From 340ea22be8fb03312dee21afa8185c5fe300d633 Mon Sep 17 00:00:00 2001 From: alopexc0de Date: Fri, 15 Feb 2013 18:18:18 -0500 Subject: [PATCH] Before I seperated all the functions - Just in case --- img/index.php.old | 623 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 623 insertions(+) create mode 100644 img/index.php.old diff --git a/img/index.php.old b/img/index.php.old new file mode 100644 index 0000000..f2a718e --- /dev/null +++ b/img/index.php.old @@ -0,0 +1,623 @@ +

Pictures uploaded from Username: ".$_GET['uname'].":


"; + require('dbsettings.php'); + $uname = sanitize($_GET['uname']); + $sql = 'SELECT * FROM `share` WHERE `username` = "'.$uname.'"'; + + if(!$result = $db->query($sql)){ + die('There was an error running the query [' . $db->error . ']'); + } + + while($row = $result->fetch_assoc()){ + $_SESSION['noimg'] = 'uname'; + $id = $row['id']; + $img = $row['name']; + $location = $row['location']; + $type = $row['type']; + $size = $row['size']; + $time = $row['time']; + $comment = $row['comment']; + $username = $row['username']; + $tags = $row['tags']; + echo "
\"Thumbnail
$img - $time - $size
Tags: "; + $tags = explode(" ", $tags); + foreach($tags as $tag){ + echo "$tag "; // For future use - catagorize by tag + } + echo "

"; + } + $result->free(); + //echo "


"; + } + } + + function tag(){ + if(!empty($_GET['tag'])){ // Show list of pictures according to one tag - maybe multiple tags in the future + echo "

Pictures uploaded with the tag: ".$_GET['tag'].":


"; + require('dbsettings.php'); + $tag = sanitize($_GET['tag']); + $sql = 'SELECT * FROM `share` WHERE `tags` LIKE "%'.$tag.'%"'; + + if(!$result = $db->query($sql)){ + die('There was an error running the query [' . $db->error . ']'); + } + + while($row = $result->fetch_assoc()){ + $_SESSION['noimg'] = 'tag'; + $id = $row['id']; + $img = $row['name']; + $location = $row['location']; + $type = $row['type']; + $size = $row['size']; + $time = $row['time']; + $comment = $row['comment']; + $username = $row['username']; + $tags = $row['tags']; + echo "
\"Thumbnail
$img - $time - $size - Uploader: $username

"; + } + $result->free(); + //echo "


"; + } + } + + function search(){ + if(!empty($_GET['search'])){ // Show list of pictures according to search term + $search = sanitize($_GET['search']); + $search = explode(" ", $search); + echo "

Pictures found using search terms: "; + foreach ($search as $searches){ + echo $searches." "; + } + echo ":


"; + require('dbsettings.php'); + $sql = "SELECT * FROM `share` WHERE `tags` LIKE '%".$search[0]."%'"; + for($i=1; $iquery($sql)){ + die('There was an error running the query [' . $db->error . ']'); + } + + while($row = $result->fetch_assoc()){ + $_SESSION['noimg'] = 'search'; + $id = $row['id']; + $img = $row['name']; + $location = $row['location']; + $type = $row['type']; + $size = $row['size']; + $time = $row['time']; + $comment = $row['comment']; + $username = $row['username']; + $tags = $row['tags']; + echo "
\"Thumbnail
$img - $time - $size - Uploader: $username
"; + } + $result->free(); + //echo "


"; + } + } + + function upload(){ + if(isset($_GET['upload'])){ + $max_file_size="4096"; + $file_uploads="1"; + $websitename="UnPS-GAMA Image Host Uploader"; + $allow_types=array("jpg","gif","png","bmp","JPEG","JPG","GIF","PNG"); + echo " +
+
+ + + + + + + + + + + + + + + + + + + + + + + + + + +
+

Upload Pictures Here

+
All fields required
+
+ Allowed Types: jpg, gif, png, bmp
+ Max size per file: 4 MB. +
Select File:
Your Name:
Comment:
Tags (spaces only):
+ +   + +
+
+
+

