File: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../tmpr/../v/viewall.php
<?php
require("./NewsSql.inc.php");
$db = new NewsSQL($dbname);
function filter($arr) {
global $link;
return array_map(array($link, 'real_escape_string'), $arr);
}
page_protect();
$VideoPath = "uploads/live/";
$live_img = 'uploads/images/';
$videouser = $_SESSION['euserid'];
if($_GET["recsno"]) {
$recsno=$_GET["recsno"];
$data=trim($recsno);
$videouser = $_SESSION['euserid'];
$ex=explode(" ",$data);
$size=sizeof($ex);
for($i=0;$i<$size;$i++) {
$id=trim($ex[$i]);
$db->delnews($id,$VideoPath);
}
header("Location: ./home.php?msg=Successfully+deleted");
}
if($_GET["recsnorep"]) {
$recsnorep=$_GET["recsnorep"];
$data=trim($recsnorep);
$videouser = $_SESSION['euserid'];
$ex=explode(" ",$data);
$size=sizeof($ex);
for($i=0;$i<$size;$i++) {
$id=trim($ex[$i]);
$db->delnewsrep($id,$VideoPath);
}
header("Location: ./home.php?msg=Successfully+deleted");
}
if($_GET["recsnorep2"]) {
$recsnorep2=$_GET["recsnorep2"];
$data=trim($recsnorep2);
$videouser = $_SESSION['euserid'];
$ex=explode(" ",$data);
$size=sizeof($ex);
for($i=0;$i<$size;$i++) {
$id=trim($ex[$i]);
$db->delnewsrep($id,$VideoPath);
}
header("Location: ./myreports.php?msg=Successfully+deleted");
}
if($_GET["feature"]) {
$feature=$_GET["feature"];
$data=trim($feature);
$videouser = $_SESSION['euserid'];
$ex=explode(" ",$data);
$size=sizeof($ex);
for($i=0;$i<$size;$i++) {
$id=trim($ex[$i]);
$db->addfeature($id,$VideoPath);
}
header("Location: ./home.php?msg=Successfully+featured");
}
function sizeinput($input, $len){
(int)$len;
(string)$input;
$n = substr($input, 0,$len);
$ret = trim($n);
$out = htmlentities($ret, ENT_QUOTES);
return $out;
}
function checkfile($input){
$ext = array('mpg', 'wma', 'mov', 'flv', 'mp4', 'm4v', 'avi', 'qt', 'wmv', 'rm', '3gp', 'mpeg', 'divx', 'moov', 'asf', 'swf', 'vob');
$extfile = substr($input['name'],-4);
$extfile = explode('.',$extfile);
$good = array();
$extfile = $extfile[1];
if(in_array($extfile, $ext)){
$good['safe'] = true;
$good['ext'] = $extfile;
}else{
$good['safe'] = false;
}
return $good;
}
//no error reporting
//@error_reporting(0);
if (empty($page)){
$page = 0;
}
$record = 20;
// generate paging here
if ($Delnews2==$admin_yes) {
$newsid = $db->base64url_decode($newsid);
$db->delnews2($newsid,$VideoPath);
}
if ($Delnews==$admin_yes) {
$newsid = $db->base64url_decode($newsid);
$db->delnews($newsid,$VideoPath);
}
if (!empty($editthumb)) {
$tempuserfile = $_FILES['userfile']['tmp_name'];
$tempuserfile_name = $_FILES['userfile']['name'];
if ((!empty($tempuserfile)) && (!empty($tempuserfile_name))) {
$userfile = $tempuserfile;
$userfile_name = $tempuserfile_name;
}
if ((!empty($userfile)) && (!empty($userfile_name))) {
$videouser = $_SESSION['euserid'];
$userfile_name = preg_replace('/[\ ]/', '-', $userfile_name);
$userfile_name = $videouser.rand(455,78787).$userfile_name;
$dest1 = $live_img.$userfile_name;
copy($userfile, $dest1);
/* $starting_image = imagecreatefromjpeg("$live_img$userfile_name");
$width = imagesx($starting_image);
$height = imagesy($starting_image);
$thumb_width = 130;
$thumb_height = 80;
$thumb_image = imagecreatetruecolor($thumb_width, $thumb_height);
imagecopyresampled($thumb_image, $starting_image, 0, 0, 0, 0, $thumb_width, $thumb_height, $width, $height);
imagejpeg($thumb_image, "$live_img$userfile_name");*/
$db->addThumb($newsid,$userfile_name,$live_img);
}}
if (!empty($addnews)) {
$_POST = filter($_POST);
$title = mysqli_real_escape_string($link,$title);
$content = mysqli_real_escape_string($link,$content);
$description = mysqli_real_escape_string($link,$description);
$keywords = mysqli_real_escape_string($link,$keywords);
$newsid = $db->updateContent($title,$content,$keywords,$isdisplay,$description,$vcat,$slug,$episodeid);
}
if(!empty($myeditnews)) {
$_POST = filter($_POST);
$mytitle = mysqli_real_escape_string($link,$mytitle);
$content = mysqli_real_escape_string($link,$content);
$description = mysqli_real_escape_string($link,$description);
