<?php
//=====================================
// LINKER Category Engine
//=====================================
// Filename : edit.php
// Path : Main directory
// last update : 2002/07/13
// Desc : Edit image
//=====================================
//=====================================
// Info File include
//=====================================
$time1 = microtime();
include ("./function/base_info.php");
include ("./function/main_func.php");
include ("./function/$Sdb_type.php");
include ("./function/template.php");
include ("./function/userfield_info.php");
$lan_dir = $HTTP_COOKIE_VARS[cook_lan];
if ($lan_dir && file_exists("./$lan_dir/u_common.php"))
include ("./$lan_dir/u_common.php");
else include ("./$Slang/u_common.php");
//=====================================
// DB_LAYER / TEMPLATE
//=====================================
$db = new DB_Sql($Sdb_host,$Sdb_user,$Sdb_pass,$Sselect_db);
$tpl = new Stemplate($Stemplate);
$tpl->define (array(
edit_check => "pass_check.html",
edit_form => "edit_form.html"
));
$tpl->assign(array(
TEMPLATE => $Stemplate,
DOMAIN => $Sdomain,
CHARSET => $Scharset,
MWIDTH => $Smain_width,
BGCOLOR => $Sbgcolor,
ALIGN => $Salign,
SID => $sid,
SNAME => $l_edit_link,
PAGE_HEADER => implode("",file("$Stemplate/header.html")),
PAGE_FOOTER => implode("",file("$Stemplate/footer.html"))
));
show_menu();
show_here("","",$l_edit_link);
show_search();
//===============================================
// Password check part
//===============================================
if (!$switch) {
$tpl->assign(array(
L_INPUT => $l_submit,
L_NOPASS => $l_error_nopass,
EDIT_FORM => "edit.php?switch=form"
));
$tpl->parse("MAIN","edit_check");
$tpl->simprint("MAIN");
}
//===============================================
// Print edit form part
//===============================================
if ($switch == "form") {
$tpl->dyn_define("tdcol","edit_form");
//=====================================
// Get data
//=====================================
$db->query("select * from LINKER_LINK where sid='$sid'");
if ($db->numrow) $row = $db->nrecord();
else errmsg($l_error_nolink);
// error check
if (!$passwd) errmsg($l_error_nopass);
if ($row[passwd] <> $passwd ) errmsg($l_error_misspass);
// trim and strip db data
while(list($key , $val) = each ($row))
$row[$key] = stripslashes(trim($val));
// htmlsepcial db data
$parent = view_category("sid","",$row[parent]);
$row[scont] = htmlspecial($row[scont]);
$row[lcont] = htmlspecial($row[lcont]);
$row[title] = htmlspecial($row[title]);
//=====================================
// assign data and edit form print
//=====================================
$upfile = @unserialize(stripslashes($row[upfile]));
$tpl->assign(array(
TITLE => $row[title],
SOURCE => $row[url],
SCONT => $row[scont],
LCONT => $row[lcont],
NAME => $row[name],
EMAIL => $row[email],
PARENT => $parent,
PASSWD => $row[passwd],
OPARENT => $row[parent],
IMG_NAME => $upfile[0],
IMG_UID => $upfile[1],
IMG_SIZE => size_cut($upfile[2]),
IMG_WIDTH => $upfile[3],
IMG_HEIGHT => $upfile[4],
IMG_TYPE => strtoupper($upfile[5])
));
$tpl->assign(array(
L_EDIT_CONTENT => $l_edit_content,
L_TITLE => $l_title,
L_SOURCE => $l_source,
L_CAT => $l_cat,
L_SCONT => $l_scont,
L_NAME => $l_name,
L_EMAIL => $l_email,
L_FILE_EDIT => $l_file_edit,
L_PASS => $l_pass,
L_LCONT => $l_lcont,
L_EDIT => $l_edit,
L_RESET => $l_reset
));
// userfield
for ($k=1 ;$k<=5 ;$k++) {
$u_name = ${"u_user" . $k};
$u_fname = "user". $k;
$u_value = htmlspecial(stripslashes($row["user". $k]));
if($u_name) {
$tpl->assign( array(UF_NAME => $u_name, UF_RNAME => $u_fname, UF_VALUE => $u_value));
$tpl->parse("TDCOL", ".tdcol");
$tpl->parse("OPCOL", ".opcol");
}
}
$tpl->parse("MAIN","edit_form");
$tpl->simprint("MAIN");
}
//===============================================
// user submit data edit parts
//===============================================
if ($switch=="submit")
{
// error check
