Issues (663)

Security Analysis    not enabled

This project does not seem to handle request data directly as such no vulnerable execution paths were found.

  Cross-Site Scripting
Cross-Site Scripting enables an attacker to inject code into the response of a web-request that is viewed by other users. It can for example be used to bypass access controls, or even to take over other users' accounts.
  File Exposure
File Exposure allows an attacker to gain access to local files that he should not be able to access. These files can for example include database credentials, or other configuration files.
  File Manipulation
File Manipulation enables an attacker to write custom data to files. This potentially leads to injection of arbitrary code on the server.
  Object Injection
Object Injection enables an attacker to inject an object into PHP code, and can lead to arbitrary code execution, file exposure, or file manipulation attacks.
  Code Injection
Code Injection enables an attacker to execute arbitrary code on the server.
  Response Splitting
Response Splitting can be used to send arbitrary responses.
  File Inclusion
File Inclusion enables an attacker to inject custom files into PHP's file loading mechanism, either explicitly passed to include, or for example via PHP's auto-loading mechanism.
  Command Injection
Command Injection enables an attacker to inject a shell command that is execute with the privileges of the web-server. This can be used to expose sensitive data, or gain access of your server.
  SQL Injection
SQL Injection enables an attacker to execute arbitrary SQL code on your database server gaining access to user data, or manipulating user data.
  XPath Injection
XPath Injection enables an attacker to modify the parts of XML document that are read. If that XML document is for example used for authentication, this can lead to further vulnerabilities similar to SQL Injection.
  LDAP Injection
LDAP Injection enables an attacker to inject LDAP statements potentially granting permission to run unauthorized queries, or modify content inside the LDAP tree.
  Header Injection
  Other Vulnerability
This category comprises other attack vectors such as manipulating the PHP runtime, loading custom extensions, freezing the runtime, or similar.
  Regex Injection
Regex Injection enables an attacker to execute arbitrary code in your PHP process.
  XML Injection
XML Injection enables an attacker to read files on your local filesystem including configuration files, or can be abused to freeze your web-server process.
  Variable Injection
Variable Injection enables an attacker to overwrite program variables with custom data, and can lead to further vulnerabilities.
Unfortunately, the security analysis is currently not available for your project. If you are a non-commercial open-source project, please contact support to gain access.

include/form.hotel.php (4 issues)

