Mini Shell Moded By TiGER HeX
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
var
/
www
/
ridazz
/
admin
/
Linux midnightridazz 4.19.0-11-cloud-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) x86_64
Upload File :
New :
File
Dir
//var/www/ridazz/admin/legendAdd.php
<? include_once('../includes/static/configure.php'); include_once('../includes/static/util.php'); include_once('../includes/static/dbcon2.php'); include_once('../includes/static/gdimg.php'); include_once('../includes/static/sessions.php'); include_once('includes/static/util.php'); include_once('includes/appTop2.php'); $page_id = str_replace(".php","",basename($_SERVER['PHP_SELF'])); if(!has_permission($page_id)){ die("You don't have permission to view this page!"); } $html=""; $uid = 0; if(isset($_SESSION['admin_id'])){ $uid = isNum($_SESSION['admin_id'], 0); }elseif(isset($_SESSION['editor_id'])){ $uid = isNum($_SESSION['editor_id'], 0); } if(isset($_POST['submit'])){ //store text $story_title = $db->sanitize_input(sanitize_title($_REQUEST['title'])); $story_body = $db->sanitize_input(sanitize_body(get_html_text($_REQUEST['body']))); $sql = "INSERT INTO 50mm_stories (user_id,story_title,story_body,story_type,approved,entry_time) VALUES ('$uid','$story_title','$story_body','LEGEND',1,NOW())"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $sql = "SELECT LAST_INSERT_ID() AS story_id"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); $story_id = $row['story_id']; //store images for($i=1;$i<=count($_FILES);$i++){ $cur_file = $_FILES['file'.$i]['name']; $cur_temp = $_FILES['file'.$i]['tmp_name']; $cur_size = $_FILES['file'.$i]['size']; $cur_type = $_FILES['file'.$i]['type']; $cur_mime = $_FILES['file'.$i]['type']; $cur_error = $_FILES['file'.$i]['error']; if(!empty($cur_file)){ $valid = validate_content($cur_error,$cur_mime,$cur_size,$cur_file,LEGEND_MAX_KB); if($valid['result']){ $type = explode("/",$cur_mime); $cur_type = trim($type[0]); $unique_name = $db->sanitize_input(get_unique_filename($cur_file)); $image_info = getimagesize($cur_temp); //create image resource $gd = new gd_img($cur_mime,$cur_temp); if(!$gd->img_id){ die($gd->gd_error);} //check to see if thumb image needs resizing if(($image_info[0] > LEGEND_THUMB_WIDTH) || ($image_info[1] > LEGEND_THUMB_HEIGHT)){ //resize $id_t = $gd->gd_scale_img(LEGEND_THUMB_WIDTH,LEGEND_THUMB_WIDTH,IMG_QUALITY); if(!$id_t){ die($gd->gd_error);} $res = $gd->gd_create_img($id_t,ROOT_DIR.STORY_SIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} }else{ //don't resize $res = $gd->gd_create_img($gd->img_id,ROOT_DIR.STORY_SIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} } //create watermark image $w_type = getimagesize(WATERMARK_FILE); $gdw = new gd_img($w_type['mime'],WATERMARK_FILE); if(!$gdw->img_id){ die($gdw->gd_error);} //check to see if full size image needs resizing if(($image_info[0] > LEGEND_IMG_WIDTH) || ($image_info[1] > LEGEND_IMG_HEIGHT)){ //scale image $id = $gd->gd_scale_img(LEGEND_IMG_WIDTH,LEGEND_IMG_WIDTH,IMG_QUALITY); if(!$id){ die($gd->gd_error);} //apply watermark $res = $gd->gd_merge_ids($id,$gdw->img_id); if(!$res){ die($gd->gd_error);} //create scaled image $res = $gd->gd_create_img($id,ROOT_DIR.STORY_LIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} }else{ $id = $gd->img_id; //apply watermark $res = $gd->gd_merge_ids($id,$gdw->img_id); if(!$res){ die($gd->gd_error);} //create full image $res = $gd->gd_create_img($gd->img_id,ROOT_DIR.STORY_LIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} } $sql = "INSERT INTO 50mm_embed (story_id,image) VALUES ('$story_id','$unique_name')"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } }else{ $html.="<div class=\"error\">Unable to store the following content $cur_file<br> Reason: ".$valid['error']."</div>"; } } } $html.= "<div class=\"hilite\">operation successful!</div>"; } include_once('includes/header.php'); ?> <script>divs = new Array('title','body');</script> <form action="<?echo $_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data" onSubmit="return validateForm(this,divs,'eventError');"> <table cellspacing="0" cellpadding="4" border="0"> <tr> <td>Title<span id="errtitle" class="error" style="visibility:hidden;"> *</span></td></td> <td><input type="text" name="title" value="" class="field" style="width: 200px;"></td> </tr> <tr> <td>Upload Image(s)</td> <td> <? for($i=1;$i<=10;$i++){ echo "<input type=\"file\" name=\"file".$i."\" class=\"field\"><br>"; } ?> </td> </tr> <tr> <td>Body<span id="errbody" class="error" style="visibility:hidden;"> *</span></td> <td><textarea wrap="on" name="body" class="body" style="width: 400px; height: 200px;"></textarea></td> </tr> <tr> <td colspan="2" align="center"> <input name="submit" type="submit" class="button" value="Submit Legend"> <div id="eventError" class="error" style="visibility:hidden;">Please correct the fields marked by *</div> </td> </tr> </table> </form> <?echo $html;?> <br> <? include_once('includes/footer.php'); include_once('includes/appBottom.php'); ?>