Your IP : 216.73.216.170
<?php
$inc_path = "../../haibo/en/";$ua_sm_compile_dir = "newmember/";
require($inc_path."global.php");
require("session.php");$tb_prefix= $_SESSION['Version']."_";
//ini_set('display_errors','On');
//error_reporting(E_ALL);
uaCheckPermission(2);
if($_SESSION['Version']=="en")setvar("imgpath", "../../upload/".$_SESSION['MemberName']."/");else setvar("imgpath", "../../".$_SESSION['Version']."/upload/".$_SESSION['MemberName']."/");
uses("trade","member","img","product","industry","setting","company");
$setting = new Settings();
$company = new Companies();
$industry = new Industries();
$member = new Members();
$product = new Products();
$trade = new Trades();
$img= new Img();
$tpl_file = "img";
$conditions = "and member_id=".$_SESSION['MemberID'];
$company_id = $company->field("id", "member_id=".$_SESSION['MemberID']);
require(LIB_PATH.'controllers/upload.inc.php');
require(LIB_PATH.'controllers/GDImage.inc.php');
require($inc_path .APP_NAME. 'include/inc.imageWaterMark.php');
if($_GET['id']){
$productinfo = $product->read(null,$_GET['id'],null,$conditions);
setvar("pi",$productinfo);
}
if($_POST['act']=="upload"){
$vals = array();
$count=$_POST['upcount']+1;
for($i=1;$i<=$count;$i++)
{
if (!empty($_FILES['file'.$i]['name'])) {
$f = $_FILES['file'.$i];
ini_set("memory_limit", "32M");
$check_path = uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."more_imgs".DS);
$file_ext = fileext($f['name']);
if($_SESSION['Version']=='en'){$p_name=$_POST['title'.$i];
$p_name = str_replace(" ","",$p_name);
$p_name = str_replace("&","",$p_name);
$p_name = str_replace(",","",$p_name);
$p_name = str_replace("/","",$p_name);
$p_name = str_replace(".","",$p_name);
$p_name = str_replace("%","",$p_name);
$p_name = str_replace("(","",$p_name);
$p_name = str_replace(")","",$p_name);
$p_name = str_replace("#","",$p_name);
$p_name = str_replace("@","",$p_name);
$p_name = str_replace("*","",$p_name);
$p_name = str_replace("=","",$p_name);
$p_name = str_replace(":","",$p_name);
$p_name = str_replace("-","",$p_name);
$p_name = str_replace("_","",$p_name);
$p_name = str_replace("!","",$p_name);
$p_name = str_replace("?","",$p_name);
$p_name = str_replace("\'","",$p_name);
$p_name = str_replace("\"","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("+","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("`","",$p_name);
$p_name = str_replace("$","",$p_name);
$p_name = str_replace("[","",$p_name);
$p_name = str_replace("]","",$p_name);
$p_name = str_replace("“","",$p_name);
$p_name = str_replace("”","",$p_name);
$p_name = str_replace(",","",$p_name);
$p_name=strtolower($p_name);
$this_product_pic = $_SESSION['MemberID']."_prod_".$_POST['pid']."_img_".$p_name."_".$i.$time_stamp.$file_ext;}
else $this_product_pic = $_SESSION['MemberID']."_prod_".$_POST['pid']."_img_".$i.$time_stamp.$file_ext;
$u = new upload($f['name']);
if($u->checkImage()){
$uploade_file = move_uploaded_file($f['tmp_name'],$check_path.$this_product_pic);
}else{
flash("./tip.php","./product.php", $cfg['room']['pic_upload_error'],0);
}
$image = new GDImage2($check_path,uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."more_imgs".DS,"small".DS));
$image->makeThumb($this_product_pic);
$set_watermark = $setting->field("ab","aa='watermark'");
if($set_watermark && empty($pid)){
$water_text = $setting->field("ab","aa='watertext'");
$water_color = $setting->field("ab","aa='watercolor'");
if (empty($water_text)) {
$water_text = URL;
}
imageWaterMark($check_path.$this_product_pic,8,"",$water_text,5,$water_color);
}
if(!empty($this_product_pic)) {
$sql="select img from ".$_SESSION['Version']."_img where id='".$_POST['picid'.$i]."'";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
}
}
$vals['img'] = $this_product_pic;
}
$vals['title'] = stripslashes(trim($_POST['title'.$i]));
$vals['des'] = stripslashes(trim($_POST['des'.$i]));
$vals['product_id'] = $_POST['pid'];
$vals['section_id'] = $_POST['secid'];
$vals['sectioncontents_id'] = $_POST['scid'];
$vals['member_id'] = $_SESSION['MemberID'];
$vals['company_id'] = $company_id;
$vals['createtime'] = $time_stamp;
$vals['img_range']=$time_stamp;
$vals['fanyi']='0';
$result = $img->save($vals);
}
}
if( $_POST['secid']!='0')flash("./tip.php","./img_list.php?secid=".$_POST['secid'],"Successful Operation");
if($_POST['scid']!='0')flash("./tip.php","./img_list.php?scid=".$_POST['scid'],"Successful Operation");
flash("./tip.php","./img_list.php?id= ".$_POST['pid']."&secid=".$_POST['secid'],"Successful Operation");
}
if($_GET['action']=="mod")
{$tpl_file = "img2";
$imginfo = $img->read(null,$_GET['picid'],null,null);
