Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/thietkewebvumi.com/code/ |
<?php
class gallery{
function gallery()
{
global $CORE;
switch ($CORE->input['code'])
{
default : $this -> goGallery(); break;
case 'upload' : $this -> goUpload() ; break;
case 'step2' : $this -> goStep2(); break;
case 'step3' : $this -> goStep3(); break;
}
}
function get_file_extension($file_name) {
return substr(strrchr($file_name,'.'),1);
}
function goUpload(){
global $CORE,$print,$DB,$func;
$user_id = $_SESSION['user']['login_local'].'_'.$_SESSION['user']['id'];
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_gallery WHERE user_id='$user_id'"));
if(!$row_check){
exit();
}
$output_dir = "upload/gallery/".$row_check['id']."/";
if(!is_dir("upload/gallery/".$row_check['id']."/")) {
mkdir("upload/gallery/".$row_check['id']."/",0777);
$output_dir = "upload/gallery/".$row_check['id']."/";
}
$arr_allow_file_type = array("jpg","JPG","png","PNG");
if(isset($_FILES["myfile1"]))
{
$uniqid_file = uniqid();
$ext = $this->get_file_extension($_FILES["myfile1"]['name']);
$file_name = $func->ope_max($func->format_string($_FILES["myfile1"]['name']),10).'-'.$uniqid_file.'-'.time().'.'.$ext;
if(!in_array($ext,$arr_allow_file_type)){
echo "File phải có định dạng jpg hay png <br>";
exit();
}
//Filter the file types , if you want.
if ($_FILES["myfile1"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br>";
exit();
}
else
{
//delete old file
$row_check_img = $DB->fetch_row($DB->query("SELECT id,img1 FROM NNCCMS_gallery WHERE id='".$row_check['id']."'"));
if($row_check_img['img1']!=''){
@unlink($output_dir.$row_check_img['img1']);
}
//move the uploaded file to uploads folder;
$file_name_no_ext = $func->ope_max($func->format_string($_FILES["myfile1"]['name']),10).'-'.$uniqid_file.'-'.time();
$type = $_FILES["myfile1"]["type"];
$arr_size = getimagesize($_FILES["myfile1"]["tmp_name"]);
$width = $arr_size[0];
$height = $arr_size[1];
if($width<800 and $height<600){
move_uploaded_file($_FILES["myfile1"]["tmp_name"],$output_dir.$file_name);
}else{
$thumb_size = 700;
$createthumb = $func->create_image($_FILES["myfile1"]["tmp_name"], $type, $file_name_no_ext,$thumb_size, $output_dir);
$imageExt = $func->getImageExt($createthumb);
$file_name = $file_name_no_ext.$imageExt;
}
$DB->query("UPDATE NNCCMS_gallery SET img1='$file_name' WHERE id='".$row_check['id']."'");
echo "<img src='".$output_dir.$file_name."' width='80' height='50' border='0'>";
exit();
}
}
if(isset($_FILES["myfile2"]))
{
$uniqid_file = uniqid();
$ext = $this->get_file_extension($_FILES["myfile2"]['name']);
$file_name = $func->ope_max($func->format_string($_FILES["myfile2"]['name']),10).'-'.$uniqid_file.'-'.time().'.'.$ext;
if(!in_array($ext,$arr_allow_file_type)){
echo "File phải có định dạng jpg hay png <br>";
exit();
}
//Filter the file types , if you want.
if ($_FILES["myfile2"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br>";
exit();
}
else
{
//delete old file
$row_check_img = $DB->fetch_row($DB->query("SELECT id,img2 FROM NNCCMS_gallery WHERE id='".$row_check['id']."'"));
if($row_check_img['img2']!=''){
@unlink($output_dir.$row_check_img['img2']);
}
//move the uploaded file to uploads folder;
$file_name_no_ext = $func->ope_max($func->format_string($_FILES["myfile2"]['name']),10).'-'.$uniqid_file.'-'.time();
$type = $_FILES["myfile2"]["type"];
$arr_size = getimagesize($_FILES["myfile2"]["tmp_name"]);
$width = $arr_size[0];
$height = $arr_size[1];
if($width<800 and $height<600){
move_uploaded_file($_FILES["myfile2"]["tmp_name"],$output_dir.$file_name);
}else{
$thumb_size = 700;
$createthumb = $func->create_image($_FILES["myfile2"]["tmp_name"], $type, $file_name_no_ext,$thumb_size, $output_dir);
$imageExt = $func->getImageExt($createthumb);
$file_name = $file_name_no_ext.$imageExt;
}
$DB->query("UPDATE NNCCMS_gallery SET img2='$file_name' WHERE id='".$row_check['id']."'");
echo "<img src='".$output_dir.$file_name."' width='80' height='50' border='0'>";
exit();
}
}
if(isset($_FILES["myfile3"]))
{
$uniqid_file = uniqid();
$ext = $this->get_file_extension($_FILES["myfile3"]['name']);
$file_name = $func->ope_max($func->format_string($_FILES["myfile3"]['name']),10).'-'.$uniqid_file.'-'.time().'.'.$ext;
if(!in_array($ext,$arr_allow_file_type)){
echo "File phải có định dạng jpg hay png <br>";
exit();
}
//Filter the file types , if you want.
