This commit has been accessed 564 times via Git panel.
commit 83fe9a2e8147f6f12ead031ffe6dda1d80032667
tree b89983163df111bbe1d284f2c076d4ff9f121ed5
parent dc300dea30fd27a02ad333d74edcae7587e2b42a
author Engels Antonio <engels@majcms.org> 1277314201 +0800
committer Engels Antonio <engels@majcms.org> 1277314201 +0800
maj-0.14-20081103-bb.zip
diff --git a/add.php b/add.php
index d8a32ed..b31967a 100644
--- a/add.php
+++ b/add.php
@@ -572,8 +572,10 @@ if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
mkdir($image_dir);
}
- if (!file_exists($image_dir . '/' . $_FILES['image_input']['name'])) {
- $res = copy($_FILES['image_input']['tmp_name'], $image_dir . '/' . $_FILES['image_input']['name']);
+ $image_input_name = str_replace(" ","_",$_FILES['image_input']['name']);
+
+ if (!file_exists("$image_dir/$image_input_name")) {
+ $res = copy($_FILES['image_input']['tmp_name'], "$image_dir/$image_input_name");
unlink($_FILES['image_input']['tmp_name']);
}
@@ -595,23 +597,31 @@ if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
}
if (isset($_FILES['file_input']) and !empty($_FILES['file_input'])) {
+
if (is_uploaded_file($_FILES['file_input']['tmp_name'])) {
+
if ($_FILES['file_input']['size']<=$max_file_size) {
+
$filedrop_dir = "$item_dir/filedrop";
+
if (!file_exists($filedrop_dir)) {
mkdir($filedrop_dir);
}
+
$file_dir = "$filedrop_dir/files";
+
if (!file_exists($file_dir)) {
mkdir($file_dir);
}
- if (!file_exists($file_dir . '/' . $_FILES['file_input']['name'])) {
- $res = copy($_FILES['file_input']['tmp_name'], $file_dir . '/' . $_FILES['file_input']['name']);
+
+ $file_input_name = str_replace(" ","_",$_FILES['file_input']['name']);
+
+ if (!file_exists("$file_dir/$file_input_name")) {
+ $res = copy($_FILES['file_input']['tmp_name'], "$file_dir/$file_input_name");
unlink($_FILES['file_input']['tmp_name']);
- $file_src = $file_dir . '/' . $_FILES['file_input']['name'];
- $file_file = $filedrop_dir . '/' . $_FILES['file_input']['name'] . '.txt';
- $fp_file_txt = fopen($file_file,"w");
- fwrite($fp_file_txt,$file_src);
+
+ $fp_file_txt = fopen("$filedrop_dir/{$file_input_name}.txt","w");
+ fwrite($fp_file_txt,"$file_dir/$file_input_name");
fclose($fp_file_txt);
}
else {
@@ -630,13 +640,14 @@ if (isset($_FILES['file_input']) and !empty($_FILES['file_input'])) {
}
-$body_file = $item_dir . '/body.txt';
+$body_file = "$item_dir/body.txt";
+
$fp_body_txt = fopen($body_file,"w");
if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
- if (file_exists($image_dir . '/' . $_FILES['image_input']['name'])) {
+ if (file_exists("$image_dir/$image_input_name")) {
- $entry_image_size = getimagesize($image_dir . '/' . $_FILES['image_input']['name']);
+ $entry_image_size = getimagesize("$image_dir/$image_input_name");
$entry_image_width = $entry_image_size[0];
$entry_image_height = $entry_image_size[1];
@@ -648,14 +659,15 @@ if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
$entry_image_height = (int) ($entry_image_height * $sizefactor);
}
- $body_write_content = '<img src=""' . $image_dir . '/' . $_FILES['image_input']['name'] . '" border="0" width="' . $entry_image_width . '" height="' . $entry_image_height . '"><br>' . $body_write_content;
+ $body_write_content = "<img src=\"$image_dir/$image_input_name\" border=\"0\" width=\"$entry_image_width\" height=\"$entry_image_height\"><br>$body_write_content";
}
}
fwrite($fp_body_txt,$body_write_content);
fclose($fp_body_txt);
-$sticky_sem = 'data/sticky/' . $entry;
+$sticky_sem = "data/sticky/$entry";
+