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

1
<?php
2
/**
3
 * @酒店表单
4
 * @license   http://www.blags.org/
5
 * @created   :2010年05月20日 23时52分
6
 * @copyright 1997-2010 The Martin Group
7
 * @author    Martin <[email protected]>
8
 * */
9
if (!defined('XOOPS_ROOT_PATH')) {
10
    return;
11
}
12
13
include_once XOOPS_ROOT_PATH . '/class/xoopsformloader.php';
14
15
/**
16
 * Class form_hotel
17
 */
18
class form_hotel extends XoopsThemeForm
19
{
20
    /**
21
     * form_hotel constructor.
22
     * @param $HotelObj
23
     * @param $HotelCityObj
24
     */
25
    public function __construct(&$HotelObj, &$HotelCityObj)
26
    {
27
        global $Ranks;
28
        $this->Ranks   = &$Ranks;
29
        $this->Obj     = &$HotelObj;
30
        $this->CityObj = &$HotelCityObj;
31
        parent::__construct(_AM_MARTIN_HOTEL_INFO, "op", xoops_getenv('PHP_SELF') . "?action=save");
32
        $this->setExtra('enctype="multipart/form-data"');
33
34
        $this->createElements();
35
        $this->createButtons();
36
    }
37
38
    /**
39
     * created elements
40
     * @license   http://www.blags.org/
41
     * @created   :2010年05月21日 20时40分
42
     * @copyright 1997-2010 The Martin Group
43
     * @author    Martin <[email protected]>
44
     * */
45
    public function createElements()
46
    {
47
        global $hotel_handler, $xoopsDB, $xoopsModuleConfig;
48
49
        //编辑器
50
        include_once XOOPS_ROOT_PATH . "/modules/martin/class/xoopsformloader.php";
51
        include_once MARTIN_ROOT_PATH . '/include/formdatetime.php';
52
53
        $this->google_api = $xoopsModuleConfig['google_api'];
54
55
        /*$this->City = $hotel_handler->GetCityList('WHERE city_parentid = 0');
56
        $CityElement = new XoopsFormSelect(_AM_MARTIN_HOTEL_CITY, 'hotel_city', $this->Obj->hotel_city() , 1 );
57
        $CityElement->addOptionArray($this->City);
58
        $this->addElement($CityElement , true);*/
59
60
        $mytree = new XoopsTree($xoopsDB->prefix("martin_hotel_city"), "city_id", "city_parentid");
61
        // Parent Category
62
        //multiple
63
64
        $js = '<script type="text/javascript">
65
            jQuery(document).ready(function(){
66
                jQuery("#hotel_city").find("option").each(function(i){
67
                    var v = jQuery(this).text();
68
                    if(v.indexOf("----") != -1) jQuery(this).remove();
69
                });
70
            });
71
            </script>';
72
73
        ob_start();
74
        $mytree->makeMySelBox("city_name", "", $this->Obj->hotel_city(), 1, 'hotel_city');
75
        //makeMySelBox($title,$order="",$preset_id=0, $none=0, $sel_name="", $onchange="")
76
        $this->addElement(new XoopsFormLabel($js . _AM_MARTIN_ADMIN_AREA . "<br>" . _AM_MARTIN_SELECT_2ND_LEVEL, ob_get_contents()));
77
        ob_end_clean();
78
79
        // Parent Category
80
        //multiple
81
        $mytree->_SetMultiple(true);
82
        $hotel_city_id = explode(',', $this->Obj->hotel_city_id());
83
84
        ob_start();
85
        $mytree->makeMySelBox("city_name", '', $hotel_city_id, 1, 'hotel_city_id[]');
86
        //makeMySelBox($title,$order="",$preset_id=0, $none=0, $sel_name="", $onchange="");
87
        $this->addElement(new XoopsFormLabel(_AM_MARTIN_CIRCLE . "<br>" . _AM_MARTIN_SELECT_3RD_LEVEL, ob_get_contents()));
88
        ob_end_clean();
89
        // City Name
90
        //$this->addElement( new XoopsFormText(_AM_MARTIN_ADMIN_CITY_AREA, 'hotel_environment', 50, 255, $this->Obj->hotel_environment()), true);
91
92
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_RANK, 'hotel_rank', 11, 11, $this->Obj->hotel_rank()), true);
93
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_NAME, 'hotel_name', 50, 255, $this->Obj->hotel_name()), true);
94
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_NAME_ENGLISH, 'hotel_enname', 50, 255, $this->Obj->hotel_enname()), true);
95
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_WEBSITE . "<br>" . _AM_MARTIN_NO_HTML, 'hotel_alias', 50, 255, $this->Obj->hotel_alias()), true);
96
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_KEYWORDS_SEO, 'hotel_keywords', 50, 255, $this->Obj->hotel_keywords()), true);
97
        $this->addElement(new XoopsFormTextArea(_AM_MARTIN_HOTEL_DESC_SEO, 'hotel_description', $this->Obj->hotel_description()), true);
98
        //hotel tags
99
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTELS_TAGS . "<br>" . _AM_MARTIN_USE_SPACE_AS_SEPARATOR, 'hotel_tags', 50, 255, $this->Obj->hotel_tags()), true);
100
101
        //hotel star
102
        $rankElement = new XoopsFormSelect(_AM_MARTIN_RANK, 'hotel_star', $this->Obj->hotel_star(), 1);
103
        $rankElement->addOptionArray($this->Ranks);
104
        $this->addElement($rankElement, true);
105
106
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_ADDRESS, 'hotel_address', 50, 255, $this->Obj->hotel_address()), true);
107
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_PHONE, 'hotel_telephone', 50, 255, $this->Obj->hotel_telephone()), true);
108
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_FAX, 'hotel_fax', 50, 255, $this->Obj->hotel_fax()), true);
109
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_FEATURES, 'hotel_characteristic', 50, 255, $this->Obj->hotel_characteristic()), true);
110
        $this->addElement(new XoopsFormText(_AM_MARTIN_THE_NUMBER_OF_ROOMS, 'hotel_room_count', 11, 11, $this->Obj->hotel_room_count()), true);
111
        $open_time = $this->Obj->hotel_open_time();
112
        $this->addElement(new XoopsFormText(_AM_MARTIN_HOTEL_OPENED, 'hotel_open_time', 50, 255, date('Y', $open_time > 0 ? $open_time : time())), true);
113
114
        //        $this->addElement( new XoopsFormText(_AM_MARTIN_HOTEL_ROOM_PHOTOS, 'hotel_image', 50, 255, $this->Obj->hotel_image()), true);
115
116
        list($width, $height) = getimagesize('../images/hotelicon/' . $this->Obj->hotel_icon());
0 ignored issues
show
The assignment to $width is unused. Consider omitting it like so list($first,,$third).

