Pictures uploaded from Username: ".$_GET['uname'].":


"; require('dbsettings.php'); $uname = sanitize($_GET['uname']); $sql = "SELECT id, name, location, type, size, time, comment, username, tags FROM $tbl_name WHERE username='$uname'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count >= 1){ $i = 0; while ($row = mysql_fetch_assoc($result)){ $id = $row['id']; $img = $row['name']; $location = $row['location']; $type = $row['type']; $size = $row['size']; $time = $row['time']; $comment = $row['comment']; $username = $row['username']; $tags = $row['tags']; echo "[THUMBNAIL] - $img - $time - $size - Tags: "; $tags = explode(" ", $tags); foreach($tags as $tag){ echo "$tag "; // For future use - catagorize by tag } echo "
"; } } echo "

"; } } function tag(){ if(!empty($_GET['tag'])){ // Show list of pictures according to one tag - maybe multiple tags in the future echo "

Pictures uploaded with the tag: ".$_GET['tag'].":


"; require('dbsettings.php'); $tag = sanitize($_GET['tag']); $sql = "SELECT id, name, location, type, size, time, comment, username, tags FROM $tbl_name WHERE tags LIKE '%$tag%'"; $result = mysql_query($sql); $count = mysql_num_rows($result); if($count >= 1){ $i = 0; while ($row = mysql_fetch_assoc($result)){ $id = $row['id']; $img = $row['name']; $location = $row['location']; $type = $row['type']; $size = $row['size']; $time = $row['time']; $comment = $row['comment']; $username = $row['username']; $tags = $row['tags']; echo "[THUMBNAIL] - $img - $time - $size - Uploader: $username
"; } } echo "

"; } } function search(){ if(!empty($_GET['search'])){ // Show list of pictures according to search term $search = sanitize($_GET['search']); $search = explode(" ", $search); echo "

Pictures found using search terms: "; foreach ($search as $searches){ echo $searches." "; } echo ":


"; require('dbsettings.php'); $sql = "SELECT id, name, location, type, size, time, comment, username, tags FROM $tbl_name WHERE tags LIKE '%".$search[0]."%'"; for($i=1; $i= 1){ $i = 0; while ($row = mysql_fetch_assoc($result)){ $id = $row['id']; $img = $row['name']; $location = $row['location']; $type = $row['type']; $size = $row['size']; $time = $row['time']; $comment = $row['comment']; $username = $row['username']; $tags = $row['tags']; echo "[THUMBNAIL] - $img - $time - $size - Uploader: $username
"; } } echo "

"; } } function upload(){ if(isset($_GET['upload'])){ $max_file_size="4096"; $file_uploads="1"; $websitename="UnPS-GAMA Image Host Uploader"; $allow_types=array("jpg","gif","png","bmp","JPEG","JPG","GIF","PNG"); echo "

Upload Pictures Here

All fields required
Allowed Types: jpg, gif, png, bmp
Max size per file: 4 MB.
Select File:
Your Name:
Comment:
Tags (spaces only):
 