if (isset($_POST['sticky']) and !empty($_POST['sticky']) and ($_POST['sticky'] == "on")) {
if (!file_exists("data/sticky")) {
mkdir("data/sticky");
diff --git a/edit.php b/edit.php
index 8a09016..463e8c8 100644
--- a/edit.php
+++ b/edit.php
@@ -85,7 +85,6 @@ $date_file = 'data/items/' . $_REQUEST['entry'] . '/date.txt';
$img_file = 'data/items/' . $_REQUEST['entry'] . '/image.txt';
$revisions_file = 'data/items/' . $_REQUEST['entry'] . '/revisions.txt';
-$image_path = "images/";
$max_image_size = 8000000;
$max_file_size = 8000000;
@@ -655,36 +654,39 @@ if (isset($_FILES['album_image_input']) and !empty($_FILES['album_image_input'])
if ($_FILES['album_image_input']['size']<=$max_image_size) {
- if (($_FILES['album_image_input']['type']=="image/gif") || ($_FILES['album_image_input']['type']=="image/pjpeg") || ($_FILES['album_image_input']['type']=="image/jpeg") || ($_FILES['album_image_input']['type']=="image/png")) {
+ if (($_FILES['album_image_input']['type']=="image/gif") || ($_FILES['album_image_input']['type']=="image/pjpeg") || ($_FILES['album_image_input']['type']=="image/jpeg") || ($_FILES['album_image_input']['type']=="image/png")) {
+
+ $album_image_input_name = str_replace(" ","_",$_FILES['album_image_input']['name']);
- if (!file_exists($image_path . $_REQUEST['entry'] . '/album/' . $_FILES['album_image_input']['name'])) {
+ if (!file_exists("images/{$_REQUEST['entry']}/album/$album_image_input_name")) {
- $image_dir = $image_path . $_REQUEST['entry'];
- if (!file_exists($image_dir)) {
- mkdir($image_dir);
+ if (!file_exists("images/{$_REQUEST['entry']}")) {
+ mkdir("images/{$_REQUEST['entry']}");
}
- $album_dir = $image_path . $_REQUEST['entry'] . '/album';
- if (!file_exists($album_dir)) {
- mkdir($album_dir);
+
+ if (!file_exists("images/{$_REQUEST['entry']}/album")) {
+ mkdir("images/{$_REQUEST['entry']}/album");
}
- $album_sem = 'data/albums/' . $_REQUEST['entry'];
+
if (!file_exists("data/albums")) {
mkdir("data/albums");
}
- if (!file_exists($album_sem)) {
- mkdir($album_sem);
+
+ if (!file_exists("data/albums/{$_REQUEST['entry']}")) {
+ mkdir("data/albums/{$_REQUEST['entry']}");
}
+
if (isset($_POST['caption']) and !empty($_POST['caption'])) {
- $album_data_dir = 'data/items/' . $_REQUEST['entry'] . '/album';
- if (!file_exists($album_data_dir)) {
- mkdir($album_data_dir);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/album")) {
+ mkdir("data/items/{$_REQUEST['entry']}/album");
}
- $caption_dir = 'data/items/' . $_REQUEST['entry'] . '/album/captions';
- if (!file_exists($caption_dir)) {
- mkdir($caption_dir);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/album/captions")) {
+ mkdir("data/items/{$_REQUEST['entry']}/album/captions");
}
- $caption_file = 'data/items/' . $_REQUEST['entry'] . '/album/captions/' . $_FILES['album_image_input']['name'] . '.txt';
- if (!file_exists($caption_file)) {
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/album/captions/{$album_image_input_name}.txt")) {
$caption_txt = ucfirst($_POST['caption']);
$caption_txt = str_replace(':((', '<img src=images/smileys/crying.png border=0>', $caption_txt);
$caption_txt = str_replace(':(', '<img src=images/smileys/frown.png border=0>', $caption_txt);
@@ -716,35 +718,30 @@ if (isset($_FILES['album_image_input']) and !empty($_FILES['album_image_input'])
$caption_txt = str_replace('<highlight>', '<span style="background-color: #ffff00;">', $caption_txt);
$caption_txt = str_replace('</highlight>', '</span>', $caption_txt);
- $fp_caption_txt = fopen($caption_file,"w");