This checks looks for assignemnts to variables using the list(...) function, where not all assigned variables are subsequently used.

Consider the following code example.

<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;

Only the variables $a and $c are used. There was no need to assign $b.

Instead, the list call could have been.

list($a,, $c) = returnThreeValues();
Loading history...
The assignment to $height is unused. Consider omitting it like so list($first,,$third).

This checks looks for assignemnts to variables using the list(...) function, where not all assigned variables are subsequently used.

Consider the following code example.

<?php

function returnThreeValues() {
    return array('a', 'b', 'c');
}

list($a, $b, $c) = returnThreeValues();

print $a . " - " . $c;

Only the variables $a and $c are used. There was no need to assign $b.

Instead, the list call could have been.

list($a,, $c) = returnThreeValues();
Loading history...
117
        $hotel_icon = '<script type="text/javascript">
118
                        function showbox(src)
119
                        {
120
                            window.open(src , "_blank" , "width = \' . $width . \',height = \' . $height . \'");
121
                        }
122
                        </script>';
123
        //Hotel Logo
124
        $hotel_icon .= '<a href = "javascript:void(0);" onclick = "showbox(\'../images/hotelicon/' . $this->Obj->hotel_icon() . '\')"><img src = "../images/hotelicon/' . $this->Obj->hotel_icon() . '" width = 100 height = 100 class="showicon" ></a><br > ';
125
126
        $hotelIcon = new XoopsFormElementTray(_AM_MARTIN_HOTEL_LOGO_IMAGE);
127
        $hotelIcon->addElement(new XoopsFormFile("" . $hotel_icon, "hotel_icon", ""), false);
128
        $this->addElement($hotelIcon, false);
129
130
        //特殊处理
131
        //酒店地图
132
        $Coordinate = $this->Obj->hotel_google();
133
        $google     = new XoopsFormElementTray(_AM_MARTIN_GOOGLE_MAP);
134
        $google->addElement(new XoopsFormText(_AM_MARTIN_LATITTUDE, 'GmapLatitude', 25, 25, $Coordinate[0]), true);
135
        $google->addElement(new XoopsFormText(_AM_MARTIN_LONGITUDE, 'GmapLongitude', 25, 25, $Coordinate[1]), true);
136
        $google->addElement(new XoopsFormLabel("<br><br><font style='background - color:#2F5376;color:#FFFFFF;padding:2px;vertical-align:middle;'>google map:</font><br>", $this->googleMap($Coordinate)));
137
138
        //酒店图片
139
        $Img = new XoopsFormElementTray(_AM_MARTIN_HOTEL_PHOTOS);
140
        $Img->addElement(new XoopsFormLabel("", $this->Swfupload()));
141
142
        $this->addElement($Img);
143
        $this->addElement($google, true);
144
        //特殊处理
145
146
        //编辑器 酒店详细信息
147
        $this->addElement(new XoopsFormTextArea(_AM_MARTIN_HOTELS_NOTES, 'hotel_reminded', $this->Obj->hotel_reminded()), true);
148
        //hotel Facility 
149
        $this->addElement(new XoopsFormTextArea(_AM_MARTIN_FACILITIES_SERVICES, 'hotel_facility', $this->Obj->hotel_facility()), true);
150
151
        $editor                   = 'tinymce';
152
        $hotel_info               = $this->Obj->hotel_info();
153
        $editor_configs           = array();
154
        $editor_configs["name"]   = "hotel_info";
155
        $editor_configs["value"]  = $hotel_info;
156
        $editor_configs["rows"]   = empty($xoopsModuleConfig["editor_rows"]) ? 35 : $xoopsModuleConfig["editor_rows"];
157
        $editor_configs["cols"]   = empty($xoopsModuleConfig["editor_cols"]) ? 60 : $xoopsModuleConfig["editor_cols"];
158
        $editor_configs["width"]  = empty($xoopsModuleConfig["editor_width"]) ? "100%" : $xoopsModuleConfig["editor_width"];
159
        $editor_configs["height"] = empty($xoopsModuleConfig["editor_height"]) ? "400px" : $xoopsModuleConfig["editor_height"];
160
161
        $this->addElement(new XoopsFormEditor(_AM_MARTIN_HOTEL_DETALS, $editor, $editor_configs, false, $onfailure = null), false);
162
        //$this->addElement(new XoopsFormHidden("hotel_info", $hotel_info) , true );
163
164
        $this->addElement(new XoopsFormRadioYN(_AM_MARTIN_HOTEL_EDIT_STATUS, 'hotel_status', $this->Obj->hotel_status(), _AM_MARTIN_PUBLISHED, _AM_MARTIN_DRAFT), true);
165
        //$this->addElement( new MartinFormDateTime("酒店发布时间", 'hotel_open_time', $size = 15, $this->Obj->hotel_open_time() ) ,true);
166
167
        $this->addElement(new XoopsFormHidden('hotel_icon_old', $this->Obj->hotel_icon()));
168
        $this->addElement(new XoopsFormHidden('id', $this->Obj->hotel_id()));
169
    }
170
171
    /**
172
     * @创建按钮
173
     * @license   http://www.blags.org/
174
     * @created   :2010年05月20日 23时52分
175
     * @copyright 1997-2010 The Martin Group
176
     * @author    Martin <[email protected]>
177
     * */
178 View Code Duplication
    public function createButtons()
0 ignored issues
show
This method seems to be duplicated in your project.

