Файл: setk/plugins/notes/add.php
Строк: 775
<?
function check ($msg) {
if (is_array($msg)) {
foreach($msg as $key => $val) {
$msg[$key] = self::check($val);
}
} else {
$msg = htmlspecialchars($msg);
$search = array(' ','|', ''', '$', '\', '^', '%', '`', "�", "x00", "x1A", chr(226) . chr(128) . chr(174));
$replace = array(' ','|', ''', '$', '\', '^', '%', '`', '', '', '', '');
$msg = str_replace($search, $replace, $msg);
$msg = stripslashes(trim($msg));
} return $msg;
}
/*
=======================================
Дневники для Dcms-Social
Автор: Искатель
---------------------------------------
Этот скрипт распостроняется по лицензии
движка Dcms-Social.
При использовании указывать ссылку на
оф. сайт http://dcms-social.ru
---------------------------------------
Контакты
ICQ: 587863132
http://dcms-social.ru
=======================================
*/
include_once '../../sys/inc/start.php';
include_once '../../sys/inc/compress.php';
include_once '../../sys/inc/sess.php';
include_once '../../sys/inc/home.php';
include_once '../../sys/inc/settings.php';
include_once '../../sys/inc/db_connect.php';
include_once '../../sys/inc/ipua.php';
include_once '../../sys/inc/fnc.php';
include_once '../../sys/inc/adm_check.php';
include_once '../../sys/inc/user.php';
/* Бан пользователя */
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `ban` WHERE `razdel` = 'notes' AND `id_user` = '$user[id]' AND (`time` > '$time' OR `view` = '0' OR `navsegda` = '1')"), 0)!=0)
{
header('Location: /ban.php?'.SID);exit;
}
if (isset($user) && isset($_GET['upload_photo']))
{
$set['title']='Новый дневник-добавление фото'; // заголовок страницы
if (isset($user) && isset($_GET['del']) && isset($_SESSION['file'][$_GET['del']]))
{
unlink($_SESSION['file'][$_GET['del']]['photo']['tmp_name']);
unset($_SESSION['file'][$_GET['del']]['photo']);
}
/*
==================================
Удаление файла
==================================
*/
if (isset($_FILES['file_f']) && preg_match('#.#', $_FILES['file_f']['name']) && isset($_POST['file_s']))
{
copy($_FILES['file_f']['tmp_name'], H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp');
chmod(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp', 0777);
if (isset($_SESSION['file']))$next_f=count($_SESSION['file']);else $next_f=0;
$file=esc(stripcslashes(htmlspecialchars($_FILES['file_f']['name'])));
$_SESSION['file'][$next_f]['photo']['name']=preg_replace('#.[^.]*$#i', NULL, $file); // имя файла без расширения
$_SESSION['file'][$next_f]['photo']['ras']=strtolower(preg_replace('#^.*.#i', NULL, $file));
$_SESSION['file'][$next_f]['photo']['tmp_name']=H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp';
$_SESSION['file'][$next_f]['photo']['size']=filesize(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp');
$_SESSION['file'][$next_f]['photo']['type']=$_FILES['file_f']['type'];
/*
==================================
Проверяем максимально допустимый размер
==================================
*/
/*
==================================
Проверка на тип файла.Разрешены только картинки
==================================
*/
$rasss=explode(';','jpeg;jpg;bmp;gif');
$ok=false;
for($i=0;$i<count($rasss);$i++)
{
if ($rasss[$i]!=NULL && $_SESSION['file'][$next_f]['photo']['ras']==$rasss[$i])$ok=true;
}
if (!$ok)$err='Запрещенный тип файла';
if(!isset($err)){
$_SESSION['message'] = 'Фото добавлено';
}
else
{
unlink($_SESSION['file'][$next_f]['photo']['tmp_name']);
}
}
include_once '../../sys/inc/thead.php';
title();
aut();
err();
/*
==================================
Выводим форму загрузку файлов
==================================
*/
if (isset($_SESSION['file']))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['photo']) && is_file($_SESSION['file'][$i]['photo']['tmp_name']))
{
if (is_file(H.'plugins/notes/icons/'.$_SESSION['file'][$i]['photo']['ras'].'.png'))
{
echo "<img src='/plugins/notes/icons/".$_SESSION['file'][$i]['photo']['ras'].".png' alt='".$_SESSION['file'][$i]['photo']['ras']."' />n";
}
else
{
echo "<img src='/plugins/notes/icons/file.png' alt='' />n";
}
echo $_SESSION['file'][$i]['photo']['name'].'.'.$_SESSION['file'][$i]['photo']['ras'].' (';
echo size_file($_SESSION['file'][$i]['photo']['size']);
echo ") <a href='?upload_photo&del=$i' title='Удалить из списка'><img src='/style/icons/delete.gif' alt='' /></a>n";
echo "<br />n";
}
}
}
$total=0;
$summ=glob($_SERVER['DOCUMENT_ROOT'] . '/sys/tmp/*.tmp');
