| Server IP : 51.89.169.208 / Your IP : 216.73.216.57 Web Server : Apache System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64 User : yellowleaf ( 1019) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/yellowleaf/public_html/members/ |
Upload File : |
<?php
ini_set("memory_limit", "200000000"); // for large images so that we do not get "Allowed memory exhausted"
// prevent cache
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header("Cache-Control: no-cache");
header("Pragma: no-cache");
$path = $_SERVER['DOCUMENT_ROOT'];
include_once $path.'/connect_db.php';
include "accesscontrol.php";
/// variable initialisations
$adid=$_GET['adid'];
$pid=$_GET['pid'];
$pname=$_GET['pname'];
$del=$_GET['del'];
// check if advert beleongs to members
if(advert_check($adid,$memberid)===false){header('Location: index.html');exit();}
$pagename='edit_4.html';
// css for menu
$styleManage = 'color:#ff6131;background-color:#fff;border-top:1px solid #c9c9c9;font-weight:bold;';
/////// finish
if(isset($_POST['finish'])){
$success=TRUE;
header('Location: index.html');
}
/////// delete image
if (!empty($del)&&$del=='yes') {
$filename = preg_replace('#([0-9]+)_#',$adid.'_', $pname);
$file = 'uploads/'.$pid.'/'.$filename; // name and directory of file
@unlink($file); // deleting file
$q6 = "UPDATE ads SET photo_{$pid}='0' WHERE photo_{$pid}='{$filename}' AND memberid='{$memberid}' AND adid='{$adid}'";
$r6 = $connect->query($q6) or die($connect->error);
}
// uploading image
if(isset($_POST['submit'])){
$photo_num=$_POST['pic'];
$fieldname = 'image_upload_box';
$width = 600;
$image_temp = $_FILES[$fieldname]["tmp_name"];
list($image_width, $image_height) = getimagesize($image_temp); // upload dimensions
$allowed_ext = array('jpeg','jpg','png','gif');
$image_ext = strtolower(end(explode('.', $_FILES[$fieldname]['name'])));
$errors=array();
// IMAGE UPLOAD -- file needs to be jpg,gif,bmp,x-png and 4 MB max
if($image_width<$width){$errors[]='<div class="error_list">- Your image dimensions must be greater than 600 pixels.</div>';}
if($image_width>4000||$image_height>4000){$errors[]='<div class="error_list">- Your image dimensions must be less than 4000 pixels in width and height.</div>';}
if($_FILES[$fieldname]["size"] > 10485760){$errors[]='<div class="error_list">- Image file size must be less than 10 MB.</div>';}
if (in_array($image_ext, $allowed_ext) === false) {$errors[] = '<div class="error_list">- Your photo must be either a JPG, PNG or GIF file format. Other file types are not allowed.</div>';}
if(empty($errors)){
include "img_upload.class.php";
$destination = 'uploads/'.$photo_num.'/';
$image_file = $adid.'_'.$photo_num.'.'.$image_ext;
$time=time();
$image = new UploadImage();
$image->load($image_temp);
$image->resizeToWidth($width);
$image->watermark('img/watermark.png');
$image->save($destination.$image_file);
if($_POST['pic_logo']=='1'){
$image->resizeToWidthMaxHeight(300,150);
$image->save('uploads/logo/'.$adid.'.'.$image_ext);
$db_pic_photo=", image='".$adid.".".$image_ext."'";
}
$query = "UPDATE ads SET photo_{$photo_num}='{$image_file}',`last_update`= '$time' WHERE adid ='{$adid}' AND memberid='{$memberid}'";
$result = $connect->query($query) or die($connect->error); // run query
}else{
$errors_found = TRUE;
}
}
/////// FETCHING PHOTOS
$query = $connect->query("SELECT * FROM ads WHERE memberid = '$memberid' and adid = '$adid'");
$row = $query->fetch_array();
$photos=array(1 =>$row['photo_1'],$row['photo_2'],$row['photo_3'],$row['photo_4']);
$pic1=$photos['1'];
$pic2=$photos['2'];
$pic3=$photos['3'];
$pic4=$photos['4'];
// checking fields are blank
if($pic1=='0'||$pic1==''){
$pic_content.= '<input type="hidden" name="pic" value="1"><input type="hidden" name="pic_logo" value="1">';
}elseif($pic2=='0'||$pic2==''){
$pic_content.= '<input type="hidden" name="pic" value="2">';
}elseif($pic3=='0'||$pic3==''){
$pic_content.= '<input type="hidden" name="pic" value="3">';
}elseif($pic4=='0'||$pic4==''){
$pic_content.= '<input type="hidden" name="pic" value="4">';
}
// photo contents
$total_rows=0;
$i = -1;
$pic_content.= '<table width="100%">';
foreach($photos as $photo_key=>$photo){
if($photo!=''&&$photo!='0'){
$i++;
if($i/4 == intval($i/4)){
$pic_content.= '<tr>';
}
$pic_content.= '<td valign="bottom">
<a target="_blank" href="uploads/'.$photo_key.'/'.$photo.'"><img border="0" width="100" src="uploads/'.$photo_key.'/'.$photo.'"></a><br>
<div style="text-align:left;margin-right:20px;">
Photo ID: '.$photo.'<br>
<a style="color:red" href="'.$pagename.'?del=yes&pid='.$photo_key.'&pname='.$photo.'&adid='.$row['adid'].'">Delete</a>
</div></td>';
if(($i+1)/4 == intval(($i+1)/4)){
$pic_content.= '<tr>';
}
$total_rows++;
}
}
$pic_content.= '</table>';
// CHECKING if photo limit reached