Duplicated code is one of the most pungent code smells. If you need to duplicate the same code in three or more different places, we strongly encourage you to look into extracting the code into a single class or operation.

You can also find more detailed suggestions in the “Code” section of your repository.

Loading history...
179
    {
180
        $button_tray = new XoopsFormElementTray('', '');
181
        // No ID for category -- then it's new category, button says 'Create'
182
        if (!$this->CityObj->city_id()) {
183
            $butt_create = new XoopsFormButton('', '', _SUBMIT, 'submit');
184
            $butt_create->setExtra('onclick="this.form.elements.op.value=\'addcategory\'"');
185
            $button_tray->addElement($butt_create);
186
187
            $butt_clear = new XoopsFormButton('', '', _RESET, 'reset');
188
            $button_tray->addElement($butt_clear);
189
190
            $butt_cancel = new XoopsFormButton('', '', _CANCEL, 'button');
191
            $butt_cancel->setExtra('onclick="history.go(-1)"');
192
            $button_tray->addElement($butt_cancel);
193
194
            $this->addElement($button_tray);
195
        } else {
196
            // button says 'Update'
197
            $butt_create = new XoopsFormButton('', '', _EDIT, 'submit');
198
            $butt_create->setExtra('onclick="this.form.elements.op.value=\'addcategory\'"');
199
            $button_tray->addElement($butt_create);
200
201
            $butt_clear = new XoopsFormButton('', '', _RESET, 'reset');
202
            $button_tray->addElement($butt_clear);
203
204
            $butt_cancel = new XoopsFormButton('', '', _CANCEL, 'button');
205
            $butt_cancel->setExtra('onclick="history.go(-1)"');
206
            $button_tray->addElement($butt_cancel);
207
208
            $this->addElement($button_tray);
209
        }
210
    }
211
212
    /**
213
     * @google    地图
214
     * @license   http://www.blags.org/
215
     * @created   :2010年05月24日 19时55分
216
     * @copyright 1997-2010 The Martin Group
217
     * @author    Martin <[email protected]>
218
     * @param $Coordinate
219
     * @return string
220
     */
221
    public function googleMap($Coordinate)
222
    {
223
        $str = '<div id="gmap" style="width: 640px; height: 320px;"></div>';
224
        $str .= '<style type="text/css"> 
225
            @import url("http://www.google.com/uds/css/gsearch.css");
226
            @import url("http://www.google.com/uds/solutions/localsearch/gmlocalsearch.css");
227
            </style>
228
        <script src="http://maps.google.com/maps?file=api&amp;v=2&amp;key=' . $this->google_api . '" type="text/javascript"></script>
229
        <script type="text/javascript">
230
        //<![CDATA[
231
        //得到坐标
232
        var width = 800;
233
        var height = 400;
234
        var lat = document.getElementById("GmapLatitude").value;
235
        lat = lat == "" ? 22.38428032178884 : lat;
236
        var lng = document.getElementById("GmapLongitude").value;
237
        lng = lng == "" ? 114.13110352121294 : lng;
238
        //得到数据信息
239
        var hotel_name = ["' . $this->Obj->hotel_name() . '"];
240
        var message = ["' . str_replace("\r\n", '<br>', $this->Obj->hotel_description()) . '"];
241
        hotel_name = hotel_name == "" ? _AM_MARTIN_HOTEL_NAME : hotel_name;
242
        message = message == "" ? _AM_MARTIN_HOTEL_DESCRIPTION : message;
243
244
        function initialize() {
245
            if (GBrowserIsCompatible()) {
