Select One'; while ($result = @mysql_fetch_array($result1)) { $fields_all .= ''; } $sub_cat_choice = (int) mysql_real_escape_string( $_GET['sub_cat'] ); if ( $sub_cat_choice ) { if ( $sub_cat_choice == '99999' ) { $sub_fields_all .= ' ('.$lang_select.')'; echo $sub_fields_all; die(); } else { $sql2 = "SELECT * from sub_channels WHERE parent_channel_id = $sub_cat_choice"; $query = @mysql_query($sql2); $sub_fields_all .= ' ('.$lang_select.')'; echo $sub_fields_all; die(); } } // grab values from form if any $form_submitted = $_POST['form_submitted']; $title = $_POST['title']; $description = $_POST['description']; $tags = $_POST['tags']; $thumbnail = $_POST['thumbnail']; //$newfilename = $_POST['newfilename']; $new = $_POST['new']; $location_recorded = $_POST['location_recorded']; $allow_comments = $_POST['allow_comments']; $allow_embedding = $_POST['allow_embedding']; $public_private = $_POST['public_private']; $channel = $_POST['channel']; $sub_cat = $_POST['sub_cat']; $procede = true; /////////////////////////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////////////////////////////////// if (isset($_POST['form_submitted'])): // $randomString needed regardless of passing tests so put outside error condition $randomString = time(); if((isset($_FILES) && $_FILES['file']['error'] != 0) || !isset($_FILES)){ //Unable to upload file to temp $error = '

Error: Unable to upload your file

'; //Make sure NoInfo image has png extension $thumbnail = $_SESSION['user_id'] . '-' . $randomString . ".png"; copy("upload/NoInfoAvailable.png", "upload/" . $thumbnail); }else{ $allowedExts = array("doc", "docx", "gif", "jpeg", "jpg", "txt", "rtf", "pdf", "png", "txt"); $temp = explode(".", $_FILES['file']['name']); $extension = strtolower( end($temp) ); if(!in_array($extension,$allowedExts)){ $error = '

Error: Invalid File Name

'; }elseif($_FILES['file']['size'] >= 100000){ $error = '

Error: Image File Size Exceeds 100 KB Limit

'; } if(!isset($error)){ $uploadedFile = $_FILES['file']['tmp_name']; $thumbnail = $_SESSION['user_id'] . '-' . $randomString . "." . $extension; move_uploaded_file($uploadedFile, "upload/" . $thumbnail); }else{ //Make sure NoInfo image has png extension $thumbnail = $_SESSION['user_id'] . '-' . $randomString . ".png"; copy("upload/NoInfoAvailable.png", "upload/" . $thumbnail); } $_SESSION['thumbnail'] = $thumbnail; $file_location = '' . $thumbnail . ''; } endif; /////////////////////////////////////////////////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////////////////////////////////////////////////// $row = mysql_query("SELECT channel_name FROM channels WHERE channel_id = '$channel'"); while( $result = mysql_fetch_assoc($row) ) $channel_name = $result['channel_name']; // validate form if ($form_submitted == 'yes') { if ($_SESSION['user_id'] == '') die(); $post_vid_upload_token = mysql_real_escape_string( $_POST['vid_upload_token'] ); if ( $post_vid_upload_token != $_SESSION['vid_upload_token'] ) die(); foreach ($_POST as $key => $value) { if ($key == 'title' || $key == 'description' || $key == 'tags' || $key == '$channel' || $key == 'new') { if (!isset($value) || ($value == '')) { $display_key = @str_replace('_', ' ', $key); $error_message = $config['notification_error']; $blk_notification = 1; $error_message = $error_message . " - " . $display_key . " - $lang_required "; $procede = false; } } } if ( $channel == '99999' ) { $error_message = $config['notification_error']; $blk_notification = 1; $error_message = $error_message . " - $lang_select_channel"; $procede = false; } } else { $procede = false; } // display page with form error if ($procede == false && $form_submitted == 'yes') { $template = "themes/$user_theme/templates/main_1.htm"; $inner_template1 = "themes/$user_theme/templates/inner_upload_video_form.htm"; $TBS = new clsTinyButStrong; $TBS->NoErr = true; $TBS->LoadTemplate("$template"); $TBS->Render = TBS_OUTPUT; $TBS->Show(); @mysql_close(); die(); } // disply clean page if (!isset($form_submitted) || ($form_submitted == "")) { $template = "themes/$user_theme/templates/main_1.htm"; $inner_template1 = "themes/$user_theme/templates/inner_upload_video_form.htm"; $TBS = new clsTinyButStrong; $TBS->NoErr = true; $TBS->LoadTemplate("$template"); $TBS->Render = TBS_OUTPUT; $TBS->Show(); @mysql_close(); die(); } if ($procede == true && $form_submitted == 'yes') { if ($_SESSION['user_id'] == "") die(); //=================================START OF UPLOAD================================= $THIS_VERSION = '2.0'; if (isset($_GET['cmd']) && $_GET['cmd'] == 'about') { kak("UBER UPLOADER FILE UPLOAD
UBER UPLOADER VERSION = " . $UBER_VERSION . "
UU_FILE_UPLOAD = " . $THIS_VERSION . "
\n"); } $tmp_sid = md5(uniqid(mt_rand(), true)); /////////////////////////////////////////////////////////////////////// // This is where you might set your config file eg. // // if($_SESSION['user'] == "tom"){ $config_file = 'uu_tom_config'; } // /////////////////////////////////////////////////////////////////////// $config_file = $default_config_file; $path_to_upload_script .= '?tmp_sid=' . $tmp_sid; $path_to_ini_status_script .= '?tmp_sid=' . $tmp_sid; if ($MULTI_CONFIGS_ENABLED) { $path_to_upload_script .= "&config_file=$config_file"; $path_to_ini_status_script .= "&config_file=$config_file"; } //allow form to be refilled on error foreach($_POST as $key=>$value) { $$key = $value; } $template = "themes/$user_theme/templates/main_1.htm"; $inner_template1 = "themes/$user_theme/templates/inner_upload_video.htm"; $TBS = new clsTinyButStrong; $TBS->NoErr = true;// no more error message displayed. $TBS->LoadTemplate("$template"); $TBS->Render = TBS_OUTPUT; $TBS->Show(); @mysql_close(); die(); //===============================================================END OF UPLOADER================================================================ } function die_spammer_alerts() { global $member_uploading, $user_ip, $admin_email, $site_name; $subject = 'Possible Video Spamming !!'; $message = "The following member uploaded a possible spam video: => " . $member_uploading . "\n\n" . "The IP used: " . $user_ip . "\n"; $to = $admin_email; $from = $site_name; mail($to, $subject, $message, "From: $from"); // if config auto ban spammer is true - enter user name and ip to ban table /* include_once ('classes/config.php'); $sql = "DELETE FROM videos WHERE video_id = '$raw_video'"; $query = @mysql_query($sql); */ write_log($message); } function write_log($message) { global $tracking_log_file; if (@file_exists($tracking_log_file)) { $fo = @fopen($tracking_log_file, 'a'); @fwrite($fo, $message); @fclose($fo); } else { $fo = @fopen($tracking_log_file, 'w'); @fwrite($fo, $message); @fclose($fo); } exit(); } ?>