Mini Shell Moded By TiGER HeX
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
var
/
www
/
ridazz
/
admin
/
Linux midnightridazz 4.19.0-11-cloud-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) x86_64
Upload File :
New :
File
Dir
//var/www/ridazz/admin/submitFlick.php
<? include_once('../includes/static/configure.php'); include_once('../includes/static/util.php'); include_once('../includes/static/dbcon2.php'); include_once('../includes/static/gdimg.php'); include_once('../includes/static/sessions.php'); include_once('includes/static/util.php'); include_once('includes/appTop2.php'); $page_id = str_replace(".php","",basename($_SERVER['PHP_SELF'])); if(!has_permission($page_id)){ die("You don't have permission to view this page!"); } $html = ""; $story_title = ""; $story_body = ""; $uid=0; $num_uploads = 10; if(isset($_SESSION['admin_id'])){ $uid = isNum($_SESSION['admin_id'], 0); }elseif(isset($_SESSION['editor_id'])){ $uid = isNum($_SESSION['editor_id'], 0); } $html_msg = ""; $story_title = ""; $story_body = ""; $add_photo = false; if(isset($_POST['submit'])){ $cur_file = $_FILES['file']['name']; $cur_temp = $_FILES['file']['tmp_name']; $cur_mime = $_FILES['file']['type']; $cur_size = $_FILES['file']['size']; $cur_error = $_FILES['file']['error']; //$uid = $_SESSION['user_id']; $comment = $db->sanitize_input(sanitize_body($_REQUEST['comment'])); $location = $db->sanitize_input(sanitize_title(addslashes($_REQUEST['location']))); $year= isNum($_REQUEST['year'], 2017); $artist_id = isNum($_REQUEST['artist'], 0); if(empty($artist_id)){ $artist_id = 0; } $new_artist = $db->sanitize_input(sanitize_title($_REQUEST['newArtist'])); $valid = validate_content($cur_error,$cur_mime,$cur_size,$cur_file,GALLERY_MAX_KB); if($valid['result']){ $add_photo = true; $type = explode("/",$cur_mime); $cur_type = trim($type[0]); $unique_name = $db->sanitize_input(get_unique_filename($cur_file)); $gd = new gd_img($cur_mime,$cur_temp); if(!$gd->img_id){ die($gd->gd_error);} $good_img = true; //check to see if image needs resizing $image_info = getimagesize($cur_temp); //*******************************************************************************/ if($image_info[0] <= $image_info[1]){ //portrait if($image_info[1] <= PORTRAIT_TOLERENCE){ //don't resize $good_img = false; }elseif(($image_info[0] <= PORTRAIT_WIDTH) || ($image_info[1] <= PORTRAIT_HEIGHT)){ //don't scale up if width is undersized $id = $gd->img_id; if(!$id){ die($gd->gd_error);} }else{ //resize image $w_reduction = PORTRAIT_WIDTH/$image_info[0]; $h_reduction = PORTRAIT_HEIGHT/$image_info[1]; if($w_reduction < $h_reduction){ //width is the limit. don't scale less than this $w = PORTRAIT_WIDTH; $h = round( $w_reduction*$image_info[1] ); }else{ //height is the limit. don't scale less than this $w = round( $h_reduction *$image_info[0] ); $h = PORTRAIT_HEIGHT; } $id = $gd->gd_scale_img($w,$h,IMG_QUALITY); if(!$id){ die($gd->gd_error);} } }else{ //landscape if($image_info[0] <= LANDSCAPE_TOLERENCE){ $good_img = false; }elseif(($image_info[0] <= LANDSCAPE_WIDTH) || ($image_info[1] <= LANDSCAPE_HEIGHT)){ $id = $gd->img_id; if(!$id){ die($gd->gd_error);} }else{ //we've passed all the crietera //resize image to a height of 350 or width of 700. What ever comes first $w_reduction = LANDSCAPE_WIDTH/$image_info[0]; $h_reduction = LANDSCAPE_HEIGHT/$image_info[1]; if($h_reduction < $w_reduction){ //width is the limit. don't scale less than this $w = LANDSCAPE_WIDTH; $h = round( $w_reduction*$image_info[1] ); }else{ //height is the limit. don't scale less than this $w = round( $h_reduction *$image_info[0] ); $h = LANDSCAPE_HEIGHT; } $id = $gd->gd_scale_img($w,$h,IMG_QUALITY); if(!$id){ die($gd->gd_error);} } } /*********************************************************************************/ if($good_img){ //create thumbnail $id_t = $gd->gd_crop_img(GALLERY_THUMB_WIDTH,GALLERY_THUMB_HEIGHT,IMG_QUALITY); if(!$id_t){ die($gd->gd_error);} $res = $gd->gd_create_img($id_t,ROOT_DIR.GALLERY_SIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} //create watermark image $w_type = getimagesize(WATERMARK_FILE); $gdw = new gd_img($w_type['mime'],WATERMARK_FILE); if(!$gdw->img_id){ die($gdw->gd_error);} //apply watermark $res = $gd->gd_merge_ids($id,$gdw->img_id); if(!$res){ die($gd->gd_error);} //create image $res = $gd->gd_create_img($id,ROOT_DIR.GALLERY_LIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} }else{ $html_msg.="<div class=\"error\">The file you've added does not meet the specifed requirements!