246
                var map = new GMap2(document.getElementById("gmap"),{ size: new GSize(width,height) } );
247
                map.setCenter(new GLatLng(lat,lng), 10);
248
                var customUI = map.getDefaultUI();
249
                //搜索
250
                map.enableGoogleBar();
251
                // Remove MapType.G_HYBRID_MAP
252
                customUI.maptypes.hybrid = false;
253
                map.setUI(customUI);
254
                var latlng = new GLatLng(lat,lng);
255
                var marker = new GMarker(latlng);
256
                var myHtml = "<font color=\"blue\";>" + hotel_name + "</font><br>" + message;
257
                //点击显示
258
                GEvent.addListener(map, "click", function(overlay,latlng) {
259
                    jQuery("#GmapLatitude").val(latlng.lat());
260
                    jQuery("#GmapLongitude").val(latlng.lng());
261
                    marker.setLatLng(latlng);
262
                    map.setCenter(latlng);
263
                    map.addOverlay(marker);
264
                    marker.openInfoWindowHtml(myHtml);
265
                });
266
                //锚点
267
                map.setCenter(latlng);
268
                map.addOverlay(marker);
269
                marker.openInfoWindowHtml(myHtml);
270
            }
271
        }
272
        //window.onunload = GUnload();
273
        //同时加载
274
        window.onload = function(){initialize();swfOnload();};
275
        //Event.observe(window, "load",initialize);
276
        google.setOnLoadCallback(initialize);
277
        //]]>
278
        </script>  ';
279
280
        return $str;
281
    }
282
283
    /**
284
     * swf 多图片上传
285
     * @license   http://www.blags.org/
286
     * @created   :2010年05月24日 19时55分
287
     * @copyright 1997-2010 The Martin Group
288
     * @author    Martin <[email protected]>
289
     * */
290
    public function Swfupload()
291
    {
292
        session_start();
293
        $_SESSION["file_info"] = array();
294
        global $xoopsModuleConfig;
295
296
        $hotel_image = $this->Obj->hotel_image();
297
298
        if (is_array($hotel_image) && count($hotel_image) > 0) {
299
            foreach ($hotel_image as $image) {
300
                $alt      = $image['alt'];
301
                $filename = $image['filename'];
302
                $key      = explode('.', $filename);
303
                $str .= '<div id="' . $key[0] . '"><img id="' . $filename . '" class="existimage" title="'._AM_MARTIN_DELETE_THE_PICTURE.'" style="margin: 5px; vertical-align: middle; cursor: pointer;" src="../images/hotel/' . $filename . '" width=100 height=100><br><input type="text" title="'._AM_MARTIN_PICTURE_INTRODUCTION.'" siz="5" name="FileData[' . $filename . ']" value="' . $alt . '"></div>';
0 ignored issues
show
The variable $str does not seem to be defined for all execution paths leading up to this point.

If you define a variable conditionally, it can happen that it is not defined for all execution paths.

Let’s take a look at an example:

function myFunction($a) {
    switch ($a) {
        case 'foo':
            $x = 1;
            break;

        case 'bar':
            $x = 2;
            break;
    }

    // $x is potentially undefined here.
    echo $x;
}

In the above example, the variable $x is defined if you pass “foo” or “bar” as argument for $a. However, since the switch statement has no default case statement, if you pass any other value, the variable $x would be undefined.