if ($summ)
{
foreach ($summ AS $file)
{
$total++;
}
}
if($total<8){
echo "<form method='post' name='message' enctype='multipart/form-data' action="?upload_photo">n";
echo "<input name='file_f' type='file' /><br />n";
echo "<input name='file_s' value='Добавить фото' type='submit' /><br /></form>n";
}
else
{
echo "<div class='mess'>Вы не можете прикреплять файлов больше 8 !!!!</div>";
}
echo "<div class="foot">n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href='add.php'>Назад</a>";
echo "</div>n";
include_once '../../sys/inc/tfoot.php';
}
/////////////////////////////////////////////////////////////////
if (isset($user) && isset($_GET['upload_video']))
{
$set['title']='Новый дневник-добавление видео'; // заголовок страницы
/*
==================================
Удаление файла
==================================
*/
if (isset($user) && isset($_GET['del']) && is_numeric($_GET['del']) && isset($_SESSION['file'][$_GET['del']]['video']))
{
unlink($_SESSION['file'][$_GET['del']]['video']['tmp_name']);
unset($_SESSION['file'][$_GET['del']]['video']);
header("Location:?upload_video");
}
if (isset($_FILES['file_f']) && preg_match('#.#', $_FILES['file_f']['name']) && isset($_POST['file_s']))
{
copy($_FILES['file_f']['tmp_name'], H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp');
chmod(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp', 0777);
if (isset($_SESSION['file']))$next_f=count($_SESSION['file']);else $next_f=0;
$file=esc(stripcslashes(htmlspecialchars($_FILES['file_f']['name'])));
$_SESSION['file'][$next_f]['video']['name']=preg_replace('#.[^.]*$#i', NULL, $file); // имя файла без расширения
$_SESSION['file'][$next_f]['video']['ras']=strtolower(preg_replace('#^.*.#i', NULL, $file));
$_SESSION['file'][$next_f]['video']['tmp_name']=H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp';
$_SESSION['file'][$next_f]['video']['size']=filesize(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp');
$_SESSION['file'][$next_f]['video']['type']=$_FILES['file_f']['type'];
/*
==================================
Проверяем максимально допустимый размер
==================================
*/
if ($_SESSION['file'][$next_f]['video']['size']>33554455){
$err[]='Размер файла превышает установленные ограничения';
}
/*
==================================
Проверка на тип файла.Разрешены только картинки
==================================
*/
$rasss=explode(';','3gp;avi;mp4;mpeg4;flv');
$ok=false;
for($i=0;$i<count($rasss);$i++)
{
if ($rasss[$i]!=NULL && $_SESSION['file'][$next_f]['video']['ras']==$rasss[$i])$ok=true;
}
if (!$ok)$err='Запрещенный тип файла';
if(!isset($err)){
$_SESSION['message'] = 'Видео добавлено';
}
else{
unlink($_SESSION['file'][$next_f]['video']['tmp_name']);
unset($_SESSION['file']);
}
}
include_once '../../sys/inc/thead.php';
title();
aut();
err();
/*
==================================
Выводим форму загрузку файлов
==================================
*/
if (isset($_SESSION['file']))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['video']) && is_file($_SESSION['file'][$i]['video']['tmp_name']))
{
if (is_file(H.'plugins/notes/icons/'.$_SESSION['file'][$i]['video']['ras'].'.png'))
{
echo "<img src='/plugins/notes/icons/".$_SESSION['file'][$i]['video']['ras'].".png' alt='".$_SESSION['file'][$i]['video']['ras']."' />n";
}
else
{
echo "<img src='/plugins/notes/icons/file.png' alt='' />n";
}
echo $_SESSION['file'][$i]['video']['name'].'.'.$_SESSION['file'][$i]['video']['ras'].' (';
echo size_file($_SESSION['file'][$i]['video']['size']);
echo ") <a href='?upload_video&del=$i' title='Удалить из списка'><img src='/style/icons/delete.gif' alt='' /></a>n";
echo "<br />n";
}
}
}
$total=0;
$summ=glob($_SERVER['DOCUMENT_ROOT'] . '/sys/tmp/*.tmp');
if ($summ)
{
foreach ($summ AS $file)
{
$total++;
}
}
if($total<8){
echo "<form method='post' name='message' enctype='multipart/form-data' action="?upload_video">n";
echo "<input name='file_f' type='file' /><br />n";
echo "<input name='file_s' value='Загрузить видео' type='submit' /><br />n";
echo "</form><table width='99%'>n";
}
else
{
echo "<div class='mess'>Вы не можете прикреплять файлов больше 8 !!!!</div>";
}
echo "<div class="foot">n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href='add.php'>Назад</a>";
echo "</div>n";
include_once '../../sys/inc/tfoot.php';
}
//////////////////////////////////////////////////////////////////////////////////