setvar("I",$imginfo);
}
if($_GET['action']=="save")
{
$vals = array();
if (!empty($_FILES['pic']['name'])) {
$f = $_FILES['pic'];
ini_set("memory_limit", "32M");
$check_path = uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."more_imgs".DS);
$file_ext = fileext($f['name']);
if($_SESSION['Version']=='en'){$p_name=$_POST['title'.$i];
$p_name = str_replace(" ","",$p_name);
$p_name = str_replace("&","",$p_name);
$p_name = str_replace(",","",$p_name);
$p_name = str_replace("/","",$p_name);
$p_name = str_replace(".","",$p_name);
$p_name = str_replace("%","",$p_name);
$p_name = str_replace("(","",$p_name);
$p_name = str_replace(")","",$p_name);
$p_name = str_replace("#","",$p_name);
$p_name = str_replace("@","",$p_name);
$p_name = str_replace("*","",$p_name);
$p_name = str_replace("=","",$p_name);
$p_name = str_replace(":","",$p_name);
$p_name = str_replace("-","",$p_name);
$p_name = str_replace("_","",$p_name);
$p_name = str_replace("!","",$p_name);
$p_name = str_replace("?","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("+","",$p_name);
$p_name = str_replace("'","",$p_name);
$p_name = str_replace("`","",$p_name);
$p_name = str_replace("$","",$p_name);
$p_name = str_replace("[","",$p_name);
$p_name = str_replace("]","",$p_name);
$p_name = str_replace("\"","",$p_name);
$p_name = str_replace("“","",$p_name);
$p_name = str_replace("”","",$p_name);
$this_product_pic = $_SESSION['MemberID']."_prod_".$_POST['pid']."_img_".$p_name."_".$i.$time_stamp.$file_ext;}
else $this_product_pic = $_SESSION['MemberID']."_prod_".$_POST['pid']."_img_".$i.$time_stamp.$file_ext;
$u = new upload($f['name']);
if($u->checkImage()){
$uploade_file = move_uploaded_file($f['tmp_name'],$check_path.$this_product_pic);
}else{
flash("./tip.php","./product.php", $cfg['room']['pic_upload_error'],0);
}
if(!$uploade_file){
flash("./tip.php","./product.php",$cfg['room']['pic_upload_false'],0);
}else {
$oldfile = substr($check_path,0,-7).$_POST['oldimgname'];
$oldfile = str_replace("\\","/",$oldfile);
@unlink($oldfile);
$oldsmallfile = substr($check_path,0,-11)."small".DS.$_POST['oldimgname'];
@unlink(str_replace("\\","/",$oldsmallfile));
}
$image = new GDImage2($check_path,uaCheckMediaPath('..'.DS.'..'.DS.$_SESSION['MemberName'].DS.$_SESSION['Version'].DS.$_SESSION['MemberName'].DS."more_imgs".DS,"small".DS));
$image->makeThumb($this_product_pic);
$set_watermark = $setting->field("ab","aa='watermark'");
if($set_watermark && empty($pid)){
$water_text = $setting->field("ab","aa='watertext'");
$water_color = $setting->field("ab","aa='watercolor'");
if (empty($water_text)) {
$water_text = URL;
}
imageWaterMark($check_path.$this_product_pic,8,"",$water_text,5,$water_color);
}
if(!empty($this_product_pic)) {
$sql="select img from ".$_SESSION['Version']."_img where id='".$_POST['picid'.$i]."'";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
}
}
$vals['img'] = $this_product_pic;
}
}
$vals['title'] = $_POST['title'.$i];
$vals['des'] = $_POST['des'.$i];
$result = $img->save($vals,"update",$_POST['picid'], null, null);
if($_POST['id']==0){flash("./tip.php",urlencode("./img_list.php?secid=".$_POST['secid'].'&scid='.$_POST['scid']), $cfg['room']['action_complete']);exit;}
flash("./tip.php","./img_list.php?id=".$_POST['id'], $cfg['room']['action_complete']);
}
if($_GET['action']=="del" && !empty($_GET['picid']))
{
$res = $img->read("id",$_GET['picid']);
if($res){
$sql="select img from ".$_SESSION['Version']."_img where id='".$res['id']."'";
$rr = $g_db->GetAll($sql);
foreach($rr as $k=>$v){
if($_SESSION['Version']=="en") {
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
} else {
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/small/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/middle/'.$v['img']);
@unlink('../../'.$_SESSION['Version'].'/upload/'.$_SESSION['MemberName'].'/upload/big/'.$v['img']);
}
}
if($img->del($_GET['picid'], "member_id=".$_SESSION['MemberID'])){
if($_GET['pid']==0)flash("./tip.php",urlencode("./img_list.php?secid=".$secid.'&scid='.$_GET['scid']), $cfg['room']['action_complete']);
flash("./tip.php","./img_list.php?id=".$_GET['pid'],$cfg['room']['action_complete']);
}else {if($_GET['pid']==0)flash("./tip.php",urlencode("./img_list.php?secid=".$secid.'&scid='.$_GET['scid']), $cfg['room']['not_defined_error']);
flash("./tip.php","./img_list.php?id=".$_GET['pid'], $cfg['room']['not_defined_error']);
}
}}
$secid=$_REQUEST['secid']?$_REQUEST['secid']:0;
$scid=$_REQUEST['scid']?$_REQUEST['scid']:0;
setvar("s",$secid);
setvar("sc",$scid);
include("head.php");template("newmember/".$tpl_file);
?>