Available Fixes

  1. Check for existence of the variable explicitly:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        if (isset($x)) { // Make sure it's always set.
            echo $x;
        }
    }
    
  2. Define a default value for the variable:

    function myFunction($a) {
        $x = ''; // Set a default which gets overridden for certain paths.
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
        }
    
        echo $x;
    }
    
  3. Add a value for the missing path:

    function myFunction($a) {
        switch ($a) {
            case 'foo':
                $x = 1;
                break;
    
            case 'bar':
                $x = 2;
                break;
    
            // We add support for the missing case.
            default:
                $x = '';
                break;
        }
    
        echo $x;
    }
    
Loading history...
304
            }
305
        }
306
307
        $swf = '
308
        <link href="../javascript/swfupload/css/default.css" rel="stylesheet" type="text/css" />
309
        <script type="text/javascript" src="../javascript/swfupload/swfupload.js"></script>
310
        <script type="text/javascript" src="../javascript/swfupload/handlers.js"></script>
311
        <script type="text/javascript">
312
        var swfu;
313
        function swfOnload() {
314
            swfu = new SWFUpload({
315
                // Backend Settings
316
                upload_url: "upload.php",
317
                post_params: {"PHPSESSID": "' . session_id() . '"},
318
319
                // File Upload Settings
320
                file_size_limit : "10MB",    // 2MB
321
                file_types : "*.jpg;*.JPG;*.gif;*.GIF;*.jpeg;*.JPEG;*.png;*.PNG",
322
                file_types_description : "All Files",
323
                file_upload_limit : 0,
324
325
                // Event Handler Settings - these functions as defined in Handlers.js
326
                //  The handlers are not part of SWFUpload but are part of my website and control how
327
                //  my website reacts to the SWFUpload events.
328
                swfupload_preload_handler : preLoad,
329
                swfupload_load_failed_handler : loadFailed,
330
                file_queue_error_handler : fileQueueError,
331
                file_dialog_complete_handler : fileDialogComplete,
332
                upload_progress_handler : uploadProgress,
333
                upload_error_handler : uploadError,
334
                upload_success_handler : uploadSuccess,
335
                upload_complete_handler : uploadComplete,
336
337
                // Button Settings
338
                button_image_url : "../javascript/swfupload/images/button.png",
339
                button_placeholder_id : "spanButtonPlaceholder",
340
                button_width: 61,
341
                button_height: 22,
342
343
                // Flash Settings
344
                flash_url : "../javascript/swfupload/swfupload.swf",
345
                flash9_url : "../javascript/swfupload/swfupload_FP9.swf",
346
347
                custom_settings : {
348
                    thumbnail_width : ' . $xoopsModuleConfig['thumbnail_width'] . ',
349
                    thumbnail_height : ' . $xoopsModuleConfig['thumbnail_height'] . ',
350
                    thumbnail_quality : 100,
351
                    upload_target : "divFileProgressContainer",
352
                    upload_show   : "ShowTmp"
353
                },
354
355
                // Debug Settings
356
                debug: false
357
            });
358
        }
359
        </script>
360
        <div id="divSWFUploadUI">
361
        <font style="background-color:#2F5376;color:#FFFFFF;padding:2px;vertical-align:middle;">' . _AM_MARTIN_IMAGE_BY . '</font>
362
            <span id="spanButtonPlaceholder"></span>
363
            <div id="divFileProgressContainer" style="height: 55px;"></div>
364
            <div>' . $str . '</div>
365
            <div id="ShowTmp"></div>
366
        </div>';
367
368
        return $swf;
369
    }
370
}
371
/*
372
?>
373
<script type="text/javascript">
374
375
   $('.magnific_zoom').magnificPopup({
376
       type               : 'image',
377
       image              : {
378
           cursor     : 'mfp-zoom-out-cur',
379
           titleSrc   : "title",
380
           verticalFit: true,
381
           tError     : 'The image could not be loaded.' // Error message
382
       },
383
       iframe             : {
384
           patterns: {
385
               youtube : {
386
                   index: 'youtube.com/',
387
                   id   : 'v=',
388
                   src  : '//www.youtube.com/embed/%id%?autoplay=1'
389
               }, vimeo: {
390
                   index: 'vimeo.com/',
391
                   id   : '/',
392
                   src  : '//player.vimeo.com/video/%id%?autoplay=1'
393
               }, gmaps: {
394
                   index: '//maps.google.',
395
                   src  : '%id%&output=embed'
396
               }
397
           }
398
       },
399
       preloader          : true,
400
       showCloseBtn       : true,
401
       closeBtnInside     : false,
402
       closeOnContentClick: true,
403
       closeOnBgClick     : true,
404
       enableEscapeKey    : true,
405
       modal              : false,
406
       alignTop           : false,
407
       mainClass          : 'mfp-img-mobile mfp-fade',
408
       zoom               : {
409
           enabled : true,
410
           duration: 300,
411
           easing  : 'ease-in-out'
412
       },
413
       removalDelay       : 200
414
   });
415
</script>
416
*/
417