if (!$sid) errmsg($l_error_nolink);
if (!$parent) errmsg($l_error_1);
if (!$title) errmsg($l_error_2);
if (!$scont) errmsg($l_error_4);
if (!$url) errmsg($l_error_3);
if (!$name) errmsg($l_error_5);
if (!$email) errmsg($l_error_6);
if (!$passwd) errmsg($l_error_7);
if(!check_email($email)) errmsg($l_error_8);
while (list($key,$val) = each($HTTP_POST_VARS)) $$key = trim($val) ;
//=====================================
// Check password and
//=====================================
$db->query("select passwd,upfile from LINKER_LINK where passwd='$opasswd' and sid='$sid'");
if (!$db->numrow) errmsg($l_error_misspass);
//=====================================
// file upload
//=====================================
$frow = $db->nrecord();
$old_upfile = unserialize(stripslashes($frow[upfile]));
if ($upfile_name && $upfile_size >0)
{
// delete old image file
@unlink("./upfile/$old_upfile[1]");
@unlink("./upfile/thumb_" . $old_upfile[1]);
$file_ext = strtolower(substr($upfile_name,-strlen(strrchr($upfile_name,"."))+1));
if (!$file_ext)
{
errmsg($l_error_12);
}
if ($Sfupext)
{
$extar = @implode("|", explode(",",$Sfupext));
if (!ereg($extar,$file_ext))
{
errmsg ($l_error_9);
}
}
$md5 = md5 (uniqid (rand()));
// Make thumbnail
if (ereg("jpg|png|gif", $file_ext))
{
$imginfo = @getimagesize ($upfile);
switch ($imginfo[2])
{
case 1: $file_ext = "gif"; break;
case 2: $file_ext = "jpg"; break;
case 3: $file_ext = "png"; break;
}
if ($imginfo[0] < $imginfo[1]) // height > width
{
$file_width = intval($Snail_height * ($imginfo[0] / $imginfo[1])) ;
$file_height = $Snail_height ;
}
else if ($imginfo[0] > $imginfo[1]) // height < width
{
$file_height = intval($Snail_width * ($imginfo[1] / $imginfo[0]));
$file_width = $Snail_width;
}
else
{
if ($Snail_width < $Snail_height)
{
$file_height = intval($Snail_width * ($imginfo[1] / $imginfo[0]));
$file_width = $Snail_width;
}
else
{
$file_width = intval($Snail_height * ($imginfo[0] / $imginfo[1])) ;
$file_height = $Snail_height ;
}
}
$dst_img = ImageCreate($file_width, $file_height);
switch ($imginfo[2])
{
case 1: $src_img = ImageCreateFromgif($upfile); break;
case 2: $src_img = ImageCreateFromjpeg($upfile); break;
case 3: $src_img = ImageCreateFrompng($upfile); break;
}
ImageCopyResized($dst_img, $src_img,0,0,0,0, $file_width, $file_height, ImageSX($src_img), ImageSY($src_img));
switch ($imginfo[2])
{
case 1: Imagegif($dst_img, "./upfile/thumb_" . $md5 ,100); break;
case 2: Imagejpeg($dst_img, "./upfile/thumb_" . $md5 ,100); break;
case 3: Imagepng($dst_img, "./upfile/thumb_" . $md5 ,100); break;
}
@ImageDestroy($dst_img);
@ImageDestroy($src_img);
}
$check_upload = move_uploaded_file($upfile, "upfile/$md5");
if ($check_upload)
{
$add_filear[0]= $upfile_name;
$add_filear[1]= $md5;
$add_filear[2]= $upfile_size;
$add_filear[3]= $imginfo[0];
$add_filear[4]= $imginfo[1];
$add_filear[5]= $file_ext;
$add_filear[6]= 0;
$add_file = serialize($add_filear);
}
} // end if
else
{
$add_file = $frow[upfile];
}
//=====================================
// if Change Parent
//=====================================
if ($oparent <> $parent) {
if (isset($oparent)) $db->query("update LINKER_CAT set sub_link = sub_link-1 where sid='$oparent'");
if (isset($parent)) $db->query("update LINKER_CAT set sub_link = sub_link+1 where sid='$parent'");
}
//=====================================
// Data update
//=====================================
$db->query("select path,pathtxt from LINKER_CAT where sid='$parent'");
$row = $db->nrecord();
$update = "
update LINKER_LINK set
title='$title',
url='$url',
parent='$parent',
path = '$row[path]',
pathtxt = '$row[pathtxt]',
scont = '$scont',
lcont = '$lcont',
name='$name',
email='$email',
passwd='$passwd',
upfile = '$add_file',
user1='$user1',
user2='$user2',
user3='$user3',
user4='$user4',
user5='$user5'
where sid='$sid'
";
$db->query($update);
echo "<meta http-equiv='refresh' content='0; url=review.php?sid=$sid'>"; exit;
}
?>