if ($_FILES["myfile3"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br>";
exit();
}
else
{
//delete old file
$row_check_img = $DB->fetch_row($DB->query("SELECT id,img3 FROM NNCCMS_gallery WHERE id='".$row_check['id']."'"));
if($row_check_img['img3']!=''){
@unlink($output_dir.$row_check_img['img3']);
}
//move the uploaded file to uploads folder;
$file_name_no_ext = $func->ope_max($func->format_string($_FILES["myfile3"]['name']),10).'-'.$uniqid_file.'-'.time();
$type = $_FILES["myfile3"]["type"];
$arr_size = getimagesize($_FILES["myfile3"]["tmp_name"]);
$width = $arr_size[0];
$height = $arr_size[1];
if($width<800 and $height<600){
move_uploaded_file($_FILES["myfile3"]["tmp_name"],$output_dir.$file_name);
}else{
$thumb_size = 800;
$createthumb = $func->create_image($_FILES["myfile3"]["tmp_name"], $type, $file_name_no_ext,$thumb_size, $output_dir);
$imageExt = $func->getImageExt($createthumb);
$file_name = $file_name_no_ext.$imageExt;
}
$DB->query("UPDATE NNCCMS_gallery SET img3='$file_name' WHERE id='".$row_check['id']."'");
echo "<img src='".$output_dir.$file_name."' width='80' height='50' border='0'>";
exit();
}
}
if(isset($_FILES["myfile4"]))
{
$uniqid_file = uniqid();
$ext = $this->get_file_extension($_FILES["myfile4"]['name']);
$file_name = $func->ope_max($func->format_string($_FILES["myfile4"]['name']),10).'-'.$uniqid_file.'-'.time().'.'.$ext;
if(!in_array($ext,$arr_allow_file_type)){
echo "File phải có định dạng jpg hay png <br>";
exit();
}
//Filter the file types , if you want.
if ($_FILES["myfile4"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br>";
exit();
}
else
{
//delete old file
$row_check_img = $DB->fetch_row($DB->query("SELECT id,img4 FROM NNCCMS_gallery WHERE id='".$row_check['id']."'"));
if($row_check_img['img4']!=''){
@unlink($output_dir.$row_check_img['img4']);
}
//move the uploaded file to uploads folder;
$file_name_no_ext = $func->ope_max($func->format_string($_FILES["myfile4"]['name']),10).'-'.$uniqid_file.'-'.time();
$type = $_FILES["myfile4"]["type"];
$arr_size = getimagesize($_FILES["myfile4"]["tmp_name"]);
$width = $arr_size[0];
$height = $arr_size[1];
if($width<800 and $height<600){
move_uploaded_file($_FILES["myfile4"]["tmp_name"],$output_dir.$file_name);
}else{
$thumb_size = 700;
$createthumb = $func->create_image($_FILES["myfile4"]["tmp_name"], $type, $file_name_no_ext,$thumb_size, $output_dir);
$imageExt = $func->getImageExt($createthumb);
$file_name = $file_name_no_ext.$imageExt;
}
$DB->query("UPDATE NNCCMS_gallery SET img4='$file_name' WHERE id='".$row_check['id']."'");
echo "<img src='".$output_dir.$file_name."' width='80' height='50' border='0'>";
exit();
}
}
if(isset($_FILES["myfile5"]))
{
$uniqid_file = uniqid();
$ext = $this->get_file_extension($_FILES["myfile5"]['name']);
$file_name = $func->ope_max($func->format_string($_FILES["myfile5"]['name']),10).'-'.$uniqid_file.'-'.time().'.'.$ext;
if(!in_array($ext,$arr_allow_file_type)){
echo "File phải có định dạng jpg hay png <br>";
exit();
}
//Filter the file types , if you want.