+ $fp_caption_txt = fopen("data/items/{$_REQUEST['entry']}/album/captions/{$album_image_input_name}.txt","w");
fwrite($fp_caption_txt,$caption_txt);
fclose($fp_caption_txt);
}
}
- $res = copy($_FILES['album_image_input']['tmp_name'], $album_dir . '/' . $_FILES['album_image_input']['name']);
+ $res = copy($_FILES['album_image_input']['tmp_name'],"images/{$_REQUEST['entry']}/album/$album_image_input_name");
unlink($_FILES['album_image_input']['tmp_name']);
-
}
else {
unlink($_FILES['album_image_input']['tmp_name']);
}
-
}
else {
unlink($_FILES['album_image_input']['tmp_name']);
}
-
}
else {
unlink($_FILES['album_image_input']['tmp_name']);
}
-
}
else {
unlink($_FILES['album_image_input']['tmp_name']);
}
-
}
if (isset($_FILES['entry_image_input']) and !empty($_FILES['entry_image_input'])) {
@@ -753,19 +750,20 @@ if (isset($_FILES['entry_image_input']) and !empty($_FILES['entry_image_input'])
if ($_FILES['entry_image_input']['size']<=$max_image_size) {
- if (($_FILES['entry_image_input']['type']=="image/gif") || ($_FILES['entry_image_input']['type']=="image/pjpeg") || ($_FILES['entry_image_input']['type']=="image/jpeg") || ($_FILES['entry_image_input']['type']=="image/png")) {
+ if (($_FILES['entry_image_input']['type']=="image/gif") || ($_FILES['entry_image_input']['type']=="image/pjpeg") || ($_FILES['entry_image_input']['type']=="image/jpeg") || ($_FILES['entry_image_input']['type']=="image/png")) {
+
+ $entry_image_input_name = str_replace(" ","_",$_FILES['entry_image_input']['name']);
- if (!file_exists($image_path . $_REQUEST['entry'] . '/' . $_FILES['entry_image_input']['name'])) {
+ if (!file_exists("images/{$_REQUEST['entry']}/$entry_image_input_name")) {
- $image_dir = $image_path . $_REQUEST['entry'];
- if (!file_exists($image_dir)) {
- mkdir($image_dir);
+ if (!file_exists("images/{$_REQUEST['entry']}")) {
+ mkdir("images/{$_REQUEST['entry']}");
}
- $res = copy($_FILES['entry_image_input']['tmp_name'], $image_path . $_REQUEST['entry'] . '/' . $_FILES['entry_image_input']['name']);
+ $res = copy($_FILES['entry_image_input']['tmp_name'], "images/{$_REQUEST['entry']}/$entry_image_input_name");
unlink($_FILES['entry_image_input']['tmp_name']);
- $entry_image_size = getimagesize($image_path . $_REQUEST['entry'] . '/' . $_FILES['entry_image_input']['name']);
+ $entry_image_size = getimagesize("images/{$_REQUEST['entry']}/$entry_image_input_name");
$entry_image_width = $entry_image_size[0];
$entry_image_height = $entry_image_size[1];
@@ -777,8 +775,7 @@ if (isset($_FILES['entry_image_input']) and !empty($_FILES['entry_image_input'])
$entry_image_height = (int) ($entry_image_height * $sizefactor);
}
- $body_write_content = '<img src="' . $image_path . $_REQUEST['entry'] . '/' . $_FILES['entry_image_input']['name'] . '" border="0" width="' . $entry_image_width . '" height="' . $entry_image_height . '"><br>' . $body_write_content;
-
+ $body_write_content = "<img src=\"images/{$_REQUEST['entry']}/$entry_image_input_name\" border=\"0\" width=\"$entry_image_width\" height=\"$entry_image_height\"><br>$body_write_content";
}
else {
unlink($_FILES['entry_image_input']['tmp_name']);
@@ -798,23 +795,27 @@ if (isset($_FILES['entry_image_input']) and !empty($_FILES['entry_image_input'])
}
if (isset($_FILES['file_input']) and !empty($_FILES['file_input'])) {
+
if (is_uploaded_file($_FILES['file_input']['tmp_name'])) {
+
if ($_FILES['file_input']['size']<=$max_file_size) {
- $filedrop_dir = 'data/items/' . $_REQUEST['entry'] . '/filedrop';
- if (!file_exists($filedrop_dir)) {
