Require some help with a mod/plugin Require some help with a mod/plugin
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Require some help with a mod/plugin

Started by just_some_guy, September 29, 2007, 04:56:28 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

just_some_guy

Hey,

Part of this mod/plugin requires changethumb.php to deal with a file which will be moved to the users directory and renamed to thumb_FILE (as usall) but also requires the file to be unchanged and moved to the same directory. ie the file is left as FILE.jpg and left at the original size.

So far, i have edited changethumb.php to use the variable that is defined when the upload is submited which is then inserted into the
pictures table:


$result = cpg_db_query("INSERT INTO 'cpg_1411_pictures' (large_image) VALUES ('$filepath_large')");


the original variable needs to be changed to:

$filepath_large=$CURRENT_PIC['filepath'];

Assuming that the uploaded file is stored in variable $CURRENT_PIC['filepath']

However, i need some help on moving the file twice. As far as i can see the script re-sizes and re-names the file before moving it.

Can someone tell me how to move the file twice, with 1 version not being re-named and re-sized?

Thanks!  ;D ;D
Tambien, Hablo Español      PHP - Achieve Anything
"The Internet is becoming the town square for the global village of tomorrow. " - Bill Gates
Windows 7 Forums

just_some_guy

unless i used copy()... would this work?

defined it:

$img_path_large=$CURRENT_PIC['filename'];

copy ("$CURRENT_PIC['filename']", "$CURRENT_PIC['filename']") or die ("Could not copy file");
}
Tambien, Hablo Español      PHP - Achieve Anything
"The Internet is becoming the town square for the global village of tomorrow. " - Bill Gates
Windows 7 Forums

just_some_guy

Sorry, just realised that $CURRENT_PIC['filename'] is the wrong thing, this is the file name of the file you are changing thumbnail for.

What variable is the upload stored as?
Tambien, Hablo Español      PHP - Achieve Anything
"The Internet is becoming the town square for the global village of tomorrow. " - Bill Gates
Windows 7 Forums

just_some_guy

forget that i think i have worked out how to do it.
Tambien, Hablo Español      PHP - Achieve Anything
"The Internet is becoming the town square for the global village of tomorrow. " - Bill Gates
Windows 7 Forums

just_some_guy

On changeThumb.php where would be a suitable place to paste:


{
      move_uploaded_file($_FILES["file"]["tmp_name"],
      cpg1412/uploads" . $_FILES["file"]["name"]);
     
      }


Here is changethumb.php:

<?php
define
('IN_COPPERMINE'true);
define('CHANGETHUMB_PHP'true);
define('UPLOAD_PHP'true);
define('DB_INPUT_PHP'true);
require(
'include/init.inc.php');
require(
'include/picmgmt.inc.php');

if (!
USER_ID || !$CONFIG['enable_custom_thumbs'] ) cpg_die(ERROR$lang_errors['access_denied'], __FILE____LINE__);//not logged in
(isset($_REQUEST['id'])) ? $pid = (int)$_REQUEST['id'] : $pid = -1//valid id?

//fetching all the pic data
$result cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_ALBUMS']} AS a WHERE a.aid = p.aid AND pid = '$pid'");
$CURRENT_PIC mysql_fetch_array($result);
mysql_free_result($result);
//user allowed to edit the pic??

if (!(GALLERY_ADMIN_MODE || ($CURRENT_PIC['category'] == FIRST_USER_CAT USER_ID && $CONFIG['users_can_edit_pics']) || ($CONFIG['users_can_edit_pics'] && $CURRENT_PIC['owner_id'] == USER_ID)) || !USER_IDcpg_die(ERROR$lang_errors['access_denied'], __FILE____LINE__);

$img_path=$CONFIG['fullpath'].$CURRENT_PIC['filepath'].$CURRENT_PIC['filename'];
$mime_content_image cpg_get_type($img_path);

