0) { $input_id = $_id; } else { $input_id = $_REQUEST["input_id"]; } if ($input_id <> '') { $query = "SELECT * FROM filegallery_header WHERE id = '" . $input_id . "' LIMIT 1"; $result = @mysqli_query($GLOBALS['mysql_con'], $query); if (@mysqli_num_rows($result) == 1) { $input_filegallery = @mysqli_fetch_array($result); require_once("edit_filegallery_cardform.inc.php"); } } else { require_once("edit_filegallery_cardform.inc.php"); } } function edit_line_filegallery($_id = "", $messages = array()) { if ((int)$_id > 0) { $line_id = $_id; } else { $line_id = $_REQUEST["input_line_id"]; } if ($line_id <> '') { $query = "SELECT * FROM filegallery_line WHERE id = '" . $line_id . "' LIMIT 1"; $result = @mysqli_query($GLOBALS['mysql_con'], $query); if (@mysqli_num_rows($result) == 1) { $input_line = @mysqli_fetch_array($result); require_once("edit_filegallery_line_cardform.inc.php"); } } else { require_once("edit_filegallery_cardform.inc.php"); } } function save_filegallery() { $translation = \DynCom\mysyde\common\classes\Registry::get("translation"); $input_id = ""; $input_all_languages = ($_POST["input_all_languages"] == "on") ? 1 : 0; //pruefen ob Bild ausgewaehlt if ($_REQUEST["input_id"] <> '') { $insertquery = "UPDATE filegallery_header SET description = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_description"]) . "', modified_date = " . time() . ", modified_user = " . (int)$GLOBALS["admin_user"]['id'] . ", all_languages = " . $input_all_languages . " WHERE id = '" . $_REQUEST["input_id"] . "' LIMIT 1"; $inserted = FALSE; $input_id = $_REQUEST["input_id"]; } else { $insertquery = "INSERT INTO filegallery_header (main_language_id, description, modified_date, modified_user, all_languages) VALUES ( " . (int)$GLOBALS["language"]['id'] . ", '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST['input_description']) . "', " . time() . ", " . (int)$GLOBALS["admin_user"]['id'] . ", " . $input_all_languages . " )"; $inserted = TRUE; } if (($_REQUEST["input_description"] == '')) { $messages[] = "
" . $translation->get("error_description") . "
\n"; $error = TRUE; } if (!$error) { @mysqli_query($GLOBALS['mysql_con'], $insertquery); if ($inserted == TRUE) { $input_id = mysqli_insert_id($GLOBALS['mysql_con']); $messages[] = '
' . $translation->get("filegallery_msg_success1") . '
'; } else { $messages[] = '
' . $translation->get("filegallery_msg_success2") . '
'; } update_sitepart_changes(5, $input_id); save_filegallery_line($input_id); if (is_page_edit()) { header('EDIT_ERROR: 1'); // verhindern, dass overlay geschlossen wird if (line_already_exists($_REQUEST["input_page_id"], 5, $input_id) === FALSE) { assoc_sitepart(5, $input_id, FALSE); } if ($_REQUEST['force_close'] == 1) { edit_content_page(); return; } edit_filegallery($input_id, $messages); } elseif (is_component_edit()) { header('EDIT_ERROR: 1'); // verhindern, dass overlay geschlossen wird if (line_already_exists($_REQUEST["input_component_id"], 5, $input_id) === FALSE) { assoc_sitepart(5, $input_id, FALSE); } if ($_REQUEST['force_close'] == 1) { edit_component("", $messages); return; } edit_filegallery($input_id, $messages); } else { edit_filegallery($input_id, $messages); } } else { header('EDIT_ERROR: 1'); $input_filegallery = array(); $input_filegallery["id"] = $_REQUEST["input_id"]; $input_filegallery["description"] = $_REQUEST["input_description"]; $input_filegallery["all_languages"] = $input_all_languages; require_once("edit_filegallery_cardform.inc.php"); } } function delete_filegallery() { if ($_REQUEST["input_id"] <> '') { $query = "DELETE FROM filegallery_header WHERE id = '" . $_REQUEST["input_id"] . "' LIMIT 1"; @mysqli_query($GLOBALS['mysql_con'], $query); $query = "SELECT * FROM filegallery_line WHERE header_id = '" . $_REQUEST["input_id"]."'"; if ($result = @mysqli_query($GLOBALS['mysql_con'], $query)) { while ($row = @mysqli_fetch_array($result, 1)) { delete_files_filegallery($row['filename']); } } $query = "DELETE FROM filegallery_line WHERE header_id = '" . $_REQUEST["input_id"]."'"; @mysqli_query($GLOBALS['mysql_con'], $query); // zuordnung von Seiten loeschen $query = "DELETE FROM main_page_link WHERE main_sitepart_id = 5 AND main_sitepart_header_id = '" . $_REQUEST["input_id"]."'"; @mysqli_query($GLOBALS['mysql_con'], $query); update_sitepart_changes(5, $_REQUEST["input_id"], TRUE); } require_once("edit_filegallery_listform.inc.php"); } function delete_files_filegallery($filename) { if (file_exists(PATH_ORIGINAL_FILEGALLERY . $filename)) { unlink(PATH_ORIGINAL_FILEGALLERY . $filename); } } function delete_line_filegallery() { //pruefen ob Bild ausgewaehlt if ($_REQUEST["input_line_id"] <> '') { $query = "SELECT * FROM filegallery_line WHERE id= '" . $_REQUEST["input_line_id"]."'"; $result = mysqli_query($GLOBALS['mysql_con'], $query); //Loeschen der Dateien und des DB-Eintrags wenn Eintrag vorhanden if (mysqli_num_rows($result) > 0) { $row = mysqli_fetch_array($result); delete_files_filegallery($row['filename']); $query = "DELETE FROM filegallery_line WHERE id = '" . $_REQUEST["input_line_id"] . "' LIMIT 1"; @mysqli_query($GLOBALS['mysql_con'], $query); } } edit_filegallery(); } function save_filegallery_line($header_id){ $translation = \DynCom\mysyde\common\classes\Registry::get("translation"); $selected_files = $_REQUEST['module_input_filegallery_' . $header_id]; if($selected_files == ""){ return; } $selected_files = explode(", ", $selected_files); foreach ($selected_files as $key => $value) { $sorting = mysqli_fetch_array(@mysqli_query($GLOBALS['mysql_con'], "SELECT MAX(sorting)+1 AS 'newsorting' FROM filegallery_line WHERE header_id = '" . $header_id."'")); $sorting = ($sorting["newsorting"] <> "") ? $sorting = $sorting["newsorting"] : $sorting = 1; $query = "INSERT INTO filegallery_line (header_id, filename, description, sorting, modified_date, modified_user) VALUES ( ".$header_id.", '" .$value. "', '" .$value. "', '" .$sorting. "', " . time() . ", " . (int)$GLOBALS["admin_user"]['id'] . " )"; @mysqli_query($GLOBALS['mysql_con'], $query); } } function save_filegallery_entry() { $translation = \DynCom\mysyde\common\classes\Registry::get("translation"); $messages = array(); $id = $_REQUEST["input_line_id"]; $error = FALSE; $checkfile = TRUE; $description = ''; $previewImageString = ''; // in der datenbank fix drin // wenn in kollektion, dann die dummy header id auslesen bzw erstmal anlegen if (is_collection_edit() && (!isset($_REQUEST['input_id']) || (int)$_REQUEST['input_id'] == 0)) { // hinzufuegen zur datenbank $headerQuery = "SELECT main_sitepart_header_id FROM main_collection_link WHERE main_collection_id = ? AND main_collection_setup_content_id = ? LIMIT 1"; $collectionSetupContentId = filter_var($_REQUEST['collection_setup_content_id'],FILTER_SANITIZE_NUMBER_INT); $inputCollectionId = filter_var($_REQUEST['input_collection_id'],FILTER_SANITIZE_NUMBER_INT); $stmt = mysqli_prepare($GLOBALS["mysql_con"], $headerQuery); mysqli_stmt_bind_param($stmt, "ii", $inputCollectionId, $collectionSetupContentId); mysqli_stmt_execute($stmt); mysqli_stmt_store_result($stmt); $headerRows = mysqli_stmt_num_rows($stmt); if ($headerRows == 0) { $insertquery = "INSERT INTO filegallery_header (main_language_id, description, modified_date, modified_user, collection_header) VALUES ( '" . $GLOBALS["language"]['id'] . "', '', " . time() . ", " . (int)$GLOBALS["admin_user"]['id'] . ", 1 )"; @mysqli_query($GLOBALS['mysql_con'], $insertquery); $header_id = mysqli_insert_id($GLOBALS['mysql_con']); } else { mysqli_stmt_bind_result($stmt, $main_sitepart_header_id); while (mysqli_stmt_fetch($stmt)) { $header_id = $main_sitepart_header_id; } } mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); $query = "INSERT INTO main_collection_link (main_collection_id, main_collection_setup_content_id, main_sitepart_header_id, main_sitepart_id) VALUES ( ?, ?, ?, 5 )"; $stmt = mysqli_prepare($GLOBALS["mysql_con"], $query); mysqli_stmt_bind_param($stmt, "iii", $inputCollectionId, $collectionSetupContentId, $header_id); mysqli_stmt_execute($stmt); mysqli_stmt_free_result($stmt); mysqli_stmt_close($stmt); } else { $header_id = $_REQUEST['input_id']; } if ($_REQUEST["input_name"] == "" && !empty ($_FILES['input_file']['name'])) { $description = cleanFilename($_FILES['input_file']['name']); } if ($_REQUEST["input_name"] != "") { $description = $_REQUEST["input_name"]; } if ($id == '' && $description == "") { $messages[] = "
" . $translation->get("error_description") . "
\n"; $error = TRUE; } if ($id <> '') { $query = "UPDATE filegallery_line SET description = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $description) . "' WHERE id = '" . $id."'"; $inserted = FALSE; $checkfile = FALSE; $currentFilename = ''; $currentExtension = ''; $descriptionQuery = "SELECT extension, filename FROM filegallery_line WHERE id = '" . $id."'"; $result = @mysqli_query($GLOBALS['mysql_con'], $descriptionQuery); if (@mysqli_num_rows($result) == 1) { $row = @mysqli_fetch_array($result); $currentFilename = $row['filename']; $currentExtension = $row['extension']; } } else { $sorting = mysqli_fetch_array(@mysqli_query($GLOBALS['mysql_con'], "SELECT MAX(sorting)+1 AS 'newsorting' FROM filegallery_line WHERE header_id = " . $header_id)); $sorting = ($sorting["newsorting"] <> "") ? $sorting = $sorting["newsorting"] : $sorting = 1; $query = "INSERT INTO filegallery_line (description,header_id,sorting) VALUES ('" . mysqli_real_escape_string($GLOBALS['mysql_con'], $description) . "','" . $header_id . "','" . $sorting . "')"; $inserted = TRUE; } if ($checkfile === TRUE && empty ($_FILES['input_file']['name'])) { $error = TRUE; $messages[] = "
" . $translation->get("error_filegallery_line1") . "
\n"; } if (!empty ($_FILES['input_file']['name'])) { $erlaubte_endungen = array("pdf", "doc", "docx", "xls", "xlsx", "csv", "txt", "rtf", "zip", "mp3", "wma", "mpg", "flv", "avi", "jpg", "jpeg", "png", "gif"); $filename = strtolower($_FILES['input_file']['name']); $filename_expl = explode(".", $filename); if (!in_array(strtolower($filename_expl[count($filename_expl) - 1]), $erlaubte_endungen)) { $messages[] = "
" . $translation->get("error_filegallery_line2") . "
\n"; $error = TRUE; } } //pruefen ob Datei zum Upload noch vorhanden if ($error === FALSE) { mysqli_query($GLOBALS['mysql_con'], $query); if (!empty ($_FILES['input_file']['name'])) { if ($inserted === TRUE) { $query = "SELECT MAX(id) AS id FROM filegallery_line"; $result = mysqli_query($GLOBALS['mysql_con'], $query); $row = mysqli_fetch_array($result); $id = $row['id']; } $filename = strtolower($_FILES['input_file']['name']); $filename_expl = explode(".", $filename); $endung = $filename_expl[count($filename_expl) - 1]; $saveFilename = $id . "_" . cleanFilename($_FILES['input_file']['name']); if ($inserted === FALSE && $currentFilename != $saveFilename) { delete_files_filegallery($currentFilename); } $query = "UPDATE filegallery_line SET filename = '" . $saveFilename . "', extension = '" . strtolower($endung) . "' WHERE id =" . $id; mysqli_query($GLOBALS['mysql_con'], $query); move_uploaded_file($_FILES['input_file']['tmp_name'], PATH_ORIGINAL_FILEGALLERY . $saveFilename); } if ($inserted == TRUE) { $messages[] = '
' . $translation->get("filegalleryline_msg_success1") . '
'; } else { $messages[] = '
' . $translation->get("filegalleryline_msg_success2") . '
'; } if ($_REQUEST['save_and_close'] == 1) { edit_filegallery(); } else { edit_line_filegallery($id, $messages); } return; } // das dropzone plugin zeigt dann mit echo ausgegebene error meldung if ($error === true && isset($_POST['dcDropzone'])) { header("HTTP/1.0 400 Bad Request"); echo $translation->get("dropzone_upload_failed"); exit(); } // benoetigt fuer ajax calls if ($error === TRUE) { header('EDIT_ERROR: 1'); } $input_line = array(); $input_line["id"] = $_REQUEST["input_line_id"]; $input_line["header_id"] = $header_id; $input_line["description"] = $_REQUEST['input_name']; $input_line["filename"] = $_REQUEST['filename']; require_once("edit_filegallery_line_cardform.inc.php"); } /** * moveup_pic() Bild nach oben * * @return */ function moveup_pic_filegallery() { move_pic_filegallery("<", "DESC", $_POST["input_line_id"]); } /** * movedown_pic() Bild nach unten * * @return */ function movedown_pic_filegallery() { move_pic_filegallery(">", "ASC", $_POST["input_line_id"]); } /** * move_pic() Soprtierung der Galerieeintraege * * @param mixed $way * @param mixed $order * @param mixed $pic_id * * @return */ function move_pic_filegallery($way, $order, $pic_id) { $query = "SELECT * FROM filegallery_line WHERE id = '" . $pic_id . "' LIMIT 1"; $result = @mysqli_query($GLOBALS['mysql_con'], $query); if (@mysqli_num_rows($result) == 1) { $curr_pic = @mysqli_fetch_array($result); } $query = "SELECT * FROM filegallery_line WHERE header_id = " . $curr_pic['header_id'] . " AND sorting " . $way . " " . $curr_pic["sorting"] . " ORDER BY sorting " . $order . " LIMIT 1"; $result = @mysqli_query($GLOBALS['mysql_con'], $query); if (@mysqli_num_rows($result) == 1) { $change_pic = @mysqli_fetch_array($result); } if (($curr_pic["id"] <> '') && ($change_pic["id"] <> '')) { $query = "UPDATE filegallery_line SET sorting = " . $change_pic["sorting"] . " WHERE id = " . $curr_pic["id"]; @mysqli_query($GLOBALS['mysql_con'], $query); $query = "UPDATE filegallery_line SET sorting = " . $curr_pic["sorting"] . " WHERE id = " . $change_pic["id"]; @mysqli_query($GLOBALS['mysql_con'], $query); } }