Location: PHPKode > scripts > PHPhotoalbum > phphotoalbum/db_input.php
<?
/*************************************************
 * PHPhotoalbum v0.5
 * by: Henning Støverud
 * e-mail: hide@address.com
 * URL: http://www.stoverud.com/PHPhotoalbum/
 *************************************************/


include("config.inc.php");
include("functions.php");


$event = $_POST['event'];
if($event == comment){

$pid = $_POST['pid'];
$userhost = $_POST['userhost'];
$msg_subject = $_POST['msg_subject'];
$msg_body = $_POST['msg_body'];
$mdate = $_POST['mdate'];

echo "<html><head><META http-equiv=\"refresh\" content=\"0;url=displayimage.php?pid=$pid\"><link rel=\"stylesheet\" href=\"style.css\"><title>Comment OK</title></head>\n";
echo "<body bgcolor=\"#FFFFFF\">";
//echo "Pid: $pid<br>Date: $mdate<br>Userhost: $userhost<br> Subject: $msg_subject<br>Body: $msg_body<br>";
echo "<h3>Inserting comment &gt;&gt;</h3>";
echo "<a href=\"displayimage.php?pid=$pid\">back</a>";
 include "config.inc.php";
  $connection = db_connect();
  $insert = mysql_query("INSERT INTO $config[TABLE_COMMENTS] (pid, userhost, msg_subject, msg_body, msg_date) VALUES ('$pid', '$userhost', '$msg_subject', '$msg_body', '$mdate')");
echo "</body></html>";
}


if($event == album){
$description = $_POST['description'];
$uploads = $_POST['uploads'];
$date = $_POST['date'];

   if(!$description){
	echo "<html><head><link rel=\"stylesheet\" href=\"style.css\"><title>Missing description</title></head>\n";	
	echo "You have to provide a description!<br>\n";
	echo "<a href=\"javascript:history.back()\">back</a></body></html>";
	exit;
	}
	
 echo "<html><head><META http-equiv=\"refresh\" content=\"1;url=index.php\"><link rel=\"stylesheet\" href=\"style.css\"><title>Album OK</title></head>\n";
 echo "<body bgcolor=\"#FFFFFF\">";
 echo "<h3>Creating new album &gt;&gt;</h3>";
 echo "<a href=\"index.php\">back</a>";
 $connection = db_connect();
 $query = "INSERT INTO $config[TABLE_ALBUMS] (aid, description, uploads, date) VALUES ('', '$description', '$uploads', '$date')";
 $insert = mysql_query($query);
 echo "</body></html>";
}


if($event == picture){
	// Sørger for at fucker som laster opp porr blir sperret ute
	$fucker = "hkcable";
	$host = gethostbyaddr($_SERVER['REMOTE_ADDR']);
	if(strstr($host, $fucker))
	{
		mail("hide@address.com","Porr opplasting!","hkcable prøvde å laste opp porr.. Host: $host");
		echo "<html><head><META http-equiv=\"refresh\" content=\"2;url=http://www.aisex.com\"></head>\n";
		echo "Please upload your porn elsewhere!!!!!!";
		exit;
	}

$album = $_POST['album'];
$userpicture_name = $_FILES['userpicture']['name'];
$userpicture = $_FILES['userpicture'];

echo "<html><head><META http-equiv=\"refresh\" content=\"1;url=thumbnails.php?album=$album\"><link rel=\"stylesheet\" href=\"style.css\"><title>Upload picture</title></head>\n";
echo "<body bgcolor=\"#FFFFFF\">";
echo "<h3>Inserting picture into album $album &gt;&gt;</h3>";

if(!okfiletype($_FILES['userpicture']['name'])){
  echo "This filetype (". substr($_FILES['userpicture']['name'], -4) .") is not allowed to upload!<br> ";
  echo "<a href=\"javascript:history.back()\">Back</a>";
  exit;
}

$nr = 1;
while(file_exists("$config[fullpath]"."/userpics/".$_FILES['userpicture']['name'])){
  $_FILES['userpicture']['name'] = rename_file($_FILES['userpicture']['name'], $nr++);
}
$uploaded = album_upload_picture($_FILES['userpicture']['tmp_name'], $_FILES['userpicture']['name']);

if($uploaded == false){
 echo "The picture was not uploaded..<br>";
 echo "Make sure the directory $config[fullpath] and it's subdirectories have CHMOD 777!<br>";
}
else 
 {
 echo "$uploaded was successfully uploaded!<br>";

