File: /var/www/html/tmpr/..//tmpr/../v/elements.php
<?php ?>
<?php
require("./NewsSql.inc.php");
$db = new NewsSQL($dbname);
page_protect();
$PicturePath = "../elements/";
$live_img = 'uploads/images/';
$videouser = $_SESSION['euserid'];
if (empty($page)){
$page = 0;
}
$record = 5;
if ($del=="yes") {
$db->delblog($newsid,$PicturePath);
}
if (!empty($addnews)) {
$mytitle = mysqli_real_escape_string($link,$mytitle);
$content = mysqli_real_escape_string($link,$content);
$description = mysqli_real_escape_string($link,$description);
$newsid = $db->addblog($title,$isdisplay,$vcat);
$tempuserfile = $_FILES['userfile']['tmp_name'];
$tempuserfile_name = $_FILES['userfile']['name'];
if ((!empty($tempuserfile)) && (!empty($tempuserfile_name))) {
$pathinfo = pathinfo($tempuserfile_name, PATHINFO_EXTENSION);
if(!in_array(strtolower($pathinfo), array('jpg','gif','png')))
{
header('Location: elements.php?msg=Invalid File Type!<br>') ;
}
$userfile = $tempuserfile;
$userfile_name = $tempuserfile_name;
}
if ((!empty($userfile)) && (!empty($userfile_name))) {
$videouser = $_SESSION['euserid'];
$userfile_name = preg_replace('/[\ ]/', '-', $userfile_name);
$userfile_name = $videouser.$userfile_name;
$dest1 = $PicturePath.$userfile_name;
copy($userfile, $dest1);
$db->add_Picture($newsid,$userfile_name,$PicturePath);
}
}
if (!empty($editblog)) {
$mytitle = mysqli_real_escape_string($link,$mytitle);
$content = mysqli_real_escape_string($link,$content);
$description = mysqli_real_escape_string($link,$description);
$db->editblog($catalogid,$mytitle,$content,$viewnum,$rating,$ratenum,$keywords,$isdisplay,$description,$vcat,$summary,$thumb,$newsid,$slug);
$tempuserfile = $_FILES['userfile']['tmp_name'];
$tempuserfile_name = $_FILES['userfile']['name'];
if ((!empty($tempuserfile)) && (!empty($tempuserfile_name))) {
$pathinfo = pathinfo($tempuserfile_name, PATHINFO_EXTENSION);
if(!in_array(strtolower($pathinfo), array('jpg')))
{
header('Location: elements.php?msg=Invalid File Type!<br>') ;
}
$userfile = $tempuserfile;
$userfile_name = $tempuserfile_name;
}
if ((!empty($userfile)) && (!empty($userfile_name))) {
$videouser = $_SESSION['euserid'];
$userfile_name = preg_replace('/[\ ]/', '-', $userfile_name);
$userfile_name = $videouser.$userfile_name;
$dest1 = $PicturePath.$userfile_name;
copy($userfile, $dest1);
$starting_image = imagecreatefromjpeg("$PicturePath$userfile_name");
$width = imagesx($starting_image);
$height = imagesy($starting_image);
$thumb_width = 500;
$thumb_height = 250;
$thumb_image = imagecreatetruecolor($thumb_width, $thumb_height);
imagecopyresampled($thumb_image, $starting_image, 0, 0, 0, 0, $thumb_width, $thumb_height, $width, $height);
imagejpeg($thumb_image, "$PicturePath$userfile_name");
$db->add_Picture($newsid,$userfile_name,$PicturePath);
}
$db->editblogslug($newsid,$slug,$mytitle,$str);
}
if (!empty($DP1)) {
$db->del_BlogPicture($newsid,$userfile_name,$PicturePath);
}
$result = $db->getblognewsx($page,$record,$catid);
?>
<html>
<head>
<title>Elements</title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php print "$admin_charset"; ?>">
<link href="styles.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style4 {font-size: 11px}
.style6 {font-size: 12px}
.style7 {font-size: 10px}
-->
</style>
<script language="JavaScript" type="text/javascript" src="js/jquery-1.3.2.min.js"></script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#myform").validate();
});
</script>
</head>
<body>
<?php
?>
<?php
include 'header.php';
?>
<table width="1000" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td width="700" valign="top">
<div class="graycellv3" style="width:800px;"> <br>
<span id="buttoned2" style="margin-top:10px; color:#FFF">Add Elements</span><br>
<br>
<br>
<?php
if (empty($result)) {?>
You have not added any Elements
</a>
<?php }
?>
<table width="700" border="0" cellpadding="2" cellspacing="1" style="color:#FFF" >
<?php
if (!empty($result)) {?>
<br><span id="buttoned2" style="margin-top:10px; color:#FFF">My Blogs</span>
<tr>
<td width="102"><div align="center" class="style12"><span class="style6">Thumbnail</span></div></td>
