Файл: adultscript-2.0.3-pro/files/modules/photo/components/upload.php
Строк: 148
<?php
defined('_VALID') or die('Restricted Access!');
class VComponent_photo_upload extends VModule_photo
{
private $errors = array();
private $pcfg;
public function __construct()
{
parent::__construct();
$this->pcfg = VCfg::group('module.photo');
}
public function render()
{
VLanguage::load('frontend.photo');
if (!$this->pcfg['upload_enabled']) {
$_SESSION['error'] = __('upload-disabled');
VModule::load('error', TRUE);
}
if ($this->pcfg['upload_perm'] != 'anonymous') {
VAuth::check(ucfirst($this->pcfg['upload_perm']), NULL, __('upload-access', array($this->pcfg['upload_perm'])));
$user_id = (int) $_SESSION['user_id'];
} else {
$anonymous = FALSE;
if (VAuth::loggedin()) {
$user_id = (int) $_SESSION['user_id'];
} else {
$user_id = $this->get_anonymous_id();
$anonymous = TRUE;
}
}
$errors = array();
$messages = array();
$warnings = array();
$categories = $this->get_photo_categories();
$unique = time().'0'.mt_rand();
if (!$categories) {
$errors[] = 'Please create categories before uploading photo albums!';
}
$unique = time().'0'.mt_rand();
$album = array(
'title' => '',
'description' => '',
'tags' => '',
'category' => array(),
'type' => 'public',
'password' => '',
);
$albums = array();
if ($anonymous === FALSE) {
$this->db->query("SELECT album_id, title
FROM #__photo_albums
WHERE user_id = ".$user_id."
AND status = '1'
ORDER BY album_id DESC");
$albums = $this->db->fetch_rows();
}
if (isset($_POST['upload-submitted'])) {
$filter = VF::factory('filter');
$title = $filter->get('title');
$desc = $filter->get('description');
$category = (array) $_POST['category'];
$tags = $filter->get('tags');
$type = $filter->get('type');
$password = (isset($_POST['password'])) ? trim($_POST['password']) : '';
$upload_id = $filter->get('unique_id');
if ($title == '') {
$errors[] = __('title-empty');
} elseif (!VValid::length($title, $this->pcfg['title_min_length'], $this->pcfg['title_max_length'])) {
$errors[] = __('title-length', array($this->pcfg['title_min_length'], $this->pcfg['title_max_length']));
} else {
$album['title'] = $title;
}
if ($desc != '') {
$album['description'] = $desc;
}
if (!$category) {
$errors[] = __('category-empty');
} elseif (count($category) > $this->pcfg['max_categories']) {
$errors[] = __('category-max', array($this->pcfg['max_categories']));
} else {
$cats = array();
foreach ($categories as $cat) {
$cats[$cat['cat_id']] = 1;
}
foreach ($category as $cat) {
if (!isset($cats[$cat])) {
$error = TRUE;
break;
}
}
if (isset($error)) {
$errors[] = __('category-invalid');
} else {
$album['category'] = $category;
}
}
if ($tags == '') {
$errors[] = __('tags-empty');
} elseif (!VValid::length($tags, $this->pcfg['tags_min_length'], $this->pcfg['tags_max_length'])) {
$errors[] = __('tags-length', array($this->pcfg['tags_min_length'], $this->pcfg['tags_max_length']));
} else {
$tags = prepare_tags($tags);
if ($tags == '') {
$errors[] = __('tags-invalid');
} else {
$arr = explode(',', $tags);
foreach ($arr as $tag) {
if (strlen($tag) > $this->pcfg['tag_max_length']) {
$errors[] = __('tag-length', array('"'.$tag.'"', $this->pcfg['tag_max_length']));
}
if (str_word_count($tag) > $this->pcfg['tag_max_words']) {
$errors[] = __('tag-words', array('"'.$tag.'"', $this->pcfg['tag_max_words']));
}
}
$album['tags'] = $tags;
}
}
if (!ctype_digit($upload_id)) {
$errors[] = 'Invalid upload identifier!';
}
if (!$errors) {
if (!$files = $this->process_files($upload_id, $this->pcfg['photo_max_size'], $this->pcfg['photo_allowed_ext'])) {
$errors = array_merge($errors, $this->errors);
}
}
$album['type'] = $type;
$album['password'] = $password;
if (!$errors) {
$slug = prepare_string($title, TRUE);
$mobile = ($this->pcfg['mobile']) ? 1 : 0;
$pass = ($password) ? VHash::encrypt($password) : '';
$this->db->query("INSERT INTO #__photo_albums
SET user_id = ".$user_id.",
title = '".$this->db->escape($title)."',
slug = '".$this->db->escape($slug)."',
description = '".$this->db->escape($desc)."',
password = '".$this->db->escape($pass)."',
