PageRenderTime 35ms CodeModel.GetById 19ms RepoModel.GetById 1ms app.codeStats 0ms

/manager/actions_email.php

https://github.com/GansukhB/phtstr
PHP | 195 lines | 97 code | 39 blank | 59 comment | 16 complexity | dfd5ec6617c45276a4fa3f3ae6acd2ad MD5 | raw file
  1. <?php
  2. session_start();
  3. include( "check_login_status.php" );
  4. // COPY ACTIONS UPDATED 3.4.04
  5. include( "config_mgr.php" );
  6. if($_SESSION['access_type'] != "mgr"){ echo "Operation cannot be performed in demo mode"; exit; }
  7. $settings_result = mysql_query("SELECT * FROM settings where id = '1'", $db);
  8. $setting = mysql_fetch_object($settings_result);
  9. $file_path = "../uploaded_files/";
  10. $image_path = "../uploaded_images/";
  11. switch($_GET['pmode']){
  12. /*-----------------------------------------------------------------------------------------------------------------------*/
  13. /* EVENTS PLUGIN ACTIONS */
  14. /*-----------------------------------------------------------------------------------------------------------------------*/
  15. /* SAVE NEW ITEM */
  16. case "save_new":
  17. //ADDED IN PS350 TO CLEANUP THE DATA ENTRY
  18. $title = cleanup($title);
  19. // SAVE DATA
  20. $sql = "INSERT INTO email_copy (title,subject,article,image_upload,image_area_name,image_w,image_h,file_upload,file_area_name) VALUES ('$title','$subject','$article','$set_image_upload','$set_image_area_name','$set_image_width','$set_image_height','$set_file_upload','$set_file_area_name')";
  21. $result = mysql_query($sql);
  22. $last_result = mysql_query("SELECT id FROM email_copy order by id desc", $db);
  23. $last = mysql_fetch_object($last_result);
  24. // UPLOAD FILE
  25. if($_FILES['fileup']['name'] != ""){
  26. //echo $_FILES['fileup']['name']; exit;
  27. upload_file_new($_FILES['fileup'],$_FILES['fileup']['name'],"../uploaded_files/");
  28. $fname = $_FILES['fileup']['name'];
  29. //echo $fname; exit;
  30. $sql = "INSERT INTO uploaded_files (reference,reference_id,filename,file_text) VALUES ('$_POST[reference]','$last->id','$fname','$_POST[file_text]')";
  31. $result = mysql_query($sql);
  32. }
  33. // UPLOAD IMAGE
  34. if($_FILES['image']['name'] != ""){
  35. upload_image(
  36. $_FILES['image'], // name of form field to upload
  37. $_FILES['image']['name'], // filename of the image
  38. $_FILES['image']['type'], // type of image
  39. $_POST['image_path'], // directory to upload the image to
  40. "", // new width for your image / if blank doesn't resize
  41. "", // new height for your image (cropped) / if blank resizes with ratio
  42. "125", // icon width / if left blank no icon is created
  43. "100" // image quality
  44. ); // returns $image_details[1] - $image_details[8]
  45. // new image name(1),image type(2), image path(3), image bytes(4), image kb(5), width(6), heigth(7), time(8)
  46. // $image_results returns results of upload
  47. // $result_code returns 1,2,3 / results of upload... 1 Success, 2 Type Not Supported , 3 Empty
  48. //$iname = $_FILES['image']['name'];
  49. //echo $result_code; exit;
  50. //echo $_POST['reference'] . "<br />" . $_POST['item_id'] . "<br />" . $image_details[1] . "<br />" . $_POST['image_caption'];
  51. if($result_code == 1){
  52. $sql = "INSERT INTO uploaded_images (reference,reference_id,filename,caption) VALUES ('$_POST[reference]','$last->id','$image_details[1]','$_POST[image_caption]')";
  53. $result = mysql_query($sql);
  54. }
  55. }
  56. header("location: " . $return);
  57. break;
  58. /* DELETE ITEM(S) */
  59. case "delete":
  60. $result = mysql_query("SELECT id FROM email_copy", $db);
  61. while($rs = mysql_fetch_object($result)) {
  62. if($_POST[$rs->id] == "1") {
  63. // DELETE ANY FILES THAT ARE ATTACHED TO THIS ITEM
  64. $result_file = mysql_query("SELECT id,filename FROM uploaded_files where reference = '$reference' and reference_id = '$rs->id'", $db);
  65. while($rs_file = mysql_fetch_object($result_file)) {
  66. unlink($file_path . $rs_file->filename);
  67. $sql="DELETE FROM uploaded_files WHERE id = '$rs_file->id'";
  68. $result2 = mysql_query($sql);
  69. //unlink("../images_news/i_" . $rs->image);
  70. }
  71. // DELETE ANY IMAGES THAT ARE ATTACHED TO THIS ITEM
  72. $result_image = mysql_query("SELECT id,filename FROM uploaded_images where reference = '$reference' and reference_id = '$rs->id'", $db);
