function EditPicture2()
{
global $ID_MEMBER, $txt, $db_prefix, $modSettings, $sourcedir, $gd2, $gallerySettings;
is_not_guest();
$id = (int) $_REQUEST['id'];
if (empty($id))
fatal_error($txt['gallery_error_no_pic_selected']);
// Check the user permissions
$dbresult = db_query("
SELECT
ID_MEMBER, ID_CAT, USER_ID_CAT, thumbfilename, filename, mediumfilename, filesize,
ID_TOPIC
FROM {$db_prefix}gallery_pic
WHERE ID_PICTURE = $id LIMIT 1", __FILE__, __LINE__);
$row = mysql_fetch_assoc($dbresult);
$memID = $row['ID_MEMBER'];
$oldfilesize = $row['filesize'];
$oldfilename = $row['filename'];
$oldthumbfilename = $row['thumbfilename'];
$exifData = '';
//Check the category permission
if ($row['USER_ID_CAT'] == 0)
GetCatPermission($row['ID_CAT'],'editpic');
mysql_free_result($dbresult);
if (allowedTo('smfgallery_manage') || (allowedTo('smfgallery_edit') && $ID_MEMBER == $memID))
{
if (!is_writable($modSettings['gallery_path']))
fatal_error($txt['gallery_write_error'] . $modSettings['gallery_path']);
$title = trim(htmlspecialchars(trim($_REQUEST['title']),ENT_QUOTES));
$description = htmlspecialchars($_REQUEST['description'],ENT_QUOTES);
$keywords = htmlspecialchars($_REQUEST['keywords'],ENT_QUOTES);
$keywords = str_replace(","," ",$keywords);
$cat = (int) $_REQUEST['cat'];
$allowcomments = isset($_REQUEST['allowcomments']) ? 1 : 0;
$sendemail = isset($_REQUEST['sendemail']) ? 1 : 0;
$markmature = isset($_REQUEST['markmature']) ? 1 : 0;
$featured = isset($_REQUEST['featured']) ? 1 : 0;
// Check if pictures are auto approved
$approved = (allowedTo('smfgallery_autoapprove') ? 1 : 0);
// Allow comments on picture if no setting set.
if (empty($modSettings['gallery_commentchoice']))
$allowcomments = 1;
if ($title == '')
fatal_error($txt['gallery_error_no_title'],false);
if (empty($cat))
fatal_error($txt['gallery_error_no_cat'],false);
// If keywords required
if ($gallerySettings['gallery_set_require_keyword'] == true && empty($keywords))
fatal_error($txt['gallery_txt_err_require_keyword'],false);
// Check for any required custom fields
if ($row['USER_ID_CAT'] == 0)
{
$result = db_query("
SELECT
f.title, f.is_required, f.ID_CUSTOM
FROM {$db_prefix}gallery_custom_field as f
WHERE f.is_required = 1 AND f.ID_CAT = " . $cat, __FILE__, __LINE__);
while ($row2 = mysql_fetch_assoc($result))
{
if (!isset($_REQUEST['cus_' . $row2['ID_CUSTOM']]))
{
fatal_error($txt['gallery_err_req_custom_field'] . $row2['title'], false);
}
else
{
if ($_REQUEST['cus_' . $row2['ID_CUSTOM']] == '')
fatal_error($txt['gallery_err_req_custom_field'] . $row2['title'], false);
}
}
mysql_free_result($result);
}
$image_resized = 0;
$testGD = get_extension_funcs('gd');
$gd2 = in_array('imagecreatetruecolor', $testGD) && function_exists('imagecreatetruecolor');
unset($testGD);
require_once($sourcedir . '/Subs-Graphics.php');
// Process Uploaded file
if (isset($_FILES['picture']['name']) && $_FILES['picture']['name'] != '')
{
$sizes = @getimagesize($_FILES['picture']['tmp_name']);
// No size, then it's probably not a valid pic.
