Uebersicht PW
create("../img/".$picname); $thumbnail->setQuality(90); $thumbnail->resize(400); $thumbnail->autocut(220,150,5); $thumbnail->save("../img/_".$picname); // $thumbnail->output(); } if ($_POST['kat_add']!= "") { $curID = $_POST['kat_add']; if (!is_numeric($curID)) die(".."); $sql = "INSERT INTO bilder_kategorien (bk_parent, bk_title_de) VALUES ('".$curID."', '".$_POST['kat_text'][$curID]."')"; mysql_query($sql); } if ($_POST['kat_upd']) { $curID = $_POST['kat_upd']; if (!is_numeric($curID)) die(".."); $sql = "UPDATE bilder_kategorien SET bk_title_de='".$_POST['kat_text'][$curID]."' WHERE bk_id='".$curID."'"; mysql_query($sql); } if ($_POST['pic_upd']) { $curID = $_POST['pic_upd']; if (!is_numeric($curID)) die(".."); $sql = "UPDATE bilder_pics SET bp_title_de='".$_POST['pic_text'][$curID]."' WHERE bp_id='".$curID."'"; mysql_query($sql); } if ($_POST['pic_del']!= "") { $curID = $_POST['pic_del']; if (!is_numeric($curID)) die(".."); unlink("../img/".$_POST['pic_url'][$curID]); unlink("../img/_".$_POST['pic_url'][$curID]); $sql = "DELETE FROM bilder_pics WHERE bp_id='".$curID."'"; //Rekursiv die Bilder loeschen! mysql_query($sql); } if ($_POST['kat_del']!= "") { $curID = $_POST['kat_del']; if (!is_numeric($curID)) die(".."); recDelK($curID, "n"); } if ($_POST['kat_del_all']!= "") { $curID = $_POST['kat_del_all']; if (!is_numeric($curID)) die(".."); recDelK($curID, "y"); } function recDelK($id, $del="n") { $sql = "SELECT bk_id FROM bilder_kategorien WHERE parent='".$id."'"; $query = mysql_query($sql); while ($row= mysql_fetch_array($query)) { recDelK($row['bk_id'], $del); } recDelP($id, $del); $sql = "DELETE FROM bilder_kategorien WHERE bk_id='".$id."'"; mysql_query($sql); } function recDelP($id, $del="n") { if ($del == "y") { //Kinder suchen $sql = "SELECT bp_url FROM bilder_pics WHERE bp_parent='".$id."'"; $query = mysql_query($sql); while ($row = mysql_fetch_array($query)) { unlink("../img/".$row['bp_url']); unlink("../img/_".$row['bp_url']); } $sql = "DELETE FROM bilder_pics WHERE bp_parent='".$id."'"; mysql_query($sql); } else { //nicht l?schen //Kinder suchen $sql = "SELECT bp_id FROM bilder_pics WHERE bp_parent='".$id."'"; $query = mysql_query($sql); while ($row = mysql_fetch_array($query)) { //Standardmaessig in root (0) verschieben $sql2 = "UPDATE bilder_pics SET bp_parent='0' WHERE bp_id='".$row['bp_id']."'"; mysql_query($sql2); } } } if ($_POST['kat_upload']) { $curID = $_POST['kat_upload']; if (!is_numeric($curID)) die(".."); $mime_types = array( 'png' => 'image/png', 'jpe' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'jpg' => 'image/jpeg', 'tar' => 'application/x-tar', 'tar' => 'application/x-tar', 'zip' => 'application/zip' ); $filename = md5(uniqid(rand(), TRUE)); if ($_FILES['kat_file']['error'][$curID] != '4') { if (!in_array($_FILES['kat_file']['type'][$curID], $mime_types)) { die ("Nur Bilder erlaubt!"); } if ($_FILES['kat_file']['type'][$curID] == "application/x-tar") { $shellBefehl = "rm -rf ../img/tmp/*"; //$shellBefehl = escapeshellcmd($shellBefehl); exec($shellBefehl,$nu); move_uploaded_file($_FILES['kat_file']['tmp_name'][$curID], "../img/tmp/".$filename); $shellBefehl = "chmod 666 ../img/tmp/$filename"; exec($shellBefehl,$nu); $shellBefehl = "tar -xvf ../img/tmp/$filename -C ../img/tmp/"; echo "Entpacken...
