require_once("config.inc.php");
require_once("include/class.database.php");
require_once("include/class.page.php");
require_once("include/class.imagetransform.php");
require_once("include/class.phpmailer.php");
require_once("include/class.smtp.php");
//ini_set("error_reporting","E_ALL & ~E_NOTICE");
$db = new database;
$db->connect($dbhost, $dbuser, $dbpw, $dbname);
unset($dbhost, $dbuser, $dbpw, $dbname);
session_start();
// Translate
function getpost() {
if(count($_POST)) {
foreach($_POST as $key => $value) {
global ${$key};
${$key} = $value;
}
}
}
function getget() {
if(count($_GET)) {
foreach($_GET as $key => $value) {
global ${$key};
$$key=($value);
}
}
}
function escapeit($text) {
if (get_magic_quotes_gpc()) {
$text = stripslashes($text);
}
if ( !is_numeric($text) ) {
$text = mysql_real_escape_string($text);
}
return $text;
}
function genphoto($file, $destination, $width="", $height="", $prefix="") {
if ($file != "") {
$temp = split("\.", $file);
$ext = $temp[count($temp)-1];
$filename = randStr(12, "NUMBER").".".$ext;
$imgTrans = new imageTransform();
$imgTrans->sourceFile = $destination.$file;
$imgTrans->targetFile = $destination.$prefix."_".$filename;
$imgTrans->chmodValue = 0777;
$imgTrans->resizeToWidth = $width;
$imgTrans->resizeToHeight = $height;
$imgTrans->jpegOutputQuality = 80;
$imgTrans->resize();
}
}
function genphoto_only($file, $source, $destination, $width="", $height="") {
if ($file != "") {
$filename = $file;
$imgTrans = new imageTransform();
$imgTrans->sourceFile = $source.$file;
$imgTrans->targetFile = $destination.$filename;
$imgTrans->chmodValue = 0777;
$imgTrans->resizeToWidth = $width;
$imgTrans->resizeToHeight = $height;
$imgTrans->jpegOutputQuality = 80;
$imgTrans->resize();
}
}
function uploadImageFileResizeBGcolor($file, $filename, $uploadpath, $maxfilesize, $index, $nwidth, $nheight)
{
//require_once "./Common/GenerateIPAndDateFormate.php"; //create GenerateIPAndDateFormate class
//$generateipanddate = new GenerateIPAndDateFormate();
$datekey = date("YmjHis"); //$generateipanddate->genDateForFile(); //get the date key for upload file
$sessionid = md5(time());//$generatesessionid->getSessionID(); //get the session id for upload file
$filetype = strtoupper(trim(substr($filename, -3))); //get the file type name
$newfilename = $filename; //.".".$filetype; //$sessionid.$datekey.$index.".".$filetype; //make the new file name for upload
//110000 --> 110KB
$isneedresizeornot = 0; //0 - no need resize, 1 - need resize
//move_uploaded_file($file, ($uploadpath).$newfilename);
///echo ($uploadpath).$newfilename;
/*
if((move_uploaded_file($file, ($uploadpath).$newfilename)) == true) //(filesize($file) < $maxfilesize) && ;(copy($file, ($uploadpath).$newfilename))
{
if($nwidth == 0 && $nheight == 0)
{
$isneedresizeornot = 0;
return $newfilename;
}
else
{
$isneedresizeornot = 1;
}
}
*/
//echo "
".$file."