- mkdir($filedrop_dir);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/filedrop")) {
+ mkdir("data/items/{$_REQUEST['entry']}/filedrop");
}
- $file_dir = 'data/items/' . $_REQUEST['entry'] . '/filedrop/files';
- if (!file_exists($file_dir)) {
- mkdir($file_dir);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/filedrop/files")) {
+ mkdir("data/items/{$_REQUEST['entry']}/filedrop/files");
}
- if (!file_exists($file_dir . '/' . $_FILES['file_input']['name'])) {
- $res = copy($_FILES['file_input']['tmp_name'], $file_dir . '/' . $_FILES['file_input']['name']);
- unlink($_FILES['file_input']['tmp_name']);
- $file_src = $file_dir . '/' . $_FILES['file_input']['name'];
- $file_file = $filedrop_dir . '/' . $_FILES['file_input']['name'] . '.txt';
- $fp_file_txt = fopen($file_file,"w");
- fwrite($fp_file_txt,$file_src);
+
+ $file_input_name = str_replace(" ","_",$_FILES['file_input']['name']);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/filedrop/files/$file_input_name")) {
+ $res = copy($_FILES['file_input']['tmp_name'], "data/items/{$_REQUEST['entry']}/filedrop/files/$file_input_name");
+ unlink($_FILES['file_input']['tmp_name']);
+
+ $fp_file_txt = fopen("data/items/{$_REQUEST['entry']}/filedrop/{$file_input_name}.txt","w");
+ fwrite($fp_file_txt,"data/items/{$_REQUEST['entry']}/filedrop/files/$file_input_name");
fclose($fp_file_txt);
}
else {
diff --git a/index.php b/index.php
index 7cc0083..4691490 100644
--- a/index.php
+++ b/index.php
@@ -193,7 +193,7 @@ if (isset($_REQUEST['download']) and !empty($_REQUEST['download'])) {
function go_download($f_dl_file) {
- $entry = $entry;
+ $entry = trim($_REQUEST['entry']);
if (isset($_REQUEST['type']) and !empty($_REQUEST['type']) and ($_REQUEST['type'] == "pdf")) {
$f_dl_path = "data/items/$entry/pdf/file";
tree b89983163df111bbe1d284f2c076d4ff9f121ed5
parent dc300dea30fd27a02ad333d74edcae7587e2b42a
author Engels Antonio <engels@majcms.org> 1277314201 +0800
committer Engels Antonio <engels@majcms.org> 1277314201 +0800
maj-0.14-20081103-bb.zip
diff --git a/add.php b/add.php
index d8a32ed..b31967a 100644
--- a/add.php
+++ b/add.php
@@ -572,8 +572,10 @@ if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
mkdir($image_dir);
}
- if (!file_exists($image_dir . '/' . $_FILES['image_input']['name'])) {
- $res = copy($_FILES['image_input']['tmp_name'], $image_dir . '/' . $_FILES['image_input']['name']);
+ $image_input_name = str_replace(" ","_",$_FILES['image_input']['name']);
+
+ if (!file_exists("$image_dir/$image_input_name")) {
+ $res = copy($_FILES['image_input']['tmp_name'], "$image_dir/$image_input_name");
unlink($_FILES['image_input']['tmp_name']);
}
@@ -595,23 +597,31 @@ if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
}
if (isset($_FILES['file_input']) and !empty($_FILES['file_input'])) {
+
if (is_uploaded_file($_FILES['file_input']['tmp_name'])) {
+
if ($_FILES['file_input']['size']<=$max_file_size) {
+
$filedrop_dir = "$item_dir/filedrop";
+
if (!file_exists($filedrop_dir)) {
mkdir($filedrop_dir);
}
+
$file_dir = "$filedrop_dir/files";
+
if (!file_exists($file_dir)) {
mkdir($file_dir);
}
- if (!file_exists($file_dir . '/' . $_FILES['file_input']['name'])) {
- $res = copy($_FILES['file_input']['tmp_name'], $file_dir . '/' . $_FILES['file_input']['name']);
+
+ $file_input_name = str_replace(" ","_",$_FILES['file_input']['name']);
+
+ if (!file_exists("$file_dir/$file_input_name")) {
+ $res = copy($_FILES['file_input']['tmp_name'], "$file_dir/$file_input_name");
