Location: PHPKode > projects > PHP Enter > www/post.php
<?php @session_start(); ?>
<?php
//PHP Enter 3.0.
//Copyright (C) 2011  Predrag Rukavina hide@address.com
//This program is free software; you can redistribute it and/or
//modify it under the terms of the GNU General Public License
//as published by the Free Software Foundation; either version 2
//of the License, or (at your option) any later version.
//This program is distributed in the hope that it will be useful,
//but WITHOUT ANY WARRANTY; without even the implied warranty of
//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//GNU General Public License for more details.
//You should have received a copy of the GNU General Public License
//along with this program; if not, write to the Free Software
//Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
include_once('admin/functions.php');
include_once('settings.php');
error_reporting(E_ERROR | E_WARNING | E_PARSE);
$tmp = mysql_query("SELECT * FROM categori ORDER BY name ASC") 
or die("A MySQL error has occurred.<br />Your Query: " . $tmp . "<br /> Error: (" . mysql_errno() . ") " . mysql_error());
while ($aclrow = mysql_fetch_assoc($tmp))
{
$ccval[] = $aclrow;
}
$smarty->assign('path',$path);
$smarty->assign('title',$title);
$smarty->assign('temp',$temp);
$smarty->assign('categori', $ccval);
$smarty->display('blank.php');

$shouter = @$_SESSION['INC_USER_ID'];

$ures = mysql_query("SELECT * FROM users WHERE usid='" . mysql_real_escape_string($shouter) ."' ")
or die(mysql_error()); 
while($urow=mysql_fetch_array($ures)){
$kori= $urow['usid'];
$usercc=$urow['username'];
$thumbs=$urow['thumbs'];
$eeuser=$urow['email'];
}
if(isset($_POST['query'])){
require_once('recaptchalib.php');
$privatekey = $config['keycaptcha'];
$resp = recaptcha_check_answer ($privatekey,
                               $_SERVER["REMOTE_ADDR"],
                               $_POST["recaptcha_challenge_field"],
                               $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) { 
die ("The reCAPTCHA wasn't entered correctly. Go back and try it again." . 
 "(reCAPTCHA said: " . $resp->error . ")");
 }
$current_image=$_FILES['image']['name'];
$extension = substr(strrchr($current_image, '.'), 1);
$time = date("Yhis");
$univer = $_POST['univer'];
$idblog = $_POST['idblog'];
$bname = $_POST['bname'];
$badress = $_POST['badress'];
$amess = $_POST['amess'];
$amess = htmlspecialchars($amess);
$name=array($bname,$amess);
foreach ($name as $name) 
{
if (ereg("^\.",$name)) {
echo "<center>Invalid Characters:<a href=\"javascript:history.go(-1)\">Go Back</a></center>";  
 Die();
}
if (ereg("\javascript", $name)) {
echo "<center>Invalid Characters: <font color = \"red\"><strong>javascript</strong></font> <a href=\"javascript:history.go(-1)\">Go Back</a></center>";  
 Die();
}}
if (strlen($bname) < 3) {
echo "<center>Field must be at least 3 characters long:
<a href=\"javascript:history.go(-1)\">Go Back</a></center>";  
 Die();
}
if (strlen($bname) > 120) {
echo "<center>Max Characters Field: 120
<a href=\"javascript:history.go(-1)\">Go Back</a></center>";  
 Die();
}
if (strlen($amess) < 100) {
echo "<center>Field description must be at least 100 characters long:
<a href=\"javascript:history.go(-1)\">Go Back</a></center>";  
 Die();
}
if (strlen($amess) > 19800) {
echo "<center>Max Characters Field Description: 950
<a href=\"javascript:history.go(-1)\">Go Back</a></center>";  
 Die();
}
if (get_magic_quotes_gpc()) {
$univer = addslashes($univer);
$idblog = addslashes($idblog);
$kori = addslashes($kori);
$usercc = addslashes($usercc);
$bname = addslashes($bname);
$badress = addslashes($badress);
$thumbs = addslashes($thumbs);
$amess = addslashes($amess);
}
$univer = mysql_real_escape_string($univer);
$idblog = mysql_real_escape_string($idblog);
$kori = mysql_real_escape_string($kori);
