Subversion Repositories svnkaklik

Rev

Details | Last modification | View Log

Rev Author Line No. Line
6 kaklik 1
<?php
2
/*************************
3
  Coppermine Photo Gallery
4
  ************************
5
  Copyright (c) 2003-2005 Coppermine Dev Team
6
  v1.1 originaly written by Gregory DEMAR
7
 
8
  This program is free software; you can redistribute it and/or modify
9
  it under the terms of the GNU General Public License as published by
10
  the Free Software Foundation; either version 2 of the License, or
11
  (at your option) any later version.
12
  ********************************************
13
  Coppermine version: 1.3.3
14
  $Source: /cvsroot/coppermine/stable/addpic.php,v $
15
  $Revision: 1.9 $
16
  $Author: gaugau $
17
  $Date: 2005/04/19 03:17:10 $
18
**********************************************/
19
 
20
define('IN_COPPERMINE', true);
21
define('ADDPIC_PHP', true);
22
 
23
require('include/init.inc.php');
24
require('include/picmgmt.inc.php');
25
 
26
if (!GALLERY_ADMIN_MODE) die('Access denied');
27
 
28
$aid = (int)$HTTP_GET_VARS['aid'];
29
$pic_file = base64_decode($HTTP_GET_VARS['pic_file']);
30
$dir_name = dirname($pic_file) . "/";
31
$file_name = basename($pic_file);
32
 
33
// Get the forbidden characters from the Config console string, and do any necessary translation. Return the translated string.
34
$forbidden_chars = strtr($CONFIG['forbiden_fname_char'], array('&amp;' => '&', '&quot;' => '"', '&lt;' => '<', '&gt;' => '>'));
35
 
36
// Create the holder $picture_name by translating the file name. Translate any forbidden character into an underscore.
37
$sane_name = strtr($file_name, $forbidden_chars, str_repeat('_', strlen($CONFIG['forbiden_fname_char'])));
38
$source = "./" . $CONFIG['fullpath'] . $dir_name . $file_name;
39
rename($source, "./" . $CONFIG['fullpath'] . $dir_name . $sane_name);
40
$file_name = $sane_name;
41
 
42
$sql = "SELECT pid " . "FROM {$CONFIG['TABLE_PICTURES']} " . "WHERE filepath='" . addslashes($dir_name) . "' AND filename='" . addslashes($file_name) . "' " . "LIMIT 1";
43
$result = db_query($sql);
44
 
45
if (mysql_num_rows($result)) {
46
    $file_name = "images/up_dup.gif";
47
} elseif (add_picture($aid, $dir_name, $file_name)) {
48
    $file_name = "images/up_ok.gif";
49
} else {
50
    $file_name = "images/up_pb.gif";
51
    echo $ERROR;
52
}
53
 
54
if (ob_get_length()) {
55
    ob_end_flush();
56
    exit;
57
}
58
 
59
header('Content-type: image/gif');
60
echo fread(fopen($file_name, 'rb'), filesize($file_name));
61
ob_end_flush()
62
?>