+ "; + } + if(isset($_POST['submit'])){ + if(!isset($_POST['username']) || !isset($_POST['comment']) || !isset($_POST['tags'])) die("Please fill in the form completly"); + require('dbsettings.php'); + + $location = 'Pictures'; + $extensions = array('png', 'gif', 'jpg', 'jpeg', 'bmp'); + $short = substr(number_format(time() * mt_rand(),0,'',''),0,10); + $short = base_convert($short, 10, 36); + + $upusername = $_POST['username']; + $upcomment = $_POST['comment']; + $tags = $_POST['tags']; + $name = $_FILES["file"]["name"]; + $type = $_FILES["file"]["type"]; + $size = ($_FILES["file"]["size"] / 1024); // get size of file in Kb + + $name = cln_file_name($name); + $type = sanitize($type); + $size = sanitize($size); + $upcomment = comment($upcomment); + $tags = sanitize($tags); + $upusername = sanitize($upusername); + + //$notspace = array("\,", ".", "/", "\\", ":", "-", "_", "+", "=", "~", "#", "&", ""); + //$tags = preg_replace($notspace, " ", $tags); + + $size = round($size, 2)." Kb"; + $time = date("d/j/y - g:i:s a"); + + $file_ext = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION); + if(!in_array($file_ext, $extensions))die("Wrong or no file extension"); // stop the upload if it's wrong + $name = $short.".".$file_ext; + + if (($_FILES["file"]["size"] < 4000000000)){ + if ($_FILES["file"]["error"] > 0){ + echo "Return Code: " . $_FILES["file"]["error"] . "
"; + }else{ + if (file_exists("Pictures/" . $name)){ + echo $name." already exists. "; + }else{ + if(preg_match('/php/i', $name) || preg_match('/phtml/i', $name) || preg_match('/htaccess/i', $name)){ + echo $name." is not allowed, sorry about that..."; + }else{ + $sql="INSERT INTO `share` (name, location, type, size, time, comment, username, tags) VALUES ('$name', '$location', '$type', '$size', '$time', '$upcomment', '$upusername', '$tags')"; + if($result = $db->query($sql)){ + //$sql = "UPDATE `recentpics` SET name = '-$name' WHERE id = 1"; // Not currently working + //$result=mysql_query($sql); + //if($result){ + move_uploaded_file($_FILES["file"]["tmp_name"], "Pictures/" . $name); + $donefile = 'Pictures/'.$name; + genthumb($donefile); + echo "Stored at: ". $name.""; + //}else{ + // echo "There was a problem uploading this file."; + //} + }elseif(!$result = $db->query($sql)){ + die('There was a problem trying to upload your file - [' . $db->error . ']'); + }else{ + echo "There was a problem trying to upload your file - Could be a database error"; + } + } + } + } + }else{ + die("File too big!"); + } + } + } + + // END OF GET FUNCTIONS + + function genthumb($input){ + echo "Placeholder for automatic 100x100px thumbnail generation of new pictures
\n"; + } + + function sanitize($input){ + if ($input == null) die("Sanatize() - No Input Provided, Aborting\r\n
"); + include('dbsettings.php'); + $output = strip_tags($input); + $output = stripslashes($output); + $output = $db->real_escape_string($output); + $output = strtolower($output); + return $output; + } + + function comment($input){ + if ($input == null) die("Sanatize() - No Input Provided, Aborting\r\n
"); + include('dbsettings.php'); + $output = strip_tags($input); + $output = stripslashes($output); + $output = $db->real_escape_string($output); + return $output; + } + + function cln_file_name($string) { + $cln_filename_find=array("/\.[^\.]+$/", "/[^\d\w\s-]/", "/\s\s+/", "/[-]+/", "/[_]+/"); + $cln_filename_repl=array("", "", " ", "-", "_"); + $string=preg_replace($cln_filename_find, $cln_filename_repl, $string); + return trim($string); + } + + // MAIN PROGRAM + + function imgstuff(){ + // My little cheat to be able to display all the different items in the same area + uname(); + tag(); + search(); + upload(); + // Basically all my functions are used as part of one big one, but more organized into smaller sections + if (empty($_GET['img']) || $_GET['img'] == null || $_GET['img'] == ''){ + $img = ''; + }else{ + $img = $_GET["img"]; // get the image + } + if(!empty($img) || $img != null || $img != ''){ + require('dbsettings.php'); + $img = sanitize($img); // clean image string + $sql = "SELECT * FROM `share` WHERE `name` = '$img' LIMIT 1"; + if(!$result = $db->query($sql)){ + die('There was an error running the query [' . $db->error . ']'); + }; + $row = $result->fetch_assoc(); + if ($row){ + $_SESSION['noimg'] = false; + $_SESSION['id'] = $row['id']; + $_SESSION['img'] = $row['name']; + $_SESSION['location'] = $row['location']; + $_SESSION['type'] = $row['type']; + $_SESSION['size'] = $row['size']; + $_SESSION['time'] = $row['time']; + $_SESSION['comment'] = $row['comment']; + $_SESSION['username'] = $row['username']; + $_SESSION['tags'] = $row['tags']; + echo "

