File: /var/www/html/tmpr/../tmpr/..//tmpr/..//tmpr/../v/addblog.php
<?php ?>
<?php
require("./NewsSql.inc.php");
$db = new NewsSQL($dbname);
page_protect();
$PicturePath = "../photo/";
$live_img = 'uploads/images/';
$videouser = $_SESSION['euserid'];
if (empty($page)){
$page = 0;
}
$record = 20;
if ($Delblog==$admin_yes) {
$db->delblog($newsid,$PicturePath);
}
if (!empty($addnews)) {
$mytitle = mysqli_real_escape_string($link,$mytitle);
$content = mysqli_real_escape_string($link,$content);
$description = mysqli_real_escape_string($link,$description);
$newsid = $db->addblog($catalogid,$title,$content,$viewnum,$rating,$ratenum,$keywords,$isdisplay,$description,$vcat,$summary,$video,$thumb);
$db->Insertblogslug($newsid,$slug,$title,$str, $stripstrings, $replace);
$tempuserfile = $_FILES['userfile']['tmp_name'];
$tempuserfile_name = $_FILES['userfile']['name'];
if ((!empty($tempuserfile)) && (!empty($tempuserfile_name))) {
$pathinfo = pathinfo($tempuserfile_name, PATHINFO_EXTENSION);
if(!in_array(strtolower($pathinfo), array('jpg')))
{
header('Location: addblog.php?msg=Invalid File Type!<br>') ;
}
$userfile = $tempuserfile;
$userfile_name = $tempuserfile_name;
}
if ((!empty($userfile)) && (!empty($userfile_name))) {
$videouser = $_SESSION['euserid'];
$userfile_name = preg_replace('/[\ ]/', '-', $userfile_name);
$userfile_name = $videouser.$userfile_name;
$dest1 = $PicturePath.$userfile_name;
copy($userfile, $dest1);
$starting_image = imagecreatefromjpeg("$PicturePath$userfile_name");
$width = imagesx($starting_image);
$height = imagesy($starting_image);
$thumb_width = 500;
$thumb_height = 250;
$thumb_image = imagecreatetruecolor($thumb_width, $thumb_height);
imagecopyresampled($thumb_image, $starting_image, 0, 0, 0, 0, $thumb_width, $thumb_height, $width, $height);
imagejpeg($thumb_image, "$PicturePath$userfile_name");
$db->add_Picture($newsid,$userfile_name,$PicturePath);
}
}
if (!empty($editblog)) {
$mytitle = mysqli_real_escape_string($link,$mytitle);
$content = mysqli_real_escape_string($link,$content);
$description = mysqli_real_escape_string($link,$description);
$db->editblog($catalogid,$mytitle,$content,$viewnum,$rating,$ratenum,$keywords,$isdisplay,$description,$vcat,$summary,$thumb,$newsid,$slug);
$tempuserfile = $_FILES['userfile']['tmp_name'];
$tempuserfile_name = $_FILES['userfile']['name'];
if ((!empty($tempuserfile)) && (!empty($tempuserfile_name))) {
$pathinfo = pathinfo($tempuserfile_name, PATHINFO_EXTENSION);
if(!in_array(strtolower($pathinfo), array('jpg')))
{
header('Location: addblog.php?msg=Invalid File Type!<br>') ;
}
$userfile = $tempuserfile;
$userfile_name = $tempuserfile_name;
}
if ((!empty($userfile)) && (!empty($userfile_name))) {
$videouser = $_SESSION['euserid'];
$userfile_name = preg_replace('/[\ ]/', '-', $userfile_name);
$userfile_name = $videouser.$userfile_name;
$dest1 = $PicturePath.$userfile_name;
copy($userfile, $dest1);
$starting_image = imagecreatefromjpeg("$PicturePath$userfile_name");
$width = imagesx($starting_image);
$height = imagesy($starting_image);
$thumb_width = 500;
$thumb_height = 250;
$thumb_image = imagecreatetruecolor($thumb_width, $thumb_height);
imagecopyresampled($thumb_image, $starting_image, 0, 0, 0, 0, $thumb_width, $thumb_height, $width, $height);
imagejpeg($thumb_image, "$PicturePath$userfile_name");
$db->add_Picture($newsid,$userfile_name,$PicturePath);
}
$db->editblogslug($newsid,$slug,$mytitle,$str);
}
if (!empty($DP1)) {
$db->del_BlogPicture($newsid,$userfile_name,$PicturePath);
}
$result = $db->getblognewsx($page,$record,$catid);
?>
<html>
<head>
<title>Add Blog</title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php print "$admin_charset"; ?>">
<link href="styles.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style4 {font-size: 11px}
.style6 {font-size: 12px}
.style7 {font-size: 10px}
-->
</style>
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#myform").validate();
});
</script>
</head>
<body>
<?php
?>
<?php
include 'header.php';
?>
<table width="1000" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td width="700" valign="top">
<div class="graycellv3" style="width:800px;"> <br>
<span id="buttoned2" style="margin-top:10px">Add Elements</span><br>
<br>
<br>
<?php
if (empty($result)) {?>
You have not added anye Elements
</a>
<?php }
?>
<table width="700" border="0" cellpadding="2" cellspacing="1" >
<?php
if (!empty($result)) {?>
<br><span id="buttoned2" style="margin-top:10px">My Blogs</span>
<tr>
<td width="102"><div align="center" class="style12"><span class="style6">Thumbnail</span></div></td>
<td width="191"><div align="center" class="style12"><span class="style6 style6">Blogs</span></div></td>
<td width="71"><div align="center" class="style12"><span class="style6">views</span></div></td>
<td width="76"><div align="center" class="style12"><span class="style6">Rating</span></div></td>