  73. while($rs_image = mysql_fetch_object($result_image)) {
  74. unlink($image_path . $rs_image->filename);
  75. unlink($image_path . "i_" . $rs_image->filename);
  76. $sql="DELETE FROM uploaded_images WHERE id = '$rs_image->id'";
  77. $result2 = mysql_query($sql);
  78. }
  79. $sql="DELETE FROM email_copy WHERE id = '$rs->id'";
  80. $result2 = mysql_query($sql);
  81. }
  82. }
  83. header("location: " . $_POST['return']);
  84. exit;
  85. /* SAVE EDIT ITEM */
  86. case "save_edit":
  87. //ADDED IN PS350 TO CLEANUP THE DATA ENTRY
  88. $title = cleanup($title);
  89. //SAVE DATA TO THE DATABASE
  90. $sql = "UPDATE email_copy SET title='$title',subject='$subject',article='$article',image_upload='$set_image_upload',image_area_name='$set_image_area_name',image_w='$set_image_width',image_h='$set_image_height',file_upload='$set_file_upload',file_area_name='$set_file_area_name' WHERE id = '$item_id'";
  91. $result = mysql_query($sql);
  92. // UPLOAD FILE
  93. if($_FILES['fileup']['name'] != ""){
  94. //echo $_FILES['fileup']['name']; exit;
  95. upload_file_new($_FILES['fileup'],$_FILES['fileup']['name'],"../uploaded_files/");
  96. $fname = $_FILES['fileup']['name'];
  97. //echo $fname; exit;
  98. $sql = "INSERT INTO uploaded_files (reference,reference_id,filename,file_text) VALUES ('$_POST[reference]','$_POST[item_id]','$fname','$_POST[file_text]')";
  99. $result = mysql_query($sql);
  100. }
  101. // UPLOAD IMAGE
  102. if($_FILES['image']['name'] != ""){
  103. upload_image(
  104. $_FILES['image'], // name of form field to upload
  105. $_FILES['image']['name'], // filename of the image
  106. $_FILES['image']['type'], // type of image
  107. $_POST['image_path'], // directory to upload the image to
  108. "", // new width for your image / if blank doesn't resize
  109. "", // new height for your image (cropped) / if blank resizes with ratio
  110. "125", // icon width / if left blank no icon is created
  111. "100" // image quality
  112. ); // returns $image_details[1] - $image_details[8]
  113. // new image name(1),image type(2), image path(3), image bytes(4), image kb(5), width(6), heigth(7), time(8)
  114. // $image_results returns results of upload
  115. // $result_code returns 1,2,3 / results of upload... 1 Success, 2 Type Not Supported , 3 Empty
  116. //$iname = $_FILES['image']['name'];
  117. //echo $result_code; exit;
  118. //echo $_POST['reference'] . "<br />" . $_POST['item_id'] . "<br />" . $image_details[1] . "<br />" . $_POST['image_caption'];
  119. if($result_code == 1){
  120. $sql = "INSERT INTO uploaded_images (reference,reference_id,filename,caption) VALUES ('$_POST[reference]','$_POST[item_id]','$image_details[1]','$_POST[image_caption]')";
  121. $result = mysql_query($sql);
  122. }
  123. }
  124. /*
  125. // UPLOAD IMAGE
  126. if($image != ""){
  127. upload_image(
  128. $image, // name of form field to upload
  129. $image_name, // filename of the image
  130. $image_type, // type of image
  131. $image_path, // directory to upload the image to
  132. "300", // new width for your image / if blank doesn't resize
  133. "", // new height for your image (cropped) / if blank resizes with ratio
  134. "150", // icon width / if left blank no icon is created
  135. "80" // image quality
  136. ); // returns $image_details[1] - $image_details[8]
  137. // new image name(1),image type(2), image path(3), image bytes(4), image kb(5), width(6), heigth(7), time(8)
  138. // $image_results returns results of upload
  139. // $result_code returns 1,2,3 / results of upload... 1 Success, 2 Type Not Supported , 3 Empty
  140. if($result_code == 1){
  141. $sql = "INSERT INTO uploaded_images (reference,reference_id,filename,caption) VALUES ('$reference','$item_id','$image_details[1]','$image_caption')";
  142. $result = mysql_query($sql);
  143. }
  144. }
  145. */
  146. header("location: " . $return);
  147. break;
  148. /*-----------------------------------------------------------------------------------------------------------------------*/
  149. /* DEFAULT */
  150. /*-----------------------------------------------------------------------------------------------------------------------*/
  151. default:
  152. header("location: login.php");
  153. exit;
  154. break;
  155. }
  156. ?>