0 ) ( update_option('wpsary_thumbwidth', (int) $_POST['wpsary_thumbwidth'])); if((int) $_POST['wpsary_colnumbers'] > 0 ) ( update_option('wpsary_colnumbers', (int) $_POST['wpsary_colnumbers'])); if((int) $_POST['wpsary_thumbheight'] > 0) (update_option('wpsary_thumbheight', (int) $_POST['wpsary_thumbheight'])); update_option('wpsary_activated', true); ?>

">
/

get_row("SELECT * FROM " . $wpdb->prefix . "wpsary_images WHERE id='$id'")) { //remove from db $wpdb->query("DELETE FROM " . $wpdb->prefix . "wpsary_images WHERE id='$id'"); //remove file $dir = wpsary_getUploadDir(); $metadata = wpsary_maybe_unserialize($image->metadata); @unlink($dir['path'] . $metadata['file']); @unlink($dir['path'] . $metadata['thumb']); ?>

" . __('Browse Files', 'wpsary') . '' ); $uploaddirarray = wpsary_getUploadDir(); $uploaddir = $uploaddirarray['path']; $uploadfile = $uploaddir.$_FILES['image']['name']; $overrides = array('test_form' => false); if($file = wpsary_handle_upload($_FILES['image'], $overrides)) { if(trim($_POST[title]) == "") { $_POST[title] = $file[filename]; } $metadata_clause = ""; $metadata = array(); if(!$file['error']) { $imagesize = getimagesize($file[file]); $metadata['width'] = $imagesize['0']; $metadata['height'] = $imagesize['1']; list($uwidth, $uheight) = get_udims($metadata['width'], $metadata['height']); $metadata['hwstring_small'] = "height='$uheight' width='$uwidth'"; $metadata['file'] = $file[filename]; if ( $metadata['width'] * $metadata['height'] < 3 * 1024 * 1024 ) { if ( $metadata['width'] > get_option('wpsary_thumbwidth') && $metadata['width'] >= $metadata['height'] * 4 / 3 ) $thumb = wp_create_thumbnail($file[file], get_option('wpsary_thumbwidth')); elseif ( $metadata['height'] > get_option('wpsary_thumbheight') ) $thumb = wp_create_thumbnail($file[file], get_option('wpsary_thumbheight')); if ( @file_exists($thumb) ) $metadata['thumb'] = basename($thumb); } $metadata_clause = " metadata = '" . $wpdb->escape(wpsary_maybe_serialize($metadata)) . "'," ; } if($wp_image = $wpdb->get_row("SELECT * FROM " . $wpdb->prefix . "wpsary_images WHERE id='$id'")) { $query = "UPDATE " . $wpdb->prefix . "wpsary_images SET " . " title = '" . $wpdb->escape($_POST[title]) . "'," . " description = '" . $wpdb->escape($_POST[description]) . "'," . $metadata_clause . " albumID = '" . $wpdb->escape($_POST[albumID]) . "' " . " WHERE id='$id'"; } else { $query = "INSERT INTO " . $wpdb->prefix . "wpsary_images " . " (title, description, albumID, metadata) VALUES ('" . $wpdb->escape($_POST[title]) . "','" . $wpdb->escape($_POST[description]) . "','" . $wpdb->escape($_POST[albumID]) . "', '" . $wpdb->escape(wpsary_maybe_serialize($metadata)) . "')"; } if($wpdb->query($query)) { ?>

prefix . "wpsary_album WHERE id='" . $albumID . "'"; $result = $wpdb->query($query); ?>

prefix . "wpsary_images"; if($wpdb->get_var("show tables like '$image_table_name'") != $image_table_name) { Return false; } $query = "SELECT * FROM ".$image_table_name. " WHERE albumID='$albumID'"; $result = $wpdb->get_results($query); Return $result; } function wpsary_saveAlbum($albumID = '') { global $wpdb; $album_table_name = $wpdb->prefix . "wpsary_album"; if($wpdb->get_var("show tables like '$album_table_name'") != $album_table_name) { wpsary_install(); } $wpsary_albumtitle = $_POST['wpsary_albumtitle']; $wpsary_albumdescription = $_POST['wpsary_albumdescription']; $metadata = array(); if(trim($albumID) == '') { //new album $query = "INSERT INTO ".$album_table_name." (title, description) VALUES ('" . $wpdb->escape($wpsary_albumtitle) . "', '" . $wpdb->escape($wpsary_albumdescription) . "')"; } else { $albumID = intval($albumID); $query = "UPDATE ".$album_table_name." SET title='" . $wpdb->escape($wpsary_albumtitle) . "', description='" . $wpdb->escape($wpsary_albumdescription) . "' WHERE id='" . $albumID . "'"; } $wpdb->query($query); ?>