";
/*
if(($maxfilesize == 0) && (move_uploaded_file($file["tmp_name"], ($uploadpath).$newfilename) == true)) //(copy($file, ($uploadpath).$newfilename))
{
if($nwidth == 0 && $nheight == 0)
{
$isneedresizeornot = 0;
return $newfilename;
}
else
{
$isneedresizeornot = 1;
}
}
else if(!(file_exists($file)))
{
echo "PK";
return "0"; //express not exist
}
else
{
return "-1"; //express error
}
*/
$isneedresizeornot = 1;
if($isneedresizeornot == 1)
{
//$generatesessionid->closeSession(); //close the session id
list($width, $height) = getimagesize(($uploadpath).$newfilename);
$newwidth = 0;
$newheiht = 0;
$newx = 0;
$newy = 0;
$handwradio = ($height/$width);
$wandhradio = ($width/$height);
if($handwradio <= 1)
{
$newwidth = $nwidth;//152;
$newheight = ($nwidth*$handwradio); //152
$newx = 0;
$newy = (($nheight-$newheight)/2); //192
if($newheight > $nheight)
{
$newheight = $nheight; //192
$newwidth = ($nheight*$wandhradio); //192
$newx = (($nwidth-$newwidth)/2); //152
$newy = 0;
}
}
else if($wandhradio <= 1)
{
$newheight = $nheight; //192
$newwidth = ($nheight*$wandhradio); //192
$newx = (($nwidth-$newwidth)/2); //152
$newy = 0;
if($newwidth > $nwidth)
{
$newwidth = $nwidth;//152;
$newheight = ($nwidth*$handwradio); //152
$newx = 0;
$newy = (($nheight-$newheight)/2); //192
}
}
if($filetype == "JPG")
{
$source = imagecreatefromjpeg(($uploadpath).$newfilename);
}
else if($filetype == "PNG")
{
$source = imagecreatefrompng(($uploadpath).$newfilename);
}
else if($filetype == "GIF")
{
$source = imagecreatefromgif(($uploadpath).$newfilename);
}
$thumb = ImageCreateTrueColor($nwidth, $nheight); //(152,192);
imagefill($thumb,0,0,imagecolorallocate($thumb, 255, 255, 255)); //255, 255, 255
imagecopyresampled($thumb, $source, $newx, $newy, 0, 0, $newwidth, $newheight, $width, $height);
if($filetype == "JPG")
{
imagejpeg($thumb,($uploadpath).$newfilename);
}
else if($filetype == "PNG")
{
imagepng($thumb,($uploadpath).$newfilename);
}
else if($filetype == "GIF")
{
imagegif($thumb,($uploadpath).$newfilename);
}
ImageDestroy($source);
@fclose($sourcefilehandle);
return $newfilename;
}
//$generatesessionid->closeSession(); //close the session id
return "-1"; //express error
}
function add_attachment($file, $destination, $path, $small_path, $medium_path, $table_name, $table_id="", $temp_id="", $col_name, $sorting=0, $member_id=0, $prefix="../../") {
global $db;
//$small_path = "../upload/product/small/";
//$medium_path = "../upload/product/medium/";
if ($file != "") {
$realname = $file["name"];
$temp = split("\.", $realname);
$ext = $temp[count($temp)-1];
$filename = randStr(12, "NUMBER").".".$ext;
while (file_exists($destination.$filename)) {
$filename = randStr(12, "NUMBER").".".$ext;
}
//move_uploaded_file($file, $destination.$filename);
//echo $destination.$filename;
move_uploaded_file($file["tmp_name"], $destination.$filename);
chmod($destination.$filename, 0777);
//resize image
if($col_name == "employeephoto"){
copy($destination.$filename, $prefix.$small_path.$filename); //"../../".
chmod($prefix.$small_path.$filename, 0777);
uploadImageFileResizeBGcolor($file, $filename, $prefix.$small_path, 0, 0, 150, 150);
}
/*
if($col_name == "listphoto")
{
genphoto_only($filename, $destination, "../".$small_path, 158, 133);
}
else if($col_name == "detailphoto")
{
genphoto_only($filename, $destination, "../".$medium_path, 220, 300);
}
*/
if ($re_name != "") {
$filename = $re_name."_".$filename;
}
$sql = "SELECT `attachment_id`, `file_name` FROM `attachment` WHERE `table_name` = '".$table_name."' AND `table_id` = '".$table_id."' AND `col_name` = '".$col_name."'";
$rs = $db->query($sql);
if (mysql_num_rows($rs) > 0 && trim($table_id) != "") {
$rowfile = $db->fetch_array($rs);
@unlink($prefix.$rowfile["small_path"].$rowfile["file_name"]);
@unlink($prefix.$rowfile["medium_path"].$rowfile["file_name"]);
@unlink($prefix.$rowfile["path"].$rowfile["file_name"]);
$attachment_id = $rowfile["attachment_id"];
$sql = "UPDATE `attachment` SET `file_name` = '".$filename."', `real_name` = '".$realname."', `upload_date` = '".date("Y-m-d")."', `upload_time` = '".date("H:i:s")."' WHERE `table_name` = '".$table_name."' AND `table_id` = '".$table_id."' AND `col_name` = '".$col_name."'";
$db->query($sql);
} else {
$sql = "SELECT `attachment_id`, `file_name` FROM `attachment` WHERE `table_name` = '".$table_name."' AND `temp_id` = '".$temp_id."' AND `col_name` = '".$col_name."'";
//echo $sql;
$rs2 = $db->query($sql);
if(mysql_num_rows($rs2) > 0 && trim($temp_id) != ""){
$rowfile2 = $db->fetch_array($rs2);
//@unlink($destination.$rowfile2["file_name"]);
@unlink($prefix.$rowfile2["small_path"].$rowfile2["file_name"]);
@unlink($prefix.$rowfile2["medium_path"].$rowfile2["file_name"]);
@unlink($prefix.$rowfile2["path"].$rowfile2["file_name"]);
$attachment_id = $rowfile2["attachment_id"];
$sql = "UPDATE `attachment` SET `file_name` = '".$filename."', `real_name` = '".$realname."', `upload_date` = '".date("Y-m-d")."', `upload_time` = '".date("H:i:s")."' WHERE `table_name` = '".$table_name."' AND `temp_id` = '".$temp_id."' AND `col_name` = '".$col_name."'";
$db->query($sql);
}else{
$sql = "INSERT INTO `attachment` ( `attachment_id` , `table_name` , `table_id` , `temp_id`, `col_name`, `file_name` , `real_name` , `path` , `medium_path`, `small_path`, `sorting` , `upload_date` , `upload_time`, `product_id`)
VALUES (
NULL , '".$table_name."', '".$table_id."', '".$temp_id."', '".$col_name."', '".$filename."', '".$realname."', '".$path."', '".$medium_path."', '".$small_path."', '".$sorting."', '".date("Y-m-d")."', '".date("H:i:s")."', '".$member_id."'