$photo_limit=4;
if($total_rows==$photo_limit){$limit=TRUE;}
?>
<!DOCTYPE html>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>YellowLeaf UK</title>
<link href="style.css" rel="stylesheet" type="text/css">
<style>
.button {border:0;outline:none;text-shadow: 0 1px 0 rgba(0, 0, 0, 0.25);white-space: nowrap;cursor: pointer;display: inline-block;background-repeat: no-repeat;padding:8px 14px;margin:0;position: relative;text-decoration: none;zoom: 1; *display: inline; }
.button:active{-moz-box-shadow: inset 0px 2px 3px 1px rgba(0,0, 0, 0.25);-webkit-box-shadow: inset 0px 2px 3px 1px rgba(0, 0, 0, 0.25);box-shadow: inset 0px 2px 3px 1px rgba(0, 0, 0, 0.25);}
.button.blue{color:white;font-weight:bold;background: #23a6ff;background: -moz-linear-gradient(top, #23a6ff 0%, #0085d7 100%);background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#23a6ff), color-stop(100%,#0085d7));background: -webkit-linear-gradient(top, #23a6ff 0%,#0085d7 100%);background: -o-linear-gradient(top, #23a6ff 0%,#0085d7 100%);background: -ms-linear-gradient(top, #23a6ff 0%,#0085d7 100%);background: linear-gradient(to bottom, #23a6ff 0%,#0085d7 100%);filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#23a6ff', endColorstr='#0085d7',GradientType=0 );}
.button.blue:hover{background: #3d98ec;background: -moz-linear-gradient(top, #3d98ec 0%, #1e79c9 100%);background: -webkit-gradient(linear, left top, left bottom, color-stop(0%,#3d98ec), color-stop(100%,#1e79c9));background: -webkit-linear-gradient(top, #3d98ec 0%,#1e79c9 100%);background: -o-linear-gradient(top, #3d98ec 0%,#1e79c9 100%);background: -ms-linear-gradient(top, #3d98ec 0%,#1e79c9 100%);background: linear-gradient(to bottom, #3d98ec 0%,#1e79c9 100%);filter: progid:DXImageTransform.Microsoft.gradient( startColorstr='#3d98ec', endColorstr='#1e79c9',GradientType=0 );}
</style>
</head>
<body>
<? include 'header.php'; ?>
<table class="tbwdth">
<tr>
<td valign="top" style="width:210px;">
<? include 'member_menu.php'; ?>
</td>
<td valign="top" class="cnGrad">
<div class="cnHead">Manage Advert</div>
<div style="position:relative;margin-bottom:70px">
<hr class="stpBar" noshade size="1" color="#cccccc">
<a href="edit_1.html?adid=<?=$adid?>"><img border="0" class="nav step1 pos1" src="/img/img_trans.gif" width="1" height="1" /></a>
<a href="edit_2.html?adid=<?=$adid?>"><img border="0" class="nav step2 pos2" src="/img/img_trans.gif" width="1" height="1" /></a>
<a href="edit_3.html?adid=<?=$adid?>"><img border="0" class="nav step3 pos3" src="/img/img_trans.gif" width="1" height="1" /></a>
<img class="nav sel4 pos4" src="/img/img_trans.gif" width="1" height="1" />
</div>
<?if($success==TRUE){?>
<div class="successDvBx">
Update Successful. Your details have been saved. <br><a href="index.html">Click here to go back to Manage Advert ></a>
</div>
<?}?>
<?if($limit==TRUE){?>
<div class="limitDvBx">You have reached your picture upload limit! You cannot upload any more pictures.</div>
<?}?>
<?if($errors_found==TRUE){
echo '<div class="errorDvBx"><b>ERROR:</b><br>';
foreach($errors as $error){
echo $error;
}
echo '</div>';
}?>
<form name="PostAdForm" action="<?=$pagename?>?adid=<?=$adid?>" method="POST" enctype="multipart/form-data" onsubmit="return CheckPostAd();" autocomplete="off">
<table width="100%" border="0" cellspacing="0" cellpadding="5">
<tr>
<td colspan="2" align="left">
<?=$pic_content?>
</td>
</tr>
<tr>
<td valign="top" colspan="2">
<hr style="background-color: rgb(204, 204, 204);" width="100%" size="1" noshade="noshade" color="#cccccc">
</td>
</tr>
<tr>
<td align="left" valign="top" class="cnTitle" style="padding:10px 25px">
Photo Upload (optional):<br>
<div class="cnTitleDesc">You can upto 4 pictures of your business.</div>
<?
if($total_rows==$photo_limit){
echo '<span style="color:red;">You cannot upload more than 4 photos.</span>';
}else{
?>
<input name="adid" type="hidden" value="<?=$adid?>" /><br>
<input name="image_upload_box" type="file" class="nostyle" id="image_upload_box" size="40" />
<?}?>
</td>
</tr>
<tr>
<td valign="top" colspan="2">
<hr style="background-color: rgb(204, 204, 204);" width="100%" size="1" noshade="noshade" color="#cccccc">
</td>
</tr>
<tr>
<td align="center" colspan="2">
</td>
</tr>
</table>
<div style="font-size:10pt;color:#555;margin-top:10px;"><b>Note: Please make sure you have fully uploaded your images before completing your advert.</b></div>
<input class="button blue curv3" style="padding:7px 15px;float:none;margin-right:10px;" type="submit" name="submit" value="Upload Image >" /> <b>OR</b>
<input class="button blue curv3" style="border:0px;float:none;margin-top:10px;margin-left:10px;" type="submit" value="Finish Your Advert >" name="finish">
</form>
</td>
</tr>
</table>
<? include 'footer.php'; ?>
</body>
</html>