znam da izgleda glupo, kuzim ja sta mi grska govori i vec se par dana tlacim i nemogu otkrit zasto se to desava...
ovo je upload stranica
Code:
<?php
?>
<ul class="subnavigation">
<li><a href="?page=<?=$_query?>&action=<?=$_GET['action']?>&id=<?=$_GET['id']?>">< Povratak na foto galeriju</a></li>
</ul>
<form method="post" class="edit" enctype="multipart/form-data">
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<label for="file-input">Datoteka:</label>
<input id="file-input" type="file" name="photos[]" value="" />
</fieldset>
<fieldset>
<input type="hidden" name="page" value="<?=$_query?>" />
<input type="hidden" name="action" value="<?=$_GET['action']?>" />
<input type="hidden" name="action_2" value="add" />
<input type="hidden" name="id" value="<?=$_GET['id']?>" />
<input type="submit" name="submit" value="Dodaj fotografiju" />
</fieldset>
</form>
a ovo skripta:
Code:
<?php
// Brisanje objekta
// Todo: brisanje galerije
if ($_REQUEST['action'] == 'delete' && $_SERVER['REQUEST_METHOD'] == 'POST') {
$sql = "DELETE FROM `" . $__page['table'] . "` WHERE `id` = '" . (int)$_REQUEST['id'] . "'";
runInsertSQL($sql);
die();
}
if ($_REQUEST['action'] == 'gallery' && $_REQUEST['action_2'] == 'set_filename' && $_SERVER['REQUEST_METHOD'] == 'POST') {
$file = '..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/' . $_REQUEST['file'];
$new_file = '..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/' . $_REQUEST['filename'];
$_order_file = '..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/_order.txt';
if (! file_exists($new_file)) {
if (file_exists($_order_file)) {
$order = file($_order_file);
$order = implode("", $order);
$order = str_replace($_REQUEST['file'], $_REQUEST['filename'], $order);
$fp = fopen($_order_file, 'w+');
fwrite($fp, $order);
fclose($fp);
}
if (rename($file, $new_file)) {
echo '1';
} else {
echo '0';
}
} else {
echo '2';
}
die();
}
if ($_REQUEST['action'] == 'gallery' && $_SERVER['REQUEST_METHOD'] == 'POST') {
$types = array('image/jpeg', 'image/pjpg', 'image/pjpeg', 'image/jpg', 'image/png', 'image/gif');
/************************************************************************************************/
if ($_REQUEST['action_2'] == 'sort') {
$photos = getGallery('..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/');
$sorted_gallery = $_REQUEST['gallery'];
foreach($sorted_gallery as $key => $order) {
$a++;
$new_order .= $photos[$order]['filename'];
if ($a < count($sorted_gallery)) $new_order .= "\n";
}
if (! file_exists('..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/')) {
mkdir('..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/');
}
$fp = fopen('..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/_order.txt', 'w+');
fwrite($fp, $new_order);
fclose($fp);
echo '1';
die();
}
/************************************************************************************************/
if ($_REQUEST['action_2'] == 'set_params') {
if (! file_exists('..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/')) {
mkdir('..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/');
}
$text_file = '..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/' . $_REQUEST['file'] . '.txt';
$contents = $_REQUEST['render_engine'] . '<|>' . $_REQUEST['default'];
for ($i = 0; $i <= 4; $i++) {
if (isset($_REQUEST['image_type'][$i])) {
$contents .= '<|>1';
} else {
$contents .= '<|>0';
}
}
$fp = fopen($text_file, 'w+');
fwrite($fp, $contents);
fclose($fp);
echo '1';
die();
}
/************************************************************************************************/
if ($_REQUEST['action_2'] == 'set_title') {
if (! file_exists('..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/')) {
mkdir('..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/');
}
$text_file = '..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/' . $_REQUEST['file'] . '.txt';
$fp = fopen($text_file, 'w+');
fwrite($fp, $_REQUEST['title']);
fclose($fp);
echo '1';
die();
}