if (isset($user) && isset($_GET['upload_audio']))
{
/*
==================================
Удаление файла
==================================
*/
if (isset($user) && isset($_GET['del']) && is_numeric($_GET['del']) && isset($_SESSION['file'][$_GET['del']]['audio']))
{
unlink($_SESSION['file'][$_GET['del']]['audio']['tmp_name']);
unset($_SESSION['file'][$_GET['del']]['audio']);
header("Location:?upload_audio");
}
if (isset($_FILES['file_f']) && preg_match('#.#', $_FILES['file_f']['name']) && isset($_POST['file_s']))
{
copy($_FILES['file_f']['tmp_name'], H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp');
chmod(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp', 0777);
if (isset($_SESSION['file']))$next_f=count($_SESSION['file']);else $next_f=0;
$file=esc(stripcslashes(htmlspecialchars($_FILES['file_f']['name'])));
$_SESSION['file'][$next_f]['audio']['name']=preg_replace('#.[^.]*$#i', NULL, $file); // имя файла без расширения
$_SESSION['file'][$next_f]['audio']['ras']=strtolower(preg_replace('#^.*.#i', NULL, $file));
$_SESSION['file'][$next_f]['audio']['tmp_name']=H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp';
$_SESSION['file'][$next_f]['audio']['size']=filesize(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp');
$_SESSION['file'][$next_f]['audio']['type']=$_FILES['file_f']['type'];
/*
==================================
Проверяем максимально допустимый размер
==================================
*/
if ($_SESSION['file'][$next_f]['audio']['size']>33554455){
$err[]='Размер файла превышает установленные ограничения';
}
/*
==================================
Проверка на тип файла.Разрешены только картинки
==================================
*/
$rasss=explode(';','mp3;amr;wmv;midi');
$ok=false;
for($i=0;$i<count($rasss);$i++)
{
if ($rasss[$i]!=NULL && $_SESSION['file'][$next_f]['audio']['ras']==$rasss[$i])$ok=true;
}
if (!$ok)$err='Запрещенный тип файла';
if(!isset($err)){
$_SESSION['message'] = 'Аудиофайл добавлен';
}
else{
unlink($_SESSION['file'][$next_f]['audio']['tmp_name']);
unset($_SESSION['file']);
}
}
include_once '../../sys/inc/thead.php';
$set['title']='Новый дневник-добавление аудиофайла'; // заголовок страницы
title();
aut();
err();
/*
==================================
Выводим форму загрузку файлов
==================================
*/
if (isset($_SESSION['file']))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['audio']) && is_file($_SESSION['file'][$i]['audio']['tmp_name']))
{
if (is_file(H.'plugins/notes/icons/'.$_SESSION['file'][$i]['audio']['ras'].'.png'))
{
echo "<img src='/plugins/notes/icons/".$_SESSION['file'][$i]['audio']['ras'].".png' alt='".$_SESSION['file'][$i]['audio']['ras']."' />n";
}
else
{
echo "<img src='/plugins/notes/icons/file.png' alt='' />n";
}
echo $_SESSION['file'][$i]['audio']['name'].'.'.$_SESSION['file'][$i]['audio']['ras'].' (';
echo size_file($_SESSION['file'][$i]['audio']['size']);
echo ") <a href='?upload_audio&del=$i' title='Удалить из списка'><img src='/style/icons/delete.gif' alt='' /></a>n";
echo "<br />n";
}
}
}
$total=0;
$summ=glob($_SERVER['DOCUMENT_ROOT'] . '/sys/tmp/*.tmp');
if ($summ)
{
foreach ($summ AS $file)
{
$total++;
}
}
if($total<8){
echo "<form method='post' name='message' enctype='multipart/form-data' action="?upload_audio">n";
echo "<input name='file_f' type='file' /><br />n";
echo "<input name='file_s' value='Загрузить аудио' type='submit' /><br />n";
echo "</form><table width='99%'>n";
}
else
{
echo "<div class='mess'>Вы не можете прикреплять файлов больше 8 !!!!</div>";
}
echo "<div class="foot">n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href='add.php'>Назад</a>";
echo "</div>n";
include_once '../../sys/inc/tfoot.php';
}
if (isset($user) && isset($_GET['upload_files']))
{
$set['title']='Новый дневник-добавление файла'; // заголовок страницы
if (isset($user) && isset($_GET['del']) && is_numeric($_GET['del']) && isset($_SESSION['file'][$_GET['del']]['files']))
{
unlink($_SESSION['file'][$_GET['del']]['files']['tmp_name']);
unset($_SESSION['file'][$_GET['del']]['files']);
header("Location:?upload_files");
}
/*
==================================
Удаление файла
==================================
*/
if (isset($_FILES['file_f']) && preg_match('#.#', $_FILES['file_f']['name']) && isset($_POST['file_s']))
{
copy($_FILES['file_f']['tmp_name'], H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp');
