PHP discuz chhome picture upload swfupload function
This upload and discuz to compare, still far from the difference. function is also deficient.
In addition to some of the built-in URL leads, we can not change, the other data are modifiable.
<?php
/*
[Ucenter Home] (C) 2007-2008 Comsenz Inc.
$Id: do_swfupload.php 12830 2009-07-22 06:42:32z Zhengqingpeng $
*/
if (!defined (' In_uchome ')) {//Entry card.
Exit (' Access Denied ');
}
Include_once (s_root. ") /source/function_cp.php ');
$op = Empty ($_get[' op '])? ': $_get[' op ']; Uchome a preferred method variable.
$isupload = Empty ($_get[' cam ']) && empty ($_get[' doodle '))? True:false; Whether to upload. There is also the possibility of Avatar upload.
$iscamera = isset ($_get[' cam '])? True:false; To judge is Avatar upload.
$isdoodle = isset ($_get[' doodle '))? True:false; Judge whether the background is random.
$fileurl = '; The default assignment.
if (!empty ($_post[' uid ')) {//If the UID is passed, it means that the UID value is obtained when the Avatar is uploaded.
$_sglobal[' supe_uid '] = intval ($_post[' uid ')); Forced conversion.
if (Empty ($_sglobal[' Supe_uid ')) | | $_post[' HASH ']!= MD5 ($_sglobal[' Supe_uid '). Uc_key)) {/Since the UID value is passed, if the user does not login, and the hash code does not correspond, on the interruption.
Exit ();
}
} elseif (Empty ($_sglobal[' Supe_uid ')) {//otherwise, if not logged in, prohibit the use of the upload function.
ShowMessage (' To_login ', ' do.php?ac= '. $_sconfig[' login_action ']);
}
if ($op = = "Finish") {//At the end of the upload.
/* It will pass in the following get
Array (
' AC ' => ' swfupload ',
' Op ' => ' Finish ',
' albumID ' => ' 2 ',
)*/
$albumid = intval ($_get[' albumID ')); Gets the category ID.
$space = Getspace ($_sglobal[' supe_uid ')); Update User section Records, compare picture totals, capacity calculations.
if (ckprivacy (' upload ', 1)) {//Judge if a push has been written.
Include_once (s_root. ") /source/function_feed.php ');
Feed_publish ($albumid, ' albumid '); Otherwise, write it once more.
}
Forcibly interrupted.
Exit ();
} elseif ($op = = ' config ') {//swf uploaded configuration.
/* To pass through the crawl gain:
Array (
' AC ' => ' swfupload ',
' op ' => ' config ',
)
*/
$hash = MD5 ($_sglobal[' Supe_uid '). Uc_key); Generates a hash code.
if ($isupload &&!checkperm (' allowupload ')) {//is uploaded picture and has sufficient permissions. For configuration, $isupload is always false.
$hash = ';
} else {
$filearr = $dirstr = Array (); Initializes an array. File array/and directory data.
if ($iscamera) {//Enter Avatar upload work.
/*
Depending on the crawl, get data is as follows:
Array (
' AC ' => ' swfupload ',
' op ' => ' config ',
' Cam ' => ' 1 ',
)
*/
$directory = Sreaddir (s_root. ') /image/foreground '); A catalogue with a large sticker background. Sreaddir reads the directory data inside.
foreach ($directory as $key => $value) {//each background is a separate directory, so loop it.
$dirstr = S_root. '. /image/foreground/'. $value; Synthesize a new path.
if (Is_dir ($DIRSTR)) {//Determine if it is a directory.
$filearr = Sreaddir ($dirstr, array (' jpg ', ' jpeg ', ' gif ', ' png ')); Read the picture file inside the directory.
if (!empty ($filearr)) {//If the picture array is not empty.
if (Is_file ($dirstr. ') /categories.txt ')) {//if Categories.txt file exists.
$catfile = @file ($dirstr. ' /categories.txt '); Open this file.
$dirarr [$key][0] = Trim ($catfile [0]); Read the files inside. Of course, it is a meaningless method, the contents of which are the same as the directory name.
else {//If TXT file does not exist, get directory name.
$dirarr [$key][0] = Trim ($value); Accurate get the value, trim more use.
}
$dirarr [$key][1] = Trim (' image/foreground/'. $value. ') /'); Set pointer 1 to the background directory for the current bulk sticker.
$dirarr [$key][2] = $filearr; Set pointer 2 to the picture in the background of the current bulk sticker.
}
}
}
ElseIf ($isdoodle) {//If the avatar is a random background, read the picture file in/image/doodle/big.
$filearr = Sreaddir (s_root. ') /image/doodle/big ', array (' jpg ', ' jpeg ', ' gif ', ' png '));
}
}
Then went to the picture upload configuration work.
$max = @ini_get (upload_max_filesize); Get php.ini maximum upload value.
$unit = Strtolower (substr ($max,-1, 1)); $max have KB at the end of the word, to intercept it and turn it into lowercase.
The following is a conversion for different computing units.
if ($unit = = ' k ') {
$max = Intval ($max) *1024; It looks like it's all turned into byt byte units. KB X 1024 = how many bytes.
} elseif ($unit = = ' m ') {
$max = Intval ($max) *1024*1024; MB x 1024 x 1024 = how many bytes.
} elseif ($unit = = ' G ') {
$max = Intval ($max) *1024*1024*1024; GB x 1024 x 1024 x 1024 = how many bytes.
