Location: PHPKode > projects > Online Fantasy Football League > offl-0.2.6/www/uploadlogo.php
<?php
/**
 * Logo upload script
 *
 * Allows users to upload logos.  Needs security revisions badly.
 *
 * @author Stephen Rochelle <hide@address.com>
 * @version OFFL v0.2
 * @copyright Copyright (c) 2004 Stephen Rochelle.  Some rights reserved.
 * @package offl-ui
 */

$pageTitle = "Logo Upload";
require_once("offlconfig.php");
require_once($DOC_ROOT . "/lib/header.php");

$imageOK = FALSE;

if (isset($_POST["method"]) && ($_POST["method"] == "upload"))
{
	if (($_POST["fflteam_id"] != $_SESSION["fflteam_id"]) && ($_SESSION["admin"] != 1))
	{
		echo "<h2 class=\"error\">Not authorized to load a logo for this team!</h2>\n";
	}
	else
	{
		$team = new OFFL_FFLTeam($_POST["fflteam_id"]);
		if (isset($_POST["removeimage"]))
		{	
			$team->setFFLTeamLogo("");
			$imageOK = TRUE;
		}
		elseif (strlen($_POST["imageurl"]))
		{	
			if (strpos($_POST["imageurl"], "http://") !== 0)
			{	$_POST["imageurl"] = "http://" .  $_POST["imageurl"];	}
			$test = @fopen($_POST["imageurl"], "r");
			if ($test === FALSE)
			{	echo "<h2 class=\"error\">Invalid link</h2>\n";	}
			else
			{	
				$team->setFFLTeamLogo($_POST["imageurl"]);
				$imageOK = TRUE;
			}
		}
		else
		{
			$allowed_image_types = array("image/gif", "image/jpeg", "image/png");
			if (in_array($_FILES["imagefile"]["type"], $allowed_image_types))
			{
				$exts = explode(".", $_FILES["imagefile"]["name"]);
				$filename = "/images/logos/" . $_POST["fflteam_id"] . "_" . time() . "." . end($exts);
				copy ($_FILES["imagefile"]["tmp_name"], $DOC_ROOT . $filename) or die ("Could not save image.");
				$imageOK = TRUE;
				$team->setFFLTeamLogo($WEB_ROOT . $filename);
			}
			else
			{	echo "<h2 class=\"error\">Images must be GIF, JPEG, or PNG</h2>\n";	}
		}
		$team->save();
	}
	if ($imageOK)
	{
		if ($_SESSION["admin"])
		{ ?><META http-equiv="refresh" content="1; URL=<?php echo "$WEB_ROOT/teams.php?mode=admin&amp;fflteam_id=" . $_POST["fflteam_id"]; ?>"><?php
		} else { ?><META http-equiv="refresh" content="1; URL=<?php echo "$WEB_ROOT/teams.php?mode=edit" ?>"><?php }
	}
} // if $_POST["method"]
else
{
?>
<form name="uploadlogo" method="post" action="<?php echo $WEB_ROOT; ?>/uploadlogo.php" enctype="multipart/form-data">
<table>
	<tr>
		<th>Upload logo from hard drive</th>
		<td><input type="file" name="imagefile"></td>
	</tr>
	<tr>
		<th>Link logo from external site</th>
		<td><input type="text" name="imageurl"></td>
	</tr>
	<tr>
		<th>Remove logo</th>
		<td><input type="checkbox" name="removeimage" /></td>
	<tr><td></td><td><input type="submit" value="Submit"></td></tr>
</table>
<input type="hidden" name="method" value="upload">
<input type="hidden" name="fflteam_id" value="<?php echo $_GET["fflteam_id"]; ?>" />
</form>
<?php
} // end else
require($DOC_ROOT . "/lib/footer.php"); ?>
Return current item: Online Fantasy Football League