$usercc = mysql_real_escape_string($usercc);
$bname = mysql_real_escape_string($bname);
$badress = mysql_real_escape_string($badress);
$thumbs = mysql_real_escape_string($thumbs);
$amess = mysql_real_escape_string($amess);
$current_image=$_FILES['image']['name'];
$extension = substr(strrchr($current_image, '.'), 1);
if (($extension!= "jpg") && ($extension != "jpeg")) 
{
die('Please Upload Valid JPG File');
}
$time = date("Yhis");
$new_image = $time . "." . $extension;
$destination="uploads/".$new_image;
$action = copy($_FILES['image']['tmp_name'], $destination);
function ccthumb($imgSrc,$filename,$thumbnail_width,$thumbnail_height) {
list($width_orig, $height_orig) = getimagesize($imgSrc);   
if ($width_orig > 940 || $height_orig > 940)
{
echo "<br>Maximum width and height exceeded. Please upload images below  780 x 780 px size";
exit();
}
$tag=explode('.',$imgSrc); 
if (preg_match('/jpg|jpeg/',$tag[1])){
if (@$cimage = imagecreatefromjpeg($imgSrc) == true){
$cimage = imagecreatefromjpeg($imgSrc);
}else{
die("wrong file");
}}
$ratio_orig = $width_orig/$height_orig;
if ($thumbnail_width/$thumbnail_height > $ratio_orig) {
$new_height = $thumbnail_width/$ratio_orig;
$new_width = $thumbnail_width;
} else {
$new_width = $thumbnail_height*$ratio_orig;
$new_height = $thumbnail_height;
}
$x_mid = $new_width/2;  //horizontal middle
$y_mid = $new_height/2; //vertical middle
$process = imagecreatetruecolor(round($new_width), round($new_height)); 
imagecopyresampled($process, $cimage, 0, 0, 0, 0, $new_width, $new_height, $width_orig, $height_orig);
$thumb = imagecreatetruecolor($thumbnail_width, $thumbnail_height); 
imagecopyresampled($thumb, $process, 0, 0, ($x_mid-($thumbnail_width/2)), ($y_mid-($thumbnail_height/2)), $thumbnail_width, $thumbnail_height, $thumbnail_width, $thumbnail_height);
imagejpeg($thumb,$filename,100); 
return $thumb;
}
ccthumb($destination,'maxthumb/' . $new_image,270,250);
ccthumb($destination,'minthumb/' . $new_image,144,82);
$result = mysql_query("INSERT INTO newser (univer,idblog,buserid,buser,btexty,badress,images,bimgs,bdate,bamess) 
VALUES ('$univer','$idblog','$kori','$usercc','$bname','$badress','$new_image','$thumbs',NOW(),'$amess')")
or die(mysql_error());
?>
<script type="text/javascript">
<!--
function delayer(){
    window.location = "index.php"
}
//-->
</script>
</head>
<body onLoad="setTimeout('delayer()', 2000)">
<center><b><font style="font-family:verdana;font-size:13px;color:#555;">You will be redirected to the homepage. Thank you!</b></font></center>
<?php
}else{
$univer = date("Yhis");
?>
<body>
<script>
var RecaptchaOptions = {
   theme : 'clean',
   tabindex : 2
};
</script>
<div id="content">
<div style="margin:8px;">
<h3>New Story</h3>
Hello <b><?php echo $_SESSION['INC_USER_NAME']; ?></b> <a href="signout.php">Logout</a>
<br /><br />
<form action="post.php" enctype="multipart/form-data" method="post">
<br />Category:<br />
<input type="hidden" name="univer" value="<?php echo $univer; ?>">
<select name="idblog">
<?php
$strSQL = "SELECT * FROM categori ORDER BY name";
$rs = mysql_query($strSQL);
$nr = mysql_num_rows($rs);
for ($i=0; $i<$nr; $i++) {
	$r = mysql_fetch_array($rs);
	echo "<option value=\"".$r["catid"]."\">".$r["name"]."</option>";
}
?>
</select>
<?php 
@$incname=$_POST['incname'];
if($incname == true){
@$url=addslashes($incname);
if(!preg_match("/^[a-zA-Z]+[:\/\/]+[A-Za-z0-9\-_]+\\.+[A-Za-z0-9\.\/%&=\?\-_]+$/i",$url)) {
Echo"You must supply a valid URL.";
Exit();
}
if (strlen($url) < 8) {
echo "<center>Field must be at least 8 characters long:
<a href=\"javascript:history.go(-1)\">Go Back</a></center>";  
 Die();
}
if (strlen($url) > 220) {
echo "<center>Max Characters Field: 120
<a href=\"javascript:history.go(-1)\">Go Back</a></center>";  
 Die();
}
function getUrlData($url)
{
$result = false;