<td><div align="center" class="style12"><span class="style6">Published</span></div></td>
<td colspan="2"><div align="center" class="style12"><span class="style6 style6">Modify</span></div></td>
</tr>
<?php foreach ($result as $key => $val) {
$newsid = stripslashes($val["newsid"]);
$catalogid = stripslashes($val["catalogid"]);
$title = stripslashes($val["title"]);
$picture = stripslashes($val["picture"]);
$viewnum = stripslashes($val["viewnum"]);
$rating = stripslashes($val["rating"]);
$adddate = stripslashes($val["adddate"]);
$cataname = $db->getcatalognamebyid($catalogid);
?>
<tr>
<td><div align="center" class="style9"><span class="style6 style6"><img src="<?php print "$PicturePath$picture"; ?>" width="80" height="30" vspace="2" /></span></div></td>
<td><div align="left" class="style9"><span class="style6 style6"><?php print "$title"; ?></span></div></td>
<td><div align="center" class="style9"><span class="style6 style6"><?php print "$viewnum"; ?></span></div></td>
<td><div align="center" class="style9"><span class="style6 style6"><?php print "$rating"; ?></span></div></td>
<td><div align="center" class="style9"><span class="style6 style6"><?php print "$adddate"; ?></span></div></td>
<td width="26"><div align="center" class="style9"><a href="editblog.php?newsid=<?php print "$newsid"; ?>" class="en_b style6 style6"><?php print "$admin_edit"; ?></a></div></td>
<td width="26"><div align="center" class="style9"><a href="delblog.php?newsid=<?php print "$newsid"; ?>&catid=<?php print "$catid"; ?>" class="en_b style6 style6"><?php print "$admin_del"; ?></a></div></td>
</tr>
<tr>
<td colspan="7" bgcolor="#ffffff" height="1"></td>
</tr>
<?php
}
}
?>
</table>
<?php
$pagenext = $page+1;
$result1 = $db->getcatalognews($pagenext,$record,$catid);
if ($page!=0)
{
$pagepre = $page-1;
print "<a href=\"$PHP_SELF?page=$pagepre&catid=$catid\">back</a> ";
}
if (!empty($result1))
{
print "<a href=\"$PHP_SELF?page=$pagenext&catid=$catid\">more</a> ";
}
?>
<br>
<br>
<br>
<table width="700" height="300" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="left">
<span id="buttoned2" style="margin-top:10px">Add Element</span><br>
<br>
<input type="hidden" name="catalogid" value="<? echo $_SESSION['euserid'];?>">
<input type="hidden" name="catid" value="<? echo $_SESSION['euserid'];?>">
<form action="<?php print "$PHP_SELF"; ?>" method="POST" name="myform" id="myform" ENCTYPE="multipart/form-data" ><table width="700" border="0" cellspacing="1" cellpadding="2">
<tr>
<td width="83"><span class="style6 style6"><?php print "News/ Blog Title"; ?> :</span></td>
<td width="198"><input name="title" class="required" type="text" size="55" ></td>
</tr>
<?php /*?> <tr>
<td><span class="style6 style6"><?php print " Description"; ?> :</span></td>
<td><span class="style6 style6">
<textarea name="description" class="required" cols="50" rows="2"></textarea>
</span></td>
</tr><?php */?>
<tr>
<td valign="top"><span class="style6 style6"><?php print "$admin_content"; ?> :</span></td>
<td><span class="style6 style6">
<input type="hidden" name="description" class="required" value="0" size="55"> <textarea name="content" cols="50" rows="9"></textarea>
</span></td>
</tr>
<tr>
<td colspan="2">
<input type="hidden" name="viewnum" value="0" size="55">
<input name="rating" type="hidden" value="2" size="55">
<input name="ratenum" type="hidden" value="1" size="55">
</td>
</tr>
<tr>
<td><span class="style6 style6">Category :</span></td>
<td> <select name="vcat" class="required" id="vcat">
<option value="" selected>Please select a category:</option>
<?php
$nameinfo = $db->getallcategories();
if (!empty($nameinfo)){
while (list($key,$val)=each($nameinfo)) {
$categoryid = stripslashes($val["categoryid"]);
$categoryname = stripslashes($val["categoryname"]);
require("./cata.php");
print "<option value=\"$categoryid\">$categoryname</option>";
}
}
?>
</select></td>
</tr>
<tr>
<td><span class="style6 style6">Picture :</span></td>
<td><input name="userfile" type="file" class="style6">
<span class="example">Press "browse" to select and upload a picture.</span></td>
</tr>
<tr>
<td><span class="style6 style6"><?php print "$admin_sourceurl"; ?> :</span></td>
<td><input name="keywords" type="text" class="style6" value="" size="55"></td>
</tr>
<tr>
<td><span class="style6 style6"><?php print "$admin_isdisplay"; ?> :</span></td>
<td><span class="style6 style6">
<select name="isdisplay">
<option value="1" selected><?php print "$admin_yes"; ?></option>
<option value="0"><?php print "$admin_no"; ?></option>
</select>
</span> </td>
</tr>
<tr>
<td> </td>
<td><input name="thumb" type="hidden" class="style6" value="" size="55"></td>
</tr>
<tr>
<td> </td>
<td><input name="addnews" type="submit" class="style6" value="Add"></td>
</tr>
</table>
</form></td>
</tr>
</table ></div>
<p align="right"> </p></td>
<td width="114" align="left" valign="top"></td>
</tr>
<tr></tr>
</table>
</body>
</html>