$event = isset($_REQUEST['event']) ? $_REQUEST['event'] : null;
switch (
$event) {

    case 
'picture':
        if (!
USER_CAN_UPLOAD_PICTUREScpg_die(ERROR$lang_errors['perm_denied'], __FILE____LINE__);
        
// Test if the filename of the temporary uploaded picture is empty
        
if ($_FILES['userpicture']['tmp_name'] == ''cpg_die(ERROR$lang_db_input_php['no_pic_uploaded'], __FILE____LINE__);
//check filetype, don't accept images
$mime_content cpg_get_type($_FILES['userpicture']['name']);
if ($mime_content['content'] != 'image' cpg_die(ERROR"Error, please upload an image, this is "$mime_content['content'], __FILE____LINE__);
//filpath
            
$filepath $CURRENT_PIC['filepath'];
            
$dest_dir $CONFIG['fullpath'] . $CURRENT_PIC['filepath'];

        if (!
is_writable($dest_dir)) cpg_die(CRITICAL_ERRORsprintf($lang_db_input_php['dest_dir_ro'], $dest_dir), __FILE____LINE__true);

        
$matches = array();
        
$forbidden_chars strtr($CONFIG['forbiden_fname_char'], array('&amp;' => '&''&quot;' => '"''&lt;' => '<''&gt;' => '>'));
        
// Check that the file uploaded has a valid extension
        
if (get_magic_quotes_gpc()) $_FILES['userpicture']['name'] = stripslashes($_FILES['userpicture']['name']);
        
$picture_name strtr($_FILES['userpicture']['name'], $forbidden_charsstr_repeat('_'strlen($CONFIG['forbiden_fname_char'])));
        if (!
preg_match("/(.+)\.(.*?)\Z/"$picture_name$matches)) {
            
$matches[1] = 'invalid_fname';
            
$matches[2] = 'xxx';
        }

        if (
$matches[2] == '' || !is_known_filetype($matches)) {
            
cpg_die(ERRORsprintf($lang_db_input_php['err_invalid_fext'], $CONFIG['allowed_file_extensions']), __FILE____LINE__);
        }

        
// Create a unique name for the uploaded file

        
$nr 0;
        
$picture_name $matches[1] . '.' $matches[2];
$thumb_name $CURRENT_PIC['filename'];

        if (!
preg_match("/(.+)\.(.*?)\Z/"$thumb_name$tmatches)) {
            
$tmatches[1] = 'invalid_fname';
            
$tmatches[2] = 'xxx';
        }
        if (
$tmatches[2] == '' || !is_known_filetype($tmatches)) {
            
cpg_die(ERRORsprintf($lang_db_input_php['err_invalid_fext'], $CONFIG['allowed_file_extensions']), __FILE____LINE__);
        }
        
$thumb_name $CONFIG['thumb_pfx'].$tmatches[1].".".$matches[2];
        
$mini_name $CONFIG['mini_pfx'].$tmatches[1].".".$matches[2];

        while (
file_exists($dest_dir $picture_name)) {
            
$picture_name $matches[1] . '~' $nr++ . '.' $matches[2];
        }
        
$uploaded_pic $dest_dir $picture_name;
        
// Move the picture into its final location
        
if (!move_uploaded_file($_FILES['userpicture']['tmp_name'], $uploaded_pic))
            
cpg_die(CRITICAL_ERRORsprintf($lang_db_input_php['err_move'], $picture_name$dest_dir), __FILE____LINE__true);
        
// Change file permission
        
chmod($uploaded_picoctdec($CONFIG['default_file_mode']));
        
// Get picture information


        // Check that picture file size is lower than the maximum allowed
        
if (filesize($uploaded_pic) > ($CONFIG['max_upl_size'] << 10)) {
            @
unlink($uploaded_pic);
            
cpg_die(ERRORsprintf($lang_db_input_php['err_imgsize_too_large'], $CONFIG['max_upl_size']), __FILE____LINE__);
        } elseif (
is_image($picture_name)) {
            
$imginfo getimagesize($uploaded_pic);
            