unlink($_FILES['file_input']['tmp_name']);
- $file_src = $file_dir . '/' . $_FILES['file_input']['name'];
- $file_file = $filedrop_dir . '/' . $_FILES['file_input']['name'] . '.txt';
- $fp_file_txt = fopen($file_file,"w");
- fwrite($fp_file_txt,$file_src);
+
+ $fp_file_txt = fopen("$filedrop_dir/{$file_input_name}.txt","w");
+ fwrite($fp_file_txt,"$file_dir/$file_input_name");
fclose($fp_file_txt);
}
else {
@@ -630,13 +640,14 @@ if (isset($_FILES['file_input']) and !empty($_FILES['file_input'])) {
}
-$body_file = $item_dir . '/body.txt';
+$body_file = "$item_dir/body.txt";
+
$fp_body_txt = fopen($body_file,"w");
if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
- if (file_exists($image_dir . '/' . $_FILES['image_input']['name'])) {
+ if (file_exists("$image_dir/$image_input_name")) {
- $entry_image_size = getimagesize($image_dir . '/' . $_FILES['image_input']['name']);
+ $entry_image_size = getimagesize("$image_dir/$image_input_name");
$entry_image_width = $entry_image_size[0];
$entry_image_height = $entry_image_size[1];
@@ -648,14 +659,15 @@ if (isset($_FILES['image_input']) and !empty($_FILES['image_input'])) {
$entry_image_height = (int) ($entry_image_height * $sizefactor);
}
- $body_write_content = '<img src=""' . $image_dir . '/' . $_FILES['image_input']['name'] . '" border="0" width="' . $entry_image_width . '" height="' . $entry_image_height . '"><br>' . $body_write_content;
+ $body_write_content = "<img src=\"$image_dir/$image_input_name\" border=\"0\" width=\"$entry_image_width\" height=\"$entry_image_height\"><br>$body_write_content";
}
}
fwrite($fp_body_txt,$body_write_content);
fclose($fp_body_txt);
-$sticky_sem = 'data/sticky/' . $entry;
+$sticky_sem = "data/sticky/$entry";
+
if (isset($_POST['sticky']) and !empty($_POST['sticky']) and ($_POST['sticky'] == "on")) {
if (!file_exists("data/sticky")) {
mkdir("data/sticky");
diff --git a/edit.php b/edit.php
index 8a09016..463e8c8 100644
--- a/edit.php
+++ b/edit.php
@@ -85,7 +85,6 @@ $date_file = 'data/items/' . $_REQUEST['entry'] . '/date.txt';
$img_file = 'data/items/' . $_REQUEST['entry'] . '/image.txt';
$revisions_file = 'data/items/' . $_REQUEST['entry'] . '/revisions.txt';
-$image_path = "images/";
$max_image_size = 8000000;
$max_file_size = 8000000;
@@ -655,36 +654,39 @@ if (isset($_FILES['album_image_input']) and !empty($_FILES['album_image_input'])
if ($_FILES['album_image_input']['size']<=$max_image_size) {
- if (($_FILES['album_image_input']['type']=="image/gif") || ($_FILES['album_image_input']['type']=="image/pjpeg") || ($_FILES['album_image_input']['type']=="image/jpeg") || ($_FILES['album_image_input']['type']=="image/png")) {
+ if (($_FILES['album_image_input']['type']=="image/gif") || ($_FILES['album_image_input']['type']=="image/pjpeg") || ($_FILES['album_image_input']['type']=="image/jpeg") || ($_FILES['album_image_input']['type']=="image/png")) {
+
+ $album_image_input_name = str_replace(" ","_",$_FILES['album_image_input']['name']);
- if (!file_exists($image_path . $_REQUEST['entry'] . '/album/' . $_FILES['album_image_input']['name'])) {
+ if (!file_exists("images/{$_REQUEST['entry']}/album/$album_image_input_name")) {
- $image_dir = $image_path . $_REQUEST['entry'];
- if (!file_exists($image_dir)) {
- mkdir($image_dir);
+ if (!file_exists("images/{$_REQUEST['entry']}")) {
+ mkdir("images/{$_REQUEST['entry']}");
}
- $album_dir = $image_path . $_REQUEST['entry'] . '/album';
- if (!file_exists($album_dir)) {
- mkdir($album_dir);
+
+ if (!file_exists("images/{$_REQUEST['entry']}/album")) {