chmod(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp', 0777);
if (isset($_SESSION['file']))$next_f=count($_SESSION['file']);else $next_f=0;
$file=esc(stripcslashes(htmlspecialchars($_FILES['file_f']['name'])));
$_SESSION['file'][$next_f]['files']['name']=preg_replace('#.[^.]*$#i', NULL, $file); // имя файла без расширения
$_SESSION['file'][$next_f]['files']['ras']=strtolower(preg_replace('#^.*.#i', NULL, $file));
$_SESSION['file'][$next_f]['files']['tmp_name']=H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp';
$_SESSION['file'][$next_f]['files']['size']=filesize(H.'sys/tmp/'.$user['id'].'_'.md5_file($_FILES['file_f']['tmp_name']).'.tmp');
$_SESSION['file'][$next_f]['files']['type']=$_FILES['file_f']['type'];
/*
==================================
Проверяем максимально допустимый размер
==================================
*/
if ($_SESSION['file'][$next_f]['files']['size']>33554455){
$err[]='Размер файла превышает установленные ограничения';
}
/*
==================================
Проверка на тип файла.Разрешены только картинки
==================================
*/
$rasss=explode(';','txt;zip;rar;jar;jad;exe;sis;apk;fiv');
$ok=false;
for($i=0;$i<count($rasss);$i++)
{
if ($rasss[$i]!=NULL && $_SESSION['file'][$next_f]['files']['ras']==$rasss[$i])$ok=true;
}
if (!$ok)$err='Запрещенный тип файла';
if(!isset($err)){
$_SESSION['message'] = 'Файл добавлено';
}
else{
unlink($_SESSION['file'][$next_f]['files']['tmp_name']);
unset($_SESSION['file']);
}
}
include_once '../../sys/inc/thead.php';
title();
aut();
err();
/*
==================================
Выводим форму загрузку файлов
==================================
*/
if (isset($_SESSION['file']))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['files']) && is_file($_SESSION['file'][$i]['files']['tmp_name']))
{
if (is_file(H.'plugins/notes/icons/'.$_SESSION['file'][$i]['files']['ras'].'.png'))
{
echo "<img src='/plugins/notes/icons/".$_SESSION['file'][$i]['files']['ras'].".png' alt='".$_SESSION['file'][$i]['files']['ras']."' />n";
}
else
{
echo "<img src='/plugins/notes/icons/file.png' alt='' />n";
}
echo $_SESSION['file'][$i]['files']['name'].'.'.$_SESSION['file'][$i]['files']['ras'].' (';
echo size_file($_SESSION['file'][$i]['files']['size']);
echo ") <a href='?upload_files&del=$i' title='Удалить из списка'><img src='/style/icons/delete.gif' alt='' /></a>n";
echo "<br />n";
}
}
}
$total=0;
$summ=glob($_SERVER['DOCUMENT_ROOT'] . '/sys/tmp/*.tmp');
if ($summ)
{
foreach ($summ AS $file)
{
$total++;
}
}
if($total<8){
echo "<form method='post' name='message' enctype='multipart/form-data' action="?upload_files">n";
echo "<input name='file_f' type='file' /><br />n";
echo "<input name='file_s' value='Загрузить' type='submit' /><br />n";
echo "</form><table width='99%'>n";
}
else
{
echo "<div class='mess'>Вы не можете прикреплять файлов больше 8 !!!!</div>";
}
echo "<div class="foot">n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href='add.php'>Назад</a>";
echo "</div>n";
include_once '../../sys/inc/tfoot.php';
}
/////////////////////////////////////////////////////////////////
$set['title']='Новый дневник';
include_once '../../sys/inc/thead.php';
title();
if (!isset($user))header("location: index.php?");
if (isset($_POST['title']) && isset($_POST['msg']))
{
if (($user['rating'] < 2 || $user['group_access'] < 6 ))
{
if (!isset($_SESSION['captcha']))$err[]='Ошибка проверочного числа';
if (!isset($_POST['chislo']))$err[]='Введите проверочное число';
elseif ($_POST['chislo']==null)$err[]='Введите проверочное число';
elseif ($_POST['chislo']!=$_SESSION['captcha'])$err[]='Проверьте правильность ввода проверочного числа';
}
if(isset($_POST['vote']) && $_POST['vote']=='1')
{
$variable=check($_POST['variant']);
if(strlen2($variable)<1)
{
$err='Заполните варианты ответов';
}
$variable_1=check($_POST['variant_1']);
if(strlen2($variable_1)<1)
{
$err='Заполните варианты ответов';
}
$variable_2=check($_POST['variant_2']);
$variable_3=check($_POST['variant_3']);
$variable_4=check($_POST['variant_4']);
$variable_5=check($_POST['variant_5']);
$variable_6=check($_POST['variant_6']);
$vote_text=check($_POST['vote_text']);
if (($_POST['times'])==NULL){
$times='0';
}
else
{
$times=$time+$_POST['times'];
}
}
if (!isset($err))
{
$title=check($_POST['title'],1);
$msg=check($_POST['msg']);
$id_dir=intval($_POST['id_dir']);
if (isset($_POST['private'])){
$privat=intval($_POST['private']);
}else{