if ($sizes === false)
fatal_error($txt['gallery_error_invalid_picture'],false);
$extensions = array(
1 => 'gif',
2 => 'jpeg',
3 => 'png',
5 => 'psd',
6 => 'bmp',
7 => 'tiff',
8 => 'tiff',
9 => 'jpeg',
14 => 'iff',
);
$extension = isset($extensions[$sizes[2]]) ? $extensions[$sizes[2]] : 'bmp';
$gallerySettings['gallery_set_disallow_extensions'] = trim($gallerySettings['gallery_set_disallow_extensions']);
$gallerySettings['gallery_set_disallow_extensions'] = str_replace(".","",$gallerySettings['gallery_set_disallow_extensions']);
$gallerySettings['gallery_set_disallow_extensions'] = strtolower($gallerySettings['gallery_set_disallow_extensions']);
$disallowedExtensions = explode(",",$gallerySettings['gallery_set_disallow_extensions']);
if (in_array($extension,$disallowedExtensions))
{
fatal_error($txt['gallery_err_disallow_extensions'] . $extension,false);
@unlink($_FILES['picture']['tmp_name']);
}
if (strtolower($extension) != 'png')
$modSettings['avatar_download_png'] = 0;
// Check min size
if ((!empty($modSettings['gallery_min_width']) && $sizes[0] < $modSettings['gallery_min_width']) || (!empty($modSettings['gallery_min_height']) && $sizes[1] < $modSettings['gallery_min_height']))
{
// Delete the temp file
@unlink($_FILES['picture']['tmp_name']);
fatal_error($txt['gallery_error_img_size_height2'] . $sizes[1] . $txt['gallery_error_img_size_width2'] . $sizes[0],false);
}
if ((!empty($modSettings['gallery_max_width']) && $sizes[0] > $modSettings['gallery_max_width']) || (!empty($modSettings['gallery_max_height']) && $sizes[1] > $modSettings['gallery_max_height']))
{
if(!empty($modSettings['gallery_resize_image']))
{
// Check to resize image?
$exifData = ReturnEXIFData($_FILES['picture']['tmp_name']);
DoImageResize($sizes,$_FILES['picture']['tmp_name']);
$image_resized = 1;
}
else
{
// Delete the temp file
fatal_error($txt['gallery_error_img_size_height'] . $sizes[1] . $txt['gallery_error_img_size_width'] . $sizes[0],false);
}
}
// Get the filesize
if ($image_resized == 1)
$filesize = filesize($_FILES['picture']['tmp_name']);
else
$filesize = $_FILES['picture']['size'];
if (!empty($modSettings['gallery_max_filesize']) && $filesize > $modSettings['gallery_max_filesize'])
{
// Delete the temp file
@unlink($_FILES['picture']['tmp_name']);
fatal_error($txt['gallery_error_img_filesize'] . gallery_format_size($modSettings['gallery_max_filesize'], 2),false);
}
// Check Quota
$quotalimit = GetQuotaGroupLimit($ID_MEMBER);
$userspace = GetUserSpaceUsed($ID_MEMBER);
// Check if exceeds quota limit or if there is a quota
if ($quotalimit != 0 && ($userspace + $filesize) > $quotalimit)
{
@unlink($_FILES['picture']['tmp_name']);
fatal_error($txt['gallery_error_space_limit'] . gallery_format_size($userspace, 2) . ' / ' . gallery_format_size($quotalimit, 2),false);
}
//Delete the old files
@unlink($modSettings['gallery_path'] . $oldfilename );
@unlink($modSettings['gallery_path'] . $oldthumbfilename);
$extrafolder = '';
if ($modSettings['gallery_set_enable_multifolder'])
$extrafolder = $modSettings['gallery_folder_id'] . '/';
//Filename Member Id + Day + Month + Year + 24 hour, Minute Seconds
$extensions = array(
1 => 'gif',
2 => 'jpeg',
3 => 'png',
5 => 'psd',
6 => 'bmp',
7 => 'tiff',
8 => 'tiff',
9 => 'jpeg',
14 => 'iff',
);
$extension = isset($extensions[$sizes[2]]) ? $extensions[$sizes[2]] : '.bmp';
$filename = $ID_MEMBER . '_' . date('d_m_y_g_i_s') . '.' . $extension;
