Parašė Zidezzon· 2008 Rugp. 31 19:08:59
#1
As bandau patalpinti kokia nors nuotrauka i weba, ir ji man neissisaugo. Direktorija į kuria talpinami failai suchmodinta į 777.
Tai kas čia pasidarė? :(
Štai
php failo kodas, per kuri talpinamos nuotraukos.
require_once "maincore.php";
require_once BASEDIR."subheader.php";
include "core.php";
include "side_left.php";
require_once INCLUDES."photo_functions_include.php";
define("SAFEMODE", @ini_get("safe_mode") ? true : false);
define("BOARDPHOTOS", IMAGES."board/");
if (!iMEMBER) fallback("../../index.php");
if (!iADMIN) {$yesuid = $userdata['user_id']; $truid = "";} else {$yesuid = $uid; $truid = "&uid=$uid";}
if (!isset($photo_id) && !isNum($photo_id)) fallback("index.php");
if (!isset($rowstart) || !isNum($rowstart)) $rowstart = 0;
if (!isset($action)) $action = "";
if (isset($status)) {
if ($status == "savepn") {
$title = $locale['sb_info'];
$message = "<b>".$locale['sb_531']."</b>";
} elseif ($status == "savepu") {
$title = $locale['sb_525'];
$message = "<b>".$locale['sb_531']."</b>";
} elseif ($status == "add") {
$title = $locale['sb_info'];
$message = "<b>".$locale['sb_532']."</b>";
$az = "<br>".$locale['sb_533'];
$buki = "<br>".$locale['sb_534'];
} elseif ($status == "sd") {
$title = $locale['sb_info'];
$message = "<b>".$locale['sb_535']."</b>";
} elseif ($status == "savelm") {
$title = $locale['sb_info'];
$message = "<b>".$locale['sb_536'].$brdsettings['user_limit_photos'].$locale['sb_537']."</b>";
} elseif ($status == "delpd") {
$title = $locale['sb_538'];
$message = "<b>".$locale['sb_539']."</b>";
} elseif ($status == "savepe") {
$title = $locale['sb_540'];
$message = "<b>".$locale['sb_541']."</b><br>\n";
if ($error == 1) { $message .= sprintf($locale['sb_542'], parsebytesize($brdsettings['photo_max_b'])); }
elseif ($error == 2) { $message .= $locale['sb_543']; }
elseif ($error == 3) { $message .= sprintf($locale['sb_544'], $brdsettings['photo_max_w'], $brdsettings['photo_max_h']); }
}
opentable($title);
echo "<div align='center'>".$message.$az.$buki."</div>\n";
closetable();
}
if (isset($_POST['cancel'])) redirect(FUSION_SELF);
define("BOARDPHOTODIR", BOARDPHOTOS.(!SAFEMODE ? $yesuid."_$photo_id/" : ""));
if ($action == "delete") {
$data = dbarray(dbquery("SELECT photo_filename,photo_thumb1,photo_thumb2 FROM ".$db_prefix."board_photo WHERE photo_id='$del_id'"));
$result = dbquery("DELETE FROM ".$db_prefix."board_photo WHERE photo_id='$del_id'");
if ($data['photo_filename']) @unlink(BOARDPHOTODIR.$data['photo_filename']);
if ($data['photo_thumb1']) @unlink(BOARDPHOTODIR.$data['photo_thumb1']);
if ($data['photo_thumb2']) @unlink(BOARDPHOTODIR.$data['photo_thumb2']);
redirect(FUSION_SELF."?status=delpd&photo_id=$photo_id".$truid);
} elseif (isset($_POST['save_photo'])) {
$error = "";
$photo_file = ""; $photo_thumb1 = ""; $photo_thumb2 = "";
if (is_uploaded_file($_FILES['photo_pic_file']['tmp_name'])) {
$photo_types = array(".gif",".jpg",".jpeg",".png");
$photo_pic = $_FILES['photo_pic_file'];
$photo_name = strtolower(substr($photo_pic['name'], 0, strrpos($photo_pic['name'], ".")));
$photo_ext = strtolower(strrchr($photo_pic['name'],"."));
$photo_dest = BOARDPHOTODIR;
if ($photo_pic['size'] > $brdsettings['photo_max_b']){
$error = 1;
} elseif (!in_array($photo_ext, $photo_types)) {
$error = 2;
} else {
$photo_file = image_exists($photo_dest, $photo_name.$photo_ext);
move_uploaded_file($photo_pic['tmp_name'], $photo_dest.$photo_file);
chmod($photo_dest.$photo_file, 0644);
$imagefile = @getimagesize($photo_dest.$photo_file);
if ($imagefile[0] > $brdsettings['photo_max_w'] || $imagefile[1] > $brdsettings['photo_max_h']) {
$error = 3;
unlink($photo_dest.$photo_file);
} else {
$photo_thumb1 = image_exists($photo_dest, $photo_name."_t1".$photo_ext);
createthumbnail($imagefile[2], $photo_dest.$photo_file, $photo_dest.$photo_thumb1, $brdsettings['thumb_w'], $brdsettings['thumb_h']);
if ($imagefile[0] > $brdsettings['photo_w'] || $imagefile[1] > $brdsettings['photo_h']) {
$photo_thumb2 = image_exists($photo_dest, $photo_name."_t2".$photo_ext);