// getimagesize does not recognize the file as a picture
            
if ($imginfo == null) {
                @
unlink($uploaded_pic);
                
cpg_die(ERROR$lang_db_input_php['err_invalid_img'], __FILE____LINE__true);
            
// JPEG and PNG only are allowed with GD
            
} elseif ($imginfo[2] != GIS_JPG && $imginfo[2] != GIS_PNG && $imginfo[2] != GIS_GIF && ($CONFIG['thumb_method'] == 'gd1' || $CONFIG['thumb_method'] == 'gd2')) {
                @
unlink($uploaded_pic);
                
cpg_die(ERROR$lang_errors['gd_file_type_err'], __FILE____LINE__true);
            } elseif (
max($imginfo[0], $imginfo[1]) > $CONFIG['max_upl_width_height']) {
                @
unlink($uploaded_pic);
                
cpg_die(ERRORsprintf($lang_db_input_php['err_fsize_too_large'], $CONFIG['max_upl_width_height'], $CONFIG['max_upl_width_height']), __FILE____LINE__);
            } 
// Image is ok
        
}

    
$work_image $CONFIG['fullpath'] . $filepath $picture_name;
$thumb $CONFIG['fullpath'] . $filepath $thumb_name;
$mini $CONFIG['fullpath'] . $filepath $mini_name;
delfile($CONFIG['fullpath'] . $filepath,$CURRENT_PIC['filename']);
if ($CONFIG['enable_mini_thumbs']) 
{
            
if (!resize_image($work_image$mini$CONFIG['mini_thumb_width'], $CONFIG['thumb_method'], "mini""false"1))
                
{
      @unlink($uploaded_pic);
             cpg_die(CRITICAL_ERRORsprintf($lang_db_input_php['err_insert_pic'], $mini) . '<br /><br />' $ERROR__FILE____LINE__true);
}

            if (!
resize_image($work_image$thumb$CONFIG['thumb_width'], $CONFIG['thumb_method'], $CONFIG['thumb_use'], "false"1$mime_content_image['content']))
{
      @unlink($uploaded_pic);
            
cpg_die(CRITICAL_ERRORsprintf($lang_db_input_php['err_insert_pic'], $thumb) . '<br /><br />' $ERROR__FILE____LINE__true);
        

else 
{
@unlink($uploaded_pic);
break;
            $header_location = (@preg_match('/Microsoft|WebSTAR|Xitami/'getenv('SERVER_SOFTWARE'))) ? 'Refresh: 0; URL=' 'Location: ';
            $redirect "changeThumb.php?id=".$CURRENT_PIC['pid'];
            header($header_location $redirect);
            pageheader($lang_info"<META http-equiv=\"refresh\" content=\"1;url=$redirect\">");
            msg_box($lang_info$lang_db_input_php['upl_success'], $lang_continue$redirect);
            pagefooter();
            ob_end_flush();
            exit;
        
}
break;

case "delete_thumb":
if (isset($_POST['all_thumb'])) { //confirm checkbox clicked??
$path $CONFIG['fullpath'] . $CURRENT_PIC['filepath'];
$file $CURRENT_PIC['filename'];
delfile($path,$file);
}
}





pageheader($lang_editpics_php['edit_pics']);

if (
$mime_content_image['content'] != 'image' )
{
$thumb_url get_pic_url($CURRENT_PIC'thumb');

(
is_image($thumb_url)) ? $thumb_image "<img src=\"".$thumb_url."\" class=\"image\">" $thumb_image ""

$thumb_link 'displayimage.php?pos='.(-$CURRENT_PIC['pid']);
$filename htmlspecialchars($CURRENT_PIC['filename']);


echo <<<EOT

<script type="text/javascript">
function change() {
   opener.document.getElementById('div_main
$pid').innerHTML = "<br><br><a href=\"javascript:void()\" onClick=\"window.location.reload()\">click to reload</a>";
}
</script>

