Citation :
if(isset($_POST['submit']))
{
$image = new image();
$uploaded_image = false;
$parent = '';
$error = '';
if(empty($_FILES['upload']) && isset($_POST['source']) && $_POST['source'] != "" && substr($_POST['source'],0,4) == "http" || $_FILES['upload']['error'] != 0 && isset($_POST['source']) && $_POST['source'] != "" && substr($_POST['source'],0,4) == "http" )
{
$iinfo = $image->getremoteimage($_POST['source']);
if($iinfo === false)
$error = $image->geterror()."<br />Could not add the image.";
else
$uploaded_image = true;
}
else if(!empty($_FILES['upload']) && $_FILES['upload']['error'] == 0)
{
$iinfo = $image->process_upload($_FILES['upload']);
if($iinfo === false)
$error = $image->geterror()."<br /> An error occured. The image could not be added because it already exists or it is corrupted.";
else
$uploaded_image = true;
}
else
{
print "No image given for upload.";
}
if($uploaded_image == true)
{
$iinfo = explode(":",$iinfo);
$tclass = new tag();
$misc = new misc();
$ext = strtolower(substr($iinfo[1],-4,10000));
$source = mysql_real_escape_string($_POST['source']);
$title = mysql_real_escape_string($_POST['title']);
$tags = strtolower(mysql_real_escape_string(str_replace('%','',str_replace("'","'",str_replace('"','"',$_POST['tags'])))));
$tags = strip_tags($tags);
$ttags = explode(" ",$tags);
$tag_count = count($ttags); if($tag_count == 0)
$ttags[] = "tagme";
if($tag_count < 5 && strpos($ttags,"tagme" ) === false)
$ttags[] = "tagme";
foreach($ttags as $current)
{
if(strpos($current,'parent:') !== false)
{
$parent = str_replace("parent:","",$current);
if(!is_numeric($parent))
{
//messed up parent id, removing...
$parent = '';
}
$current = '';
}
if($current != "" && $current != " " )
{
$ttags = $tclass->filter_tags($tags,$current, $ttags);
$alias = $tclass->alias($current);
if($alias !== false)
{
$key_array = array_keys($ttags, $current);
foreach($key_array as $key)
{
$ttags[$key] = $alias;
}
}
}
}
$tags = implode(" ",$ttags);
foreach($ttags as $current)
{
if($current != "" && $current != " " )
{
$ttags = $tclass->filter_tags($tags,$current, $ttags);
$tclass->addindextag($current);
$cache = new cache();
if(is_dir("$main_cache_dir".""."\search_cache/".$misc->windows_filename_fix($current)."/" ))
$cache->destroy_page_cache("search_cache/".$misc->windows_filename_fix($current)."/" );
}
}
asort($ttags);
$tags = implode(" ",$ttags);
if(substr($tags,0,1) != " " )
$tags = " $tags";
if(substr($tags,-1,1) != " " )
$tags = "$tags ";
$rating = mysql_real_escape_string($_POST['rating']);
if($rating == "e" )
$rating = "Explicit";
else if($rating == "q" )
$rating = "Questionable";
else
$rating = "Safe";
if(isset($_SESSION['id']) && $_SESSION['id'] != "" && isset($_SESSION['login_session']) && $_SESSION['login_session'] != "" )
{
$query = "SELECT user FROM $user_table WHERE id='".mysql_real_escape_string($_SESSION['id'])."' AND login_session='".mysql_real_escape_string($_SESSION['login_session'])."'";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$user = $row['user'];
}
else
{
$user = "Anonymous";
}
if(isset($_SERVER['HTTP_X_FORWARD_FOR'])) $ip = mysql_real_escape_string($_SERVER['HTTP_X_FORWARD_FOR']);
else
$ip = mysql_real_escape_string($_SERVER['REMOTE_ADDR']);
$isinfo = getimagesize("./images/".$iinfo[0]."/".$iinfo[1]);
$query = "INSERT INTO $post_table(creation_date, hash, image, title, owner, height, width, ext, rating, local_copy, tags, directory, source, active_date, ip) VALUES(NOW(), '".md5_file("./images/".$iinfo[0]."/".$iinfo[1])."', '".$iinfo[1]."', '$title', '$user', '".$isinfo[1]."', '".$isinfo[0]."', '$ext', '$rating', TRUE, '$tags', '".$iinfo[0]."', '$source', '".date("Ymd" )."', '$ip')";
if(!is_dir("$main_cache_dir".""."\thumbnails/".$iinfo[0]."/" ))
$image->makethumbnailfolder($iinfo[0]);
$image->thumbnail($iinfo[0]."/".$iinfo[1]);
if(!mysql_query($query))
{
print "failed to upload image.";
unlink("./images/".$iinfo[0]."/".$iinfo[1]);
$image->folder_index_decrement($iinfo[0]);
$ttags = explode(" ",$tags);
foreach($ttags as $current)
{
$tclass->deleteindextag($current);
}
}
else
{
$query = "SELECT id FROM $post_table WHERE hash='".md5_file('./images/'.$iinfo[0]."/".$iinfo[1])."' AND image='".$iinfo[1]."' AND directory='".$iinfo[0]."' LIMIT 1";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$cache = new cache(); if($parent != '' && is_numeric($parent))
{
$parent_check = "SELECT COUNT(*) FROM $post_table WHERE id='$parent'";
$pres = mysql_query($parent_check);
$prow = mysql_fetch_assoc($pres);
if($prow['COUNT(*)'] > 0)
{
$temp = "INSERT INTO $parent_child_table(parent,child) VALUES('$parent','".$row['id']."')";
mysql_query($temp);
$temp = "UPDATE $post_table SET parent='$parent' WHERE id='".$row['id']."'";
mysql_query($temp);
$cache->destroy("cache/".$parent."/post.cache" );
}
} if(is_dir("$main_cache_dir".""."cache/".$row['id']))
$cache->destroy_page_cache("cache/".$row['id']);
$query = "SELECT id FROM $post_table WHERE id < ".$row['id']." ORDER BY id DESC LIMIT 1";
$result = mysql_query($query);
$row = mysql_fetch_assoc($result);
$cache->destroy_page_cache("cache/".$row['id']);
$query = "UPDATE $post_count_table SET last_update='20060101' WHERE access_key='posts'";
mysql_query($query);
print "Image added.";
}
}
}
|