|
1
|
|
|
<?php |
|
2
|
|
|
/* |
|
3
|
|
|
* You may not change or alter any portion of this comment or credits |
|
4
|
|
|
* of supporting developers from this source code or any supporting source code |
|
5
|
|
|
* which is considered copyrighted (c) material of the original comment or credit authors. |
|
6
|
|
|
* |
|
7
|
|
|
* This program is distributed in the hope that it will be useful, |
|
8
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
9
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. |
|
10
|
|
|
*/ |
|
11
|
|
|
|
|
12
|
|
|
/** |
|
13
|
|
|
* Created by PhpStorm. |
|
14
|
|
|
* User: jjes |
|
15
|
|
|
* Date: 2016/11/1 |
|
16
|
|
|
* Time: 下午 02:29 |
|
17
|
|
|
*/ |
|
18
|
|
|
include __DIR__ . '/../../../../mainfile.php'; |
|
19
|
|
|
include __DIR__ . '/../../../../class/uploader.php'; |
|
20
|
|
|
/* |
|
|
|
|
|
|
21
|
|
|
function getImageInBase64() |
|
22
|
|
|
{ |
|
23
|
|
|
$tmp_name = $_FILES['image']['tmp_name']; |
|
24
|
|
|
$file_name = $_FILES['image']['name']; |
|
25
|
|
|
$verify_img = getimagesize($tmp_name); |
|
26
|
|
|
$file_mime = $verify_img['mime']; |
|
27
|
|
|
|
|
28
|
|
|
if (file_exists($tmp_name) |
|
29
|
|
|
&& false !== strpos($file_mime, 'image/')) { |
|
30
|
|
|
$file_path = '../../../../uploads/$filename'; |
|
31
|
|
|
move_uploaded_file($tmp_name, $file_path); |
|
32
|
|
|
$img_data = base64_encode(file_get_contents($file_path)); |
|
33
|
|
|
unlink($file_path); |
|
34
|
|
|
|
|
35
|
|
|
return "data:$file_mime;base64,$img_data"; |
|
36
|
|
|
} |
|
37
|
|
|
|
|
38
|
|
|
return ''; |
|
39
|
|
|
} |
|
40
|
|
|
*/ |
|
41
|
|
|
|
|
42
|
|
|
$append_data = array_map('htmlspecialchars', array_map('addslashes', $_POST)); |
|
43
|
|
|
global $xoopsDB, $xoopsUser; |
|
44
|
|
|
if (strlen($append_data['name']) |
|
45
|
|
|
&& strlen($append_data['amount']) |
|
46
|
|
|
&& (int)$append_data['amount'] > 0) { |
|
47
|
|
|
$post_data_name = $append_data['name']; |
|
48
|
|
|
$post_data_amount = (int)$append_data['amount']; |
|
49
|
|
|
$owner = $xoopsUser->uname(); |
|
50
|
|
|
$totalAmount = $post_data_amount; |
|
51
|
|
|
|
|
52
|
|
|
$image = $append_data['image']; |
|
53
|
|
|
|
|
54
|
|
|
$sql = sprintf("INSERT INTO %s(`name`, `owner`, `amount`, `total`, `image`) |
|
55
|
|
|
VALUES('{$post_data_name}', |
|
56
|
|
|
'{$owner}', |
|
57
|
|
|
{$post_data_amount}, |
|
58
|
|
|
{$post_data_amount}, |
|
59
|
|
|
'{$image}');", $xoopsDB->prefix('equipment_equipment')); |
|
60
|
|
|
|
|
61
|
|
|
$xoopsDB->queryF($sql); |
|
62
|
|
|
} |
|
63
|
|
|
|
|
64
|
|
|
header('location:../equipment_vue.php'); |
|
65
|
|
|
//echo "<script>window.location.href='../manage.php';</script>"; |
|
66
|
|
|
|
mambax7 /
XOOPS_equipment_manage
Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it.
The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production.
This check looks for comments that seem to be mostly valid code and reports them.