}
Gets the array of categories that the user has created.
$albums = getalbums ($_sglobal[' supe_uid '));
} elseif ($op = = "Screen" | | | $op = = "Doodle") {//screen does not understand when to come out | | Random large sticker background, because there is no camera, this inside skip.
if (Empty ($GLOBALS [' Http_raw_post_data '])) {
$GLOBALS [' http_raw_post_data '] = file_get_contents ("Php://input");
}
$status = "Failure";
$dosave = true;
if ($op = = "Doodle") {
$query = $_sglobal[' db ']->query (' SELECT * from '. Tname (' Usermagic '). " WHERE uid = ' $_sglobal[supe_uid] ' and mid = ' doodle ');
$value = $_sglobal[' db ']->fetch_array ($query);
if (Empty ($value) | | | $value [' count '] < 1) {//ûͿѻ
$uploadfiles =-8;
$dosave = false;
}
}
if ($dosave &&!empty ($GLOBALS [' Http_raw_post_data '])) {
$_server[' http_albumid '] = addslashes (Siconv (UrlDecode ($_server[' Http_albumid ')), $_sc[' CharSet '], "UTF-8"));
$from = false;
if ($op = = ' Screen ') {
$from = ' camera ';
} elseif ($_get[' from '] = = ' album ') {
$from = ' uploadimage ';
}
$_sconfig[' allowwatermark '] = 0;
$uploadfiles = Stream_save ($GLOBALS [' Http_raw_post_data '], $_server[' http_albumid '], ' jpg ', ', ', ', ', 0, $from);
}
$uploadResponse = true;
$picid = $proid = $albumid = 0;
if ($uploadfiles && Is_array ($uploadfiles)) {
$status = "Success";
$albumid = $uploadfiles [' albumID '];
$picid = $uploadfiles [' Picid '];
if ($op = = "Doodle") {
$fileurl = Pic_get ($uploadfiles [' filepath '], $uploadfiles [' thumb '], $uploadfiles [' remote '], 0);
Include_once (s_root. ") /source/function_magic.php ');
Magic_use (' Doodle ', Array (), 1);
}
} else {
Switch ($uploadfiles) {
Case-1:
$uploadfiles = Cplang (' Inadequate_capacity_space ');
Break
Case-2:
$uploadfiles = Cplang (' only_allows_upload_file_types ');
Break
Case-4:
$uploadfiles = Cplang (' ftp_upload_file_size ');
Break
Case-8:
$uploadfiles = Cplang (' Has_not_more_doodle ');
Break
Default
$uploadfiles = Cplang (' mobile_picture_temporary_failure ');
Break
}
}
ElseIf ($_files && $_post) {//Picture upload,
/* According to the crawl, the POST get data value is:
POST = Array (
' Filename ' => ' mjp45+r3001.jpg ',
' Proid ' => ' 1 ',
' albumID ' => ' 2 ',
' UID ' => ' 1 ',
' title ' => ' mjp45+r3001 ',
' Hash ' => ' 11ed07fe235ca5b9e509043e85419785 ',
' Upload ' => ' Submit Query ',
)
Get = Array (
' AC ' => ' swfupload ',
)
*/
if ($_files["Filedata"] [' ERROR ']) {//If there is an upload error
$uploadfiles = Cplang (' File_is_too_big '); The prompt file is too large.
} else {
There are also escapes, given the coding and case problems. Gets the file name of the upload.
$_files["Filedata" [' name '] = addslashes (Siconv (UrlDecode ($_files["Filedata"] [' name ']), $_sc[' CharSet '], "UTF-8") ;
There are also escapes, given the coding and case problems. Gets the upload category ID.
$_post[' albumid '] = addslashes (Siconv (UrlDecode ($_post[' albumID ')), $_sc[' CharSet '], "UTF-8"));
There are also escapes, given the coding and case problems. Get the upload file after a detailed path.
$uploadfiles = Pic_save ($_files["Filedata"], $_post[' albumID ', Addslashes (Siconv (urldecode ' title '), $_post[ ' CharSet '], "UTF-8"));
}
According to my analysis, the following content in the picture upload is useless, do not know whether the Avatar upload will be used.
$proid = $_post[' proid '];
$uploadResponse = true;
$albumid = 0;
Judge the upload file, and upload the file array.
if ($uploadfiles && Is_array ($uploadfiles)) {
$status = "Success"; Upload Complete
$albumid = $uploadfiles [' albumID ']; The category ID of the upload
} else {
$status = "Failure"; This is the upload failed.
}
I added it myself, and I'm guessing uchome will appreciate it too.
Exit ();
}
Time
$newalbumname = sgmdate (' Ymd ');
Introducing Templates
Include template ("Do_swfupload");
Output XML, SWF configuration required.
$outxml = "<?xml version=" 1.0 "encoding=" UTF-8 ">n";
$outxml. = Siconv (Ob_get_contents (), ' UTF-8 ');
Obclean ();
@header ("Expires:-1");
@header ("Cache-control:no-store, Private, post-check=0, Pre-check=0, max-age=0", FALSE);
@header ("Pragma:no-cache");
@header ("Content-type:application/xml; Charset=utf-8 ");
Echo $outxml;
What does the configuration file specifically export? Please visit this web site.
Http://u.discuz.net/home/do.php?ac=swfupload&op=config
?>