createthumbnail($imagefile[2], $photo_dest.$photo_file, $photo_dest.$photo_thumb2, $brdsettings['photo_w'], $brdsettings['photo_h']);
}
}
}
}
if (!$error) {
$rs = dbcount("(photo_id)", "board_photo", "photo_board_id='$photo_id'");
if ($rs >= $brdsettings['user_limit_photos']) redirect(FUSION_SELF."?status=savelm&photo_id=$photo_id".$truid);
else {
$result = dbquery("INSERT INTO ".$db_prefix."board_photo (photo_board_id, photo_filename, photo_thumb1, photo_thumb2) VALUES ('$photo_id', '$photo_file', '$photo_thumb1', '$photo_thumb2')");
redirect(FUSION_SELF."?status=savepn&photo_id=$photo_id&rowstart=$rowstart".$truid);
}
}
if ($error) {
redirect(FUSION_SELF."?status=savepe&photo_id=$photo_id&error=$error".$truid);
}
} else {
$photo_filename = "";
$photo_thumb1 = "";
$photo_thumb2 = "";
$formaction = FUSION_SELF."?photo_id=$photo_id".$truid;
opentable($locale['sb_01'].": ".$locale['sb_525']);
}
echo "<form name='inputform' method='post' action='$formaction' enctype='multipart/form-data' onSubmit='return ValidateFormPhoto(this);'>
<table align='center' cellspacing='0' cellpadding='0'>
<tr>
<td colspan='2' class='tbl'>\n";
echo $locale['sb_521']." ".$brdsettings['photo_max_w']."x".$brdsettings['photo_max_h']."<br>";
echo $locale['sb_522']." ".$brdsettings['photo_max_b']."<br>";
echo $locale['sb_523']."<br><br>";
echo "</td></tr><tr>\n<td valign='top' class='tbl'>".$locale['sb_526']."</td>
<td class='tbl'><input type='file' name='photo_pic_file' class='textbox' style='width:250px;'>\n";echo "</td>
</tr>
<tr>
<td colspan='2' align='center' class='tbl'><br>
<input type='submit' name='save_photo' value='".$locale['sb_519']."' class='button'>\n";
echo "</td></tr>\n</table></form>\n";
closetable();
tablebreak();
if (!iADMIN) $yesmember = "AND board_user_id='".$userdata['user_id']."'"; else $yesmember = "";
$result = dbquery("SELECT * FROM ".$db_prefix."boards WHERE board_id='$photo_id'".$yesmember."");
$cdata = dbarray($result);
if (!iADMIN){
if ($cdata['board_user_id'] != $userdata['user_id']) fallback("../../index.php");
}
opentable($locale['sb_517']."(".$locale['sb_518'].$brdsettings['user_limit_photos'].")");
$rows = dbcount("(photo_id)", "board_photo", "photo_board_id='".$cdata['board_id']."'");
if ($rows) {
$counter = 0;
$result = dbquery("SELECT * FROM ".$db_prefix."board_photo WHERE photo_board_id='".$cdata['board_id']."' ORDER BY photo_id LIMIT $rowstart,".$brdsettings['thumbs_per_page']);
echo "<table cellpadding='0' cellspacing='1' width='100%'>\n<tr>\n";
while ($data = dbarray($result)) {
if ($counter != 0 && ($counter % $brdsettings['thumbs_per_row'] == 0)) echo "</tr>\n<tr>\n";
echo "<td class='tbl' valign='top'>";
echo "<table width='100%' cellpadding='0' cellspacing='1' class='tbl-border'>\n";
echo "<tr><td class='tbl1' align='center' valign='top'>\n";
if ($data['photo_thumb1'] && file_exists(BOARDPHOTODIR.$data['photo_thumb1'])){
echo "<a href='#info$counter' rel='facebox'><img src='".BOARDPHOTODIR.$data['photo_thumb1']."' alt='' border='0'></a>";
} else echo $locale['sb_527'];
echo "<br>\n";
echo "<a href='".FUSION_SELF."?action=delete&del_id=".$data['photo_id']."&photo_id=$photo_id".$truid."' class='side' onClick='return DeleteItem()'>".$locale['sb_delete']."</a>\n";
echo "</td>\n</tr></table></td>\n";
echo "<div id='info$counter' style='display:none;'><img src='".BOARDPHOTODIR.$data['photo_filename']."' alt='' border='0'></div>";
$counter++;
}
echo "</tr>\n</table>\n";
if ($rows > $brdsettings['thumbs_per_page']) echo "<div align='center' style='margin-top:5px;'>\n".makePageNav($rowstart,$brdsettings['thumbs_per_page'],$rows,3,FUSION_SELF."?photo_id=$photo_id".$truid."&")."\n</div>\n";
} else echo $locale['sb_527'];
closetable();
echo "<script type='text/javascript'>
function DeleteItem()
{
return confirm('".$locale['sb_quest_delete']."');
}
function ValidateFormPhoto(frm) {
if(frm.photo_pic_file.value=='') {
alert('".$locale['sb_530']."');
return false;
}
}
jQuery(document).ready(function($) {
$('a[rel*=facebox]').facebox()
})
</script>\n";
include "side_right.php";
require_once BASEDIR."footer.php";
?>
Bukit geri ir padekite :(