$privat=0;
}
if (isset($_POST['private_komm'])){
$privat_komm=intval($_POST['private_komm']);
}else{
$privat_komm=0;
}
$type=0;
if (strlen2($title)>32){$err='Название не может превышать больше 32 символов';}
if (strlen2($title)<3){$err='Короткое название';}
if (strlen2($msg)>30000){$err='Содержание не может превышать больше 30000 символов';}
if (strlen2($msg)<2 && $type == 0){$err='Содержание слишком короткое';}
if (!isset($err)){
if($_POST['vote']=='1'){
mysql_query("INSERT INTO `notes` (`time`, `msg`, `name`, `id_user`, `private`, `private_komm`, `id_dir`, `type`,`votes`,`votes_text`,`times`) values('$time', '$msg', '$title', '$user[id]', '$privat', '$privat_komm', '$id_dir', '$type','1','$vote_text','$times')");
}
else
{
mysql_query("INSERT INTO `notes` (`time`, `msg`, `name`, `id_user`, `private`, `private_komm`, `id_dir`, `type`) values('$time', '$msg', '$title', '$user[id]', '$privat', '$privat_komm', '$id_dir', '$type')");
}
$st = mysql_insert_id();
if($_POST['vote']=='1')
{
mysql_query("INSERT INTO `notes_votes` (`id_notes`, `variant`, `number`) VALUES ('$st', '$variable', '1')");
mysql_query("INSERT INTO `notes_votes` (`id_notes`, `variant`, `number`) VALUES ('$st', '$variable_1', '2')");
mysql_query("INSERT INTO `notes_votes` (`id_notes`, `variant`, `number`) VALUES ('$st', '$variable_2', '3')");
mysql_query("INSERT INTO `notes_votes` (`id_notes`, `variant`, `number`) VALUES ('$st', '$variable_3', '4')");
mysql_query("INSERT INTO `notes_votes` (`id_notes`, `variant`, `number`) VALUES ('$st', '$variable_4', '5')");
mysql_query("INSERT INTO `notes_votes` (`id_notes`, `variant`, `number`) VALUES ('$st', '$variable_5', '6')");
mysql_query("INSERT INTO `notes_votes`(`id_notes`, `variant`, `number`) VALUES ('$st', '$variable_6', '7')");
}
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['photo']) && is_file($_SESSION['file'][$i]['photo']['tmp_name'] )&& isset($user))
{
mysql_query("INSERT INTO `notes_files` (`notes_id`, `name`, `ras`, `size`, `type`) values('".$st."', '".$_SESSION['file'][$i]['photo']['name']."', '".$_SESSION['file'][$i]['photo']['ras']."', '".$_SESSION['file'][$i]['photo']['size']."', '".$_SESSION['file'][$i]['photo']['type']."')");
$f = mysql_insert_id();
if ($_SESSION['file'][$i]['photo']['ras']=='jpg' ||$_SESSION['file'][$i]['photo']['ras']=='jpeg'){
if ($imgc=@imagecreatefromstring(file_get_contents($_SESSION['file'][$i]['photo']['tmp_name'])))
{
$img_x=imagesx($imgc);
$img_y=imagesy($imgc);
if ($img_x==$img_y)
{
$dstW=128; // ширина
$dstH=128; // высота
}
elseif ($img_x>$img_y)
{
$prop=$img_x/$img_y;
$dstW=128;
$dstH=ceil($dstW/$prop);
}
else
{
$prop=$img_y/$img_x;
$dstH=128;
$dstW=ceil($dstH/$prop);
}
$screen=imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagedestroy($imgc);
$screen=img_copyright($screen); // наложение копирайта
imagegif($screen,H."sys/notes/screen/128/$f.gif");
imagedestroy($screen);
}
////////////////////////////////////////////////////////////////////////////////
/*
==================================
Для веб
==================================
*/
if ($imgc=@imagecreatefromstring(file_get_contents($_SESSION['file'][$i]['photo']['tmp_name'])))
{
$img_x=imagesx($imgc);
$img_y=imagesy($imgc);
if ($img_x==$img_y)
{
$dstW=300; // ширина
$dstH=300; // высота
}
elseif ($img_x>$img_y)
{
$prop=$img_x/$img_y;
$dstW=300;
$dstH=ceil($dstW/$prop);
}
else
{
$prop=$img_y/$img_x;
$dstH=300;
$dstW=ceil($dstH/$prop);
}
$screen=imagecreatetruecolor($dstW, $dstH);
imagecopyresampled($screen, $imgc, 0, 0, 0, 0, $dstW, $dstH, $img_x, $img_y);
imagedestroy($imgc);
$screen=img_copyright($screen); // наложение копирайта
imagegif($screen,H."sys/notes/screen/320/$f.gif");
imagedestroy($screen);
}
$file = mysql_insert_id();
copy($_SESSION['file'][$i]['photo']['tmp_name'], H.'sys/notes/files/'.$file.'.dat');
}
if ($_SESSION['file'][$i]['photo']['ras']=='gif'){
if (isset($_SESSION['file'][$i]['photo']) && is_file($_SESSION['file'][$i]['photo']['tmp_name']) && $imgc=@imagecreatefromgif($_SESSION['file'][$i]['photo']['tmp_name']))
{
include_once '../../sys/inc/gif_resize.php';
$screen=gif_resize(fread ( fopen ($_SESSION['file'][$i]['photo']['tmp_name'], "rb" ), filesize ($_SESSION['file'][$i]['photo']['tmp_name']) ),128,128);
$s = mysql_insert_id();
file_put_contents(H."sys/notes/screen/128/$s.gif", $screen);
}
}
if ($_SESSION['file'][$i]['photo']['ras']=='gif'){