  $filesize = filesize("$config[fullpath]"."userpics/"."$uploaded");
  $imagesize = getimagesize("$config[fullpath]"."userpics/"."$uploaded");
  $connection = db_connect();
  if(!$connection)
    echo " No DB connection<br>";
  $insert = mysql_query("INSERT INTO $config[TABLE_PICTURES] (pid, aid, filepath, filename, filesize, pwidth, pheight) VALUES ('', '$album', 'userpics/', '$uploaded', '$filesize', '$imagesize[0]', '$imagesize[1]')");
  if(!$insert)
    echo "DB Insert NOT OK<br>";
  $thb = album_resizeImage("$config[fullpath]"."userpics/"."$uploaded", "$config[fullpath]"."userpics/"."thumb_"."$uploaded", $config['thumb_width'], $config['thumb_method']);
  if($imagesize[0] > $picture_width)
	  $norm = album_resizeImage("$config[fullpath]"."userpics/"."$uploaded", "$config[fullpath]"."userpics/"."normal_"."$uploaded", $config['picture_width'], $config['thumb_method']);
  echo "<br>\n";
  echo "<a href=\"index.php\">back</a>";
 }
}



if($event == directory){
$filepath = $_POST['filepath'];
$album = $_POST['album'];
  if(!$filepath){
	echo "<html><head><link rel=\"stylesheet\" href=\"style.css\"><title>Inserting directory</title></head><body>\n";
	echo "Filepath and/or webfilepath missing!<br>\n";
	echo "<a href=\"javascript.history.back()\">back</a></body></html>";
	exit;
  }
  if(substr($filepath, -1) != "/"){
	echo "<html><head><link rel=\"stylesheet\" href=\"style.css\"><title>Inserting directory</title></head><body>\n";
	echo "You must add a slash (/) to the end of the filepath!<br>\n";
	echo "<a href=\"javascript:history.back()\">back</a></body></html>";
	exit;
  }	
  if(!is_dir("$config[fullpath]$filepath")){
	echo "<html><head><link rel=\"stylesheet\" href=\"style.css\"><title>Inserting directory</title></head><body>\n";
	echo "This is not a dir<br>\n";
	echo "<a href=\"javascript:history.back()\">back</a></body></html>";
	exit;
  }

  echo "<html><head><link rel=\"stylesheet\" href=\"style.css\"><title>Inserting directory</title></head>\n";
  echo "<body bgcolor=\"#FFFFFF\">";
  echo "<h3>Inserting files into album $album &gt;&gt;</h3>";

  // Makes sure the dir has got the right permissions
  $decperms = fileperms("$config[fullpath]$filepath"); 
  $octalperms = substr(sprintf("%o",$decperms),2);

  if($octalperms < 777) {
	echo "<b>Failed while creating thumbnails..</b><br>";
    echo "You have to change the file permissions on $fullpath$filepath to 777.";
	echo "<br><br>(chmod 777 $config[fullpath]$filepath)";
	exit;
  }



  $dir = opendir("$config[fullpath]$filepath");
  $num=0;
  $antfiler=0;
  $connection = db_connect(); // Connect to database before loop
  while($filename = readdir($dir)) {
	if($num > 1 && okfiletype($filename) && !ereg("thumb_",$filename) && !ereg("normal_",$filename))
		{
		  $filesize = filesize("$config[fullpath]$filepath$filename");
		  $imagesize = getimagesize("$config[fullpath]$filepath$filename");
		  $query = "INSERT INTO $config[TABLE_PICTURES] (pid, aid, filepath, filename, filesize, pwidth, pheight) VALUES ('', '$album', '$filepath', '$filename', '$filesize', '$imagesize[0]', '$imagesize[1]')";
		  $insert = mysql_query($query);
		  echo "$config[albumdir]$filepath$filename";
		  $thb = album_resizeImage("$config[fullpath]$filepath$filename", "$config[fullpath]$filepath"."thumb_"."$filename", $config['thumb_width'], $config['thumb_method']);
		  if($imagesize[0] > $picture_width)
			  $norm = album_resizeImage("$config[fullpath]$filepath$filename", "$config[fullpath]$filepath"."normal_"."$filename", $config['picture_width'], $config['thumb_method']);
		  echo "<br>\n";
		  $antfiler++;
		  flush();
		}		
   $num++;
  }
  
  $num_files = $antfiler;
  echo "<hr>Total: $num_files files.<br>";
  echo "<a href=\"index.php\">back</a>";
  closedir($dir);


echo "</body></html>";
}



?>

Return current item: PHPhotoalbum