Changeset 26 for trunk/upload.php

Timestamp:

Jul 21, 2003, 9:47:14 PM (21 years ago)

Author:

z0rglub

Message:

* empty log message *

File:

• trunk/upload.php (modified) (10 diffs)

trunk/upload.php

@@ -17 +17 @@
 
 //------------------------------------------------------------------- functions
-
 // The validate_upload function checks if the image of the given path is valid.
 // A picture is valid when :
@@ -115 +114 @@
 if ( $access_forbidden == true
      or $page['cat_site_id'] != 1
-     or $conf['upload_available'] == 'false' )
+     or !$conf['upload_available'] )
 {
   echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />';
-  echo '<a href="'.add_session_id_to_url( './category.php' ).'">';
+  echo '<a href="'.add_session_id( './category.php' ).'">';
   echo $lang['thumbnails'].'</a></div>';
   exit();
@@ -128 +127 @@
 
 $tpl = array( 'upload_title', 'upload_username', 'mail_address', 'submit',
-              'upload_successful', 'search_return_main_page' );
-templatize_array( $tpl, 'lang', $sub );
-// user
-$vtp->setGlobalVar( $handle, 'style',            $user['style'] );
-$vtp->setGlobalVar( $handle, 'user_login',       $user['username'] );
-$vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] );
+              'upload_successful', 'search_return_main_page','upload_author',
+              'upload_name','upload_creation_date','upload_comment',
+              'mandatory' );
+templatize_array( $tpl, 'lang', $handle );
 
 $error = array();
-$i = 0;
 $page['upload_successful'] = false;
 if ( isset( $_GET['waiting_id'] ) )
@@ -143 +139 @@
 }
 //-------------------------------------------------------------- picture upload
-// vérification de la présence et de la validité des champs.
+// verfying fields
 if ( isset( $_POST['submit'] ) and !isset( $_GET['waiting_id'] ) )
 {
@@ -149 +145 @@
   if ( @is_file( $path ) )
   {
-    $error[$i++] = $lang['upload_file_exists'];
+    array_push( $error, $lang['upload_file_exists'] );
   }
   // test de la présence des champs obligatoires
-  if ( $_FILES['picture']['name'] == "" )
-  {
-    $error[$i++] = $lang['upload_filenotfound'];
+  if ( $_FILES['picture']['name'] == '' )
+  {
+    array_push( $error, $lang['upload_filenotfound'] );
   }
   if ( !ereg( "([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)",
              $_POST['mail_address'] ) )
   {
-    $error[$i++] = $lang['reg_err_mail_address'];
+    array_push( $error, $lang['reg_err_mail_address'] );
   }
   if ( $_POST['username'] == '' )
   {
-    $error[$i++] = $lang['upload_err_username'];
-  }
-
+    array_push( $error, $lang['upload_err_username'] );
+  }
+
+  if ( $_POST['date_creation'] != '' )
+  {
+    list( $day,$month,$year ) = explode( '/', $_POST['date_creation'] );
+    // int checkdate ( int month, int day, int year)
+    if ( checkdate( $month, $day, $year ) )
+    {
+      // int mktime ( int hour, int minute, int second,
+      //              int month, int day, int year [, int is_dst])
+      $date_creation = mktime( 0, 0, 0, $month, $day, $year );
+    }
+    else
+    {
+      array_push( $error, $lang['err_date'] );
+    }
+  }
+  // creation of the "infos" field :
+  // <infos author="Pierrick LE GALL" comment="my comment"
+  //        date_creation="1056891767" name="" />
+  $xml_infos = '<infos';
+  $xml_infos.= ' author="'.htmlspecialchars($_POST['author'],ENT_QUOTES).'"';
+  $xml_infos.= ' comment="'.htmlspecialchars($_POST['comment'],ENT_QUOTES).'"';
+  $xml_infos.= ' date_creation="'.$date_creation.'"';
+  $xml_infos.= ' name="'.htmlspecialchars( $_POST['name'], ENT_QUOTES).'"';
+  $xml_infos.= ' />';
+  
   if ( sizeof( $error ) == 0 )
   {
@@ -174 +195 @@
     for ( $j = 0; $j < sizeof( $result['error'] ); $j++ )
     {
-      $error[$i++] = $result['error'][$j];
+      array_push( $error, $result['error'][$j] );
     }
   }
@@ -181 +202 @@
   {
     $query = 'insert into '.PREFIX_TABLE.'waiting';
-    $query.= ' (cat_id,file,username,mail_address,date) values';
+    $query.= ' (cat_id,file,username,mail_address,date,infos) values';
     $query.= " (".$page['cat'].",'".$_FILES['picture']['name']."'";
     $query.= ",'".htmlspecialchars( $_POST['username'], ENT_QUOTES)."'";
-    $query.= ",'".$_POST['mail_address']."',".time().")";
+    $query.= ",'".$_POST['mail_address']."',".time().",'".$xml_infos."')";
     $query.= ';';
     mysql_query( $query );
@@ -210 +231 @@
   for ( $j = 0; $j < sizeof( $result['error'] ); $j++ )
   {
-    $error[$i++] = $result['error'][$j];
+    array_push( $error, $result['error'][$j] );
   }
   if ( sizeof( $error ) == 0 )
@@ -244 +265 @@
     $url.= '&amp;waiting_id='.$page['waiting_id'];
   }
-  $vtp->setGlobalVar( $handle, 'form_action', $url );
+  $vtp->setGlobalVar( $handle, 'form_action', add_session_id( $url ) );
 //--------------------------------------------------------------------- advises
   if ( $conf['upload_maxfilesize'] != '' )
@@ -308 +329 @@
   {
     $vtp->addSession( $handle, 'fields' );
+    // username
+    if ( isset( $_POST['username'] ) ) $username = $_POST['username'];
+    else                               $username = $user['username'];
+    $vtp->setVar( $handle, 'fields.username',  $username );
+    // mail address
+    if ( isset( $_POST['mail_address'] ) )$mail_address=$_POST['mail_address'];
+    else                                  $mail_address=$user['mail_address'];
+    $vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] );
+    // name of the picture
+    $vtp->setVar( $handle, 'fields.name', $_POST['name'] );
+    // author
+    $vtp->setVar( $handle, 'fields.author', $_POST['author'] );
+    // date of creation
+    $vtp->setVar( $handle, 'fields.date_creation', $_POST['date_creation'] );
+    // comment
+    $vtp->setVar( $handle, 'fields.comment', $_POST['comment'] );
+
     $vtp->closeSession( $handle, 'fields' );
+
+    $vtp->addSession( $handle, 'note' );
+    $vtp->closeSession( $handle, 'note' );
   }
   $vtp->closeSession( $handle, 'upload_not_successful' );