if (isset($_SESSION['file'][$i]['photo']) && is_file($_SESSION['file'][$i]['photo']['tmp_name']) && $imgc=@imagecreatefromgif($_SESSION['file'][$i]['photo']['tmp_name']))
{
include_once '../../sys/inc/gif_resize.php';
$screen=gif_resize(fread ( fopen ($_SESSION['file'][$i]['photo']['tmp_name'], "rb" ), filesize ($_SESSION['file'][$i]['photo']['tmp_name']) ),320,320); $s = mysql_insert_id();
file_put_contents(H."sys/notes/screen/320/$s.gif", $screen);
}
}
}
}
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['video']) && is_file($_SESSION['file'][$i]['video']['tmp_name'] )&& isset($user)){
mysql_query("INSERT INTO `notes_files` (`notes_id`, `name`, `ras`, `size`, `type`) values('".$st."', '".$_SESSION['file'][$i]['video']['name']."', '".$_SESSION['file'][$i]['video']['ras']."', '".$_SESSION['file'][$i]['video']['size']."', '".$_SESSION['file'][$i]['video']['type']."')");
$file = mysql_insert_id();
copy($_SESSION['file'][$i]['video']['tmp_name'], H.'sys/notes/files/'.$file.'.dat');
}
if ($_SESSION['file'][$i]['video']['ras']=='3gp' || $_SESSION['file'][$i]['video']['ras']=='mp4' || $_SESSION['file'][$i]['video']['ras']=='mpeg4' || $_SESSION['file'][$i]['video']['ras']=='flv'|| $_SESSION['file'][$i]['video']['ras']=='avi'){
if (class_exists('ffmpeg_movie')){
$media = new ffmpeg_movie($_SESSION['file'][$i]['video']['tmp_name']);
$k_frame=intval($media->getFrameCount());
$w = $media->GetFrameWidth();
$h = $media->GetFrameHeight();
$ff_frame = $media->getFrame(intval($k_frame/2));
if ($ff_frame) {
$gd_image = $ff_frame->toGDImage();
if ($gd_image) {
$des_img = imagecreatetruecolor(128, 128);
$s_img = $gd_image;
imagecopyresampled($des_img, $s_img, 0, 0, 0, 0, 128, 128, $w, $h);
$des_img=img_copyright($des_img); // наложение копирайта
$s = mysql_insert_id();
imagegif($des_img,H."sys/notes/screen/128/$s.gif");
chmod(H."sys/notes/screen/128/$s.gif", 0777);
imagedestroy($des_img);
imagedestroy($s_img);
}
}
}
if (class_exists('ffmpeg_movie')){
$media = new ffmpeg_movie($_SESSION['file'][$i]['video']['tmp_name']);
$k_frame=intval($media->getFrameCount());
$w = $media->GetFrameWidth();
$h = $media->GetFrameHeight();
$ff_frame = $media->getFrame(intval($k_frame/2));
if ($ff_frame) {
$gd_image = $ff_frame->toGDImage();
if ($gd_image) {
$des_img = imagecreatetruecolor(320, 320);
$s_img = $gd_image;
imagecopyresampled($des_img, $s_img, 0, 0, 0, 0, 320, 320, $w, $h);
$des_img=img_copyright($des_img); // наложение копирайта
$s = mysql_insert_id();
imagegif($des_img,H."sys/notes/screen/320/$s.gif");
chmod(H."sys/notes/screen/320/$st.gif", 0777);
imagedestroy($des_img);
imagedestroy($s_img);
}
}
}
}
}
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['audio']) && is_file($_SESSION['file'][$i]['audio']['tmp_name'] )&& isset($user))
{
mysql_query("INSERT INTO `notes_files` (`notes_id`, `name`, `ras`, `size`, `type`) values('".$st."', '".$_SESSION['file'][$i]['audio']['name']."', '".$_SESSION['file'][$i]['audio']['ras']."', '".$_SESSION['file'][$i]['audio']['size']."', '".$_SESSION['file']['audio']['type']."')");
$file = mysql_insert_id();
copy($_SESSION['file'][$i]['audio']['tmp_name'], H.'sys/notes/files/'.$file.'.dat');
}
}
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['files']) && is_file($_SESSION['file'][$i]['files']['tmp_name'] )&& isset($user))
{
mysql_query("INSERT INTO `notes_files` (`notes_id`, `name`, `ras`, `size`, `type`) values('".$st."', '".$_SESSION['file'][$i]['files']['name']."', '".$_SESSION['file'][$i]['files']['ras']."', '".$_SESSION['file'][$i]['files']['size']."', '".$_SESSION['file'][$i]['files']['type']."')");
$file = mysql_insert_id();
copy($_SESSION['file'][$i]['files']['tmp_name'], H.'sys/notes/files/'.$file.'.dat');
}
}
unset($_SESSION['file']);
foreach (glob("$_SERVER[DOCUMENT_ROOT]/sys/tmp/*.tmp") as $filename) {
unlink($filename);
}
/*
===================================
Лента
===================================
*/
$q = mysql_query("SELECT * FROM `frends` WHERE `user` = '".$user['id']."' AND `i` = '1'");
while ($f = mysql_fetch_array($q))
{
$a=get_user($f['frend']);
$lentaSet = mysql_fetch_array(mysql_query("SELECT * FROM `tape_set` WHERE `id_user` = '".$a['id']."' LIMIT 1")); // Общая настройка ленты
if ($f['lenta_notes'] == 1 && $lentaSet['lenta_notes'] == 1 ) // фильтр рассылки
mysql_query("INSERT INTO `tape` (`id_user`,`avtor`, `type`, `time`, `id_file`) values('$a[id]', '$user[id]', 'notes', '$time', '$st')");