+ mkdir("images/{$_REQUEST['entry']}/album");
}
- $album_sem = 'data/albums/' . $_REQUEST['entry'];
+
if (!file_exists("data/albums")) {
mkdir("data/albums");
}
- if (!file_exists($album_sem)) {
- mkdir($album_sem);
+
+ if (!file_exists("data/albums/{$_REQUEST['entry']}")) {
+ mkdir("data/albums/{$_REQUEST['entry']}");
}
+
if (isset($_POST['caption']) and !empty($_POST['caption'])) {
- $album_data_dir = 'data/items/' . $_REQUEST['entry'] . '/album';
- if (!file_exists($album_data_dir)) {
- mkdir($album_data_dir);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/album")) {
+ mkdir("data/items/{$_REQUEST['entry']}/album");
}
- $caption_dir = 'data/items/' . $_REQUEST['entry'] . '/album/captions';
- if (!file_exists($caption_dir)) {
- mkdir($caption_dir);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/album/captions")) {
+ mkdir("data/items/{$_REQUEST['entry']}/album/captions");
}
- $caption_file = 'data/items/' . $_REQUEST['entry'] . '/album/captions/' . $_FILES['album_image_input']['name'] . '.txt';
- if (!file_exists($caption_file)) {
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/album/captions/{$album_image_input_name}.txt")) {
$caption_txt = ucfirst($_POST['caption']);
$caption_txt = str_replace(':((', '<img src=images/smileys/crying.png border=0>', $caption_txt);
$caption_txt = str_replace(':(', '<img src=images/smileys/frown.png border=0>', $caption_txt);
@@ -716,35 +718,30 @@ if (isset($_FILES['album_image_input']) and !empty($_FILES['album_image_input'])
$caption_txt = str_replace('<highlight>', '<span style="background-color: #ffff00;">', $caption_txt);
$caption_txt = str_replace('</highlight>', '</span>', $caption_txt);
- $fp_caption_txt = fopen($caption_file,"w");
+ $fp_caption_txt = fopen("data/items/{$_REQUEST['entry']}/album/captions/{$album_image_input_name}.txt","w");
fwrite($fp_caption_txt,$caption_txt);
fclose($fp_caption_txt);
}
}
- $res = copy($_FILES['album_image_input']['tmp_name'], $album_dir . '/' . $_FILES['album_image_input']['name']);
+ $res = copy($_FILES['album_image_input']['tmp_name'],"images/{$_REQUEST['entry']}/album/$album_image_input_name");
unlink($_FILES['album_image_input']['tmp_name']);
-
}
else {
unlink($_FILES['album_image_input']['tmp_name']);
}
-
}
else {
unlink($_FILES['album_image_input']['tmp_name']);
}
-
}
else {
unlink($_FILES['album_image_input']['tmp_name']);
}
-
}
else {
unlink($_FILES['album_image_input']['tmp_name']);
}
-
}
if (isset($_FILES['entry_image_input']) and !empty($_FILES['entry_image_input'])) {
@@ -753,19 +750,20 @@ if (isset($_FILES['entry_image_input']) and !empty($_FILES['entry_image_input'])
if ($_FILES['entry_image_input']['size']<=$max_image_size) {
- if (($_FILES['entry_image_input']['type']=="image/gif") || ($_FILES['entry_image_input']['type']=="image/pjpeg") || ($_FILES['entry_image_input']['type']=="image/jpeg") || ($_FILES['entry_image_input']['type']=="image/png")) {
+ if (($_FILES['entry_image_input']['type']=="image/gif") || ($_FILES['entry_image_input']['type']=="image/pjpeg") || ($_FILES['entry_image_input']['type']=="image/jpeg") || ($_FILES['entry_image_input']['type']=="image/png")) {
+
+ $entry_image_input_name = str_replace(" ","_",$_FILES['entry_image_input']['name']);
- if (!file_exists($image_path . $_REQUEST['entry'] . '/' . $_FILES['entry_image_input']['name'])) {
+ if (!file_exists("images/{$_REQUEST['entry']}/$entry_image_input_name")) {
- $image_dir = $image_path . $_REQUEST['entry'];
- if (!file_exists($image_dir)) {
- mkdir($image_dir);
