Home Explore Help
Register Sign In
roobe
/
zijia
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Branch: online
Branches Tags
zijia
/
source
/
include
/
misc
/
misc_swfupload.php

misc_swfupload.php 6.4 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210 
  1. <?php
    2. 

  2. 

  3. /**
    4. 

  4.  *      [Discuz!] (C)2001-2099 Comsenz Inc.
    5. 

  5.  *      This is NOT a freeware, use is subject to license terms
    6. 

  6.  *
    7. 

  7.  *      $Id: misc_swfupload.php 25756 2011-11-22 02:47:45Z zhangguosheng $
    8. 

  8.  */
    9. 

  9. 

  10. if(!defined('IN_DISCUZ')) {
    11. 

  11. 	exit('Access Denied');
    12. 

  12. }
    13. 

  13. 

  14. require_once libfile('function/spacecp');
    15. 

  15. 

  16. $op = empty($_GET['op'])?'':$_GET['op'];
    17. 

  17. $isupload = empty($_GET['cam']) && empty($_GET['doodle']) ? true : false;
    18. 

  18. $iscamera = isset($_GET['cam']) ? true : false;
    19. 

  19. $isdoodle = isset($_GET['doodle']) ? true : false;
    20. 

  20. $fileurl = '';
    21. 

  21. if(!empty($_POST['uid'])) {
    22. 

  22. 	$_G['uid'] = intval($_POST['uid']);
    23. 

  23. 	if(empty($_G['uid']) || $_POST['hash'] != md5($_G['uid'].UC_KEY)) {
    24. 

  24. 		exit();
    25. 

  25. 	}
    26. 

  26. 	$member = getuserbyuid($_G['uid']);
    27. 

  27. 	$_G['username'] = addslashes($member['username']);
    28. 

  28. 

  29. 	loadcache('usergroup_'.$member['groupid']);
    30. 

  30. 	$_G['group'] = $_G['cache']['usergroup_'.$member['groupid']];
    31. 

  31. 

  32. } elseif (empty($_G['uid'])) {
    33. 

  33. 	showmessage('to_login', null, array(), array('showmsg' => true, 'login' => 1));
    34. 

  34. }
    35. 

  35. 

  36. if($op == "finish") {
    37. 

  37. 

  38. 	$albumid = intval($_GET['albumid']);
    39. 

  39. 

  40. 	if($albumid > 0) {
    41. 

  41. 		album_update_pic($albumid);
    42. 

  42. 	}
    43. 

  43. 

  44. 	$space = getuserbyuid($_G['uid']);
    45. 

  45. 

  46. 	if(ckprivacy('upload', 'feed')) {
    47. 

  47. 		require_once libfile('function/feed');
    48. 

  48. 		feed_publish($albumid, 'albumid');
    49. 

  49. 	}
    50. 

  50. 

  51. 	exit();
    52. 

  52. 

  53. } elseif($op == 'config') {
    54. 

  54. 

  55. 	$hash = md5($_G['uid'].UC_KEY);
    56. 

  56. 	$uploadurl = urlencode(getsiteurl().'home.php?mod=misc&ac=swfupload'.($iscamera ? '&op=screen' : ($isdoodle ? '&op=doodle&from=':'')));
    57. 

  57. 	if($isupload) {
    58. 

  58. 		if(!checkperm('allowupload')) {
    59. 

  59. 			$hash = '';
    60. 

  60. 		}
    61. 

  61. 	} else {
    62. 

  62. 		$filearr = $dirstr = array();
    63. 

  63. 		if($iscamera) {
    64. 

  64. 			$directory = dreaddir(DISCUZ_ROOT.'./static/image/foreground');
    65. 

  65. 			foreach($directory as $key => $value) {
    66. 

  66. 				$dirstr = DISCUZ_ROOT.'./static/image/foreground/'.$value;
    67. 

  67. 				if(is_dir($dirstr)) {
    68. 

  68. 					$filearr = dreaddir($dirstr, array('jpg','jpeg','gif','png'));
    69. 

  69. 					if(!empty($filearr)) {
    70. 

  70. 						if(is_file($dirstr.'/categories.txt')) {
    71. 

  71. 							$catfile = @file($dirstr.'/categories.txt');
    72. 

  72. 							$dirarr[$key][0] = trim($catfile[0]);
    73. 

  73. 						} else {
    74. 

  74. 							$dirarr[$key][0] = trim($value);
    75. 