}
mysql_query("OPTIMIZE TABLE `notes`");
$_SESSION['message'] = 'Дневник успешно создан';
header("Location: list.php?id=$st");
$_SESSION['captcha']=NULL;
exit;
}
}
}
if (isset($_GET['id_dir']))
$id_dir=intval($_GET['id_dir']);
else
$id_dir=0;
if (isset($user) && isset($_GET['del']) && is_numeric($_GET['del']) && isset($_SESSION['file'][$_GET['del']]['photo']))
{
unlink($_SESSION['file'][$_GET['del']]['photo']['tmp_name']);
unset($_SESSION['file'][$_GET['del']]['photo']);
header("Location:?");
$_SESSION['message'] = 'Фото удалено';
}
if (isset($user) && isset($_GET['del']) && is_numeric($_GET['del']) && isset($_SESSION['file'][$_GET['del']]['audio']))
{
unlink($_SESSION['file'][$_GET['del']]['audio']['tmp_name']);
unset($_SESSION['file'][$_GET['del']]['audio']);
header("Location:?");
$_SESSION['message'] = 'Аудиозапись удалена';
}
if (isset($user) && isset($_GET['del']) && is_numeric($_GET['del']) && isset($_SESSION['file'][$_GET['del']]['video']))
{
unlink($_SESSION['file'][$_GET['del']]['video']['tmp_name']);
unset($_SESSION['file'][$_GET['del']]['video']);
header("Location:?");
$_SESSION['message'] = 'Видео удалено';
}
if (isset($user) && isset($_GET['del']) && is_numeric($_GET['del']) && isset($_SESSION['file'][$_GET['del']]['files']))
{
unlink($_SESSION['file'][$_GET['del']]['files']['tmp_name']);
unset($_SESSION['file'][$_GET['del']]['files']);
header("Location:?");
$_SESSION['message'] = 'Файл удален';
}
err();
aut();
echo "<div class='nav2'>";
echo "<form method="post" name="message" action="add.php">n";
echo "<img src='/style/icons/bbl5.png'> Название: <small>(32 символa)</small><br />n<input name="title" size="16" maxlength="32" value="" type="text" /><br />n";
if ($set['web'] && is_file(H.'style/themes/'.$set['set_them'].'/altername_post_form.php'))
include_once H.'style/themes/'.$set['set_them'].'/altername_post_form.php';
else
echo "<img src='/style/icons/bbl5.png'> Сообщение: <small>(3000 символов)</small> $tPanel<textarea name="msg"></textarea><br />n";
echo "</div>n";
echo "<div class="nav1">n";
echo "Добавить файлы:";
$total=0;
$summ=glob($_SERVER['DOCUMENT_ROOT'] . '/sys/tmp/*.tmp');
if ($summ)
{
foreach ($summ AS $file)
{
$total++;
}
}
echo "(<font color='red'>$total</font>/8)";
if (isset($user) && isset($_GET['open']) )
{
$_SESSION['open']='1';
}
if (isset($user) && isset($_GET['close']))
{
unset($_SESSION['open']);
}
if (isset($user) && isset($_SESSION['open']) )
{
echo " [<a href='?close'>-</a>]</br>";
}
else
{
echo " [<a href='?open'>+</a>]</br>";
}
if (isset($user) && isset($_SESSION['open']) && $_SESSION['open']=='1' )
{
echo "<img src='/plugins/notes/icons/jpg.png'> <a href='?upload_photo'> Фото</a> </br>";
echo "<img src='/plugins/notes/icons/mp4.png'> <a href='?upload_video'> Видео</a></br> ";
echo "<img src='/plugins/notes/icons/mp3.png'> <a href='?upload_audio'> Аудиофайл</a></br>";
echo "<img src='/plugins/notes/icons/file.png'> <a href='?upload_files'> Файл</a></br>";
}
if (isset($_SESSION['file']))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['photo']) && is_file($_SESSION['file'][$i]['photo']['tmp_name']))
{
if (is_file(H.'plugins/notes/icons/'.$_SESSION['file'][$i]['photo']['ras'].'.png'))
{
echo "<img src='/plugins/notes/icons/".$_SESSION['file'][$i]['photo']['ras'].".png' alt='".$_SESSION['file'][$i]['photo']['ras']."' />n";
}
else
{
echo "<img src='/plugins/notes/icons/file.png' alt='' />n";
}
echo $_SESSION['file'][$i]['photo']['name'].'.'.$_SESSION['file'][$i]['photo']['ras'].' (';
echo size_file($_SESSION['file'][$i]['photo']['size']);
echo ") <a href='add.php?del=$i' title='Удалить из списка'><img src='/style/icons/delete.gif' alt='' /></a>n";
echo "<br />n";
}
}
}
if (isset($_SESSION['file']))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['video']) && is_file($_SESSION['file'][$i]['video']['tmp_name']))
{
if (is_file(H.'plugins/notes/icons/'.$_SESSION['file'][$i]['video']['ras'].'.png'))
{
echo "<img src='/plugins/notes/icons/".$_SESSION['file'][$i]['video']['ras'].".png' alt='".$_SESSION['file'][$i]['video']['ras']."' />n";
}
else
{
echo "<img src='/plugins/notes/icons/file.png' alt='' />n";
}
echo $_SESSION['file'][$i]['video']['name'].'.'.$_SESSION['file'][$i]['video']['ras'].' (';
echo size_file($_SESSION['file'][$i]['video']['size']);
echo ") <a href='add.php?del=$i' title='Удалить из списка'><img src='/style/icons/delete.gif' alt='' /></a>n";
