149 lines
6.1 KiB
PHP
149 lines
6.1 KiB
PHP
<?php
|
|
require_once dirname(__FILE__).'/accesscheck.php';
|
|
|
|
|
|
class imageUpload {
|
|
# crude class to handle an image, partly taken from the easyuploader (http://tincan.co.uk)
|
|
var $type = "image";
|
|
var $description = "Image";
|
|
|
|
function image() {
|
|
}
|
|
|
|
function viewImageLink($id,$width,$height,$text) {
|
|
return sprintf('<a href="javascript:viewImage(\'?page=image&id=%d\',%d,%d);">%s</a>',$id,$width,$height,$text);
|
|
}
|
|
|
|
function showInput($name,$value,$template_id = 0) {
|
|
# find image in database
|
|
global $config,$tables;
|
|
$html = '<table border=0>';
|
|
if ($name && $template_id) {
|
|
$req = Sql_Query(sprintf('select * from %s where template = %d
|
|
and filename = "%s"',$tables["templateimage"],$template_id,$name));
|
|
$imdata = Sql_Fetch_array($req);
|
|
$width = $imdata["width"];
|
|
$height = $imdata["height"];
|
|
}
|
|
$originalname = $name;
|
|
$name = safeImageName($name);
|
|
$html .= '
|
|
<script language="Javascript">
|
|
function unCheck'.$name.'() {
|
|
if (this.document.forms[0].'.$name.') {
|
|
if ((this.document.forms[0].'.$name.'_keep.checked) && (this.document.forms[0].'.$name.'.value != ""))
|
|
this.document.forms[0].'.$name.'_keep.checked = false;
|
|
}
|
|
}
|
|
</script>
|
|
';
|
|
if ($imdata["data"] && $imdata["width"] && $imdata["height"]) {
|
|
$html .= '<tr><td colspan=3>'.$GLOBALS['I18N']->get('An image exists on the server, check this box to keep the existing one').' <input type="checkbox" name="'.$name.'_keep" value="yes" checked> ';
|
|
$html .= sprintf('%s</td></tr>',$this->viewImageLink($imdata["id"],$imdata["width"],$imdata["height"],$GLOBALS['I18N']->get('View Image')));
|
|
}
|
|
else
|
|
$html .= '<tr><td colspan=3><font color=red><input type="hidden" name="'.$name.'_keep" value="no">'.$GLOBALS['I18N']->get('No Image was found').'</font></td></tr>';
|
|
$html .= '<tr><td colspan=2>'.$GLOBALS['I18N']->get('Upload new image').':</td><td><input type="hidden" name="'.$name.'_originalname" value="'.$originalname.'"><input type=file name="'.$name.'" onChange="unCheck'.$name.'();"></td></tr>';
|
|
# $html .= '<tr><td colspan=2>Caption: </td><td><input type=text name="'.$name.'_caption" size="40" value="'.$imdata["caption"].'"></td></tr>';
|
|
# $html .= '<tr><td colspan=2>Alt Tag: </td><td><input type=text name="'.$name.'_alttag" size="40" value="'.$imdata["alttag"].'"></td></tr>';
|
|
return $html . '</table>';
|
|
}
|
|
|
|
function getSubData($parent,$fielddata) {
|
|
if ($fielddata[type] != "image" || !$fielddata[data])
|
|
# invalid call
|
|
return "";
|
|
|
|
$result = array();
|
|
$req = Sql_Query(sprintf('select * from image where id = %d',$fielddata[data]));
|
|
$att = Sql_Fetch_Array($req);
|
|
while (list($key,$val) = each ($att))
|
|
$result[$fielddata[name].".".$key] = $val;
|
|
return $result;
|
|
}
|
|
|
|
function fix_php_upload_bug($tmp) {
|
|
global $config;
|
|
# dbg("Fixing upload bug in $tmp");
|
|
# copy($tmp,"/tmp/prefix.jpg");
|
|
$infile=fopen($tmp,"r"); // Open the file for the copy
|
|
$outfile=fopen("$tmp.new","w"); // create a new temp file