<form action="changeThumb.php" method="post">


<table class="maintable" cellpadding="6" cellspacing="1" border="0" width="100%" align="center">
<tr>
<td class="tableh1" colspan="2" style="padding: 6px 0 6px 6px"><strong>
$lang_cThumb[stats]</strong></td>
</tr>
<tr>
<td class="panelsurround" align="center">
<span style="float: left">
$lang_cThumb[title] $filename!</span><br /><br />
<div class="panel">
<div style="width:480px" align="left">

<fieldset class="fieldset">
<legend>
$thumb_image</legend>
<table cellpadding="0" cellspacing="3" border="0">
<tr>
<td>
$lang_cThumb[remove]</td>
</tr>
<tr>
<td><label for="deletethumb"><input type="checkbox" name="all_thumb" id="all_thumb" value="true" />
$lang_cThumb[remove_thumb]</label></td>
</tr>
</table>
</fieldset>

</div>
</div>

<div style="margin-top:6px">
<input type="hidden" name="id" value="
$CURRENT_PIC[pid]" />
<input type="hidden" name="event" value="delete_thumb" />
<input type="submit" class="button" value="
$lang_cThumb[remove_thumb]" accesskey="s"  onClick="change()"/>
</div>
</td>
</tr>
</table>

</form>

<table class="maintable graybox" cellpadding="0" cellspacing="1" border="0" width="100%" align="center">
EOT;
create_thumb_upload ();
echo <<<EOT
</table>
EOT;

endtable();
}
else 
// it'S a image and we do not change thumbs for images
{
echo <<<EOT
<table class="maintable" cellpadding="6" cellspacing="1" border="0" width="100%" align="center">
<tr>
<td class="tableh1" colspan="2" style="padding: 6px 0 6px 6px"><strong>
$lang_cThumb[error]</strong></td>
</tr>
<tr>
<td class="panelsurround" align="center">
<div class="panel">
<div style="width:480px" align="left">

<fieldset class="fieldset">
<legend></legend>
<table cellpadding="0" cellspacing="3" border="0">
<tr>
<td>
$lang_cThumb[no_images]</td>
</tr>
</table>
</fieldset>

</div>
</div>

</td>
</tr>
</table>
EOT;
}

pagefooter();
ob_end_flush();


function 
clean_table() {
    global 
$CONFIG;
    
$comparative_timestamp time() - 3600;
    
$result mysql_query("DELETE FROM {$CONFIG['TABLE_TEMPDATA']} WHERE timestamp < $comparative_timestamp");
    if (
$result) {
        return 
TRUE;
    } else {
        return 
FALSE;
    }
}


function 
hidden_input($name$value) {
        echo 
"        <input type=\"hidden\" name=\"$name\" value=\"$value\">\n";
}


function 
file_input($text$name$iterations) {

    
$ordinal '';

    
// Begin loop
    
for ($counter=0$counter<$iterations$counter++) {

    
// Create a numbering system when necessary.
    
if ($text == '') {
        
$cardinal $counter 1;
        
$ordinal "".$cardinal.". ";
    }

    
// Create the file input box.
    
echo <<<EOT
        <tr>
            <td class="tableb">
                        
$text  $ordinal
        </td>
        <td class="tableb" valign="top">
                        <input type="file" name="
$name" size="40" class="listbox">
                </td>
        </tr>

EOT;
    }
}

function 
create_form(&$data) {
    global 
$CONFIG;
    foreach(
$data as $element) {
        if ((
is_array($element))) {
            switch (
$element[2]) {
                case 
:
                    
text_box_input($element[0], $element[1], $element[3], $element[4]);
                    break;
                case 
:
                    
file_input($element[0], $element[1], $element[3]);
                    break;
                case 
:
                    
form_alb_list_box($element[0], $element[1]);
                    break;
                case 
:
                    
text_area_input($element[0], $element[1], $element[3]);
                    break;
                case 
:
                    
hidden_input($element[0], $element[1]);
                    break;
                default:
                    
cpg_die(ERROR$lang_upload_php['reg_instr_1'], __FILE____LINE__);
            } 
// switch
        