get_var("SELECT metadata FROM " . $wpdb->prefix . "wpsary_images WHERE id='$setcover'"); $imagemetadata = wpsary_maybe_unserialize($tmp); $albummetadata = $album->metadata; $albummetadata['thumb'] = $imagemetadata['thumb']; $albummetadata['hwstring_small'] = $imagemetadata['hwstring_small']; $query = $wpdb->query("UPDATE " .$wpdb->prefix . "wpsary_album SET metadata = '" . $wpdb->escape(wpsary_maybe_serialize($albummetadata)) . "' WHERE id='$albumID'"); $album->metadata = $albummetadata; } } ?>

"> metadata['thumb']) { ?>
:

" . __('Add new', 'wpsary') . ")"; ?>

metadata) ; ?>
title); ?> description)); ?> "; ?> id . "&albumID=" . $image->albumID . "'>" . __('Album cover', 'wpsary') . ""; ?> id . "&albumID=" . $image->albumID . "'>" . __('Edit', 'wpsary') . ""; ?> id . "&albumID=" . $image->albumID. "' onclick=\"return deleteSomething('" . addslashes(__('You are about to delete this image. \'OK\' to delete, \'Cancel\' to stop.')) . "');\">" . __('Delete', 'wpsary') . ""; ?>

" . __('Upload new image', 'wpsary') . ""; ?>

" . __('Go to configuration', 'wpsary') . ""; ?>

" . __('Add new gallery', 'wpsary') . ""; ?>

" . __('Add new', 'wpsary') . ")"; ?>
title) ?> description) ?> id . "'>" . __('View', 'wpsary') . ""; ?> id . "'>" . __('Edit', 'wpsary') . ""; ?> id . "'>" . __('Add image', 'wpsary') . ""; ?> id . "' onclick=\"return deleteSomething('" . addslashes(__('You are about to delete this gallery. \'OK\' to delete, \'Cancel\' to stop.')) . "');\">" . __('Delete', 'wpsary') . ""; ?>

" . __('Add new gallery', 'wpsary') . ""; ?>

get_row("SELECT * FROM " . $wpdb->prefix . "wpsary_images WHERE id='" . $id . "'"); $id = $wp_image->id ?>