move_uploaded_file($_FILES['picture']['tmp_name'], $modSettings['gallery_path'] . $extrafolder . $filename);
@chmod($modSettings['gallery_path'] . $extrafolder . $filename, 0644);
if (!empty($_REQUEST['degrees']))
{
$degrees = (int) $_REQUEST['degrees'];
GalleryRotateImage($modSettings['gallery_path'] . $extrafolder . $filename,$degrees);
$sizes = @getimagesize($modSettings['gallery_path'] . $extrafolder . $filename);
}
if ($image_resized)
$sizes = @getimagesize($modSettings['gallery_path'] . $extrafolder . $filename);
// Create thumbnail
createThumbnail($modSettings['gallery_path'] . $extrafolder . $filename, $modSettings['gallery_thumb_width'], $modSettings['gallery_thumb_height']);
rename($modSettings['gallery_path'] . $extrafolder . $filename . '_thumb', $modSettings['gallery_path'] . $extrafolder . 'thumb_' . $filename);
$thumbname = 'thumb_' . $filename;
@chmod($modSettings['gallery_path'] . $extrafolder . 'thumb_' . $filename, 0755);
// Medium Image
$mediumimage = '';
if ($modSettings['gallery_make_medium'])
{
createThumbnail($modSettings['gallery_path'] . $extrafolder . $filename, $modSettings['gallery_medium_width'], $modSettings['gallery_medium_height']);
rename($modSettings['gallery_path'] . $extrafolder . $filename . '_thumb', $modSettings['gallery_path'] . $extrafolder . 'medium_' . $filename);
$mediumimage = 'medium_' . $filename;
@chmod($modSettings['gallery_path'] . $extrafolder . 'medium_' . $filename, 0755);
// Check for Watermark
if ($modSettings['gallery_set_water_enabled'])
DoWaterMark($modSettings['gallery_path'] . $extrafolder . 'medium_' . $filename);
}
$allowRatings = 1;
if ($gallerySettings['gallery_set_allowratings'])
$allowRatings = isset($_REQUEST['allow_ratings']) ? 1 : 0;
// Update the Database entry
$t = time();
if ($row['USER_ID_CAT'] == 0)
{
db_query("UPDATE {$db_prefix}gallery_pic
SET ID_CAT = $cat, featured = $featured, filesize = $filesize, filename = '" . $extrafolder . $filename . "', thumbfilename = '" . $extrafolder . $thumbname . "', height = $sizes[1], width = $sizes[0], approved = $approved, date = $t, title = '$title', description = '$description', keywords = '$keywords', allowcomments = $allowcomments, sendemail = $sendemail, mediumfilename = '" . $extrafolder . $mediumimage . "', mature = $markmature, allowratings = $allowRatings WHERE ID_PICTURE = $id LIMIT 1", __FILE__, __LINE__);
}
else
{
db_query("UPDATE {$db_prefix}gallery_pic
SET USER_ID_CAT = $cat, featured = $featured, filesize = $filesize, filename = '" . $extrafolder . $filename . "', thumbfilename = '" . $extrafolder . $thumbname . "', height = $sizes[1], width = $sizes[0], approved = $approved, date = $t, title = '$title', description = '$description', keywords = '$keywords', allowcomments = $allowcomments, sendemail = $sendemail, mediumfilename = '" . $extrafolder . $mediumimage . "', mature = $markmature, allowratings = $allowRatings WHERE ID_PICTURE = $id LIMIT 1", __FILE__, __LINE__);
}
// Get EXIF Data
ProcessEXIFData($extrafolder . $filename,$id,$exifData);
db_query("DELETE FROM {$db_prefix}gallery_title_cache WHERE ID_PICTURE = $id", __FILE__, __LINE__);
db_query("DELETE FROM {$db_prefix}gallery_related_pictures WHERE id_picture_first = $id OR id_picture_second = $id", __FILE__, __LINE__);
Gallery_AddRelatedPicture($id, $title);
UpdateUserFileSizeTable($memID,$oldfilesize * -1);
UpdateUserFileSizeTable($memID,$filesize);
// Update the category totals of the old category if we moved the picture to a different category