$contents = getUrlContents($url);
if (isset($contents) && is_string($contents))
    {
$title = null;
$metaTags = null;
preg_match('/<title>([^>]*)<\/title>/si', $contents, $match );
if (isset($match) && is_array($match) && count($match) > 0)
{
$title = strip_tags($match[1]);
}
preg_match_all('/<[\s]*meta[\s]*name="?' . '([^>"]*)"?[\s]*' .'[lang="]*[^>"]*["]*'.'[\s]*content="?([^>"]*)"?[\s]*[\/]?[\s]*>/si', $contents, $match);
if (isset($match) && is_array($match) && count($match) == 3)
{
$originals = $match[0];
$names = $match[1];
$values = $match[2];
if (count($originals) == count($names) && count($names) == count($values))
{
$metaTags = array();
for ($i=0, $limiti=count($names); $i < $limiti; $i++)
{
$metaname=strtolower($names[$i]);
$metaname=str_replace("'",'',$metaname);
$metaname=str_replace("/",'',$metaname);
$metaTags[$metaname] = array (
'html' => htmlentities($originals[$i]),
'value' => $values[$i]
);
}
}
}
if(sizeof($metaTags)==0) { 
preg_match_all('/<[\s]*meta[\s]*content="?' . '([^>"]*)"?[\s]*' .'[lang="]*[^>"]*["]*'.'[\s]*name="?([^>"]*)"?[\s]*[\/]?[\s]*>/si', $contents, $match);
if (isset($match) && is_array($match) && count($match) == 3)
{
$originals = $match[0];
$names = $match[2];
$values = $match[1];
if (count($originals) == count($names) && count($names) == count($values))
{
$metaTags = array();
for ($i=0, $limiti=count($names); $i < $limiti; $i++)
{ 
$metaname=strtolower($names[$i]);
$metaname=str_replace("'",'',$metaname);
$metaname=str_replace("/",'',$metaname);
$metaTags[$metaname] = array (
'html' => htmlentities($originals[$i]),
'value' => $values[$i] 
);
}
}
}
}
$result = array (
'title' => $title,
'metaTags' => $metaTags
);
}
return $result;
}
function getUrlContents($url, $maximumRedirections = null, $currentRedirection = 0){ 
$result = false;
$contents = @file_get_contents($url);
if (isset($contents) && is_string($contents)){ 
preg_match_all('/<[\s]*meta[\s]*http-equiv="?REFRESH"?' . '[\s]*content="?[0-9]*;[\s]*URL[\s]*=[\s]*([^>"]*)"?' . '[\s]*[\/]?[\s]*>/si', $contents, $match);
if (isset($match) && is_array($match) && count($match) == 2 && count($match[1]) == 1)
{
if (!isset($maximumRedirections) || $currentRedirection < $maximumRedirections)
{
return getUrlContents($match[1][0], $maximumRedirections, ++$currentRedirection);
}
$result = false;
}else{
$result = $contents;
}
}
return $contents;
}
$Domain=$url; // website
$result = getUrlData($Domain);
if($result['title']=="") {
$title="No Data Available";
echo "<br />No Data Available";
die();
} else {
$title=$result['title'];
}
if(@$result['metaTags']['description']['value']=="") {
$description="No Data Available";
} else {
$description=$result['metaTags']['description']['value'];
}
if(@$result['metaTags']['keywords']['value']=="") {
$keywords="No Data Available";
} else {
$keywords=$result['metaTags']['keywords']['value'];
}
?>
<input type="hidden" name="badress" value="<?php echo $incname; ?>">
<br /><br />URL: <?php echo $url; ?><br />
<br />Title:<br />
<input type="text" name="bname" value="<?php echo $title; ?>" class="incc">
<br />
<br />
<?php }else{ ?>
<input type="hidden" name="badress" value="0" class="incc">
<br /><br />
Title:
<br />
<input type="text" name="bname"  class="incc">
<br />
<br />
<?php } ?>
Image:(only jpg formats);
<br />
<input type="file" name="image">
<br />
<br />
Description:
<br />
<br />
<textarea name="amess" style="width:627px;height:244px;"></textarea><br /><br />
<?php
require_once('recaptchalib.php');
$publickey = $config['keypublic'];
echo recaptcha_get_html($publickey);
?>
<br />
<input class="incc" type="submit" value="Submit" name="query" style="color:#555;border:1px solid #ccc;background:#f8f8f8">
</form>
</td></tr></table>
</div></div>
<?php
}
?>
</div></div>
<?php $smarty->display('footer.php'); ?>
Return current item: PHP Enter