Changeset 26 for trunk/upload.php
- Timestamp:
- Jul 21, 2003, 9:47:14 PM (21 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/upload.php
r20 r26 17 17 18 18 //------------------------------------------------------------------- functions 19 20 19 // The validate_upload function checks if the image of the given path is valid. 21 20 // A picture is valid when : … … 115 114 if ( $access_forbidden == true 116 115 or $page['cat_site_id'] != 1 117 or $conf['upload_available'] == 'false')116 or !$conf['upload_available'] ) 118 117 { 119 118 echo '<div style="text-align:center;">'.$lang['upload_forbidden'].'<br />'; 120 echo '<a href="'.add_session_id _to_url( './category.php' ).'">';119 echo '<a href="'.add_session_id( './category.php' ).'">'; 121 120 echo $lang['thumbnails'].'</a></div>'; 122 121 exit(); … … 128 127 129 128 $tpl = array( 'upload_title', 'upload_username', 'mail_address', 'submit', 130 'upload_successful', 'search_return_main_page' ); 131 templatize_array( $tpl, 'lang', $sub ); 132 // user 133 $vtp->setGlobalVar( $handle, 'style', $user['style'] ); 134 $vtp->setGlobalVar( $handle, 'user_login', $user['username'] ); 135 $vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] ); 129 'upload_successful', 'search_return_main_page','upload_author', 130 'upload_name','upload_creation_date','upload_comment', 131 'mandatory' ); 132 templatize_array( $tpl, 'lang', $handle ); 136 133 137 134 $error = array(); 138 $i = 0;139 135 $page['upload_successful'] = false; 140 136 if ( isset( $_GET['waiting_id'] ) ) … … 143 139 } 144 140 //-------------------------------------------------------------- picture upload 145 // v érification de la présence et de la validité des champs.141 // verfying fields 146 142 if ( isset( $_POST['submit'] ) and !isset( $_GET['waiting_id'] ) ) 147 143 { … … 149 145 if ( @is_file( $path ) ) 150 146 { 151 $error[$i++] = $lang['upload_file_exists'];147 array_push( $error, $lang['upload_file_exists'] ); 152 148 } 153 149 // test de la présence des champs obligatoires 154 if ( $_FILES['picture']['name'] == "")155 { 156 $error[$i++] = $lang['upload_filenotfound'];150 if ( $_FILES['picture']['name'] == '' ) 151 { 152 array_push( $error, $lang['upload_filenotfound'] ); 157 153 } 158 154 if ( !ereg( "([_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)+)", 159 155 $_POST['mail_address'] ) ) 160 156 { 161 $error[$i++] = $lang['reg_err_mail_address'];157 array_push( $error, $lang['reg_err_mail_address'] ); 162 158 } 163 159 if ( $_POST['username'] == '' ) 164 160 { 165 $error[$i++] = $lang['upload_err_username']; 166 } 167 161 array_push( $error, $lang['upload_err_username'] ); 162 } 163 164 if ( $_POST['date_creation'] != '' ) 165 { 166 list( $day,$month,$year ) = explode( '/', $_POST['date_creation'] ); 167 // int checkdate ( int month, int day, int year) 168 if ( checkdate( $month, $day, $year ) ) 169 { 170 // int mktime ( int hour, int minute, int second, 171 // int month, int day, int year [, int is_dst]) 172 $date_creation = mktime( 0, 0, 0, $month, $day, $year ); 173 } 174 else 175 { 176 array_push( $error, $lang['err_date'] ); 177 } 178 } 179 // creation of the "infos" field : 180 // <infos author="Pierrick LE GALL" comment="my comment" 181 // date_creation="1056891767" name="" /> 182 $xml_infos = '<infos'; 183 $xml_infos.= ' author="'.htmlspecialchars($_POST['author'],ENT_QUOTES).'"'; 184 $xml_infos.= ' comment="'.htmlspecialchars($_POST['comment'],ENT_QUOTES).'"'; 185 $xml_infos.= ' date_creation="'.$date_creation.'"'; 186 $xml_infos.= ' name="'.htmlspecialchars( $_POST['name'], ENT_QUOTES).'"'; 187 $xml_infos.= ' />'; 188 168 189 if ( sizeof( $error ) == 0 ) 169 190 { … … 174 195 for ( $j = 0; $j < sizeof( $result['error'] ); $j++ ) 175 196 { 176 $error[$i++] = $result['error'][$j];197 array_push( $error, $result['error'][$j] ); 177 198 } 178 199 } … … 181 202 { 182 203 $query = 'insert into '.PREFIX_TABLE.'waiting'; 183 $query.= ' (cat_id,file,username,mail_address,date ) values';204 $query.= ' (cat_id,file,username,mail_address,date,infos) values'; 184 205 $query.= " (".$page['cat'].",'".$_FILES['picture']['name']."'"; 185 206 $query.= ",'".htmlspecialchars( $_POST['username'], ENT_QUOTES)."'"; 186 $query.= ",'".$_POST['mail_address']."',".time()." )";207 $query.= ",'".$_POST['mail_address']."',".time().",'".$xml_infos."')"; 187 208 $query.= ';'; 188 209 mysql_query( $query ); … … 210 231 for ( $j = 0; $j < sizeof( $result['error'] ); $j++ ) 211 232 { 212 $error[$i++] = $result['error'][$j];233 array_push( $error, $result['error'][$j] ); 213 234 } 214 235 if ( sizeof( $error ) == 0 ) … … 244 265 $url.= '&waiting_id='.$page['waiting_id']; 245 266 } 246 $vtp->setGlobalVar( $handle, 'form_action', $url);267 $vtp->setGlobalVar( $handle, 'form_action', add_session_id( $url ) ); 247 268 //--------------------------------------------------------------------- advises 248 269 if ( $conf['upload_maxfilesize'] != '' ) … … 308 329 { 309 330 $vtp->addSession( $handle, 'fields' ); 331 // username 332 if ( isset( $_POST['username'] ) ) $username = $_POST['username']; 333 else $username = $user['username']; 334 $vtp->setVar( $handle, 'fields.username', $username ); 335 // mail address 336 if ( isset( $_POST['mail_address'] ) )$mail_address=$_POST['mail_address']; 337 else $mail_address=$user['mail_address']; 338 $vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] ); 339 // name of the picture 340 $vtp->setVar( $handle, 'fields.name', $_POST['name'] ); 341 // author 342 $vtp->setVar( $handle, 'fields.author', $_POST['author'] ); 343 // date of creation 344 $vtp->setVar( $handle, 'fields.date_creation', $_POST['date_creation'] ); 345 // comment 346 $vtp->setVar( $handle, 'fields.comment', $_POST['comment'] ); 347 310 348 $vtp->closeSession( $handle, 'fields' ); 349 350 $vtp->addSession( $handle, 'note' ); 351 $vtp->closeSession( $handle, 'note' ); 311 352 } 312 353 $vtp->closeSession( $handle, 'upload_not_successful' );
Note: See TracChangeset
for help on using the changeset viewer.