if ($row['ID_CAT'] !=0)
{
if ($row['ID_CAT'] != $cat)
UpdateCategoryTotals($row['ID_CAT']);
Gallery_UpdateLatestCategory($cat);
}
else
{
if ($row['USER_ID_CAT'] != $cat)
UpdateUserCategoryTotals($row['USER_ID_CAT']);
Gallery_UpdateUserLatestCategory($cat);
}
// Last recheck Image if it was resized
if ($image_resized == 1)
{
RecheckResizedImage($modSettings['gallery_path'] . $extrafolder . $filename,$id,$filesize,$memID);
}
// Check for Watermark
if ($modSettings['gallery_set_water_enabled'])
DoWaterMark($modSettings['gallery_path'] . $extrafolder . $filename);
if ($row['ID_TOPIC'] != 0 && $row['ID_CAT'] != 0)
{
UpdateMessagePost($row['ID_TOPIC'], $id);
}
// Change the picture owner if selected
if (allowedTo('smfgallery_manage') && isset($_REQUEST['pic_postername']))
{
$pic_postername = str_replace('"','', $_REQUEST['pic_postername']);
$pic_postername = str_replace("'",'', $pic_postername);
$pic_postername = str_replace('\\','', $pic_postername);
$pic_postername = htmlspecialchars($pic_postername, ENT_QUOTES);
$memid = 0;
$dbresult = db_query("
SELECT
realName, ID_MEMBER
FROM {$db_prefix}members
WHERE realName = '$pic_postername' OR memberName = '$pic_postername' LIMIT 1", __FILE__, __LINE__);
$row4 = mysql_fetch_assoc($dbresult);
mysql_free_result($dbresult);
if (db_affected_rows() != 0)
{
// Member found update the picture owner
$memid = $row4['ID_MEMBER'];
db_query("UPDATE {$db_prefix}gallery_pic
SET ID_MEMBER = $memid WHERE ID_PICTURE = $id LIMIT 1", __FILE__, __LINE__);
UpdateMemberPictureTotals($memID);
// Update new member's picture totals
UpdateMemberPictureTotals($memid);
}
}
UpdateCategoryTotalByPictureID($id);
if (isset($_SESSION['last_gallery_url']))
{
redirectexit($_SESSION['last_gallery_url']);
}
else
{
// Redirect to the users image page.
redirectexit('action=gallery;sa=myimages;u=' . $ID_MEMBER);
}
}
else
{
// Update the image properties if no upload has been set
if (isset($_REQUEST['degrees']))
{
$degrees = (int) $_REQUEST['degrees'];
GalleryRotateImage($modSettings['gallery_path'] .$row['filename'],$degrees);
//GalleryRotateImage($modSettings['gallery_path'] .$row['thumbfilename'],$degrees);
// Create thumbnail
@unlink($modSettings['gallery_path'] .$row['thumbfilename']);
createThumbnail($modSettings['gallery_path'] .$row['filename'], $modSettings['gallery_thumb_width'], $modSettings['gallery_thumb_height']);
rename($modSettings['gallery_path'] .$row['filename'] . '_thumb', $modSettings['gallery_path'] .$row['thumbfilename']);
@chmod($modSettings['gallery_path'] .$row['thumbfilename'], 0755);
//GalleryRotateImage($modSettings['gallery_path'] .$row['mediumfilename'],$degrees);
if ($modSettings['gallery_make_medium'])
{
@unlink($modSettings['gallery_path'] .$row['mediumfilename']);
createThumbnail($modSettings['gallery_path'] .$row['filename'], $modSettings['gallery_medium_width'], $modSettings['gallery_medium_height']);
rename($modSettings['gallery_path'] .$row['filename'] . '_thumb', $modSettings['gallery_path'] .$row['mediumfilename']);
@chmod($modSettings['gallery_path'] .$row['mediumfilename'], 0755);
}
$sizes = @getimagesize($modSettings['gallery_path'] . $row['filename']);
db_query("UPDATE {$db_prefix}gallery_pic
SET height = $sizes[1], width = $sizes[0] WHERE ID_PICTURE = $id LIMIT 1", __FILE__, __LINE__);
}
$allowRatings = 1;
if ($gallerySettings['gallery_set_allowratings'])
$allowRatings = isset($_REQUEST['allow_ratings']) ? 1 : 0;
// Change the picture owner if selected
