Select One';
while ($result = @mysql_fetch_array($result1)) {
$fields_all .= '';
}
$sub_cat_choice = (int) mysql_real_escape_string( $_GET['sub_cat'] );
if ( $sub_cat_choice ) {
if ( $sub_cat_choice == '99999' ) {
$sub_fields_all .= ' ('.$lang_select.')';
echo $sub_fields_all;
die();
} else {
$sql2 = "SELECT * from sub_channels WHERE parent_channel_id = $sub_cat_choice";
$query = @mysql_query($sql2);
$sub_fields_all .= ' ('.$lang_select.')';
echo $sub_fields_all;
die();
}
}
// grab values from form if any
$form_submitted = $_POST['form_submitted'];
$title = $_POST['title'];
$description = $_POST['description'];
$tags = $_POST['tags'];
$thumbnail = $_POST['thumbnail'];
//$newfilename = $_POST['newfilename'];
$new = $_POST['new'];
$location_recorded = $_POST['location_recorded'];
$allow_comments = $_POST['allow_comments'];
$allow_embedding = $_POST['allow_embedding'];
$public_private = $_POST['public_private'];
$channel = $_POST['channel'];
$sub_cat = $_POST['sub_cat'];
$procede = true;
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($_POST['form_submitted'])):
// $randomString needed regardless of passing tests so put outside error condition
$randomString = time();
if((isset($_FILES) && $_FILES['file']['error'] != 0) || !isset($_FILES)){
//Unable to upload file to temp
$error = '
Error: Unable to upload your file
';
//Make sure NoInfo image has png extension
$thumbnail = $_SESSION['user_id'] . '-' . $randomString . ".png";
copy("upload/NoInfoAvailable.png", "upload/" . $thumbnail);
}else{
$allowedExts = array("doc", "docx", "gif", "jpeg", "jpg", "txt", "rtf", "pdf", "png", "txt");
$temp = explode(".", $_FILES['file']['name']);
$extension = strtolower( end($temp) );
if(!in_array($extension,$allowedExts)){
$error = 'Error: Invalid File Name
';
}elseif($_FILES['file']['size'] >= 100000){
$error = 'Error: Image File Size Exceeds 100 KB Limit
';
}
if(!isset($error)){
$uploadedFile = $_FILES['file']['tmp_name'];
$thumbnail = $_SESSION['user_id'] . '-' . $randomString . "." . $extension;
move_uploaded_file($uploadedFile, "upload/" . $thumbnail);
}else{
//Make sure NoInfo image has png extension
$thumbnail = $_SESSION['user_id'] . '-' . $randomString . ".png";
copy("upload/NoInfoAvailable.png", "upload/" . $thumbnail);
}
$_SESSION['thumbnail'] = $thumbnail;
$file_location = '' . $thumbnail . '';
}
endif;
///////////////////////////////////////////////////////////////////////////////////////////////////////////////
//////////////////////////////////////////////////////////////////////////////////////////////////////////////
$row = mysql_query("SELECT channel_name FROM channels WHERE channel_id = '$channel'");
while( $result = mysql_fetch_assoc($row) ) $channel_name = $result['channel_name'];
// validate form
if ($form_submitted == 'yes') {
if ($_SESSION['user_id'] == '') die();
$post_vid_upload_token = mysql_real_escape_string( $_POST['vid_upload_token'] );
if ( $post_vid_upload_token != $_SESSION['vid_upload_token'] ) die();
foreach ($_POST as $key => $value) {
if ($key == 'title' || $key == 'description' || $key == 'tags' || $key == '$channel' || $key == 'new') {
if (!isset($value) || ($value == '')) {
$display_key = @str_replace('_', ' ', $key);
$error_message = $config['notification_error'];
$blk_notification = 1;
$error_message = $error_message . " - " . $display_key . " - $lang_required ";
$procede = false;
}
}
}
if ( $channel == '99999' ) {
$error_message = $config['notification_error'];
$blk_notification = 1;
$error_message = $error_message . " - $lang_select_channel";
$procede = false;
}
} else {
$procede = false;
}
// display page with form error
if ($procede == false && $form_submitted == 'yes') {
$template = "themes/$user_theme/templates/main_1.htm";
$inner_template1 = "themes/$user_theme/templates/inner_upload_video_form.htm";
$TBS = new clsTinyButStrong;
$TBS->NoErr = true;
$TBS->LoadTemplate("$template");
$TBS->Render = TBS_OUTPUT;
$TBS->Show();
@mysql_close();
die();
}
// disply clean page
if (!isset($form_submitted) || ($form_submitted == "")) {
$template = "themes/$user_theme/templates/main_1.htm";
$inner_template1 = "themes/$user_theme/templates/inner_upload_video_form.htm";
$TBS = new clsTinyButStrong;
$TBS->NoErr = true;
$TBS->LoadTemplate("$template");
$TBS->Render = TBS_OUTPUT;
$TBS->Show();
@mysql_close();
die();
}
if ($procede == true && $form_submitted == 'yes') {
if ($_SESSION['user_id'] == "") die();
//=================================START OF UPLOAD=================================
$THIS_VERSION = '2.0';
if (isset($_GET['cmd']) && $_GET['cmd'] == 'about') {
kak("UBER UPLOADER FILE UPLOAD
UBER UPLOADER VERSION = " .
$UBER_VERSION . "
UU_FILE_UPLOAD = " . $THIS_VERSION . "
\n");
}
$tmp_sid = md5(uniqid(mt_rand(), true));
///////////////////////////////////////////////////////////////////////
// This is where you might set your config file eg. //
// if($_SESSION['user'] == "tom"){ $config_file = 'uu_tom_config'; } //
///////////////////////////////////////////////////////////////////////
$config_file = $default_config_file;
$path_to_upload_script .= '?tmp_sid=' . $tmp_sid;
$path_to_ini_status_script .= '?tmp_sid=' . $tmp_sid;
if ($MULTI_CONFIGS_ENABLED) {
$path_to_upload_script .= "&config_file=$config_file";
$path_to_ini_status_script .= "&config_file=$config_file";
}
//allow form to be refilled on error
foreach($_POST as $key=>$value) {
$$key = $value;
}
$template = "themes/$user_theme/templates/main_1.htm";
$inner_template1 = "themes/$user_theme/templates/inner_upload_video.htm";
$TBS = new clsTinyButStrong;
$TBS->NoErr = true;// no more error message displayed.
$TBS->LoadTemplate("$template");
$TBS->Render = TBS_OUTPUT;
$TBS->Show();
@mysql_close();
die();
//===============================================================END OF UPLOADER================================================================
}
function die_spammer_alerts() {
global $member_uploading, $user_ip, $admin_email, $site_name;
$subject = 'Possible Video Spamming !!';
$message = "The following member uploaded a possible spam video: => " . $member_uploading . "\n\n" . "The IP used: " . $user_ip . "\n";
$to = $admin_email;
$from = $site_name;
mail($to, $subject, $message, "From: $from");
// if config auto ban spammer is true - enter user name and ip to ban table
/*
include_once ('classes/config.php');
$sql = "DELETE FROM videos WHERE video_id = '$raw_video'";
$query = @mysql_query($sql);
*/
write_log($message);
}
function write_log($message) {
global $tracking_log_file;
if (@file_exists($tracking_log_file)) {
$fo = @fopen($tracking_log_file, 'a');
@fwrite($fo, $message);
@fclose($fo);
} else {
$fo = @fopen($tracking_log_file, 'w');
@fwrite($fo, $message);
@fclose($fo);
}
exit();
}
?>