|
|
$file=fopen("$tmp.stripped","w"); // create a new temp file for the stripped stuff for debugging
|
|
|
|
$header=fgets($infile,255); //get the 1st line (netscape sometimes doesn't add a Content-type line)
|
|
fwrite($file,$header,strlen($header)); //copying contents to new temp file
|
|
// if its more than just a \r\n sequence then
|
|
// aargh, now I'm getting even more headers in the file
|
|
while (strlen($header)>2) {
|
|
$header=fgets($infile,255); //get next line also
|
|
fwrite($file,$header,strlen($header)); //copying contents to new temp file
|
|
}
|
|
fclose($file);
|
|
if (!$config["debug"])
|
|
unlink("$tmp.stripped");
|
|
|
|
while(!feof($infile)) { // Loop through the remaining file
|
|
$temp=fread($infile,128);
|
|
fwrite($outfile,$temp,strlen($temp)); //copying contents to new temp file
|
|
}
|
|
fclose($outfile);
|
|
fclose($infile);
|
|
copy("$tmp.new","$tmp"); //replace the original with our new bug fixed file
|
|
unlink("$tmp.new"); //and delete the new file
|
|
return filesize($tmp); //return a true file size
|
|
}
|
|
|
|
function detect_php_upload_bug($tmp) {
|
|
$infile=fopen($tmp,"r"); // Open the file
|
|
$header=fgets($infile,255); //get the 1st line (netscape sometimes doesn't add a Content-type line)
|
|
if (eregi("^Content-type: (.*)",$header,$regs) || strlen($header)>2) {
|
|
$content_type = $regs[1] ? $regs[1] : "application/octet-stream";
|
|
fclose($infile);
|
|
return trim($content_type);
|
|
}
|
|
fclose($infile);
|
|
return 0;
|
|
}
|
|
|
|
function uploadImage($imagename,$templateid) {
|
|
global $tables;
|
|
global $config;
|
|
$imagename = safeImageName($imagename);
|
|
$tmpimagefile = $_FILES[$imagename]['tmp_name'];
|
|
$originalname = $_POST[$imagename.'_originalname'];
|
|
$filename = $_FILES[$imagename]["name"];
|
|
$type = $_FILES[$imagename]["type"];
|
|
$keep = $_REQUEST[$imagename."_keep"];
|
|
|
|
# dbg("Uploading Name $imagename, File $tmpimagefile, Location $location, Type $type, ". $$type . " Location ". $$location);
|
|
# dbg("existing $existingid - $keep => ".$$keep);
|
|
if ($filename && $tmpimagefile && $tmpimagefile != "none" && ltrim($keep) != "yes") {
|
|
# dbg("Uploading $tmpimagefile");
|
|
if (!$type && $type = $this->detect_php_upload_bug($tmpimagefile))
|
|
$this->fix_php_upload_bug($tmpimagefile);
|
|
list($width,$height) = GetImageSize($tmpimagefile);
|
|
|
|
if ($width && $height) {
|
|
$fd = fopen ($tmpimagefile, "r");
|
|
$contents = fread ($fd, filesize ($tmpimagefile));
|
|
fclose ($fd);
|
|
} else {
|
|
dbg("Error detecting size of $tmpimagefile");
|
|
copy($tmpimagefile,"/tmp/invalidUpload.jpg");
|
|
}
|
|
Sql_Query(sprintf('delete from %s where template = %d and filename = "%s"',
|
|
$tables["templateimage"],$templateid,$originalname));
|
|
Sql_query(sprintf('insert into %s (template,filename,mimetype,width,height,data)
|
|
values(%d,"%s","%s",%d,%d,"%s")',
|
|
$tables["templateimage"],$templateid,
|
|
$originalname,$type,$width,$height,base64_encode($contents))
|
|
);
|
|
return Sql_insert_id();
|
|
} elseif (trim($keep) == "yes") {
|
|
# do nothing...
|
|
}
|
|
return 0;
|
|
}
|
|
}
|
|
?>
|