type = '".$this->db->escape($album['type'])."',
mobile = '".$mobile."',
add_date = '".date('Y-m-d h:i:s')."',
add_time = ".time().",
status = '3'");
if ($this->db->affected_rows()) {
$album_id = $this->db->get_last_insert_id('#__photo_albums');
$images = 0;
$photos = array();
$image = VF::factory('image');
foreach ($files as $file) {
if (!$image->load($file['path'])) {
continue;
}
$ext_orig = $image->src['ext'];
$this->db->query("INSERT INTO #__photo
SET album_id = ".$album_id.",
description = '',
caption = '',
ext = '".$this->db->escape($ext_orig)."',
size = ".$file['size'].",
add_date = '".date('Y-m-d h:i:s')."',
add_time = ".time().",
status = '0'");
if (!$this->db->affected_rows()) {
continue;
}
$photo_id = $this->db->get_last_insert_id('#__photo');
$photos[$photo_id] = $ext_orig;
$dst_orig = MEDIA_DIR.'/photos/orig/'.$photo_id.'.'.$ext_orig;
if (!copy($file['path'], $dst_orig)) {
continue;
}
$dst = MEDIA_DIR.'/photos/'.$photo_id.'.'.$image->src['ext'];
$dst_thumb = MEDIA_DIR.'/photos/thumbs/'.$photo_id.'.jpg';
$dst_thumb_tmp = TMP_DIR.'/images/'.$photo_id.'.thumb.jpg';
if ($image->src['width'] < $this->pcfg['photo_width']) {
copy($file['path'], $dst);
} else {
if (!$image->resize($this->pcfg['photo_width'], $this->pcfg['photo_height'], 'MAX_WIDTH', $dst)) {
continue;
}
}
if ($mobile) {
$dst_mobile = MEDIA_DIR.'/photos/mobile/'.$photo_id.'.'.$image->src['ext'];
if ($image->src['width'] < $this->pcfg['mobile_width']) {
copy($file['path'], $dst_mobile);
} else {
if (!$image->resize($this->pcfg['mobile_width'], $this->pcfg['mobile_height'], 'MAX_WIDTH', $dst_mobile)) {
continue;
}
}
}
$thumb_width = $this->pcfg['thumb_width']+30;
$thumb_height = $this->pcfg['thumb_height']+100;
$image->set_option('jpeg_quality', 100);
if (!$image->resize($thumb_width, $thumb_height, 'MAX_HEIGHT', $dst_thumb_tmp)) {
continue;
}
$image->clear();
$image->load($dst_thumb_tmp);
if (!$image->crop_from_center($this->pcfg['thumb_width'], $this->pcfg['thumb_height'], $dst_thumb)) {
continue;
}
$image->clear();
$image->load($dst_thumb);
if (!$image->resize($this->pcfg['thumb_width'], $this->pcfg['thumb_height'], 'EXACT', $dst_thumb_tmp)) {
continue;
}
rename($dst_thumb_tmp, $dst_thumb);
++$images;
if ($images === 1) {
$cover_id = $photo_id;
$cover_ext = $ext_orig;
}
$image->clear();
VFile::delete($dst_thumb_tmp);
VFile::delete($file['path']);
}
$src = MEDIA_DIR.'/photos/thumbs/'.$cover_id.'.jpg';
$dst = MEDIA_DIR.'/photos/covers/'.$album_id.'.jpg';
$image->load($src);
if ($image->src['height'] < $this->pcfg['cover_height']) {
$src = MEDIA_DIR.'/photos/orig/'.$cover_id.'.'.$cover_ext;
$image->clear();
$image->load($src);
$cover_max_width = ($this->pcfg['cover_width'] + 30);
$cover_max_height = ($this->pcfg['cover_height'] + 50);
if ($image->src['width'] > $cover_max_width && $image->src['height'] > $cover_max_height) {
$dst_tmp = TMP_DIR.'/images/'.$cover_id.'.jpg';
$image->set_option('jpeg_quality', 100);
$image->resize($cover_max_width, $cover_max_height, 'MAX_HEIGHT', $dst_tmp);
$src = $dst_tmp;
}
}
$image->clear();
$image->load($src);
$image->crop_from_center($this->pcfg['cover_width'], $this->pcfg['cover_height'], $dst);
$server_id = 0;
if ($this->pcfg['multi_server']) {
VHelper::load('module.photo.server');
if ($server = VHelper_photo_server::get()) {
$server_id = $server['server_id'];
foreach ($photos as $photo_id => $ext) {
if (!VHelper_photo_server::upload_photo($server, $photo_id, $ext)) {
$server_id = 0;
}
}
if ($server_id) {
VHelper_photo_server::update($server_id);
foreach ($photos as $photo_id => $ext) {
@VFile::delete(MEDIA_DIR.'/photos/'.$photo_id.'.'.$ext);
@VFile::delete(MEDIA_DIR.'/photos/orig/'.$photo_id.'.'.$ext);
@VFile::delete(MEDIA_DIR.'/photos/mobile/'.$photo_id.'.'.$ext);
}
}
}
}
if ($this->pcfg['thumb_server']) {
VHelper::load('module.photo.thumb');
VHelper_photo_thumb::upload($album_id);
}
$status = ($this->pcfg['approve']) ? 2 : 1;
$this->db->query("UPDATE #__photo_albums
SET total_photos = ".$images.",
cover = ".$cover_id.",
status = '".$status."'
