Mini Shell Moded By TiGER HeX
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
mnt
/
volume_sfo2_01
/
50mmla
/
Linux midnightridazz 4.19.0-11-cloud-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) x86_64
Upload File :
New :
File
Dir
/mnt/volume_sfo2_01/50mmla/submitEvent.php
<?php include_once('includes/static/configure.php'); include_once('includes/static/util.php'); include_once('includes/static/dbcon.php'); include_once('includes/static/gdimg.php'); include_once('includes/static/sessions.php'); include_once('includes/appTop.php'); if(!is_authorized()){ header("Location: login.php?refurl=".urlencode($_SERVER['REQUEST_URI'])); exit(); } if(is_banned()){ header("Location: banned.php"); exit(); } $html_msg = ""; $story_title = ""; $story_body = ""; if(isset($_POST['submit'])){ $cur_file = $_FILES['file']['name']; $cur_temp = $_FILES['file']['tmp_name']; $cur_mime = $_FILES['file']['type']; $cur_size = $_FILES['file']['size']; $cur_error = $_FILES['file']['error']; $uid = $_SESSION['user_id']; $story_title = $_REQUEST['title']; $story_body = $_REQUEST['body']; $date=$_REQUEST['year']."-".$_REQUEST['month']."-".$_REQUEST['day']; //a file has been submitted if(!empty($cur_file)){ $valid = validate_content($cur_error,$cur_mime,$cur_size,$cur_file,EVENT_MAX_KB); if($valid['result']){ $type = explode("/",$cur_mime); $cur_type = trim($type[0]); $unique_name = get_unique_filename($cur_file); //check to see if image needs resizing $image_info = getimagesize($cur_temp); //create image resource $gd = new gd_img($cur_mime,$cur_temp); if(!$gd->img_id){ die($gd->gd_error);} //check to see if thumb image needs resizing if(($image_info[0] > EVENT_THUMB_WIDTH) || ($image_info[1] > EVENT_THUMB_HEIGHT)){ //resize $id_t = $gd->gd_scale_img(EVENT_THUMB_WIDTH,EVENT_THUMB_WIDTH,IMG_QUALITY); if(!$id_t){ die($gd->gd_error);} $res = $gd->gd_create_img($id_t,ROOT_DIR.STORY_SIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} }else{ //don't resize $res = $gd->gd_create_img($gd->img_id,ROOT_DIR.STORY_SIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} } //create watermark image $w_type = getimagesize(WATERMARK_FILE); $gdw = new gd_img($w_type['mime'],WATERMARK_FILE); if(!$gdw->img_id){ die($gdw->gd_error);} //check to see if full size image needs resizing if(($image_info[0] > EVENT_IMG_WIDTH) || ($image_info[1] > EVENT_IMG_HEIGHT)){ //scale image $id = $gd->gd_scale_img(EVENT_IMG_WIDTH,EVENT_IMG_WIDTH,IMG_QUALITY); if(!$id){ die($gd->gd_error);} //apply watermark $res = $gd->gd_merge_ids($id,$gdw->img_id); if(!$res){ die($gd->gd_error);} //create scaled image $res = $gd->gd_create_img($id,ROOT_DIR.STORY_LIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} }else{ $id = $gd->img_id; //apply watermark $res = $gd->gd_merge_ids($id,$gdw->img_id); if(!$res){ die($gd->gd_error);} //create full image $res = $gd->gd_create_img($gd->img_id,ROOT_DIR.STORY_LIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} } }else{ $html_msg.="<div class=\"error\">Unable to store the following content $cur_file<br> Reason: ".$valid['error']."</div>"; } }else{ $unique_name = ""; } if(empty($html_msg)){ $story_body = get_html_text($story_body); $sql = "INSERT INTO 50mm_stories (user_id,story_title,story_body,story_type,approved,entry_time) VALUES ('$uid','$story_title','$story_body','EVENT',0,'$date')"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $sql = "SELECT LAST_INSERT_ID() AS story_id"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); $story_id = $row['story_id']; $sql = "INSERT INTO 50mm_embed (story_id,image) VALUES ('$story_id','$unique_name')"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $story_title = ""; $story_body = ""; $html_msg = "<div class=\"hilite\">Your have successfully added an event! Add another below?</div>"; } } $pg_name = basename($_SERVER['PHP_SELF']); include_once('includes/header.php'); ?> <br> <? //content $sql = "SELECT page_body FROM 50mm_pages WHERE page_name ='submitEvent'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); $content = stripslashes($row['page_body']); echo $content; ?> <br> <?echo $html_msg;?> <script>divs = new Array('title','body');</script> <form action="<?echo $_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data" onSubmit="return validateForm(this,divs,'eventError');"> <table cellspacing="0" cellpadding="4" border="0"> <tr> <td align="right">Title of the Event:<span id="errtitle" class="error" style="visibility:hidden;"> *</span></td></td> <td><input type="text" name="title" value="<?echo $story_title?>" class="field"></td> </tr> <tr> <td align="right">Event Start Date:</td> <td> <? $m_opt = '<select name="month">'."\n"; while (list($key, $txt) = each($month_array)) { $m_opt.= '<option value="'.$key.'">'.$txt.'</option>'."\n"; } $m_opt.= '</select>'."\n"; echo $m_opt; ?> - <? $d_opt = '<select name="day">'."\n"; for($i=1;$i<=31;$i++){ if($i<=9){ $key = "0".$i; }else{ $key = $i; } $d_opt.= '<option value="'.$key.'">'.$i.'</option>'."\n"; } $d_opt.= '</select>'."\n"; echo $d_opt; ?> - <? $start_year = date('Y'); $end_year = date('Y') + 1; $y_opt = '<select name="year">'."\n"; for($i=$start_year;$i<=$end_year;$i++){ $y_opt.= '<option value="'.$i.'">'.$i.'</option>'."\n"; } $y_opt.= '</select>'."\n"; echo $y_opt; ?> </td> </tr> <tr> <td align="right">Upload Flyer Image:</td> <td><input type="file" name="file" class="field"></td> </tr> <tr> <td align="right" width="150">Event Details:<br><br>Important! You MUST submit all the event details (date, time, when, where, how much etc.) In text format here...<span id="errbody" class="error" style="visibility:hidden;"> *</span></td> <td><textarea wrap="on" name="body" class="body" style="width: 400px; height: 200px;"><?echo $story_body?></textarea></td> </tr> <tr> <td colspan="2" align="center"> <input name="submit" type="submit" class="button" value="Submit Event"> <div id="eventError" class="error" style="visibility:hidden;">Please correct the fields marked by *</div> </td> </tr> </table> </form> <? include_once('includes/footer.php'); include_once('includes/appBottom.php'); ?>