/************************************************************************************************/
if ($_REQUEST['action_2'] == 'delete_photo') {
$filename = '..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/' . $_REQUEST['file'];
if (file_exists($filename)) {
unlink($filename);
}
$filename = '..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/' . $_REQUEST['file'] . '.txt';
if (file_exists($filename)) {
unlink($filename);
}
$filename = '..' . $__page['gallery']['directory'] . $_REQUEST['id'] . '/_titles/_order.txt';
if (file_exists($filename)) {
$order = explode("\n", implode("", file($filename)));
if (is_array($order)) {
foreach($order as $key => $f) {
if ($f == $_REQUEST['file']) unset($order[$key]);
}
}
$fp = fopen($filename, 'w+');
fwrite($fp, implode("\n", $order));
fclose($fp);
}
die();
}
/************************************************************************************************/
if ($_REQUEST['action_2'] == 'crop') {
$filename = '..' . $__page['gallery']['directory'] . $_POST['id'] . '/' . $_POST['file'];
$new_filename = '..' . $__page['gallery']['directory'] . $_POST['id'] . '/' . $_POST['new_filename'];
if ((int)$_POST['x'] > 0 && (int)$_POST['y'] > 0) {
$info = getimagesize($filename);
if ($info['mime'] == 'image/jpeg' || $info['mime'] == 'image/jpg' || $info['mime'] == 'image/pjpeg') {
$source = imagecreatefromjpeg($filename);
} elseif ($info['mime'] == 'image/gif') {
$source = imagecreatefromgif($filename);
} elseif ($info['mime'] == 'image/png') {
$source = imagecreatefrompng($filename);
}
$image = imagecreatetruecolor($_POST['w'], $_POST['h']);
imagecopyresampled($image, $source, 0, 0, $_POST['x'], $_POST['y'], $_POST['w'], $_POST['h'], $_POST['w'], $_POST['h']);
imagejpeg($image, $new_filename, 100);
} else {
if ($_POST['new_filename'] != $_POST['file']) {
rename($filename, $new_filename);
}
}
header('Location: ?page=' . $_POST['page'] . '&action=' . $_POST['action'] . '&id=' . $_POST['id'] . '&edit&file=' . $_POST['new_filename']);
die();
}
/************************************************************************************************/
if ($_REQUEST['action_2'] == 'add') {
if (is_array($_FILES['photos'])) {
foreach($_FILES['photos']['name'] as $key => $photo) {
$info = getimagesize($_FILES['photos'][$key]['tmp_name']);
if ($_FILES['photos']['error'][$key] == 0 && in_array($_FILES['photos']['type'][$key], $types) && is_array($info) && in_array($info['mime'], $types)) {
} else {
$error = '';
}
if (! $error) {
// Ako ne postoji direktorij, kreiraj
if (! file_exists('..' . $__page['gallery']['directory'])) {
mkdir('..' . $__page['gallery']['directory']);
}
if (! file_exists('..' . $__page['gallery']['directory'] . $_POST['id'])) {
mkdir('..' . $__page['gallery']['directory'] . $_POST['id']);
}
// Filename za original
$filename = '..' . $__page['gallery']['directory'] . $_POST['id'] . '/' . $_FILES['photos']['name'][$key];
$basename = pathinfo($_FILES['photos']['name'][$key]);
while (file_exists($filename)) {
if (empty($basename['filename'])) $basename['filename'] = str_replace($basename['extension'], '', $basename['basename']);
$i++;
$filename = '..' . $__page['gallery']['directory'] . $_POST['id'] . '/' . $basename['filename'] . ' (' . $i . ').' . $basename['extension'];
}
// Kopiramo original
copy($_FILES['photos']['tmp_name'][$key], $filename);
}
}
header('Location: ?page=' . $_REQUEST['page'] . '&action=gallery&id=' . $_REQUEST['id']);
die();
} else {
$info = getimagesize($_FILES['photo']['tmp_name']);
if ($_FILES['photo']['error'] == 0 && in_array($_FILES['photo']['type'], $types) && is_array($info) && in_array($info['mime'], $types)) {
} else {
$error = '';
}
if (! $error) {
// Ako ne postoji direktorij, kreiraj
if (! file_exists('..' . $__page['gallery']['directory'])) {
mkdir('..' . $__page['gallery']['directory']);
}
if (! file_exists('..' . $__page['gallery']['directory'] . $_POST['id'])) {
mkdir('..' . $__page['gallery']['directory'] . $_POST['id']);