);";
$db->query($sql);
$attachment_id = $db->insert_id();
}
}
$file_array = array();
$file_array["attachment_id"] = $attachment_id;
$file_array["filename"] = $filename;
$file_array["realname"] = $realname;
$file_array["colname"] = $colname;
return $file_array;
}
}
function del_attachment($attachment_id,$prefix_path="../../"){
global $db;
$sql = "SELECT * FROM `attachment` WHERE `attachment_id` = '".escapeit($attachment_id)."'";
$row = $db->getrow($sql);
@unlink($prefix_path.$row["small_path"].$row["file_name"]);
@unlink($prefix_path.$row["medium_path"].$row["file_name"]);
@unlink($prefix_path.$row["path"].$row["file_name"]);
$sql = "DELETE FROM `attachment` WHERE `attachment_id` = '".escapeit($attachment_id)."'";
$db->query($sql);
}
function del_attachment_for_member($prefix_path="../../", $member_id){
global $db;
$sql = "SELECT * FROM `attachment` WHERE table_id='' and product_id='".escapeit($member_id)."'";
$rs = $db->query($sql);
while ($row = $db->fetch_array($rs)) {
@unlink($prefix_path.$row["small_path"].$row["file_name"]);
@unlink($prefix_path.$row["medium_path"].$row["file_name"]);
@unlink($prefix_path.$row["path"].$row["file_name"]);
}
$sql = "DELETE FROM `attachment` WHERE table_id='' and product_id='".escapeit($member_id)."";
$db->query($sql);
}
function del_all_attachment($table_name,$value,$prefix_path="../../"){
global $db;
$sql = "SELECT `file_name`, `path` FROM `attachment` WHERE `table_name` = '".escapeit($table_name)."' AND `table_id` = '".escapeit($value)."'";
$rs = $db->query($sql);
while ($row = $db->fetch_array($rs)) {
//@unlink($prefix_path.$row["path"]."original/".$row["file_name"]);
//@unlink($prefix_path.$row["path"]."thumb/".$row["file_name"]);
@unlink($prefix_path.$row["small_path"].$row["file_name"]);
@unlink($prefix_path.$row["medium_path"].$row["file_name"]);
@unlink($prefix_path.$row["path"].$row["file_name"]);
}
$sql = "DELETE FROM `attachment` WHERE `table_name` = '".escapeit($table_name)."' AND `table_id` = '".escapeit($value)."'";
$db->query($sql);
}
function get_attachment($table_name,$table_id,$col_name){
global $db;
$sql = " SELECT file_name FROM `attachment` WHERE `table_name`='".$table_name."' and `table_id`='".$table_id."' and `col_name`='".$col_name."' ";
$result = $db->query($sql);
$row = mysql_fetch_assoc($result);
return $row["file_name"];
}
function get_all_attachment($table_name,$table_id){
global $db;
$sql = " SELECT col_name,path,file_name FROM `attachment` WHERE `table_name`='".$table_name."' and `table_id`='".$table_id."' ";
$result = $db->query($sql);
while($row = mysql_fetch_assoc($result)){
$myAttachment[$row["col_name"]]=$row["path"].$row["file_name"];
}
return $myAttachment;
}
function show_attachment($file){
$lower_filename=strtolower($file);
if( strstr($lower_filename,".jpg") || strstr($lower_filename,".jpeg") || strstr($lower_filename,".gif") || strstr($lower_filename,".png") ){
return '