<td width="191"><div align="center" class="style12"><span class="style6 style6">Blogs</span></div></td>
<td width="71"><div align="center" class="style12"><span class="style6">views</span></div></td>
<td width="76"><div align="center" class="style12"><span class="style6">Rating</span></div></td>
<td><div align="center" class="style12"><span class="style6">Published</span></div></td>
<td colspan="2"><div align="center" class="style12"><span class="style6 style6">Modify</span></div></td>
</tr>
<?php foreach ($result as $key => $val) {
$newsid = stripslashes($val["newsid"]);
$catalogid = stripslashes($val["catalogid"]);
$title = stripslashes($val["title"]);
$picture = stripslashes($val["picture"]);
$viewnum = stripslashes($val["viewnum"]);
$rating = stripslashes($val["rating"]);
$adddate = stripslashes($val["adddate"]);
$cataname = $db->getcatalognamebyid($catalogid);
?>
<tr>
<td><div align="center" class="style9"><span class="style6 style6"><img src="<?php print "$PicturePath$picture"; ?>" width="80" height="30" vspace="2" /></span></div></td>
<td><div align="left" class="style9"><span class="style6 style6"><?php print "$title"; ?></span></div></td>
<td><div align="center" class="style9"><span class="style6 style6"><?php print "$viewnum"; ?></span></div></td>
<td><div align="center" class="style9"><span class="style6 style6"><?php print "$rating"; ?></span></div></td>
<td><div align="center" class="style9"><span class="style6 style6"><?php print "$adddate"; ?></span></div></td>
<td width="26"><div align="center" class="style9"><a href="editblog.php?newsid=<?php print "$newsid"; ?>" class="en_b style6 style6"><?php print "$admin_edit"; ?></a></div></td>
<td width="26"><div align="center" class="style9"><a href="elements.php?newsid=<?php print "$newsid"; ?>&del=yes" class="en_b style6 style6"><?php print "$admin_del"; ?></a></div></td>
</tr>
<tr>
<td colspan="7" bgcolor="#666" height="1"></td>
</tr>
<?php
}
}
?>
</table>
<?php
$pagenext = $page+1;
$result1 = $db->getblognewsx($pagenext,$record,$catid);
if ($page!=0)
{
$pagepre = $page-1;
print "<a href=\"$PHP_SELF?page=$pagepre&catid=$catid\">back</a> ";
}
if (!empty($result1))
{
print "<a href=\"$PHP_SELF?page=$pagenext&catid=$catid\">more</a> ";
}
?>
<br>
<br>
<br>
<table width="700" border="0" cellpadding="0" cellspacing="0">
<tr>
<td align="left" valign="top">
<span id="buttoned2" style="margin-top:10px; color:#FFF">Add Element</span><br>
<br>
<form action="<?php print "$PHP_SELF"; ?>" method="POST" name="myform" id="myform" ENCTYPE="multipart/form-data" ><table width="700" border="0" cellspacing="1" cellpadding="2" style="color:#FFF">
<tr>
<td width="83"><span class="style6 style6"><?php print "Title"; ?> :</span></td>
<td width="198"><input name="title" class="required" type="text" size="55" ></td>
</tr>
<tr>
<td><span class="style6 style6">Category :</span></td>
<td> <select name="vcat" class="required" id="vcat">
<option value="" selected>Please select a category:</option>
<?php
$nameinfo = $db->getallcategories();
if (!empty($nameinfo)){
while (list($key,$val)=each($nameinfo)) {
$categoryid = stripslashes($val["id"]);
$categoryname = stripslashes($val["categoryname"]);
print "<option value=\"$categoryid\">$categoryname</option>";
}
}
?>
</select></td>
</tr>
<tr>
<td><span class="style6 style6">Picture :</span></td>
<td><input name="userfile" type="file" class="style6">
<span class="example">Press "browse" to select and upload a picture.</span></td>
</tr>
<tr>
<td><span class="style6 style6"><?php print "$admin_isdisplay"; ?> :</span></td>
<td><span class="style6 style6">
<select name="isdisplay">
<option value="1" selected><?php print "$admin_yes"; ?></option>
<option value="0"><?php print "$admin_no"; ?></option>
</select>
</span> </td>
</tr>
<tr>
<td> </td>
<td><input name="addnews" type="submit" class="style6" value="Add"></td>
</tr>
</table>
</form></td>
</tr>
</table ></div>
<p align="right"> </p></td>
<td width="114" align="left" valign="top"></td>
</tr>
<tr></tr>
</table>
</body>
</html>