Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <!--DAN's CODE FOR UPLOADING TEXT-->
- <?php
- //user has logged into the admin part of the site
- include '../inc/connect_db.php';
- print("<h1>Epilepsy Durham Region - Admin Area</h1> <br />
- <h2>Create An Event</h2></br >");
- $x=0;
- $result = mysql_query('SELECT * FROM EDR_events');
- while($row = mysql_fetch_array($result)){
- print("<form id='form1' action='main.php' method='GET'>");
- $a = $row['Title'];
- print("Event Title: <input type='text' id='eventTitle' size='30' value='$a' /><br />");
- $b = $row['Date'];
- print("Event Date: <input type='text' id='eventDate' size='30' value='$b' /><br />");
- $c = $row['Details'];
- print("Event Details:<br /><textarea id='eventDetails' rows='6' cols='60'>$c</textarea><br />
- <input type=\"submit\" name=\"submit\" id=\"submit\" value=\"Submit\" />
- ");
- $x++;
- print("</form>");
- $test1 = stripslashes($row[2]);
- /*
- if(isset($_GET['submit'])){
- $result2 = mysql_query("UPDATE EDR_events SET Title='$test1', Date='$test2', Details='$test3'; ");
- $result2;
- }
- */
- }
- //if title, and date are full, and submit is pressed, upload info to server
- /*
- print("
- $result = mysql_query('SELECT * FROM users');
- while($row = mysql_fetch_array($result)){
- if(
- (($_POST['userEmail']) == ($row['email']))&&
- (md5($_POST['userPassword']) == ($row['password']))
- ) {
- $_SESSION['loggedIn'] = 'LI';
- $_SESSION['idKey'] = ($row['id']);
- header( 'refresh:0.1;' );
- }
- }
- ");
- <br />
- <h3>Event 2:</h3></br />
- Event Title: <input type='text' id='title' size='30' value='' /><br />
- Event Date: <input type='text' id='title' size='30' value='' /><br />
- Event Details:<br /><textarea rows='6' cols='60'> </textarea><br />
- <br />
- <h3>Event 3:</h3></br />
- Event Title: <input type='text' id='title' size='30' value='' /><br />
- Event Date: <input type='text' id='title' size='30' value='' /><br />
- Event Details:<br /><textarea rows='6' cols='60'> </textarea><br />
- <br />
- <h3>Event 4:</h3></br />
- Event Title: <input type='text' id='title' size='30' value='' /><br />
- Event Date: <input type='text' id='title' size='30' value='' /><br />
- Event Details:<br /><textarea rows='6' cols='60'> </textarea><br />
- <br />
- <h3>Event 5:</h3></br />
- Event Title: <input type='text' id='title' size='30' value='' /><br />
- Event Date: <input type='text' id='title' size='30' value='' /><br />
- Event Details:<br /><textarea rows='6' cols='60'> </textarea><br />
- */
- ?>
- <!--tYLERS's CODE FOR UPLOADING iMAGES-->
- <?php
- $db_host = 'markhamt.db.7548211.hostedresource.com'; // don't forget to change
- $db_user = 'markhamt';
- $db_pwd = 'db.Qh9qxv';
- $database = 'markhamt';
- $table = 'test_gallery';
- // use the same name as SQL table
- $password = 'EDR';
- // simple upload restriction,
- // to disallow uploading to everyone
- if (!mysql_connect($db_host, $db_user, $db_pwd))
- die("Can't connect to database");
- if (!mysql_select_db($database))
- die("Can't select database");
- // This function makes usage of
- // $_GET, $_POST, etc... variables
- // completly safe in SQL queries
- function sql_safe($s)
- {
- if (get_magic_quotes_gpc())
- $s = stripslashes($s);
- return mysql_real_escape_string($s);
- }
- // If user pressed submit in one of the forms
- if ($_SERVER['REQUEST_METHOD'] == 'POST')
- {
- // cleaning title field
- $title = trim(sql_safe($_POST['title']));
- if ($title == '') // if title is not set
- $title = 'untitled';// use (empty title) string
- if ($_POST['password'] != $password) // checking passwords
- $msg = 'Error: wrong upload password';
- else
- {
- if (isset($_FILES['photo']))
- {
- @list(, , $imtype, ) = getimagesize($_FILES['photo']['tmp_name']);
- // Get image type.