WHERE album_id = ".$album_id."
LIMIT 1");
$this->db->query("UPDATE #__user_activity
SET total_albums = total_albums+1,
total_photos = total_photos+".$images."
WHERE user_id = ".$user_id."
LIMIT 1");
$status = ($status === 1) ? 1 : 0;
$this->db->query("UPDATE #__photo
SET status = '".$status."',
server = ".$server_id."
WHERE album_id = ".$album_id);
foreach ($category as $cat) {
$cat = (int) $cat;
$this->db->query("INSERT INTO #__photo_category SET cat_id = ".$cat.", album_id = ".$album_id);
$this->db->query("UPDATE #__photo_categories SET total_albums = total_albums+1 WHERE cat_id = ".$cat." LIMIT 1");
}
$tags = explode(',', $tags);
foreach ($tags as $tag) {
$tag = trim($tag);
$this->db->query("INSERT INTO #__photo_tags SET album_id = ".$album_id.", name = '".$this->db->escape($tag)."'");
}
if (isset($dst_tmp)) {
VFile::delete($dst_tmp);
}
if ($status === 1) {
$messages[] = __('upload-success', array('<a href="'.BASE_URL.'/photo/'.$album_id.'/'.$slug.'/">', '</a>'));
} elseif ($status === 2) {
$messages[] = __('upload-approve');
}
} else {
throw new VException('Failed to create album entry! Aborting...');
}
}
}
$this->tpl->menu = 'photo';
$this->tpl->meta_title = __('upload-meta-title', array($this->tpl->cfg['site_name']));
$this->tpl->css = array(TPL_REL.'/css/style_photo.css');
$this->tpl->canonical = BASE_URL.'/photo/upload/';
$this->tpl->canonicalm = MOBILE_URL.'/photo/upload/';
$this->tpl->errors = $errors;
$this->tpl->messages = $messages;
$this->tpl->warnings = $warnings;
$this->tpl->unique = $unique;
$this->tpl->album = $album;
$this->tpl->albums = $albums;
$this->tpl->categories = $categories;
$this->tpl->load(array('header', 'photo_upload', 'footer'));
$this->tpl->display();
}
private function get_anonymous_id()
{
$this->db->query("SELECT user_id FROM #__user WHERE username = 'anonymous' LIMIT 1");
if ($this->db->affected_rows()) {
return (int) $this->db->fetch_field('user_id');
}
throw new VException('Failed to get anonymous id! Application error!?');
}
private function process_files($upload_id, $max_size, $allowed_ext)
{
VLanguage::load('frontend.upload');
$files = array();
$secret = substr(md5(VF::cfg_item('secret')), -5);
$info_file = TMP_DIR.'/uploads/'.$upload_id.'_'.$secret;
if (file_exists($info_file) && is_file($info_file)) {
$lines = file($info_file);
foreach ($lines as $line) {
$data = unserialize($line);
$file = TMP_DIR.'/uploads/'.$data['file'];
if (file_exists($file) && is_file($file)) {
$size = filesize($file);
if ($max_size !== 0 && $size > ($max_size*1024*1024)) {
$this->errors[] = __('file-limit', array($max_size));
} else {
if (in_array($data['ext'], $allowed_ext)) {
$files[] = array(
'path' => $file,
'name' => $data['filename'],
'size' => $size,
'ext' => $data['ext']
);
} else {
$this->errors[] = __('file-invalid', array(implode(', ', $allowed_ext)));
}
}
} else {
$this->errors[] = __('file-select');
}
}
} else {
$this->errors[] = __('file-select').'*';
}
VFile::delete($info_file);
if ($files) {
return $files;
}
return false;
}
}