  75. 						}
    76. 

  76. 						$dirarr[$key][1] = trim('static/image/foreground/'.$value.'/');
    77. 

  77. 						$dirarr[$key][2] = $filearr;
    78. 

  78. 					}
    79. 

  79. 				}
    80. 

  80. 			}
    81. 

  81. 		} elseif($isdoodle) {
    82. 

  82. 			$filearr = dreaddir(DISCUZ_ROOT.'./static/image/doodle/big', array('jpg','jpeg','gif','png'));
    83. 

  83. 		}
    84. 

  84. 	}
    85. 

  85. 	$feedurl = urlencode(getsiteurl().'home.php?mod=misc&ac=swfupload&op=finish&random='.random(8).'&albumid=');
    86. 

  86. 	$albumurl = urlencode(getsiteurl().'home.php?mod=space&do=album'.($isdoodle ? '&picid=' : '&id='));
    87. 

  87. 	$max = 0;
    88. 

  88. 	if(!empty($_G['group']['maximagesize'])) {
    89. 

  89. 		$max = intval($_G['group']['maximagesize']);
    90. 

  90. 	} else {
    91. 

  91. 		$max = @ini_get(upload_max_filesize);
    92. 

  92. 		$unit = strtolower(substr($max, -1, 1));
    93. 

  93. 		if($unit == 'k') {
    94. 

  94. 			$max = intval($max)*1024;
    95. 

  95. 		} elseif($unit == 'm') {
    96. 

  96. 			$max = intval($max)*1024*1024;
    97. 

  97. 		} elseif($unit == 'g') {
    98. 

  98. 			$max = intval($max)*1024*1024*1024;
    99. 

  99. 		}
    100. 

  100. 	}
    101. 

  101. 	$albums = getalbums($_G['uid']);
    102. 

  102. 	loadcache('albumcategory');
    103. 

  103. 	$categorys = $_G['cache']['albumcategory'];
    104. 

  104. 	$categorystat = $_G['setting']['albumcategorystat'] && !empty($categorys) ? intval($_G['setting']['albumcategorystat']) : 0;
    105. 

  105. 	$categoryrequired = $_G['setting']['albumcategoryrequired'] && !empty($categorys) ? intval($_G['setting']['albumcategoryrequired']) : 0;
    106. 

  106. 

  107. } elseif($op == "screen" || $op == "doodle") {
    108. 

  108. 

  109. 	if(empty($GLOBALS['HTTP_RAW_POST_DATA'])) {
    110. 

  110. 		$GLOBALS['HTTP_RAW_POST_DATA'] = file_get_contents("php://input");
    111. 

  111. 	}
    112. 

  112. 	$status = "failure";
    113. 

  113. 	$dosave = true;
    114. 

  114. 

  115. 	if($op == "doodle") {
    116. 

  116. 		$magic = C::t('common_magic')->fetch_member_magic($_G['uid'], 'doodle');
    117. 

  117. 		if(empty($magic) || $magic['num'] < 1) {
    118. 

  118. 			$uploadfiles = -8;
    119. 

  119. 			$dosave = false;
    120. 

  120. 		}
    121. 

  121. 	}
    122. 

  122. 

  123. 	if($dosave && !empty($GLOBALS['HTTP_RAW_POST_DATA'])) {
    124. 

  124. 		$_SERVER['HTTP_ALBUMID'] = addslashes(diconv(urldecode($_SERVER['HTTP_ALBUMID']), 'UTF-8'));
    125. 

  125. 		$from = false;
    126. 

  126. 		if($op == 'screen') {
    127. 

  127. 			$from = 'camera';
    128. 

  128. 		} elseif($_GET['from'] == 'album') {
    129. 

  129. 			$from = 'uploadimage';
    130. 

  130. 		}
    131. 

  131. 		$_G['setting']['allowwatermark'] = 0;
    132. 

  132. 		$uploadfiles = stream_save($GLOBALS['HTTP_RAW_POST_DATA'], $_SERVER['HTTP_ALBUMID'], 'jpg', '', '', 0, $from);
    133. 

  133. 	}
    134. 

  134. 

  135. 	$uploadResponse = true;
    136. 

  136. 	$picid = $proid = $albumid = 0;
    137. 

  137. 	if($uploadfiles && is_array($uploadfiles)) {
    138. 

  138. 		$status = "success";
    139. 