if ($_FILES["myfile5"]["error"] > 0)
{
echo "Error: " . $_FILES["file"]["error"] . "<br>";
exit();
}
else
{
//delete old file
$row_check_img = $DB->fetch_row($DB->query("SELECT id,img5 FROM NNCCMS_gallery WHERE id='".$row_check['id']."'"));
if($row_check_img['img5']!=''){
@unlink($output_dir.$row_check_img['img5']);
}
//move the uploaded file to uploads folder;
$file_name_no_ext = $func->ope_max($func->format_string($_FILES["myfile5"]['name']),10).'-'.$uniqid_file.'-'.time();
$type = $_FILES["myfile5"]["type"];
$arr_size = getimagesize($_FILES["myfile5"]["tmp_name"]);
$width = $arr_size[0];
$height = $arr_size[1];
if($width<800 and $height<600){
move_uploaded_file($_FILES["myfile5"]["tmp_name"],$output_dir.$file_name);
}else{
$thumb_size = 700;
$createthumb = $func->create_image($_FILES["myfile5"]["tmp_name"], $type, $file_name_no_ext,$thumb_size, $output_dir);
$imageExt = $func->getImageExt($createthumb);
$file_name = $file_name_no_ext.$imageExt;
}
$DB->query("UPDATE NNCCMS_gallery SET img5='$file_name' WHERE id='".$row_check['id']."'");
echo "<img src='".$output_dir.$file_name."' width='80' height='50' border='0'>";
exit();
}
}
exit();
}
function goGallery(){
global $smarty,$CORE,$print,$DB,$func;
$_SESSION['url_album'] = $func->current_url();
if(!$_SESSION['user']['id']){
$print->refresh('login.html');
}
$row_thele = $DB->fetch_row($DB->query("SELECT body FROM NNCCMS_pages WHERE id='228'"));
$smarty->assign('the_le',$row_thele['body']);
$user_id = $_SESSION['user']['login_local'].'_'.$_SESSION['user']['id'];
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_gallery WHERE user_id='$user_id' "));
if($row_check){
$print->refresh('index.php?act=gallery&code=step2');
}
$smarty->assign('title','Tham gia thi ảnh');
if($CORE->input['submitbt_step1']){
$user_id = $_SESSION['user']['login_local'].'_'.$_SESSION['user']['id'];
$fullname=trim($CORE->input['fullname']);
$address=trim($CORE->input['address']);
$phone=trim($CORE->input['phone']);
$babyname=trim($CORE->input['babyname']);
$birthdaybaby=trim($CORE->input['birthdaybaby']);
$quan_baby=trim($CORE->input['quan_baby']);
$age_baby=trim($CORE->input['age_baby']);
$tinh_thanh =trim($CORE->input['tinh_thanh']);
$school_baby = trim($CORE->input['school_baby']);
$nguon = trim($CORE->input['nguon']);
$DB->query("INSERT INTO `NNCCMS_gallery` ( `user_id`, `fullname`, `address`, `phone`, `babyname`, `birthdaybaby`, `quan_baby`, `age_baby`,`tinh_thanh`, `school_baby`, `nguon`, `time`) VALUES ( '$user_id', '$fullname', '$address', '$phone', '$babyname', '$birthdaybaby', '$quan_baby', '$age_baby','$tinh_thanh','$school_baby' , '$nguon', '".time()."');");
$print->refresh('index.php?act=gallery&code=step2');
}
}
function goStep2(){
global $smarty,$print,$DB;
if(!$_SESSION['user']['id']){
$print->refresh('login.html');
}
$smarty->assign('title','Tham gia thi ảnh - Đăng ảnh');
$user_id = $_SESSION['user']['login_local'].'_'.$_SESSION['user']['id'];
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_gallery WHERE user_id='$user_id'"));
$smarty->assign('gallery',$row_check);
$i=1;
if($row_check['img1']!=''){
$i++;
}
if($row_check['img2']!=''){
$i++;
}
if($row_check['img3']!=''){
$i++;
}
if($row_check['img4']!=''){
$i++;
}
if($row_check['img5']!=''){
$i++;
}
$smarty->assign('total_img',$i);
if($i>=2 and $row_check['status']==1){
$print->refresh('index.php?act=gallery&code=step3');
}
}
function goStep3(){
global $smarty,$CORE,$print,$DB,$func;
$smarty->assign('title','Tham gia thi ảnh - Quản lý ảnh');