"; //$shellBefehl = escapeshellcmd($shellBefehl); exec($shellBefehl,$nu); //Bilddateien einfuegen in ../tmp/ $handle=opendir ("../img/tmp/"); while ($datei = readdir ($handle)) { if (is_file("../img/tmp/".$datei)) { $imagesize = getimagesize("../img/tmp/".$datei); if ( ($imagesize[2] == IMAGETYPE_JPEG) || ($imagesize[2] == IMAGETYPE_GIF) || ($imagesize[2] == IMAGETYPE_PNG) ) { echo $datei."
"; $f = md5(uniqid(rand(), TRUE)); copy ("../img/tmp/".$datei, "../img/".$f); createThumb($f); $sql = "INSERT INTO bilder_pics (bp_parent, bp_url) VALUES ('".$curID."','".$f."')"; mysql_query($sql); } } } closedir($handle); $shellBefehl = "rm -rf ../img/tmp/*"; //$shellBefehl = escapeshellcmd($shellBefehl); exec($shellBefehl,$nu); } else if ($_FILES['kat_file']['type'][$curID] == "application/zip") { $shellBefehl = "rm -rf ../img/tmp/*"; //$shellBefehl = escapeshellcmd($shellBefehl); exec($shellBefehl,$nu); move_uploaded_file($_FILES['kat_file']['tmp_name'][$curID], "../img/tmp/".$filename); $shellBefehl = "chmod 666 ../img/tmp/$filename"; exec($shellBefehl,$nu); $shellBefehl = "unzip ../img/tmp/$filename -d ../img/tmp/"; echo "Entpacken...
"; //$shellBefehl = escapeshellcmd($shellBefehl); exec($shellBefehl,$nu); //Bilddateien einfuegen in ../tmp/ $handle=opendir ("../img/tmp/"); while ($datei = readdir ($handle)) { if (is_file("../img/tmp/".$datei)) { $imagesize = getimagesize("../img/tmp/".$datei); if ( ($imagesize[2] == IMAGETYPE_JPEG) || ($imagesize[2] == IMAGETYPE_GIF) || ($imagesize[2] == IMAGETYPE_PNG) ) { echo $datei."
"; $f = md5(uniqid(rand(), TRUE)); copy ("../img/tmp/".$datei, "../img/".$f); createThumb($f); $sql = "INSERT INTO bilder_pics (bp_parent, bp_url) VALUES ('".$curID."','".$f."')"; mysql_query($sql); } } } closedir($handle); $shellBefehl = "rm -rf ../img/tmp/*"; //$shellBefehl = escapeshellcmd($shellBefehl); exec($shellBefehl,$nu); } else { move_uploaded_file($_FILES['kat_file']['tmp_name'][$curID], "../img/".$filename); createThumb($filename); //createThumb($picname) $sql = "INSERT INTO bilder_pics (bp_parent, bp_url) VALUES ('".$curID."','".$filename."')"; mysql_query($sql); } } //mysql_query($sql); } if ($_POST['pic_mov']) { $curID = $_POST['pic_mov']; if (!is_numeric($curID)) die(".."); $sql = "UPDATE bilder_pics SET bp_parent='".$_POST['mov_kat'][$curID]."' WHERE bp_id='".$curID."'"; mysql_query($sql); } //pic_mov //mov arraqy bauen $mov_kat = ""; $sql = "SELECT bk_id, bk_title_de FROM bilder_kategorien"; $query = mysql_query($sql); while ($row= mysql_fetch_array($query)) { $mov_kat .= ""; } $_SESSION['mov_kat'] = $mov_kat; ?>

Bilder

Hilfe
Upload: auch zip oder tar Dateien

ADD
CHADDDD ALL Upload
" omega", "1" => " alpha", "2" => ""); $var = "bp_title".$lan; while ($row=mysql_fetch_array($query)) { if ((($i % 3) == 0) && ($op == 0) ) { ?>
CHD MOV
"; } } ?>