1
|
<?php
|
2
|
/**
|
3
|
*
|
4
|
* @category modules
|
5
|
* @package news
|
6
|
* @author WebsiteBaker Project
|
7
|
* @copyright WebsiteBaker Org. e.V.
|
8
|
* @link http://websitebaker.org/
|
9
|
* @license http://www.gnu.org/licenses/gpl.html
|
10
|
* @platform WebsiteBaker 2.8.3
|
11
|
* @requirements PHP 5.3.6 and higher
|
12
|
* @version $Id: save_group.php 2 2017-07-02 15:14:29Z Manuela $
|
13
|
* @filesource $HeadURL: svn://isteam.dynxs.de/wb/2.10.x/trunk/modules/news/save_group.php $
|
14
|
* @lastmodified $Date: 2017-07-02 17:14:29 +0200 (Sun, 02 Jul 2017) $
|
15
|
*
|
16
|
*/
|
17
|
|
18
|
if ( !defined( 'WB_PATH' ) ){ require( dirname(dirname((__DIR__))).'/config.php' ); }
|
19
|
|
20
|
// Get id
|
21
|
//if(!isset($_POST['group_id']) || !is_numeric($_POST['group_id']))
|
22
|
//{
|
23
|
// header("Location: ".ADMIN_URL."/pages/index.php");
|
24
|
// exit( 0 );
|
25
|
//}
|
26
|
//else
|
27
|
//{
|
28
|
// $group_id = $_POST['group_id'];
|
29
|
//}
|
30
|
|
31
|
$admin_header = false;
|
32
|
// Tells script to update when this page was last updated
|
33
|
$update_when_modified = true;
|
34
|
// Include WB admin wrapper script
|
35
|
require(WB_PATH.'/modules/admin.php');
|
36
|
|
37
|
$group_id = intval(isset(${$requestMethod}['group_id'])
|
38
|
? ${$requestMethod}['group_id']
|
39
|
: (isset($group_id) ? $group_id : 0)
|
40
|
);
|
41
|
if (!$admin->checkFTAN())
|
42
|
{
|
43
|
$admin->print_header();
|
44
|
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
|
45
|
}
|
46
|
$admin->print_header();
|
47
|
|
48
|
// Include WB functions file
|
49
|
require(WB_PATH.'/framework/functions.php');
|
50
|
|
51
|
// Validate all fields
|
52
|
if($admin->get_post('title') == '')
|
53
|
{
|
54
|
$admin->print_error($MESSAGE['GENERIC_FILL_IN_ALL'], WB_URL.'/modules/news/modify_group.php?page_id='.$page_id.'§ion_id='.$section_id.'&group_id='.$admin->getIDKEY($group_id));
|
55
|
}
|
56
|
else
|
57
|
{
|
58
|
$title = $admin->StripCodeFromText($admin->get_post('title'));
|
59
|
$active = intval($admin->get_post('active'));
|
60
|
}
|
61
|
|
62
|
// Update row
|
63
|
$sql = 'UPDATE `'.TABLE_PREFIX.'mod_news_groups` SET '
|
64
|
. '`title`=\''.$database->escapeString($title).'\', '
|
65
|
. '`active`=\''.$database->escapeString($active).'\' '
|
66
|
. 'WHERE `group_id`='.$database->escapeString($group_id);
|
67
|
$database->query($sql);
|
68
|
|
69
|
// Check if the user uploaded an image or wants to delete one
|
70
|
if(isset($_FILES['image']['tmp_name']) AND $_FILES['image']['tmp_name'] != '') {
|
71
|
// Get real filename and set new filename
|
72
|
$filename = $_FILES['image']['name'];
|
73
|
$file_image_type = $_FILES['image']['type'];
|
74
|
$new_filename = WB_PATH.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg';
|
75
|
// Make sure the image is a jpg file
|
76
|
$file4=substr($filename, -4, 4);
|
77
|
|
78
|
switch ($file_image_type) :
|
79
|
case 'image/jpeg' :
|
80
|
case 'image/pjpeg' :
|
81
|
case 'image/png' :
|
82
|
case 'image/x-png' :
|
83
|
break;
|
84
|
default:
|
85
|
$admin->print_error($MESSAGE['GENERIC_FILE_TYPE'].' JPG (JPEG) or PNG',ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
|
86
|
break;
|
87
|
endswitch;
|
88
|
|
89
|
/*
|
90
|
if(($file4 != '.jpg')and($file4 != '.JPG')and($file4 != '.png')and($file4 != '.PNG') and ($file4 !='jpeg') and ($file4 != 'JPEG'))
|
91
|
{
|
92
|
$admin->print_error($MESSAGE['GENERIC']['FILE_TYPE'].' JPG (JPEG) or PNG',ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
|
93
|
} elseif(
|
94
|
(($_FILES['image']['type']) != 'image/jpeg' AND mime_content_type($_FILES['image']['tmp_name']) != 'image/jpg')
|
95
|
and
|
96
|
(($_FILES['image']['type']) != 'image/png' AND mime_content_type($_FILES['image']['tmp_name']) != 'image/png')
|
97
|
){
|
98
|
$admin->print_error($MESSAGE['GENERIC']['FILE_TYPE'].' JPG (JPEG) or PNG',ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
|
99
|
}
|
100
|
*/
|
101
|
|
102
|
// Make sure the target directory exists
|
103
|
make_dir(WB_PATH.MEDIA_DIRECTORY.'/.news');
|
104
|
// Upload image
|
105
|
move_uploaded_file($_FILES['image']['tmp_name'], $new_filename);
|
106
|
// Check if we need to create a thumb
|
107
|
$query_settings = $database->query("SELECT resize FROM ".TABLE_PREFIX."mod_news_settings WHERE section_id = '$section_id'");
|
108
|
$fetch_settings = $query_settings->fetchRow();
|
109
|
$resize = $fetch_settings['resize'];
|
110
|
if($resize != 0)
|
111
|
{
|
112
|
// Resize the image
|
113
|
$thumb_location = WB_PATH.MEDIA_DIRECTORY.'/.news/thumb'.$group_id.'.jpg';
|
114
|
if(make_thumb($new_filename, $thumb_location, $resize))
|
115
|
{
|
116
|
// Delete the actual image and replace with the resized version
|
117
|
unlink($new_filename);
|
118
|
rename($thumb_location, $new_filename);
|
119
|
}
|
120
|
}
|
121
|
}
|
122
|
if(isset($_POST['delete_image']) AND $_POST['delete_image'] != '')
|
123
|
{
|
124
|
// Try unlinking image
|
125
|
if(file_exists(WB_PATH.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg'))
|
126
|
{
|
127
|
unlink(WB_PATH.MEDIA_DIRECTORY.'/.news/image'.$group_id.'.jpg');
|
128
|
}
|
129
|
}
|
130
|
|
131
|
// Check if there is a db error, otherwise say successful
|
132
|
if($database->is_error()) {
|
133
|
$admin->print_error($database->get_error(), WB_URL.'/modules/news/modify_group.php?page_id='.$page_id.'§ion_id='.$section_id.'&group_id='.$admin->getIDKEY($group_id));
|
134
|
} else {
|
135
|
$admin->print_success($TEXT['SUCCESS'], ADMIN_URL.'/pages/modify.php?page_id='.$page_id);
|
136
|
}
|
137
|
|
138
|
// Print admin footer
|
139
|
$admin->print_footer();
|