$smarty->assign('success',$CORE->input['success']);
$user_id = $_SESSION['user']['login_local'].'_'.$_SESSION['user']['id'];
$row_check = $DB->fetch_row($DB->query("SELECT * FROM NNCCMS_gallery WHERE user_id='$user_id'"));
$i=1;
if($row_check['img1']!=''){
$i++;
}
if($row_check['img2']!=''){
$i++;
}
if($row_check['img3']!=''){
$i++;
}
if($row_check['img4']!=''){
$i++;
}
if($row_check['img5']!=''){
$i++;
}
if($i<=2){
$print->refresh('index.php?act=gallery&code=step2');
}
$smarty->assign('gallery',$row_check);
if($CORE->input['submitbt']){
$title_gallery = $CORE->input['title_gallery'];
$des = $CORE->input['des'];
$title1 = trim($CORE->input['title1']);
$title2 = trim($CORE->input['title2']);
$title3 = trim($CORE->input['title3']);
$title4 = trim($CORE->input['title4']);
$title5 = trim($CORE->input['title5']);
$img_show = $CORE->input['img_show'];
$DB->query("UPDATE NNCCMS_gallery SET title_gallery='$title_gallery', des='$des', title1='$title1',title2='$title2',title3='$title3',title4='$title4',title5='$title5' WHERE id='".$row_check['id']."'");
$DB->query("UPDATE NNCCMS_gallery SET img_pos1='0', img_pos2='0', img_pos3='0', img_pos4='0', img_pos5='0' WHERE id='".$row_check['id']."'");
switch($img_show){
default:
$DB->query("UPDATE NNCCMS_gallery SET img_pos1='1' WHERE id='".$row_check['id']."'");
break;
case 'img2':
$DB->query("UPDATE NNCCMS_gallery SET img_pos2='1' WHERE id='".$row_check['id']."'");
break;
case 'img3':
$DB->query("UPDATE NNCCMS_gallery SET img_pos3='1' WHERE id='".$row_check['id']."'");
break;
case 'img4':
$DB->query("UPDATE NNCCMS_gallery SET img_pos4='1' WHERE id='".$row_check['id']."'");
break;
case 'img5':
$DB->query("UPDATE NNCCMS_gallery SET img_pos5='1' WHERE id='".$row_check['id']."'");
break;
}
$subject = 'Cuộc thi ảnh "Gia đình là số 1"';
$body = '';
$body .= 'Clbbeiq.com cảm ơn bạn đã tham gia cuộc thi<br>';
$body .= '<p>Mã số album của bạn là: <strong>'.$row_check['id'].'</strong></p>';
$body .= '<p>URL để chia sẻ và mới mọi người bình chọn album ảnh của bạn: <strong>http://www.clbbeiq.com/album/'.$func->format_string($title_gallery).'-'.$row_check['id'].'.html</strong></p>';
$body .= '<p> Hồ sơ dự thi của bé sẽ được Ban tổ chức kiểm duyệt trước khi đăng lên trang. <br />Thời gian kiểm duyệt là 48 tiếng. Khi hồ sơ của bé được duyệt đăng, Ban tổ chức sẽ gửi thư thông báo tới địa chỉ email mà bạn đã đăng ký. Vì vậy, bạn hãy khai báo chính xác địa chỉ email để có thể nhận được thông báo từ Ban tổ chức từ ngày 25/11/2013!<br />
Cảm ơn bạn đã tham gia cuộc thi !</p>';
$headers = 'Content-type: text/html; charset=utf-8';
$headers .= 'To: Admin <'.$CORE->vars['email_address'].'>' . "\n";
$headers .= 'From: clbebeiq.com <contact@ischoool.vn>' . "\n";
include("lib/class.phpmailer.php");
$mail = new PHPMailer();
$mail->CharSet = 'utf-8';
$mail->IsSMTP();
$mail->SMTPAuth = true;
$mail->SMTPSecure = "ssl";
$mail->Host = "smtp.gmail.com";
$mail->Port = "465";
$mail->Username = "contact@ischool.vn";
$mail->Password = "ischool123";
$mail->FromName = $CORE->vars['sitename'];
$mail->Subject = $subject;
$mail->WordWrap = 50;
$mail->MsgHTML($body);
$mail->AddAddress($_SESSION['user']['email'], $CORE->vars['sitename']);
$mail->IsHTML(true);
if(!$mail->Send()) {
$print->refresh('index.php?act=gallery&code=step3&success=1&error_email=1');
} else {
$print->refresh('index.php?act=gallery&code=step3&success=1');
}
$print->refresh('index.php?act=gallery&code=step3&success=1');
}
}
}//end class
// Run class
$run = new gallery();
?>