"; + //echo "$id
$img
$location
$type
$size
$time
$comment
$username
$tags\n"; + }else{ + $_SESSION['noimg'] = true; + echo "

That image was not found in our database D:

"; + } + $result->free(); + }else{ + if($_SESSION['noimg'] == 'search' || $_SESSION['noimg'] == 'tag' || $_SESSION['noimg'] == 'uname'){ + }else{ + noimg(); + $_SESSION['noimg'] = true; + } + } + } + + // END OF MAIN PROGRAM + + function headstuff(){ // Sets the meta tags - WIP/iffy + if(isset($_SESSION['img'])){ + echo "\n"; + echo " \n"; + echo " \n"; + echo " \n"; + } + } + + function textstuff(){ // Sets up right side box of info under the other sidebars + if($_SESSION['noimg'] == false){ + echo "
\n"; + echo "

Image Name:

- ".$_SESSION['img']."\n"; + echo "

Image Type:

- ".$_SESSION['type']."\n"; + echo "

Image Size:

- ".$_SESSION['size']."\n"; + echo "

Time Uploaded:

- ".$_SESSION['time']."\n"; + echo "

Username:

- "; + $username = $_SESSION['username']; + echo "$username"; // For future use - catagorize by username + echo "\n"; + echo "

Comment:

- ".$_SESSION['comment']."\n"; + echo "

Tags:

- "; + $tags = $_SESSION['tags']; + $tags = explode(" ", $tags); + foreach($tags as $tag){ + echo "$tag "; // For future use - catagorize by tag + } + echo "\n"; + echo "
"; + } + } + + function noimg(){ // Shown in place of the image if one isn't available + $thelist = ''; + // Last Modified not working, so removed for the time being + if($handle = opendir('Pictures')){ + while(false != ($file = readdir($handle))){ + if($file != "." && $file != ".." && $file != ".htaccess"){ + //$thelist .= 'Thumbnail for '.$file.'
└ '.$file.'

'."\n"; + $thelist .= "-".$file; + } + } + closedir($handle); + } + echo " +

+ Please specify an image with the url: + + img.unps-gama.info/?img=(IMGAGE STUFF HERE) + +

+
+

Uploaded Pictures:

+ "; + $thelist = explode("-", $thelist); + foreach($thelist as $pics){ + if($pics == '' || $pics == null){ + echo ''; + }else{ + echo ''.$pics.''."\n "; + } + } + echo" +
+ "; + } + + function title(){ // Suffers same problem as headstuff() + if(!isset($_SESSION['img'])){ + echo ""; + }else{ + echo " - Now Showing: ".$_SESSION['img']; + } + } +?> + + + + + + + + + + UnPS-GAMA Image Host<?php //title(); ?> + + + + + + + + +
+ + + + +
+ +
+
+
+ Thumbnails need work +
+
+
+ +
+
+
+ + +
+
+ + + + \ No newline at end of file