Mini Shell Moded By TiGER HeX
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
mnt
/
volume_sfo2_01
/
50mmla
/
Linux midnightridazz 4.19.0-11-cloud-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) x86_64
Upload File :
New :
File
Dir
/mnt/volume_sfo2_01/50mmla/submitFlick_v1.php
<?php include_once('includes/static/configure.php'); include_once('includes/static/util.php'); include_once('includes/static/dbcon.php'); include_once('includes/static/gdimg.php'); include_once('includes/static/sessions.php'); include_once('includes/appTop.php'); if(!is_authorized()){ header("Location: login.php?refurl=".urlencode($_SERVER['REQUEST_URI'])); exit(); } if(is_banned()){ header("Location: banned.php"); exit(); } $html_msg = ""; $story_title = ""; $story_body = ""; $add_photo = false; if(isset($_POST['submit'])){ $cur_file = $_FILES['file']['name']; $cur_temp = $_FILES['file']['tmp_name']; $cur_mime = $_FILES['file']['type']; $cur_size = $_FILES['file']['size']; $cur_error = $_FILES['file']['error']; $uid = $_SESSION['user_id']; $comment = $_REQUEST['comment']; $location = $_REQUEST['location']; $year= $_REQUEST['year']; $artist_id = $_REQUEST['artist']; if(empty($artist_id)){ $artist_id = 0; } $new_artist = $_REQUEST['newArtist']; $valid = validate_content($cur_error,$cur_mime,$cur_size,$cur_file,GALLERY_MAX_KB); if($valid['result']){ $add_photo = true; $type = explode("/",$cur_mime); $cur_type = trim($type[0]); $unique_name = get_unique_filename($cur_file); $gd = new gd_img($cur_mime,$cur_temp); if(!$gd->img_id){ die($gd->gd_error);} //check to see if image needs resizing $image_info = getimagesize($cur_temp); if(($image_info[0] > GALLERY_IMG_WIDTH) || ($image_info[1] > GALLERY_IMG_HEIGHT)){ if($image_info[0] > GALLERY_IMG_WIDTH){ //scale width $id = $gd->gd_scale_img(GALLERY_IMG_WIDTH,GALLERY_IMG_WIDTH,IMG_QUALITY); if(!$id){ die($gd->gd_error);} }else{ //scale height $id = $gd->gd_scale_img(GALLERY_IMG_HEIGHT,GALLERY_IMG_HEIGHT,IMG_QUALITY); if(!$id){ die($gd->gd_error);} } }else{ //don't resize $id = $gd->img_id; } //create thumbnail $id_t = $gd->gd_crop_img(GALLERY_THUMB_WIDTH,GALLERY_THUMB_HEIGHT,IMG_QUALITY); if(!$id_t){ die($gd->gd_error);} $res = $gd->gd_create_img($id_t,ROOT_DIR.GALLERY_SIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} //create watermark image $w_type = getimagesize(WATERMARK_FILE); $gdw = new gd_img($w_type['mime'],WATERMARK_FILE); if(!$gdw->img_id){ die($gdw->gd_error);} //apply watermark $res = $gd->gd_merge_ids($id,$gdw->img_id); if(!$res){ die($gd->gd_error);} //create image $res = $gd->gd_create_img($id,ROOT_DIR.GALLERY_LIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} //add new artist if(!empty($new_artist)){ $sql = "SELECT artist_id FROM 50mm_artists WHERE artist_name='$new_artist'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); if($db->sql_numrows($result) > 0){ //we've got a duplicate so add the flick to this artist $add_photo = true; $artist_id = $row['artist_id']; }else{ $add_photo = true; $sql = "INSERT INTO 50mm_artists (artist_name,location,user_id,approved,entry_time) VALUES ('$new_artist','$location','$uid',0,NOW())"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $sql = "SELECT LAST_INSERT_ID() AS artist_id"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); $artist_id = $row['artist_id']; } } } if($add_photo){ //add photo $sql = "INSERT INTO 50mm_gallery (artist_id,image,user_id,comment,year_painted,location,entry_time) VALUES ('$artist_id','$unique_name','$uid','$comment','$year','$location',NOW())"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $html_msg.= "<div class=\"hilite\">Your have successfully added your flick! Add another below.</div>"; }else{ $html_msg.="<div class=\"error\">Unable to store the following content $cur_file</div>"; } } $pg_name = basename($_SERVER['PHP_SELF']); include_once('includes/header.php'); ?> <? //content $sql = "SELECT page_body FROM 50mm_pages WHERE page_name ='submitFlick'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); $content = stripslashes($row['page_body']); echo $content; ?> <br> <?echo $html_msg;?> <script> divs = new Array('file'); </script> <form id="gallery" action="<?echo $_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data" onSubmit="return validateForm(this,divs,'flickError');"> <table cellspacing="0" cellpadding="4" border="0"> <tr> <td>Upload Image<span id="errfile" class="error" style="visibility:hidden;"> *</span></td> <td><input type="file" name="file" class="field"></td> </tr> <tr> <td>Artist Name</td> <td> <table cellspacing="0" cellpadding="0" border="0"> <tr> <td> Select an existing 50mm artist.<br> <?//make drop down menu $sql = "SELECT artist_name,artist_id FROM 50mm_artists WHERE approved = 1 ORDER BY artist_name ASC;"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $options = '<select name="artist">'."\n"; $options.= '<option value="">-- select artist --</option>'."\n"; while($row = $db->sql_fetchrow($result)){ $options.= '<option value="'.$row['artist_id'].'">'.$row['artist_name'].'</option>'."\n"; } $options.= '</select>'."\n"; echo $options; ?> </td> <td width="30" align="center" style="padding-top:10px;">OR</td> <td> Add a new 50mm artist.<br> <input type="text" name="newArtist" value="" class="field"> </td> </tr> </table> </td> </tr> <tr> <td>City/Country</td> <td><input type="text" name="location" value="" class="field"></td> </tr> <tr valign="top"> <td><b>Comments<br>Or<br>Additonal Artist</b></td> <td><textarea wrap="on" name="comment" class="body" style="width: 400px; height: 200px;"></textarea></td> </tr> <tr> <td>Year Painted</td> <td> <?//make drop down menu $year = 1901; $year_end = date('Y') + 1; $options = '<select name="year">'."\n"; $options.= '<option value="">-- select year --</option>'."\n"; for($year;$year<=$year_end;$year++){ $options.= '<option value="'.$year.'">'.$year.'</option>'."\n"; } $options.= '</select>'."\n"; echo $options; ?> </td> </tr> <tr> <td colspan="2" align="center"> <input name="submit" type="submit" class="button" value="Submit Photo"> <div id="flickError" class="error" style="visibility:hidden;">Please correct the fields marked by *</div> </td> </tr> </table> </form> <? include_once('includes/footer.php'); include_once('includes/appBottom.php'); ?>