</div>"; } //add new artist if(!empty($new_artist)){ $sql = "SELECT artist_id FROM 50mm_artists WHERE artist_name='$new_artist'"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); if($db->sql_numrows($result) > 0){ //we've got a duplicate so add the flick to this artist $add_photo = true; $artist_id = $row['artist_id']; }else{ $add_photo = true; $sql = "INSERT INTO 50mm_artists (artist_name,location,user_id,approved,entry_time) VALUES ('$new_artist','$location','$uid',1,NOW())"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $sql = "SELECT LAST_INSERT_ID() AS artist_id"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); $artist_id = $row['artist_id']; } } } if(($add_photo) && ($good_img)){ //add photo $sql = "INSERT INTO 50mm_gallery (artist_id,image,user_id,comment,year_painted,location,approved,entry_time) VALUES ('$artist_id','$unique_name','$uid','$comment','$year','$location',1,NOW())"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $html_msg.= "<div class=\"hilite\">Your have successfully added your flick! Add another below.</div>"; }else{ $html_msg.="<div class=\"error\">Unable to store the following content $cur_file</div>"; } } $pg_name = basename($_SERVER['PHP_SELF']); include_once('includes/header.php'); ?> In order to successfully upload photos to the gallery please understand the limitations of the website.<BR> All photos will need to be a minimum of 650 pixels WIDE. 700 Pixels wide is optimal. <BR> Memory size limitations are 750k or smaller. Please save out photos at jpeg 4,5, or 6 quality. <BR> If the upload process hangs up you may have a photo named with improper characters or too many characters. <BR> Make sure there are no backslashes, hyphens or various other funky characters in the name of your photos. <BR>Thanks.<BR><BR><BR> <? //content //$sql = "SELECT page_body FROM 50mm_pages WHERE page_name ='submitFlick'"; //if( !($result = $db->sql_query($sql)) ){ // $sql_error = $db->sql_error(); // die($sql_error['message']); //} $row = $db->sql_fetchrow($result); $content = stripslashes($row['page_body']); echo $content; ?> <br> <?echo $html_msg;?> <script> count=0; function validateFlickForm(theForm) { err = false; divs = new Array('errfile','errartist','flickError','artistError'); for(i=0;i<divs.length;i++){ var div = divs[i]; visibleOff(div);//turn off every div } if(theForm['file'].value == ""){ err = true;visibleOn('errfile'); } if((theForm['artist'].value == "")){ err = true; visibleOn('errartist'); visibleOn('artistError'); } if (err) { visibleOn('flickError'); return false; } count++; if(count==1){ return true; }else{ alert ("We are currently processing your request."); return false; } } </script> <form id="gallery" action="<?echo $_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data" onSubmit="return validateFlickForm(this);"> <table cellspacing="0" cellpadding="4" border="0"> <tr> <td>Upload Image<span id="errfile" class="error" style="visibility:hidden;"> *</span></td> <td><input type="file" name="file" class="field"></td> </tr> <tr> <td>Artist Name<span id="errartist" class="error" style="visibility:hidden;"> *</span></td> <td> <table cellspacing="0" cellpadding="0" border="0"> <tr> <td>Select a Midnight Ridazz Gallery Section<br> <?//make drop down menu $sql = "SELECT artist_name,artist_id FROM 50mm_artists WHERE approved = 1 ORDER BY artist_name ASC;"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $options = '<select name="artist">'."\n"; $options.= '<option value="">-- select artist --</option>'."\n"; while($row = $db->sql_fetchrow($result)){ $options.= '<option value="'.$row['artist_id'].'">'.$row['artist_name'].'</option>'."\n"; } $options.= '</select>'."\n"; echo $options; ?> </td><!-- <td width="30" align="center" style="padding-top:10px;">OR</td> <td>Add a new section.<br> <input type="text" name="newArtist" value="" class="field"></td> </tr>--> </table> </td> </tr> <!--<tr> <td>City/Country</td> <td><input type="text" name="location" value="" class="field"></td>--> </tr> <tr valign="top"> <td><b>Comments:</td> <td><textarea wrap="on" name="comment" class="body" style="width: 400px; height: 200px;"></textarea></td> </tr> <tr><td>Year Taken</td> <td> <?//make drop down menu $year = 2000; $year_end = date('Y') + 1; $options = '<select name="year">'."\n"; $options.= '<option value="">-- select year --</option>'."\n"; for($year;$year<=$year_end;$year++){ $options.= '<option value="'.$year.'">'.$year.'</option>'."\n"; } $options.= '</select>'."\n"; echo $options; ?> </td></tr> <tr> <td colspan="2" align="center"> <input name="submit" type="submit" class="button" value="Submit Photo"> <div id="flickError" class="error" style="visibility:hidden;">FAILED UPLOAD: Please correct the fields marked by *</div> <div id="artistError" class="error" style="visibility:hidden;">You must specify a category from the pulldown menu.</div> </td> </tr> </table> </form> <? include_once('includes/footer.php'); include_once('includes/appBottom.php'); ?>