1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
<h2>Gallery</h2>
<?php include_once($UTIL_DIR."/album.php"); ?>
<?php
if($task == "newalbum") {
$albumdir = $ALBUMS_DIR . "/" . time();
echo "New album " . $albumname . "<br/>";
echo $albumcopyright . "<br/>";
echo $albumdir . "<br/>";
mkdir($albumdir);
$xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
$xml .= "<album title=\"". $albumname . "\" icon=\"\" copyright=\"" . $albumcopyright . "\">\n";
$xml .= "</album>\n";
$fp = fopen($albumdir . "/album.xml", "w");
fprintf($fp, $xml);
fclose($fp);
}
?>
<?php
if($task == "uploadimage") {
echo $album . "<br/>";
echo $description . "<br/>";
echo $_FILES['userfile']['tmp_name'] . "<br/>";
if($_FILES['userfile']['tmp_name'] != "") {
echo "Filename [". $_FILES['userfile']['tmp_name'] . "]";
if (is_uploaded_file($_FILES['userfile']['tmp_name'])) {
echo "File ". $_FILES['userfile']['name'] ." uploaded successfully.\n";
$outputfile = time() . ".jpg";
$image = imagecreatefromjpeg($_FILES["userfile"]["tmp_name"]);
list($w, $h) = getimagesize($_FILES["userfile"]["tmp_name"]);
// output size and quality
$quality = 80;
$max = 530;
$width = 530;;
$height = 380;
if($w > $h) {
$width = 530;
$height = 530 / $w * $h;
} else {
$height = 530;
$width = 530 / $h * $w;
}
$image_p = imagecreatetruecolor($width, $height);
imagecopyresampled($image_p, $image, 0, 0, 0, 0, $width, $height, $w, $h);
imagejpeg($image_p, $ALBUMS_DIR ."/" .$album ."/" .$outputfile, $quality);
$photo = new Photo($outputfile, $description);
$album = new Album($album);
$album->add($photo);
$album->write();
} else {
echo "Possible file upload attack: ";
echo "filename '". $_FILES['userfile']['tmp_name'] . "'.";
}
}
}
?>
<div class="small_header">New album</div>
<form method="post" action="?page=admin&module=gallery&task=newalbum">
<p>
Title: <input name="albumname" value="<?php echo $albumname ?>"/>
</p>
<p>
Copyright: <input name="albumcopyright" value="<?php echo $albumcopyright ?>"/>
</p>
<p>
<button type="submit">Create album</button>
</p>
</form>
<div class="small_header">Upload image</div>
<form enctype="multipart/form-data" action="?page=admin&module=gallery&task=uploadimage" method="post">
<p>
Album:
<select name="album">
<?php
$albums = getAllAlbums();
foreach($albums as $album)
{
echo " <option value=\"" . $album->album . "\">" . $album->title . "</option>\n";
}
?>
</select>
</p>
<p>
Description:
<input name="description" value="<?php echo $description ?>"/>
</p>
<p>
Upload this image:
<input name="userfile" type="file">
</p>
<p>
<button type="submit">Add Image</button>
</p>
</form>
|