} else {
            
form_label($element);
        }
    }
}

function 
form_label($text) {
    echo <<<EOT
        <tr>
                <td class="tableh2" colspan="2">
                        <b>
$text</b>
                </td>
        </tr>

EOT;
}

function 
open_form($path) {

    echo <<<EOT
    <script language="JavaScript">
    function textCounter(field, maxlimit) {
            if (field.value.length > maxlimit) // if too long...trim it!
            field.value = field.value.substring(0, maxlimit);
    }
    </script>
    <form method="post" action="
$path" ENCTYPE="multipart/form-data">
    </td>
EOT;
}


function 
close_form($button_value) {
global 
$lang_upload_php;
echo <<<EOT
        <tr>
                <td colspan="2" align="center" class="tablef">
                        <input type="submit" value="
{$button_value}" class="button" onClick="change()">
                </td>
                </form>
        </tr>

EOT;
}


function 
form_instructions() {

    global 
$CONFIG$lang_cThumb$max_file_size;

    echo 
"<tr><td colspan=2><br />";

    
printf ($lang_cThumb['instr'], $CONFIG['max_upl_size']);

    echo 
"</td></tr>";

}





function 
create_thumb_upload ()
{
global $lang_upload_php$CONFIG$max_file_size,$CURRENT_PIC;
    
// Do some cleanup in the edit directory.
    
spring_cleaning('./albums/edit',3600);

    
// Do some cleaning in the temp data table.
    
clean_table();

        
open_form($_SERVER['PHP_SELF']);
        
form_instructions();
 

        
// Declare an array containing the various upload form box definitions.
        
$captionLabel $lang_upload_php['description'];
        
$form_array = array(
        
sprintf($lang_upload_php['max_fsize'], $CONFIG['max_upl_size']),
        array(
'MAX_FILE_SIZE'$max_file_size4),
        array(
$lang_upload_php['picture'], 'userpicture'11),
        array(
'event''picture'4),
        array(
'id'$CURRENT_PIC['pid'], 4)
        );
 
     
create_form($form_array);
     
close_form($lang_upload_php['title']);
}

function 
delfile($path,$file

global $CONFIG;

 
$stringParts explode("."$file);
 
array_pop($stringParts);
$file $path.$CONFIG['thumb_pfx']. implode("."$stringParts);
unlink ($file.".jpg");
unlink ($file.".gif");
unlink ($file.".png");

?>




Tambien, Hablo Español      PHP - Achieve Anything
"The Internet is becoming the town square for the global village of tomorrow. " - Bill Gates
Windows 7 Forums

Joachim Müller

Quote from: just_some_guy on September 29, 2007, 04:56:28 PM
Part of this mod/plugin requires changethumb.php
Not a plugin. Per definition, a plugin uses Coppermine's plugin API.

just_some_guy

Well im now making this mod in upload.php, however i am having some trouble with adding the extra file input field needed. The key aspect of this file input is that its not part of the $form_array, it has a seperate move_uploaded_file etc. Whenever i paste the form with the rest of the fields it makes the "Continue" button non-funictional. When i use the CPG $form_array it will be uploaded with the rest of the files. This isint supposed to happen.

Any Ideas?

Thanks very much!
Tambien, Hablo Español      PHP - Achieve Anything
"The Internet is becoming the town square for the global village of tomorrow. " - Bill Gates
Windows 7 Forums

Joachim Müller

So you decided to turn your contribution into a mod instead of a plugin. If yes, please resolve the open threads on the plugins board that discuss your mod.

just_some_guy

It is a plugin in a respect, however it involves the uploading of a file then, you can use the plugin manager to installl the rest.
Tambien, Hablo Español      PHP - Achieve Anything
"The Internet is becoming the town square for the global village of tomorrow. " - Bill Gates
Windows 7 Forums