if (allowedTo('smfgallery_manage') && isset($_REQUEST['pic_postername']))
{
$pic_postername = str_replace('"','', $_REQUEST['pic_postername']);
$pic_postername = str_replace("'",'', $pic_postername);
$pic_postername = str_replace('\\','', $pic_postername);
$pic_postername = htmlspecialchars($pic_postername, ENT_QUOTES);
$memid = 0;
$dbresult = db_query("
SELECT
realName, ID_MEMBER
FROM {$db_prefix}members
WHERE realName = '$pic_postername' OR memberName = '$pic_postername' LIMIT 1", __FILE__, __LINE__);
$row4 = mysql_fetch_assoc($dbresult);
mysql_free_result($dbresult);
if (db_affected_rows() != 0)
{
// Member found update the picture owner
$memid = $row4['ID_MEMBER'];
db_query("UPDATE {$db_prefix}gallery_pic
SET ID_MEMBER = $memid WHERE ID_PICTURE = $id LIMIT 1", __FILE__, __LINE__);
UpdateMemberPictureTotals($memID);
// Update new member's picture totals
UpdateMemberPictureTotals($memid);
}
}
if ($row['USER_ID_CAT'] == 0)
{
db_query("UPDATE {$db_prefix}gallery_pic
SET ID_CAT = $cat, featured = $featured, title = '$title', description = '$description', keywords = '$keywords', allowcomments = $allowcomments, sendemail = $sendemail, mature = $markmature, allowratings = $allowRatings WHERE ID_PICTURE = $id LIMIT 1", __FILE__, __LINE__);
// Update the category totals of the old category if we moved the picture to a different category
if ($row['ID_CAT'] !=0)
{
if ($row['ID_CAT'] != $cat)
UpdateCategoryTotals($row['ID_CAT']);
Gallery_UpdateLatestCategory($cat);
}
if ($row['ID_TOPIC'] != 0 && $row['ID_CAT'] != 0)
{
UpdateMessagePost($row['ID_TOPIC'], $id);
}
UpdateCategoryTotalByPictureID($id);
db_query("DELETE FROM {$db_prefix}gallery_title_cache WHERE ID_PICTURE = $id", __FILE__, __LINE__);
db_query("DELETE FROM {$db_prefix}gallery_related_pictures WHERE id_picture_first = $id OR id_picture_second = $id", __FILE__, __LINE__);
Gallery_AddRelatedPicture($id, $title);
// Check for any custom fields
db_query("DELETE FROM {$db_prefix}gallery_custom_field_data
WHERE ID_PICTURE = " . $id, __FILE__, __LINE__);
$result = db_query("
SELECT
f.title, f.is_required, f.ID_CUSTOM
FROM {$db_prefix}gallery_custom_field as f
WHERE f.ID_CAT = " . $cat, __FILE__, __LINE__);
while ($row2 = mysql_fetch_assoc($result))
{
if (isset($_REQUEST['cus_' . $row2['ID_CUSTOM']]))
{
$custom_data = htmlspecialchars($_REQUEST['cus_' . $row2['ID_CUSTOM']],ENT_QUOTES);
db_query("INSERT INTO {$db_prefix}gallery_custom_field_data
(ID_PICTURE, ID_CUSTOM, value)
VALUES('$id', " . $row2['ID_CUSTOM'] . ", '$custom_data')", __FILE__, __LINE__);
}
}
mysql_free_result($result);
}
else
{
db_query("UPDATE {$db_prefix}gallery_pic
SET USER_ID_CAT = $cat, featured = $featured, title = '$title', description = '$description', keywords = '$keywords', allowcomments = $allowcomments, sendemail = $sendemail, mature = $markmature, allowratings = $allowRatings WHERE ID_PICTURE = $id LIMIT 1", __FILE__, __LINE__);
if ($row['USER_ID_CAT'] !=0)
{
if ($row['USER_ID_CAT'] != $cat)
UpdateUserCategoryTotals($row['USER_ID_CAT']);
}
UpdateCategoryTotalByPictureID($id);
}
UpdateGalleryKeywords($id);
if (isset($_SESSION['last_gallery_url']))
{
redirectexit($_SESSION['last_gallery_url']);
}
else
{
// Redirect to the users image page.
redirectexit('action=gallery;sa=myimages;u=' . $ID_MEMBER);
}
}
}
else
fatal_error($txt['gallery_error_noedit_permission']);
}
Okay, but where do I look and what do I alter?
SMFHacks.com 
SMFHacks
Members
Total Members: 10807
Stats
Users Online
Author