">
get_row("SELECT * FROM " . $wpdb->prefix . "wpsary_album WHERE id='$albumID'")) { $album->title = stripslashes($album->title); $album->description = stripslashes($album->description); $album->metadata = wpsary_maybe_unserialize($album->metadata); $album->images = wpsary_getImageList($albumID); $dir = wpsary_getUploadDir(); $album->url = $dir[url]; Return $album; } else { Return false; } } function wpsary_getAlbumList() { global $wpdb; $album_table_name = $wpdb->prefix . "wpsary_album"; if($wpdb->get_var("show tables like '$album_table_name'") != $album_table_name) { Return false; } $query = "SELECT * FROM ".$album_table_name; $result = $wpdb->get_results($query); Return $result; } function wpsary_getUploadDir() { $siteurl = get_option('siteurl'); //prepend ABSPATH to $dir and $siteurl to $url if they're not already there $path = str_replace(ABSPATH, '', trim(get_settings('upload_path'))); $dir = ABSPATH . $path; $url = trailingslashit($siteurl) . $path; if ( $dir == ABSPATH ) { //the option was empty $dir = ABSPATH . 'wp-content/uploads'; } if ( defined('UPLOADS') ) { $dir = ABSPATH . UPLOADS; $url = trailingslashit($siteurl) . UPLOADS; } $dir .= "/album/"; $url .= "/album/"; // Make sure we have an uploads dir if ( ! wp_mkdir_p( $dir ) ) { $message = sprintf(__('Unable to create directory %s. Is its parent directory writable by the server?'), $dir, 'wpsary'); return array('error' => $message); } $uploads = array('path' => $dir, 'url' => $url, 'error' => false); return $uploads; } // On success, returns an associative array of file attributes. // On failure, returns array( 'error'=>$message ). function wpsary_handle_upload( &$file ) { // The default error handler. if (! function_exists( 'wpsary_handle_upload_error' ) ) { function wpsary_handle_upload_error( &$file, $message ) { return array( 'error'=>$message ); } } // A properly uploaded file will pass this test. There should be no reason to override this one. if (! @ is_uploaded_file( $file['tmp_name'] ) ) return wpsary_handle_upload_error( $file, __( 'Specified file failed upload test.' ), 'wpsary'); // A correct MIME type will pass this test. Override $mimes or use the upload_mimes filter. $wp_filetype = wp_check_filetype( $file['name'], $mimes ); extract( $wp_filetype ); if ( !$type || !$ext ) return $wp_check_filetype( $file, __( 'File type does not meet security guidelines. Try another.' ), 'wpsary'); // A writable uploads dir will pass this test. Again, there's no point overriding this one. if ( ! ( ( $uploads = wpsary_getUploadDir() ) && false === $uploads['error'] ) ) return wpsary_handle_upload_error( $file, $uploads['error'] ); // Increment the file number until we have a unique file to save in $dir. Use $override['unique_filename_callback'] if supplied. $number = ''; $filename = str_replace( '#', '_', $file['name'] ); $filename = str_replace( array( '\\', "'" ), '', $filename ); if ( empty( $ext) ) $ext = ''; else $ext = ".$ext"; while ( file_exists( $uploads['path'] . $filename) ) { if ( '' == "$number$ext" ) $filename = $filename . ++$number . $ext; else $filename = str_replace( "$number$ext", ++$number . $ext, $filename ); } $filename = str_replace( $ext, '', $filename ); $filename = $filename . $ext; // Move the file to the uploads dir $new_file = $uploads['path'] . $filename; if ( false === @ move_uploaded_file( $file['tmp_name'], $new_file ) ) wp_die( printf( __('The uploaded file could not be moved to %s.' ), $uploads['path'] ), 'wpsary'); // Set correct file permissions $stat = stat( dirname( $new_file )); $perms = $stat['mode'] & 0000666; @ chmod( $new_file, $perms ); // Compute the URL $url = $uploads['url'] . $filename; $return = apply_filters( 'wpsary_handle_upload', array( 'filename' => $filename, 'file' => $new_file, 'url' => $url, 'type' => $type ) ); return $return; } function wpsary_getImageInfo($id) { global $wpdb; if($photo = $wpdb->get_row("SELECT * FROM ". $wpdb->prefix . "wpsary_images WHERE id='$id'")) { $photo->metadata = wpsary_maybe_unserialize($photo->metadata); $photo->title = stripslashes($photo->title); $photo->description = stripslashes($photo->description); $dir = wpsary_getUploadDir(); $photo->url = $dir[url]; Return $photo; } else { Return false; } } function wpsary_maybe_serialize($data) { if ( is_string($data) ) $data = trim($data); elseif ( is_array($data) || is_object($data) ) return serialize($data); if ( wpsary_is_serialized($data) ) return serialize($data); return $data; } function wpsary_is_serialized($data) { // if it isn't a string, it isn't serialized if ( !is_string($data) ) return false; $data = trim($data); if ( 'N;' == $data ) return true; if ( !preg_match('/^([adObis]):/', $data, $badions) ) return false; switch ( $badions[1] ) : case 'a' : case 'O' : case 's' : if ( preg_match("/^{$badions[1]}:[0-9]+:.*[;}]\$/s", $data) ) return true; break; case 'b' : case 'i' : case 'd' : if ( preg_match("/^{$badions[1]}:[0-9.E-]+;\$/", $data) ) return true; break; endswitch; return false; } function wpsary_maybe_unserialize($original) { if ( wpsary_is_serialized($original) ) // don't attempt to unserialize data that wasn't serialized going in if ( false !== $gm = @ unserialize($original) ) return $gm; return $original; } ?>