echo "<br />n";
}
}
}
if (isset($_SESSION['file']))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['audio']) && is_file($_SESSION['file'][$i]['audio']['tmp_name']))
{
if (is_file(H.'plugins/notes/icons/'.$_SESSION['file'][$i]['audio']['ras'].'.png'))
{
echo "<img src='/plugins/notes/icons/".$_SESSION['file'][$i]['audio']['ras'].".png' alt='".$_SESSION['file'][$i]['audio']['ras']."' />n";
}
else
{
echo "<img src='/plugins/notes/icons/file.png' alt='' />n";
}
echo $_SESSION['file'][$i]['audio']['name'].'.'.$_SESSION['file'][$i]['audio']['ras'].' (';
echo size_file($_SESSION['file'][$i]['audio']['size']);
echo ") <a href='add.php?del=$i' title='Удалить из списка'><img src='/style/icons/delete.gif' alt='' /></a>n";
echo "<br />n";
}
}
}
if (isset($_SESSION['file']))
{
for ($i=0; $i<count($_SESSION['file']);$i++)
{
if (isset($_SESSION['file'][$i]['files']) && is_file($_SESSION['file'][$i]['files']['tmp_name']))
{
if (is_file(H.'plugins/notes/icons/'.$_SESSION['file'][$i]['files']['ras'].'.png'))
{
echo "<img src='/plugins/notes/icons/".$_SESSION['file'][$i]['files']['ras'].".png' alt='".$_SESSION['file'][$i]['files']['ras']."' />n";
}
else
{
echo "<img src='/plugins/notes/icons/file.png' alt='' />n";
}
echo $_SESSION['file'][$i]['files']['name'].'.'.$_SESSION['file'][$i]['files']['ras'].' (';
echo size_file($_SESSION['file'][$i]['files']['size']);
echo ") <a href='add.php?del=$i' title='Удалить из списка'><img src='/style/icons/delete.gif' alt='' /></a>n";
echo "<br />n";
}
}
}
echo "</div>n";
echo "<div class='mess'>";
echo "<img src='/style/icons/votes.png'> Тема опроса: <small>(40 символов)</small><br />n";
echo "<textarea name='vote_text'></textarea></div>n";
echo "<div class='nav1'>";
echo "<img src='/style/icons/comment.png'> Вариаты ответов: <small>(20 символов)</small><br />n";
echo "</div>";
echo "<div class='mess'>";
echo "1.<input type='text' name='variant' maxlength='20' value='' /><font color='red'>*</font><br />n";
echo "2.<input type='text' name='variant_1' maxlength='20' value='' /><font color='red'>*</font><br />n";
echo "3.<input type='text' name='variant_2' maxlength='20' value='' /><br />n";
echo "4.<input type='text' name='variant_3' maxlength='20' value='' /><br />n";
echo "5.<input type='text' name='variant_4' maxlength='20' value='' /><br />n";
echo "6.<input type='text' name='variant_5' maxlength='20'value='' /><br />n";
echo "7.<input type='text' name='variant_6' maxlength='20'value='' /><br />n";
echo "<img src='/style/icons/time.png'>Продолжительность:</br>";
echo "<select name='times'>n";
echo "<option value='' selected='selected'>Бессрочное</option><option value='86400'>1 День</option><option value='259200'>3 Дня</option><option value='604800'>1 Неделю</option><option value='2419200'>1 Месяц</option><option value='4838400'>3 Месяца</option></select></br>n";
echo "<label><input type="checkbox" name="vote" value="1" /> Прикрепить опрос</label><br />n";
echo "</div>n";
echo "Категория:<br />n<select name='id_dir'>n";
$q=mysql_query("SELECT * FROM `notes_dir` ORDER BY `id` DESC");
echo "<option value='0'".($id_dir==0?" selected='selected'":null)."><b>Без категории</b></option>n";
while ($post = mysql_fetch_assoc($q))
{
echo "<option value='$post[id]'".($id_dir == $post['id']?" selected='selected'" : null).">" . htmlspecialchars($post['name']) . "</option>n";
}
echo "</select><br />n";
echo "<div class='main'>Могут смотреть:<br /><input name='private' type='radio' value='0' selected='selected'/>Все ";
echo "<input name='private' type='radio' value='1' />Друзья ";
echo "<input name='private' type='radio' value='2' />Только я</div>";
echo "<div class='main'>Могут комментировать:<br /><input name='private_komm' type='radio' value='0' selected='selected'/>Все ";
echo "<input name='private_komm' type='radio' value='1' />Друзья ";
echo "<input name='private_komm' type='radio' value='2' />Только я ";
echo '</div>';
if ($user['rating'] < 6 || $user['group_access'] < 6)
echo "<img src='/captcha.php?SESS=$sess' width='100' height='30' alt='Проверочное число' /><br />n<input name='chislo' size='5' maxlength='5' value='' type='text' /><br/>n";
echo "<input value="Создать" type="submit" />n";
echo "</form>n";
echo "<div class='foot'>n";
echo "<img src='/style/icons/str2.gif' alt='*'> <a href='index.php'>Дневники</a><br />n";
echo "</div>n";
include_once '../../sys/inc/tfoot.php';
?>