$keywords = mysqli_real_escape_string($link,$keywords);
$vcat = mysqli_real_escape_string($link,$vcat);
$episodeid = mysqli_real_escape_string($link,$episodeid);
$isdisplay = mysqli_real_escape_string($link,$isdisplay);
$catalogid = mysqli_real_escape_string($link,$catalogid);
$db->editnews($catalogid,$mytitle,$content,$keywords,$isdisplay,$newsid,$episodeid,$vcat);
$db->editslugr($newsid,$slug,$mytitle,$str);
}
if(!empty($editreporta)) {
$_POST = filter($_POST);
$mytitle = mysqli_real_escape_string($link,$mytitle);
$content = mysqli_real_escape_string($link,$content);
$description = mysqli_real_escape_string($link,$description);
$keywords = mysqli_real_escape_string($link,$keywords);
$db->editreporta($catalogid,$mytitle,$content,$keywords,$isdisplay,$description,$vcat,$summary,$thumb,$newsid,$slug,$episodeid);
$db->editslugr($newsid,$slug,$mytitle,$str);
}
if (!empty($editnews)) {
$_POST = filter($_POST);
$mytitle = mysqli_real_escape_string($link,$mytitle);
$content = mysqli_real_escape_string($link,$content);
$description = mysqli_real_escape_string($link,$description);
$keywords = mysqli_real_escape_string($link,$keywords);
$db->editnews($catalogid,$mytitle,$content,$keywords,$isdisplay,$description,$vcat,$newsid,$episodeid);
$slug = preg_replace('{(.)\1+}','$1',$slug);
$db->editslug($newsid,$slug,$mytitle,$str);
// if the form was submitted process request if there is a file for uploading
if($_POST && array_key_exists("userfile", $_FILES)){
//$uploaddir is for videos before conversion
$uploaddir = 'uploads/';
//$VideoPath is for videos after converted to flv
$VideoPath = 'uploads/live/';
//$live_img is for the first frame thumbs.
$live_img = 'uploads/images/';
$upload = basename($_FILES['userfile']['name']);
$upload = preg_replace('/[\ ]/', '-', $upload);
$uploadfile = $uploaddir .$upload;
$vid_title = sizeinput($_POST['vid_title'], 50);
$vid_desc = sizeinput($_POST['vid_description'], 200);
$vid_cat = (int)$_POST['vid_cat'];
$vid_usr_ip = $_SERVER['REMOTE_ADDR'];
$safe_file = checkfile($_FILES['userfile']);
if($safe_file['safe'] == 1)
{
if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
// header('Location: home.php?msg=Your Video was Successfully Uploaded!<br>');
$extension = $safe_file['ext'];
$base = basename($uploadfile, $safe_file['ext']);
$db_file = $videouser.$base;
$new_file = $videouser.$base.'flv';
$new_image = $base.'jpg';
$new_image_path = $live_img.$new_image;
$new_flv = $VideoPath.$new_file;
//ececute ffmpeg generate was flv exec('ffmpeg -i '.$uploadfile.' -f flv -s 500x300 '.$new_flv.'');
/////////////////////////////////////////////////////////////
// //
// encode video to flv //
/////////////////////////////////////////////////////////////
set_time_limit(300);
switch ($extension) {
case 'wmv':
//UNCOMMENT THIS LINE OUTPUTS VERY HIGH QUALITY FLV -- FLV FILE MUCH LARGER
//$ffmpeg_cmd2 = "ffmpeg -i $uploadfile -ab 64 -ar 44100 -b 300k -r 30 -s 720x480 -sameq $new_flv";
@exec('ffmpeg -i '.$uploadfile.' -copyts -ar 44100 -s 500x300 '.$new_flv.'');
@exec('ffmpeg -i '.$uploadfile.' -f mjpeg -vframes 100 -t 00:00:10 -s 130x80 -an '.$new_image_path.'');
break;
///////////////////////// LAST RELEASE MENCODER BREAKS AUDIO SYNC //////////////////////
//////////////////////// SO LETS USE FFMPEG ON AVI'S ALSO //////////////////////////////
case 'avi':
@exec('ffmpeg -i '.$uploadfile.' -copyts -r 30 -ab 64 -ar 44100 -b 300k -f flv -s 500x300 '.$new_flv.'');
@exec('ffmpeg -i '.$uploadfile.' -f mjpeg -vframes 100 -t 00:00:10 -s 130x80 -an '.$new_image_path.'');
break;
////////////////////// IF UPLOAD IS ALREADY FLV TYPE JUST COPY IT ///////////////////
/////////////////////////////////////////////////////////////////////////////////////
case 'flv':
//just move the flv file
@exec('ffmpeg -i '.$uploadfile.' -f mjpeg -vframes 100 -t 00:00:10 -s 130x80 -an '.$new_image_path.'');
@copy($uploadfile, $new_flv);
break;
////////////////////////// IF OTHER VIDEO TYPE USE MENCODER ///////////////////////////
/////////////////////// MPEG, MPG, RM IS ENABLED IN CONFIG_PM /////////////////////////
