You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
181 lines
5.7 KiB
181 lines
5.7 KiB
<?php |
|
|
|
|
|
/* |
|
|
|
Copyright 2018 Murray Hayes |
|
|
|
Redistribution and use in source and binary forms, with or without |
|
modification, are permitted provided that the following conditions |
|
are met: |
|
|
|
1. Redistributions of source code must retain the above copyright |
|
notice, this list of conditions and the following disclaimer. |
|
|
|
2. Redistributions in binary form must reproduce the above copyright |
|
notice, this list of conditions and the following disclaimer in the |
|
documentation and/or other materials provided with the distribution. |
|
|
|
3. Neither the name of the copyright holder nor the names of its |
|
contributors may be used to endorse or promote products derived from |
|
this software without specific prior written permission. |
|
|
|
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS |
|
"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT |
|
LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS |
|
FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE |
|
COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, |
|
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, |
|
BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; |
|
LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER |
|
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
POSSIBILITY OF SUCH DAMAGE. |
|
|
|
*/ |
|
|
|
|
|
|
|
session_start(); |
|
|
|
include_once "utils.php"; |
|
include_once "DOMUtils.php"; |
|
include_once "consts.php"; |
|
include_once "database.php"; |
|
include_once "adminUtils.php"; |
|
|
|
$doc = returnDoc(); |
|
$root = returnRoot($doc); |
|
|
|
//if (!isset($_SESSION['login']) || !isset($_SESSION['MemberID'])) |
|
if (!validateSession()) |
|
if (!isset($_SESSION['cookieMonster'])) |
|
generateCookieMonster(); |
|
else |
|
generateLoginRedirect(); |
|
else |
|
if ($_SESSION['login'] === TRUE) |
|
{ |
|
$targetID = NULL; |
|
if ($_SERVER['REQUEST_METHOD'] == 'POST') |
|
{ |
|
/* |
|
* Process form here |
|
*/ |
|
|
|
if (returnAdminStatus($_SESSION['MemberID'])) |
|
if (isset($_POST['target'])) |
|
$targetID = $_POST['target']; |
|
|
|
if (isset($_POST['submit'])) |
|
{ |
|
if ($_FILES['filename']['error'] === UPLOAD_ERR_OK) |
|
{ |
|
$finfo = finfo_open(FILEINFO_MIME); |
|
$destination = tempnam("pictures", "pic"); |
|
if (move_uploaded_file($_FILES['filename']['tmp_name'], $destination)); |
|
{ |
|
$fileInfo = finfo_file($finfo, $destination); |
|
//print($destination); |
|
|
|
if (is_null($targetID)) |
|
if (registerNewPicture($_SESSION['MemberID'], basename($destination), $_FILES['filename']['name'], $fileInfo) === FALSE) |
|
{ |
|
print("Picture not added to database."); |
|
} |
|
else |
|
{ |
|
|
|
} |
|
else |
|
if (registerNewPicture($targetID, basename($destination), $_FILES['filename']['name'], $fileInfo) === FALSE) |
|
print ("Picture not added to database for member ID: " .$targetID); |
|
} |
|
} |
|
else |
|
{ |
|
print($_FILES['filename']['error']); |
|
} |
|
} |
|
} |
|
|
|
|
|
$root = $doc->appendChild($root); |
|
$root->appendChild(generateHead($doc)); |
|
|
|
$body = $doc->createElement('body'); |
|
$root->appendChild($body); |
|
|
|
$body->appendChild(generateMastHead($doc, $baseDir)); |
|
|
|
//$body->appendChild($doc->createElement('hr')); |
|
|
|
$_SESSION['subNav'] = NULL; |
|
$body->appendChild(generateSelectedMenuBar($doc)); |
|
|
|
|
|
/* |
|
* Insert content here. |
|
*/ |
|
|
|
$editorDiv = $doc->createElement('div'); |
|
//$editorDiv->setAttribute('id', 'CourseEditorDiv'); |
|
$form = createForm($doc, 'addPicture.php'); |
|
$img = NULL; |
|
if (is_null($targetID)) |
|
$img = returnPictureForMember($_SESSION['MemberID']); |
|
else |
|
if (returnAdminStatus($_SESSION['MemberID']) || returnDirectorStatus($_SESSION['MemberID'])) |
|
{ |
|
$img = returnPictureForMember($targetID); |
|
$form->appendChild(createHiddenInput($doc, 'target', $targetID)); |
|
} |
|
if (!is_null($img)) |
|
{ |
|
$label = $doc->createElement('H3'); |
|
$label->appendChild($doc->createTextNode("Current picture")); |
|
$form->appendChild($label); |
|
$form->appendChild(createBr($doc)); |
|
$form->appendChild(createImg($doc, $pictureDir . $img)); |
|
} |
|
$label = $doc->createElement('H3'); |
|
$label->appendChild($doc->createTextNode("Add a picture")); |
|
$form->appendChild($label); |
|
$fieldSet = $doc->createElement('fieldset'); |
|
//$fieldSet->setAttribute('style', 'width:200px; max-width:300px;'); //margin-top:0.5em;'); |
|
$fieldSetDiv = $doc->createElement('div'); |
|
|
|
$label = $doc->createElement('label', 'File:'); |
|
$label->setAttribute('for', 'filename'); |
|
$label->setAttribute('class', 'CourseEditorInputLabel'); |
|
$fieldSetDiv->appendChild($label); |
|
$input = $doc->createElement('input'); |
|
$input->setAttribute('type', 'file'); |
|
$input->setAttribute('name', 'filename'); |
|
$input->setAttribute('autocomplete', 'off'); |
|
$input->setAttribute('required', 'required'); |
|
$fieldSetDiv->appendChild($input); |
|
$label = $doc->createElement('br'); |
|
|
|
$input = $doc->createElement('input'); |
|
$input->setAttribute('type', 'submit'); |
|
$input->setAttribute('value', 'upload'); |
|
$input->setAttribute('name', 'submit'); |
|
|
|
$fieldSetDiv->appendChild($input); |
|
|
|
$form->appendChild($fieldSetDiv); |
|
$editorDiv->appendChild($form); |
|
$body->appendChild($editorDiv); |
|
|
|
|
|
$body->appendChild(generateFooter($doc)); |
|
if ($prettyPretty) |
|
$doc->formatOutput = true; |
|
outputDoc($doc); |
|
} |
|
else |
|
generateIndexRedirect(); |
|
|
|
?>
|