  139. 		$albumid = $uploadfiles['albumid'];
    140. 

  140. 		$picid =  $uploadfiles['picid'];
    141. 

  141. 		if($op == "doodle") {
    142. 

  142. 			$fileurl = pic_get($uploadfiles['filepath'], 'album', $uploadfiles['thumb'], $uploadfiles['remote'], 0);
    143. 

  143. 			$remote = $uploadfiles['remote'] > 1 ? $uploadfiles['remote'] - 2 : $uploadfiles['remote'];
    144. 

  144. 			if(!$remote) {
    145. 

  145. 				if(!preg_match("/^http\:\/\//i", $fileurl)) {
    146. 

  146. 					$fileurl = getsiteurl().$fileurl;
    147. 

  147. 				}
    148. 

  148. 			}
    149. 

  149. 			require_once libfile('function/magic');
    150. 

  150. 			usemagic($magic['magicid'], $magic['num'], 1);
    151. 

  151. 			updatemagiclog($magic['magicid'], '2', '1', '0');
    152. 

  152. 			if($albumid > 0) {
    153. 

  153. 				album_update_pic($albumid);
    154. 

  154. 			}
    155. 

  155. 		}
    156. 

  156. 	} else {
    157. 

  157. 		switch ($uploadfiles) {
    158. 

  158. 			case -1:
    159. 

  159. 				$uploadfiles = lang('spacecp', 'inadequate_capacity_space');
    160. 

  160. 				break;
    161. 

  161. 			case -2:
    162. 

  162. 				$uploadfiles = lang('spacecp', 'only_allows_upload_file_types');
    163. 

  163. 				break;
    164. 

  164. 			case -4:
    165. 

  165. 				$uploadfiles = lang('spacecp', 'ftp_upload_file_size');
    166. 

  166. 				break;
    167. 

  167. 			case -8:
    168. 

  168. 				$uploadfiles = lang('spacecp', 'has_not_more_doodle');
    169. 

  169. 				break;
    170. 

  170. 			default:
    171. 

  171. 				$uploadfiles = lang('spacecp', 'mobile_picture_temporary_failure');
    172. 

  172. 				break;
    173. 

  173. 		}
    174. 

  174. 	}
    175. 

  175. 

  176. } elseif($_FILES && $_POST) {
    177. 

  177. 

  178. 	if($_FILES["Filedata"]['error']) {
    179. 

  179. 		$uploadfiles = lang('spacecp', 'file_is_too_big');
    180. 

  180. 	} else {
    181. 

  181. 		$_FILES["Filedata"]['name'] = addslashes(diconv(urldecode($_FILES["Filedata"]['name']), 'UTF-8'));
    182. 

  182. 		$_POST['albumid'] = addslashes(diconv(urldecode($_POST['albumid']), 'UTF-8'));
    183. 

  183. 		$catid = $_POST['catid'] ? intval($_POST['catid']) : 0;
    184. 

  184. 		$uploadfiles = pic_save($_FILES["Filedata"], $_POST['albumid'], addslashes(diconv(urldecode($_POST['title']), 'UTF-8')), true, $catid);
    185. 

  185. 	}
    186. 

  186. 	$proid = $_POST['proid'];
    187. 

  187. 	$uploadResponse = true;
    188. 

  188. 	$albumid = 0;
    189. 

  189. 	if($uploadfiles && is_array($uploadfiles)) {
    190. 

  190. 		$status = "success";
    191. 

  191. 		$albumid = $uploadfiles['albumid'];
    192. 

  192. 	} else {
    193. 

  193. 		$status = "failure";
    194. 

  194. 	}
    195. 

  195. }
    196. 

  196. 

  197. $newalbumname = dgmdate($_G['timestamp'], 'Ymd');
    198. 

  198. 

  199. include template("home/misc_swfupload");
    200. 

  200. $outxml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n";
    201. 

  201. $outxml .= diconv(ob_get_contents(), $_G['charset'], 'UTF-8');
    202. 

  202. obclean();
    203. 

  203. 

  204. @header("Expires: -1");
    205. 

  205. @header("Cache-Control: no-store, private, post-check=0, pre-check=0, max-age=0", FALSE);
    206. 

  206. @header("Pragma: no-cache");
    207. 

  207. @header("Content-type: application/xml; charset=utf-8");
    208. 

  208. echo $outxml;
    209. 

  209. 

  210. ?>
    211.