PageRenderTime 63ms CodeModel.GetById 14ms RepoModel.GetById 0ms app.codeStats 0ms

/inc/amfphp/administration/swatchuploaderscript.php

https://github.com/EmranAhmed/wp-easycart
PHP | 118 lines | 42 code | 46 blank | 30 comment | 2 complexity | 7bab5b9fad7ee5fbd059f033d661989e MD5 | raw file
    

  1. <?php
    2. 

  2. /*
    3. 

  3. ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    4. 

  4. ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    5. 

  5. //All Code and Design is copyrighted by Level Four Development, llc
    6. 

  6. //
    7. 

  7. //Level Four Development, LLC provides this code "as is" without warranty of any kind, either express or implied,     
    8. 

  8. //including but not limited to the implied warranties of merchantability and/or fitness for a particular purpose.         
    9. 

  9. //
    10. 

  10. //Only licensed users may use this code and storfront for live purposes. All other use is prohibited and may be 
    11. 

  11. //subject to copyright violation laws. If you have any questions regarding proper use of this code, please
    12. 

  12. //contact Level Four Development, llc and EasyCart prior to use.
    13. 

  13. //
    14. 

  14. //All use of this storefront is subject to our terms of agreement found on Level Four Development, llc's  website.
    15. 

  15. ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    16. 

  16. ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
    17. 

  17. */
    18. 

  18. 

  19. //load our connection settings
    20. 

  20. require_once('../../../../../../wp-config.php');
    21. 

  21. //set our connection variables
    22. 

  22. $dbhost = DB_HOST;
    23. 

  23. $dbname = DB_NAME;
    24. 

  24. $dbuser = DB_USER;
    25. 

  25. $dbpass = DB_PASSWORD;	
    26. 

  26. //make a connection to our database
    27. 

  27. mysql_connect($dbhost, $dbuser, $dbpass);
    28. 

  28. mysql_select_db ($dbname);
    29. 

  29. 

  30. 

  31. 

  32. $settings_sql = "SELECT max_width, max_height FROM ec_setting";
    33. 

  33. 

  34. $settings_result = mysql_query($settings_sql);
    35. 

  35. 

  36. $settings_row = mysql_fetch_assoc($settings_result);
    37. 

  37. 

  38. //Flash Variables
    39. 

  39. 

  40. $date = $_POST['datemd5'];
    41. 

  41. 

  42. $requestID = $_POST['reqID'];
    43. 

  43. 

  44. $optionitemid = $_POST['optionitemid'];
    45. 

  45. 

  46. $maxwidth = $settings_row['max_width'];
    47. 

  47. 

  48. $maxheight = $settings_row['max_height'];
    49. 

  49. 

  50. $imagequality = $_POST['imagequality'];//set this between 0 and $imagequality  for .jpg quality resizing
    51. 

  51. 

  52. 

  53. //Get User Information
    54. 

  54. 

  55. 

  56. $usersqlquery = sprintf("SELECT  ec_user.*, ec_role.admin_access FROM  ec_user  LEFT JOIN ec_role ON (ec_user.user_level = ec_role.role_label) WHERE  ec_user.password = '%s' AND  (ec_user.user_level = 'admin' OR ec_role.admin_access = 1)", mysql_real_escape_string($requestID));
    57. 

  57. 

  58. $userresult = mysql_query($usersqlquery);
    59. 

  59. 

  60. $users = mysql_fetch_assoc($userresult);
    61. 

  61. 

  62. 

  63. if ($users || is_user_logged_in()) {
    64. 

  64. 

  65. 	//Flash File Data
    66. 

  66. 

  67. 	$filename = $_FILES['Filedata']['name'];	
    68. 

  68. 

  69. 	$filetmpname = $_FILES['Filedata']['tmp_name'];	
    70. 

  70. 

  71. 	$fileType = $_FILES["Filedata"]["type"];
    72. 

  72. 

  73. 	$fileSizeMB = ($_FILES["Filedata"]["size"] / 1024 / 1000);
    74. 

  74. 

  75. 	//$explodedfilename = explode(".", $filename);
    76. 

  76. 

  77. 	//$nameoffile = $explodedfilename[0];
    78. 

  78. 

  79. 	//$fileextension = $explodedfilename[1];
    80. 

  80. 	$explodedfilename = pathinfo($filename);
    81. 

  81. 	$nameoffile = $explodedfilename['filename'];
    82. 

  82. 	$fileextension = $explodedfilename['extension'];
    83. 

  83. 

  84. 	
    85. 

  85. 

  86. 	include("resizer.php");
    87. 

  87. 

  88. 

  89. 	// Place file on server, into the images folder
    90. 

  90. 

  91. 	move_uploaded_file($_FILES['Filedata']['tmp_name'], "../../../products/swatches/".$nameoffile."_".$date.".".$fileextension);
    92. 

  92. 	copy( "../../../products/swatches/".$nameoffile."_".$date.".".$fileextension, "../../../../wp-easycart-data/products/swatches/".$nameoffile."_".$date.".".$fileextension);
    93. 

  93. 

  94. 	//resize original max image
    95. 

  95. 

  96. 	$resizeObj = new resizer("../../../products/swatches/".$nameoffile."_".$date.".".$fileextension);
    97. 

  97. 	$resizeObj->resize($maxwidth, $maxheight, "../../../products/swatches/".$nameoffile."_".$date.".".$fileextension, $imagequality );
    98. 

  98. 	
    99. 

  99. 	$resizeObj = new resizer("../../../../wp-easycart-data/products/swatches/".$nameoffile."_".$date.".".$fileextension);
    100. 

  100. 	$resizeObj->resize($maxwidth, $maxheight, "../../../../wp-easycart-data/products/swatches/".$nameoffile."_".$date.".".$fileextension, $imagequality );
    101. 

  101. 

  102. 	
    103. 

  103. 	//if we are updating, then update the db field, inserting happens later
    104. 

  104. 

  105. 	//Create SQL Query 
    106. 

  106. 	
    107. 

  107. 	$sqlfilename = $nameoffile . '_' . $date . '.' .$fileextension;	
    108. 

  108. 	$sql = sprintf("Update ec_optionitem SET ec_optionitem.optionitem_icon = '%s' WHERE ec_optionitem.optionitem_id = '%s'", 
    109. 

  109. 		 mysql_real_escape_string($sqlfilename),
    110. 

  110. 		 mysql_real_escape_string($optionitemid));
    111. 

  111. 

  112. 	//Run query on database;
    113. 

  113. 

  114. 	mysql_query($sql);
    115. 

  115. 

  116. }
    117. 

  117. 

  118. ?>
    119.