HEX
Server: Apache
System: Linux sg2plmcpnl492417.prod.sin2.secureserver.net 4.18.0-553.58.1.lve.el8.x86_64 #1 SMP Fri Jul 4 12:07:06 UTC 2025 x86_64
User: nyiet8349bzl (9207396)
PHP: 8.1.34
Disabled: NONE
$ pwd: /home/nyiet8349bzl/Backup/sbc_back/homedir/public_html/old-myadmin/ImageGallery/
Upload Files
File: /home/nyiet8349bzl/Backup/sbc_back/homedir/public_html/old-myadmin/ImageGallery/processImage.php
<?php
require_once '../../library/config.php';
require_once '../library/functions.php';
checkUser();
$action = isset($_GET['action']) ? $_GET['action'] : '';
switch ($action) {

	case 'addImage' :
		addImage();
		break;
		
	case 'modify' :
		modifyImageGallery();
		break;
		
	case 'deleteImageGallery' :
		deleteImageGallery();
		break;
	
	case 'deleteImage' :
		deleteImage();
		break;
 	default :
		header('Location: index.php');
}

function addImage()
{

	$catID = $_POST['selImgCat'];
if ($catID == 'Select') {  header("Location: index.php?view=add&msg1=Please Select Category"); exit; }
	$img_title	= $_POST['img_title'];
	$images1 = uploadThumbImage('img_file', SRV_ROOT . THUMB_IMAGE_DIR);
	$Image_th = $images1['image'];
	$images2 = uploadBigImage('img_file', SRV_ROOT . BIG_IMAGE_DIR);
	$Image_big = $images2['image'];
	$sql   = "INSERT INTO imagegallery (
	img_cat_id, img_title, img_thumb, img_big, img_add_date, IsActive )
	VALUES ('$catID', '$img_title', '$Image_th', '$Image_big', now(), 1)";
	$result = dbQuery($sql);
	$msg = mysql_error();
if (!$result) {    header("Location: index.php?view=add&msg1=$msg");} 
else { header("Location: index.php");	}
}

/*
	Upload an image and return the uploaded image name 
*/
function uploadThumbImage($inputName, $uploadDir)
{
	$image     = $_FILES[$inputName];
	$imagePath = '';

	// if a file is given
	if (trim($image['tmp_name']) != '') {
		$ext = substr(strrchr($image['name'], "."), 1); //$extensions[$image['type']];

		$imagePath = md5(rand() * time()) . ".$ext";
		
		list($width, $height, $type, $attr) = getimagesize($image['tmp_name']); 

		// make sure the image width does not exceed the
		// maximum allowed width
		if (LIMIT_BANNER_WIDTH && $width > MAX_BANNER_IMAGE_WIDTH) {
			$result    = createThumbnail($image['tmp_name'], $uploadDir . $imagePath, MAX_BANNER_IMAGE_WIDTH);
			$imagePath = $result;
		} else {
			$result = move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath);
		}	
		
	}
	
	return array('image' => $imagePath);
}
/////// upload full size image
function uploadBigImage($inputName, $uploadDir)
{
	$image     = $_FILES[$inputName];
	$imagePath = '';

	// if a file is given
	if (trim($image['tmp_name']) != '') {
		$ext = substr(strrchr($image['name'], "."), 1); //$extensions[$image['type']];

		$imagePath = md5(rand() * time()) . ".$ext";
		
		list($width, $height, $type, $attr) = getimagesize($image['tmp_name']); 

		// make sure the image width does not exceed the
		// maximum allowed width
		if (LIMIT_BANNER_WIDTH && $width > MAX_PRODUCT_IMAGE_WIDTH) {
			$result    = createThumbnail($image['tmp_name'], $uploadDir . $imagePath, MAX_PRODUCT_IMAGE_WIDTH);
			$imagePath = $result;
		} else {
			$result = move_uploaded_file($image['tmp_name'], $uploadDir . $imagePath);
		}	
		
	}
	
	return array('image' => $imagePath);
}

/*
	Modify a product
*/
function modifyImageGallery()
{
	if (isset($_GET['Id']) && (int)$_GET['Id'] > 0) {
		$bId = (int)$_GET['Id'];
	} else {
		header('Location: index.php');
	}

	$catID = $_POST['texCatID'];
	$img_title	= $_POST['img_title'];
	$images1 = uploadThumbImage('img_file', SRV_ROOT . THUMB_IMAGE_DIR);
	$Image_th = $images1['image'];
	$images2 = uploadBigImage('img_file', SRV_ROOT . BIG_IMAGE_DIR);
	$Image_big = $images2['image'];
	$sql   = "SELECT * FROM imagegallery WHERE img_id = $bId";  
	$result = dbQuery($sql);
	$row = dbFetchAssoc($result);
	extract($row);
	if ($Image_th != '') { _deleteImage($bId, "img_thumb"); } else { $Image_th = $img_thumb;
	}
	if ($Image_big != '') { _deleteImage($bId, "img_big"); } else { $Image_big = $img_big;
	}	
	$sql   = "UPDATE imagegallery 
	          SET img_cat_id = '$catID', img_title = '$img_title', img_thumb = '$Image_th', img_big = '$Image_big', img_edit_date = NOW() 
			  WHERE img_id = $bId";  
	$result = dbQuery($sql);
	header('Location: index.php');			  
}

/*
	Remove a product
*/
function deleteImageGallery()
{
	if (isset($_GET['Id']) && (int)$_GET['Id'] > 0) {
		$bId = (int)$_GET['Id'];
	} else {
		header('Location: index.php');
	}

	$sql = "SELECT img_thumb, img_big
	        FROM imagegallery
			WHERE img_id = $bId";
			
	$result = dbQuery($sql);
	$row    = dbFetchAssoc($result);
	
	// remove the Banner image and thumbnail
	if ($row['img_thumb']) {
		@unlink(SRV_ROOT . THUMB_IMAGE_DIR.$row['img_thumb']);		
	}
	if ($row['img_big']) {
		@unlink(SRV_ROOT . THUMB_IMAGE_DIR.$row['img_big']);		
	}
	
	// remove the Banner from database;
	$sql = "DELETE FROM imagegallery 
	        WHERE img_id = $bId";
	dbQuery($sql);
	
	header('Location: index.php');
}


/*
	Remove a product image
*/
function deleteImage()
{
	if (isset($_GET['Id']) && (int)$_GET['Id'] > 0) {
		$bId = (int)$_GET['Id'];
	} else {
		header('Location: index.php');
	}

	$deleted = _deleteImage($bId);
	// update the image and thumbnail name in the database
	$sql = "UPDATE imagegallery
			SET $img_thumb = '', $img_big = ''	WHERE img_id = $bId";
	dbQuery($sql);		

	header("Location: index.php?view=modify&Id=$bId");
}

function _deleteImage($bId)
{

	$deleted = false;
	$sql = "SELECT img_thumb, img_big FROM imagegallery
			WHERE img_id = $bId";
	$result = dbQuery($sql) or die('Cannot delete product image. ' . mysql_error());
	
	if (dbNumRows($result)) {
		$row = dbFetchAssoc($result);
		extract($row);
		
		if ($img) {
			$deleted = @unlink(SRV_ROOT . THUMB_IMAGE_DIR.$img_thumb);
			$deleted = @unlink(SRV_ROOT .BIG_IMAGE_DIR.$img_big);
		}
	}
	
	return $deleted;
}

?>
@ Telegram