<div class="action_panel2">';
$out .= '<a href="' . $_POST['youtubeLink'] . '" target="_blank"><i class="fa fa-eye"></i></a>';
$out .= '<a href="javascript:;" onclick="openPromt2(\'' . $maxid . '\')"><i class="fa fa-pencil-square-o"></i></a>';
$out .= '<a href="javascript:;" onclick="upload_filev(\'' . $maxid . '\')"><i class="fa fa-camera"></i></a>';
$out .= '<a href="javascript:;" onclick="removeFile2(\'' . $maxid . '\')"><i class="fa fa-times"></i></a>';
$out .= '</div>';
$out .= '<div class="extention2"><img src="/images/video_icon.png" width="100%" /></div>';
$out .= '<div class="filename2 n2-' . $maxid . '" id="fid2-' . $fetch5['id'] . '">Not defined</div>';
$out .= '</div>';
echo $out;
}
/////////////////////////////////////////////////////////////////
} else {
if (isset($_GET['videoimage']) && is_numeric($_GET['videoimage'])) {
$str = file_get_contents("php://input");
$filename = md5(time()) . "." . $_GET['extention'];
$path = 'files/photo/' . $filename;
file_put_contents($path, $str);
$sql = 'UPDATE `studio404_gallery_file` SET `filev`=:filev WHERE `idx`=:idx AND `status`!=:status';
$prepare = $conn->prepare($sql);
$prepare->execute(array(":filev" => $path, ":idx" => $_GET['videoimage'], ":status" => 1));
echo $path;
} else {
echo "error";
exit;
}
}
}
}
}
}
}
}
}
}
}
public function insertmedia($c, $connect_idx, $lang)
{
$conn = $this->conn($c);
// get page type
$get_page_type = new get_page_type();
$page_type = $get_page_type->type($_SESSION["C"], $_GET['newsidx']);
//select gallery max idx
$sqlg = 'SELECT MAX(`idx`) AS maxid FROM `studio404_gallery` WHERE `lang`=:lang';
$prepareg = $conn->prepare($sqlg);
$prepareg->execute(array(":lang" => $lang));
$fetchg = $prepareg->fetch(PDO::FETCH_ASSOC);
$maxid = $fetchg['maxid'] ? $fetchg['maxid'] + 1 : 1;
// insert gallery
$sql_media = 'INSERT INTO `studio404_gallery` SET
`idx`=:idx,
`date`=:datex,
`title`=:title,
`lang`=:lang,
`status`=:status
';
$prepare_media = $conn->prepare($sql_media);
$prepare_media->execute(array(":idx" => $maxid, ":datex" => time(), ":title" => $_POST['title'], ":lang" => $lang, ":status" => 0));
// insert gallery attachment
$sql_media2 = 'INSERT INTO `studio404_gallery_attachment` SET
`idx`=:idx,
`connect_idx`=:connect_idx,
`pagetype`=:pagetype,
`lang`=:lang,
`status`=:status
';
$prepare_media2 = $conn->prepare($sql_media2);
$prepare_media2->execute(array(":idx" => $maxid, ":connect_idx" => $connect_idx, ":pagetype" => $page_type, ":lang" => $lang, ":status" => 0));
}