- // We use @ to omit errors
- if ($imtype == 3) // checking image type
- $ext="png"; // to use it later in HTTP headers
- elseif ($imtype == 2)
- $ext="jpeg";
- elseif ($imtype == 1)
- $ext="gif";
- else
- $msg = 'Error: unknown file format';
- if (!isset($msg)) // If there was no error
- {
- $data = file_get_contents($_FILES['photo']['tmp_name']);
- $data = mysql_real_escape_string($data);
- // Preparing data to be used in MySQL query
- mysql_query("INSERT INTO {$table}
- SET ext='$ext', title='$title',
- data='$data'");
- $msg = 'Success: image uploaded';
- }
- }
- elseif (isset($_GET['title'])) // isset(..title) needed
- $msg = 'Error: file not loaded';// to make sure we've using
- // upload form, not form
- // for deletion
- if (isset($_POST['del'])) // If used selected some photo to delete
- { // in 'uploaded images form';
- $id = intval($_POST['del']);
- mysql_query("DELETE FROM {$table} WHERE id=$id");
- $msg = 'Photo deleted';
- }
- }
- }
- elseif (isset($_GET['show']))
- {
- $id = intval($_GET['show']);
- $result = mysql_query("SELECT ext, UNIX_TIMESTAMP(image_time), data
- FROM {$table}
- WHERE id=$id LIMIT 1");
- if (mysql_num_rows($result) == 0)
- die('no image');
- list($ext, $image_time, $data) = mysql_fetch_row($result);
- $send_304 = false;
- if (php_sapi_name() == 'apache') {
- // if our web server is apache
- // we get check HTTP
- // If-Modified-Since header
- // and do not send image
- // if there is a cached version
- $ar = apache_request_headers();
- if (isset($ar['If-Modified-Since']) && // If-Modified-Since should exists
- ($ar['If-Modified-Since'] != '') && // not empty
- (strtotime($ar['If-Modified-Since']) >= $image_time)) // and grater than
- $send_304 = true; // image_time
- }
- if ($send_304)
- {
- // Sending 304 response to browser
- // "Browser, your cached version of image is OK
- // we're not sending anything new to you"
- header('Last-Modified: '.gmdate('D, d M Y H:i:s', $ts).' GMT', true, 304);
- exit(); // bye-bye
- }
- // outputing Last-Modified header
- header('Last-Modified: '.gmdate('D, d M Y H:i:s', $image_time).' GMT',
- true, 200);
- // Set expiration time +1 year
- // We do not have any photo re-uploading
- // so, browser may cache this photo for quite a long time
- header('Expires: '.gmdate('D, d M Y H:i:s', $image_time + 86400*365).' GMT',
- true, 200);
- // outputing HTTP headers
- header('Content-Length: '.strlen($data));
- header("Content-type: image/{$ext}");
- // outputing image
- echo $data;
- exit();
- }
- ?>
- <html><head>
- <title>Epilepsy Durham Region - Admin</title>
- </head>
- <body>
- <?php
- if (isset($msg)) // this is special section for
- // outputing message
- {
- ?>
- <p style="font-weight: bold;"><?=$msg?>
- <br>
- <a href="<?=$PHP_SELF?>">reload page</a>
- <!-- I've added reloading link, because
- refreshing POST queries is not good idea -->
- </p>
- <?php
- }
- ?>
- <h1>Epilepsy Durham Region Photo Gallery - Admin Area</h1>
- <h2>Uploaded images:</h2>
- <form action="<?=$PHP_SELF?>" method="post">
- <!-- This form is used for image deletion -->
- <?php
- $result = mysql_query("SELECT id, image_time, title FROM {$table} ORDER BY id DESC");
- if (mysql_num_rows($result) == 0) // table is empty
- echo '<ul><li>No images loaded</li></ul>';
- else
- {
- echo '<ul>';
- while(list($id, $image_time, $title) = mysql_fetch_row($result))
- {
- // outputing list
- echo "<li><input type='radio' name='del' value='{$id}'>";
- echo "<a href='{$PHP_SELF}?show={$id}'>{$title}</a> – ";
- echo "<small>{$image_time}</small></li>";
- }
- echo '</ul>';
- echo '<label for="password">Password:</label><br>';
- echo '<input type="password" name="password" id="password"><br><br>';
- echo '<input type="submit" value="Delete selected">';
- }
- ?>
- </form>
- <h2>Upload new image:</h2>
- <form action="<?=$PHP_SELF?>" method="POST" enctype="multipart/form-data">
- <label for="title">Title:</label><br>
- <input type="text" name="title" id="title" size="64"><br><br>
- <label for="photo">Photo:</label><br>
- <input type="file" name="photo" id="photo"><br><br>
- <label for="password">Password:</label><br>
- <input type="password" name="password" id="password"><br><br>
- <input type="submit" value="upload">
- </form>
- </body>
- </html>
- <!--tYLERS's ADDITIONAL CODE-->
- <?php
- require_once("./inc/connect_dbo.php");
- require_once("./inc/upload.class.php");
- require_once("./inc/html.class.php");
- //print("$my_string,$bold,$italic,$size<br />");
- //$oOop1 = new oop1 ($my_string,$bold,$italic,$size);
- $oUpload = new Upload($odb, $albums_id);
- $oHtml = new Html();
- //section 2
- $oUpload->doUpload($_FILES);
- //section 3
- //section 4
- print($oHtml->showHeader());
- print($oUpload->displayForm());
- print($oHtml->showFooter());
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement