exist?
At this link is one argument on this hack.
http://www.xoopsitalia.org/modules/newbb/viewtopic.php?topic_id=7985&post_id=39013#forumpost39013
TNX
include("header.php");
include '../mainfile.php';
include_once XOOPS_ROOT_PATH.'/class/uploader.php';
//aggiunta
$release_image = isset($_POST['upload_file']) ? $_POST['upload_file'] : array();
//Imposto i tipi di file autorizzati
$allowed_mimetypes = array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png');
// Massimo peso
$maxfilesize = 100000;
//larghezza e lunghezza
$maxfilewidth = 150;
$maxfileheight = 150;
//Richiamo la classe uploader e gli passo i parametri inizializzati
//Nota: il primo parametro è il nome della cartella dove verrà salvato il file. In questo caso la cartella è nella stessa dierctory di questo file
$uploader = new XoopsMediaUploader(XOOPS_ROOT_PATH.'/uploads/copertine', $allowed_mimetypes, $maxfilesize, $maxfilewidth, $maxfileheight);
//imposto un prefisso per l'immagine
$uploader->setPrefix('img');
//Upload del file
if ($uploader->fetchMedia($release_image[0])) {
if (!$uploader->upload()) {
//Errori?
echo $uploader->getErrors();
} else {
//Tutto OK!
echo 'File caricato con successo!';
echo 'File salvato come: ' . $uploader->getSavedFileName() . '';
echo 'Path completa: ' . $uploader->getSavedDestination(). '';
echo 'Nome del file: ' . $uploader->getMediaName(). '';
echo 'Tipo di file: ' . $uploader->getMediaType(). '';
echo 'Peso: ' . $uploader->getMediaSize(). '';
echo 'Nome file temporaneo: ' . $uploader->getMediaTmpName(). '';
echo 'Directory dove è stato salvato: ' . $uploader->getSavedDestination(). '';}
} else {
echo $uploader->getErrors();
}
$myts =& MyTextSanitizer::getInstance();
$xoopsOption['show_rblock'] =0;
include(XOOPS_ROOT_PATH."/header.php");
//Global $xoopsUser, $xoopsConfig;
$op = "submit";
if (isset($HTTP_GET_VARS)) {
foreach ($HTTP_GET_VARS as $k => $v) {
$$k = $v;
}
}
if (isset($HTTP_POST_VARS)) {
foreach ($HTTP_POST_VARS as $k => $v) {
$$k = $v;
}
}
if (!empty($contents_preview)) {
$myts =& MyTextSanitizer::getInstance();
//OpenTable();
//echo ""._XD_CATEGORY.": ".$category_id;
$html = empty($review_nohtml) ? 1 : 0;
$smiley = empty($review_nosmiley) ? 1 : 0;
$xcode = empty($review_noxcode) ? 1 : 0;
$p_title = $myts->makeTboxData4Preview($review_title);
$p_item = $myts->makeTboxData4Preview($review_item);
$p_label = $myts->makeTboxData4Preview($review_label);
$p_release = $myts->makeTboxData4Preview($release_date);
$p_format = $myts->makeTboxData4Preview($release_format);
$p_contents = $myts->makeTareaData4Preview($review_contents, $html, $smiley, $xcode);
$p_image = $myts->makeTboxData4PreviewInForm($release_image);
echo"
$p_title
$p_item
$p_label
$p_release
$p_format
$p_image
$p_contents
";
$review_title = $myts->makeTboxData4PreviewInForm($review_title);
$review_item = $myts->makeTboxData4PreviewInForm($review_item);
$review_label = $myts->makeTboxData4PreviewInForm($review_label);
$release_date = $myts->makeTboxData4PreviewInForm($release_date);
$release_format = $myts->makeTboxData4PreviewInForm($release_format);
$release_image = $myts->makeTboxData4PreviewInForm($release_image);
$review_contents = $myts->makeTareaData4PreviewInForm($review_contents);
include("contentsform.php");
//CloseTable();
include (XOOPS_ROOT_PATH."/footer.php");
exit();
}
if ($op == "submit") {
OpenTable();
$myts =& MyTextSanitizer::getInstance();
//echo ""._XD_ADDCONTENTS."
";
$review_title = "";
$review_contents = "";
$review_item ="";
$review_label ="";
$release_date ="";
$release_format ="";
$release_image = "";
$review_visible = 0;
$review_nohtml = 0;
$review_nosmiley = 0;
$review_noxcode = 0;
$review_id = 0;
$category_id = 0;
$op = "addcontentsgo";
include("contentsform.php");
CloseTable();
include (XOOPS_ROOT_PATH."/footer.php");
exit();
}
if ($op == "addcontentsgo") {
OpenTable();
$myts =& MyTextSanitizer::getInstance();
$title = $myts->makeTboxData4Save($review_title);
$item = $myts->makeTboxData4Save($review_item);
$label = $myts->makeTboxData4Save($review_label);
$release = $myts->makeTboxData4Save($release_date);
$format = $myts->makeTboxData4Save($release_format);
$image = $myts->makeTboxData4Save($release_image);
$contents = $myts->makeTareaData4Save($review_contents);
/*
$result = $xoopsDB->query("SELECT category_id, category_title FROM ".$xoopsDB->prefix("lykos_reviews_categories")."");
while(list($cat,$cat_title) = $xoopsDB->fetchRow($result)) {
if($category_id==$cat_title) {
$category_id=$cat;
}
}
*/
$category_id = $myts->makeTareaData4Save($category_id);
if($xoopsUser->uid()) {
$submitter = $xoopsUser->uid();
} else {
$submitter = 0;
}
$newid = $xoopsDB->genId($xoopsDB->prefix("lykos_reviews_contents")."_review_id_seq");
$sql = "INSERT INTO ".$xoopsDB->prefix("lykos_reviews_contents")." (review_id, category_id, review_title, review_item, review_label, release_date, release_format, release_image, review_contents, review_uid, review_time, review_visible, review_nohtml, review_nosmiley, review_noxcode) VALUES (".$newid.", ".$category_id.", '".$title."', '".$item."', '".$label."', '".$release."', '".$format."', '".$image."', '".$contents."', '".$submitter."',".time().", ".intval($review_visible).", ".intval($review_nohtml).", ".intval($review_nosmiley).", ".intval($review_noxcode).")";
if (!$xoopsDB->query($sql)) {
echo "Impossibile aggiungere contenuti";
CloseTable();
include (XOOPS_ROOT_PATH."/footer.php");
} else {
redirect_header("index.php",1,_XD_DBSUCCESS);
}
exit();
}
?>
echo "";
echo "";
echo "";
echo ""._XD_QUESTION." $review_title' size='31' maxlength='255' /> ";
echo ""._XD_CATEGORY." ";
echo ""._XD_ITEM." $review_item' size='31' maxlength='255' /> ";
echo ""._XD_LABEL." $review_label' size='31' maxlength='255' /> ";
echo ""._XD_RELEASE." $release_date' size='31' maxlength='255' /> ";
echo ""._XD_FORMAT." $release_format' size='31' maxlength='255' /> ";
echo "";
echo ""._XD_IMAGE." $release_image' size='31' maxlength='255' />
";
echo "";
//oldfield
echo ".$release_image."' size='31' maxlength='255' /> ";
echo ""._XD_AMAZN." .$review_amazon."' size='31' maxlength='255' /> ";
$checked = ($review_visible == 1) ? " checked='checked'" : "";
echo ""._XD_DISPLAY." $checked /> ";
echo ""._XD_ANSWER." ";
include_once(XOOPS_ROOT_PATH."/include/xoopscodes.php");
xoopsCodeTarea("review_contents", 39, 20);
xoopsSmilies("review_contents");
$checked = ($review_nohtml == 1) ? " checked='checked'" : "";
echo "
$checked />"._XD_NOHTML."
";
$checked = ($review_nosmiley == 1) ? " checked='checked'" : "";
echo "$checked />"._XD_NOSMILEY."
";
$checked = ($review_noxcode == 1) ? " checked='checked'" : "";
echo "$checked />"._XD_NOXCODE." ";
echo " .$review_id."' />$op' />._PREVIEW."' /> ._SUBMIT."' /> ";
echo "
";
include("image_uploader.php");
?>