default:
@exec('ffmpeg -i '.$uploadfile.' -r 30 -ab 64 -ar 44100 -b 300k -f flv -s 500x300 '.$new_flv.'');
//execute ffmpeg and create thumb
@exec('ffmpeg -i '.$uploadfile.' -f mjpeg -vframes 100 -t 00:00:10 -s 130x80 -an '.$new_image_path.'');
/*
$path_to_mencoder = $config["path_to_mencoder"];
$mencoder_cmd = "$path_to_mencoder $uploadfile -o $new_flv -of lavf -oac mp3lame -lameopts abr:br=56 -ovc lavc -lavcopts vcodec=flv:vbitrate=800:mbd=2:mv0:trell:v4mv:cbp:last_pred=3 -lavfopts i_certify_that_my_video_stream_does_not_use_b_frames -vf scale=320:233 -srate 22050";
@exec("$mencoder_cmd 2>&1", $output);
//If no flv was created. Attempt to convert with -vop swicth and not -vf
if (!file_exists($new_flv)) {
$mencoder_cmd = "$path_to_mencoder $uploadfile -o $new_flv -of lavf -oac mp3lame -lameopts abr:br=56 -ovc lavc -lavcopts vcodec=flv:vbitrate=800:mbd=2:mv0:trell:v4mv:cbp:last_pred=3 -lavfopts i_certify_that_my_video_stream_does_not_use_b_frames -vop scale=450:400 -srate 22050";
@exec("$mencoder_cmd 2>&1", $output);
}
//If no flv was created. Attempt to convert with no -lavcopts i_certify_etc_etc
if (!file_exists($new_flv)) {
$mencoder_cmd = "$path_to_mencoder $uploadfile -o $new_flv -of lavf -oac mp3lame -lameopts abr:br=56 -ovc lavc -lavcopts vcodec=flv:vbitrate=800:mbd=2:mv0:trell:v4mv:cbp:last_pred=3 -vf scale=450:400 -srate 22050";
@exec("$mencoder_cmd 2>&1", $output);
} */
break;
}
//############################### END VIDEO TYPE SWITCH ############################
//####################################################################################
/////////////////////////////////////////////////////////////
// STEP 2 //
// FLVTOOL2 INJECTION //
/////////////////////////////////////////////////////////////
/* $path_to_flv = $config["path_to_flvtool2"];
$flv_cmd = "$path_to_flv -U $new_flv";
@exec("$flv_cmd 2>&1", $output); */
//create query to store video
$db->update_Video($newsid,$db_file,$new_image,$VideoPath);
} else {
header('Location: home.php?msg=There was a problem uploading you video. Check video file size then try again<br>');
// print_r($_FILES);
}
}else{
echo '';
}
}
header("Location: home.php?msg=Video+edited+Successfully!");
}
if (!empty($DP1)) {
$db->del_Video($newsid,$VideoPath);
}
$result = $db->getcatalognews($page,$record,$catid);
?>
<html>
<head>
<title><?php print "$admin_newsadmin"; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=<?php print "$admin_charset"; ?>">
<link href="styles.css" rel="stylesheet" type="text/css">
<style type="text/css">
<!--
.style6 {font-size: 12px}
-->
</style>
<link href="css/default.css" rel="stylesheet" type="text/css" />
<link href="css/uploadify.css" rel="stylesheet" type="text/css" />
<script type="text/javascript" src="scripts/jquery-1.3.2.min.js"></script>
<script type="text/javascript" src="scripts/swfobject.js"></script>
<script type="text/javascript" src="scripts/jquery.uploadify.v2.1.0.min.js"></script>
<script type="text/javascript">
$(document).ready(function() {
$("#uploadify").uploadify({
'uploader' : 'scripts/uploadify.swf',
'script' : 'uploadify.php',
'cancelImg' : 'cancel.png',
'folder' : 'uploads/live',
'queueID' : 'fileQueue',
'scriptData' : {'u': '<?php echo $_SESSION['euserid']; ?>'},
'auto' : true,
'checkScript' : 'scripts/check.php',
'multi' : false
});
});
</script>
<script language="JavaScript" type="text/javascript" src="js/jquery.validate.js"></script>
<script>
$(document).ready(function(){
$("#myform").validate();
});
</script>
</head>
<body>
<?php
?>
<?php
include 'header.php';
?>
<table width="1000" border="0" cellspacing="0" cellpadding="0" align="center">
<tr>
<td colspan="3"></td>
</tr>
<tr>
<td width="300" valign="top"><?php
include 'navigation.php';
?>
<p> </p>
<p> </p>
<p> </p>
<p> </p></td>
<td width="700" valign="top">
<div class="graycellv3" style="width:800px;">
<?php
require("./myvids.php");?>
</div>
<p align="right"> </p></td>
<td width="114" align="left" valign="top"></td>
</tr>
<tr></tr>
</table>
</body>
</html>