+ if (!file_exists("images/{$_REQUEST['entry']}")) {
+ mkdir("images/{$_REQUEST['entry']}");
}
- $res = copy($_FILES['entry_image_input']['tmp_name'], $image_path . $_REQUEST['entry'] . '/' . $_FILES['entry_image_input']['name']);
+ $res = copy($_FILES['entry_image_input']['tmp_name'], "images/{$_REQUEST['entry']}/$entry_image_input_name");
unlink($_FILES['entry_image_input']['tmp_name']);
- $entry_image_size = getimagesize($image_path . $_REQUEST['entry'] . '/' . $_FILES['entry_image_input']['name']);
+ $entry_image_size = getimagesize("images/{$_REQUEST['entry']}/$entry_image_input_name");
$entry_image_width = $entry_image_size[0];
$entry_image_height = $entry_image_size[1];
@@ -777,8 +775,7 @@ if (isset($_FILES['entry_image_input']) and !empty($_FILES['entry_image_input'])
$entry_image_height = (int) ($entry_image_height * $sizefactor);
}
- $body_write_content = '<img src="' . $image_path . $_REQUEST['entry'] . '/' . $_FILES['entry_image_input']['name'] . '" border="0" width="' . $entry_image_width . '" height="' . $entry_image_height . '"><br>' . $body_write_content;
-
+ $body_write_content = "<img src=\"images/{$_REQUEST['entry']}/$entry_image_input_name\" border=\"0\" width=\"$entry_image_width\" height=\"$entry_image_height\"><br>$body_write_content";
}
else {
unlink($_FILES['entry_image_input']['tmp_name']);
@@ -798,23 +795,27 @@ if (isset($_FILES['entry_image_input']) and !empty($_FILES['entry_image_input'])
}
if (isset($_FILES['file_input']) and !empty($_FILES['file_input'])) {
+
if (is_uploaded_file($_FILES['file_input']['tmp_name'])) {
+
if ($_FILES['file_input']['size']<=$max_file_size) {
- $filedrop_dir = 'data/items/' . $_REQUEST['entry'] . '/filedrop';
- if (!file_exists($filedrop_dir)) {
- mkdir($filedrop_dir);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/filedrop")) {
+ mkdir("data/items/{$_REQUEST['entry']}/filedrop");
}
- $file_dir = 'data/items/' . $_REQUEST['entry'] . '/filedrop/files';
- if (!file_exists($file_dir)) {
- mkdir($file_dir);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/filedrop/files")) {
+ mkdir("data/items/{$_REQUEST['entry']}/filedrop/files");
}
- if (!file_exists($file_dir . '/' . $_FILES['file_input']['name'])) {
- $res = copy($_FILES['file_input']['tmp_name'], $file_dir . '/' . $_FILES['file_input']['name']);
- unlink($_FILES['file_input']['tmp_name']);
- $file_src = $file_dir . '/' . $_FILES['file_input']['name'];
- $file_file = $filedrop_dir . '/' . $_FILES['file_input']['name'] . '.txt';
- $fp_file_txt = fopen($file_file,"w");
- fwrite($fp_file_txt,$file_src);
+
+ $file_input_name = str_replace(" ","_",$_FILES['file_input']['name']);
+
+ if (!file_exists("data/items/{$_REQUEST['entry']}/filedrop/files/$file_input_name")) {
+ $res = copy($_FILES['file_input']['tmp_name'], "data/items/{$_REQUEST['entry']}/filedrop/files/$file_input_name");
+ unlink($_FILES['file_input']['tmp_name']);
+
+ $fp_file_txt = fopen("data/items/{$_REQUEST['entry']}/filedrop/{$file_input_name}.txt","w");
+ fwrite($fp_file_txt,"data/items/{$_REQUEST['entry']}/filedrop/files/$file_input_name");
fclose($fp_file_txt);
}
else {
diff --git a/index.php b/index.php
index 7cc0083..4691490 100644
--- a/index.php
+++ b/index.php
@@ -193,7 +193,7 @@ if (isset($_REQUEST['download']) and !empty($_REQUEST['download'])) {
function go_download($f_dl_file) {
- $entry = $entry;
+ $entry = trim($_REQUEST['entry']);
if (isset($_REQUEST['type']) and !empty($_REQUEST['type']) and ($_REQUEST['type'] == "pdf")) {
$f_dl_path = "data/items/$entry/pdf/file";