"; } if(isset($_POST['submit'])){ if(!isset($_POST['username']) || !isset($_POST['comment']) || !isset($_POST['tags'])) die("Please fill in the form completly"); require('dbsettings.php'); $location = 'Pictures'; $extensions = array('png', 'gif', 'jpg', 'jpeg', 'bmp'); $short = substr(number_format(time() * mt_rand(),0,'',''),0,10); $short = base_convert($short, 10, 36); $upusername = $_POST['username']; $upcomment = $_POST['comment']; $tags = $_POST['tags']; $name = $_FILES["file"]["name"]; $type = $_FILES["file"]["type"]; $size = ($_FILES["file"]["size"] / 1024); // get size of file in Kb $name = cln_file_name($name); $type = sanitize($type); $size = sanitize($size); $upcomment = comment($upcomment); $tags = sanitize($tags); $upusername = sanitize($upusername); //$notspace = array("\,", ".", "/", "\\", ":", "-", "_", "+", "=", "~", "#", "&", ""); //$tags = preg_replace($notspace, " ", $tags); $size = round($size, 2)." Kb"; $time = date("d/j/y - g:i:s a"); $file_ext = pathinfo($_FILES['file']['name'], PATHINFO_EXTENSION); if(!in_array($file_ext, $extensions))die("Wrong or no file extension"); // stop the upload if it's wrong $name = $short.".".$file_ext; if (($_FILES["file"]["size"] < 4000000000)){ if ($_FILES["file"]["error"] > 0){ echo "Return Code: " . $_FILES["file"]["error"] . "
"; }else{ if (file_exists("Pictures/" . $name)){ echo $name." already exists. "; }else{ if(preg_match('/php/i', $name) || preg_match('/phtml/i', $name) || preg_match('/htaccess/i', $name)){ echo $name." is not allowed, sorry about that..."; }else{ $sql="INSERT INTO $tbl_name (name, location, type, size, time, comment, username, tags) VALUES ('$name', '$location', '$type', '$size', '$time', '$upcomment', '$upusername', '$tags')"; $result=mysql_query($sql); if($result){ move_uploaded_file($_FILES["file"]["tmp_name"], "Pictures/" . $name); echo "Stored at: ". $name.""; }else { echo "There was a problem trying to upload your file - Could be a database error"; } } } } }else{ die("File too big!"); } } } // END OF GET FUNCTIONS function sanitize($input){ if ($input == null) die("Sanatize() - No Input Provided, Aborting\r\n
"); $output = strip_tags($input); $output = stripslashes($output); $output = mysql_real_escape_string($output); $output = strtolower($output); return $output; } function comment($input){ if ($input == null) die("Sanatize() - No Input Provided, Aborting\r\n
"); $output = strip_tags($input); $output = stripslashes($output); $output = mysql_real_escape_string($output); return $output; } function cln_file_name($string) { $cln_filename_find=array("/\.[^\.]+$/", "/[^\d\w\s-]/", "/\s\s+/", "/[-]+/", "/[_]+/"); $cln_filename_repl=array("", "", " ", "-", "_"); $string=preg_replace($cln_filename_find, $cln_filename_repl, $string); return trim($string); } // MAIN PROGRAM function imgstuff(){ // My little cheat to be able to display all the different items in the same area uname(); tag(); search(); upload(); // Basically all my functions are used as part of one big one, but more organized into smaller sections if (empty($_GET['img']) || $_GET['img'] == null || $_GET['img'] == ''){ $img = ''; }else{ $img = $_GET["img"]; // get the image } if(!empty($img) || $img != null || $img != ''){ require('dbsettings.php'); $img = sanitize($img); // clean image string $sql = "SELECT id, name, location, type, size, time, comment, username, tags FROM $tbl_name WHERE name='$img' LIMIT 1;"; $result = mysql_query($sql); $row = mysql_fetch_assoc($result); if ($row){ $_SESSION['noimg'] = false; $_SESSION['id'] = $row['id']; $_SESSION['img'] = $row['name']; $_SESSION['location'] = $row['location']; $_SESSION['type'] = $row['type']; $_SESSION['size'] = $row['size']; $_SESSION['time'] = $row['time']; $_SESSION['comment'] = $row['comment']; $_SESSION['username'] = $row['username']; $_SESSION['tags'] = $row['tags']; echo "

"; //echo "$id
$img
$location
$type
$size
$time
$comment
$username
$tags\n"; mysql_close(); }else{ $_SESSION['noimg'] = true; echo "

That image was not found in our database D:

"; } }else{ noimg(); $_SESSION['noimg'] = true; } } // END OF MAIN PROGRAM function headstuff(){ // Sets the meta tags - WIP/iffy if(isset($_SESSION['img'])){ echo "\n"; echo " \n"; echo " \n"; echo " \n"; } } function textstuff(){ // Sets up right side box of info under the other sidebars if($_SESSION['noimg'] == false){ echo "
\n"; echo "

Image Name:

- ".$_SESSION['img']."\n"; echo "

Image Type:

- ".$_SESSION['type']."\n"; echo "

Image Size:

- ".$_SESSION['size']."\n"; echo "

Time Uploaded:

- ".$_SESSION['time']."\n"; echo "

Username:

- "; $username = $_SESSION['username']; echo "$username"; // For future use - catagorize by username echo "\n"; echo "

Comment:

- ".$_SESSION['comment']."\n"; echo "

Tags:

- "; $tags = $_SESSION['tags']; $tags = explode(" ", $tags); foreach($tags as $tag){ echo "$tag "; // For future use - catagorize by tag } echo "\n"; echo "
"; } } function noimg(){ // Shown in place of the image if one isn't available $thelist = ''; // Last Modified not working, so removed for the time being if($handle = opendir('Pictures')){ while(false != ($file = readdir($handle))){ if($file != "." && $file != ".." && $file != ".htaccess"){ $thelist .= ''.$file.'
'; } } closedir($handle); } echo "

Please specify an image with the url: img.unps-gama.info/?img=(IMGAGE STUFF HERE)

List of Uploaded Pictures:
$thelist
"; } function title(){ // Suffers same problem as headstuff() if(!isset($_SESSION['img'])){ echo ""; }else{ echo " - Now Showing: ".$_SESSION['img']; } } ?> UnPS-GAMA Image Host<?php //title(); ?>
Head meta tags and title not working properly