}
// Filename za original
$filename = '..' . $__page['gallery']['directory'] . $_POST['id'] . '/' . $_FILES['photo']['name'];
$basename = pathinfo($_FILES['photo']['name']);
while (file_exists($filename)) {
if (empty($basename['filename'])) $basename['filename'] = str_replace($basename['extension'], '', $basename['basename']);
$i++;
$filename = '..' . $__page['gallery']['directory'] . $_POST['id'] . '/' . $basename['filename'] . ' (' . $i . ').' . $basename['extension'];
}
// Kopiramo original
copy($_FILES['photo']['tmp_name'], $filename);
header('Location: ?page=' . $_REQUEST['page'] . '&action=gallery&id=' . $_REQUEST['id']);
die();
} else {
die('Došlo je do greške!');
}
}
}
/************************************************************************************************/
}
if ($_REQUEST['action'] == 'add' && $_SERVER['REQUEST_METHOD'] == 'POST') {
// Koliko je ukupno polja
foreach($__page['fields'] as $field_name => $field) {
if ($field['type'] != 'photo') {
$total_fields++;
}
}
// Koliko je unikatnih
$check_sql = "SELECT `id` FROM `" . $__page['table'] . "` WHERE `id` = 0 ";
foreach($__page['fields'] as $field_name => $field) {
if ($field['unique']) {
$check_sql .= " OR `" . $field_name . "` = '" . $_REQUEST[$field_name] . "'";
}
}
$object_exists = runSQL($check_sql);
if (is_array($object_exists)) {
$error = 'object_exists';
}
if (empty($error)) {
$insert_sql = "INSERT INTO `" . $__page['table'] . "` SET ";
foreach($__page['fields'] as $field_name => $field) {
$f++;
if ($field['type'] == 'text' || $field['type'] == 'textarea') {
$insert_sql .= " `" . $field_name . "` = '" . $_REQUEST[$field_name] . "' ";
} elseif ($field['type'] == 'number') {
$insert_sql .= " `" . $field_name . "` = '" . (int)$_REQUEST[$field_name] . "'";
} elseif ($field['type'] == 'date') {
$insert_sql .= " `" . $field_name . "` = '" . $_REQUEST[$field_name] . "'";
} elseif ($field['type'] == 'select_relation') {
$insert_sql .= " `" . $field_name . "` = '" . $_REQUEST[$field_name] . "'";
} elseif ($field['type'] == 'checkbox') {
$insert_sql .= " `" . $field_name . "` = '" . ($_REQUEST[$field_name]=='on') . "'";
}
if ($f < $total_fields) $insert_sql .= ', ';
}
runInsertSQL($insert_sql);
header('Location: ?page=' . $_REQUEST['page']);
die();
}
}
if ($_REQUEST['action'] == 'edit' && $_SERVER['REQUEST_METHOD'] == 'POST') {
// Koliko je ukupno polja
foreach($__page['fields'] as $field_name => $field) {
if ($field['type'] != 'photo' && $field['type'] != 'image') {
$total_fields++;
}
}
// Koliko je unikatnih
$check_sql = "SELECT `id` FROM `" . $__page['table'] . "` WHERE (`id` = 0 ";
foreach($__page['fields'] as $field_name => $field) {
if ($field['unique']) {
$check_sql .= " OR `" . $field_name . "` = '" . $_REQUEST[$field_name] . "'";
}
}
$check_sql .= ") AND `id` <> '" . $_POST['id'] . "'";
$object_exists = runSQL($check_sql);
if (is_array($object_exists)) {
$error = 'object_exists';
}
if (empty($error)) {
$insert_sql = "UPDATE `" . $__page['table'] . "` SET ";
foreach($__page['fields'] as $field_name => $field) {
$f++;
if ($field['type'] == 'text' || $field['type'] == 'textarea') {
$insert_sql .= " `" . $field_name . "` = '" . $_REQUEST[$field_name] . "' ";
} elseif ($field['type'] == 'number') {
$insert_sql .= " `" . $field_name . "` = '" . (int)$_REQUEST[$field_name] . "'";
} elseif ($field['type'] == 'date') {
$insert_sql .= " `" . $field_name . "` = '" . $_REQUEST[$field_name] . "'";
} elseif ($field['type'] == 'select_relation') {
$insert_sql .= " `" . $field_name . "` = '" . $_REQUEST[$field_name] . "'";
} elseif ($field['type'] == 'checkbox') {
$insert_sql .= " `" . $field_name . "` = '" . ($_REQUEST[$field_name]=='on') . "'";
}
if ($f < $total_fields) $insert_sql .= ', ';
}
$insert_sql .= " WHERE `id` = '" . $_POST['id'] . "'";
runInsertSQL($insert_sql);
header('Location: ?page=' . $_REQUEST['page']);
die();
}
}
?>
Pa sam mislio da netko ko se kuzi malo bolje u php da ce uocit gresku di je i pomoci mi...