Profile
MAJ is an Open Source, PHP-based content management system (CMS) that can be deployed as a blog, bulletin or message board, Internet forum, and wiki. It is extensible via PHP panels and is HTML5 and CSS3 ready.
Git
This commit has been accessed 899 times via Git panel.

commit 56a028a1e0cfd62e861a4d4c192966fe24fd0930
tree a16c3eb4c53891c18733810eb09218a9504ba122
parent a629959330b21df514a8acbc05c499bb024cde88
author Engels Antonio <engels@majcms.org> 1277314188 +0800
committer Engels Antonio <engels@majcms.org> 1277314188 +0800

    maj-0.14-20070206-bb.zip

diff --git a/album.php b/album.php
new file mode 100644
index 0000000..5d2d54b
--- /dev/null
+++ b/album.php
@@ -0,0 +1,252 @@
+<?php
+
+session_start();
+header("Cache-control: private");
+
+error_reporting(E_ERROR);
+
+if (get_magic_quotes_gpc()) {
+       function stripslashes_array($data) {
+               if (is_array($data)){
+                        foreach ($data as $key => $value){
+                                 $data[$key] = stripslashes_array($value);
+                        }
+                        return $data;
+               }
+               else{
+                        return stripslashes($data);
+               }
+       }
+
+       $_REQUEST = stripslashes_array($_REQUEST);
+}
+
+if (!isset($_REQUEST['entry']) or empty($_REQUEST['entry'])) {
+       exit();
+}
+
+if (!isset($_REQUEST['show']) or empty($_REQUEST['show'])) {
+       exit();
+}
+
+if (!file_exists("images/{$_REQUEST['entry']}/album/{$_REQUEST['show']}")) {
+       exit();
+}
+
+$login_username = file_get_contents("data/username.txt");
+
+//if (file_exists("data/items/{$_REQUEST['entry']}/passwd.txt") and (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username))) {
+//     exit();
+//}
+
+if ((!isset($_REQUEST['caption']) or empty($_REQUEST['caption'])) and isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+       if (file_exists("data/items/{$_REQUEST['entry']}/album/captions/{$_REQUEST['show']}.txt")) {
+               unlink("data/items/{$_REQUEST['entry']}/album/captions/{$_REQUEST['show']}.txt");
+       }
+}
+
+if (isset($_REQUEST['caption']) and !empty($_REQUEST['caption']) and isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username) and isset($_REQUEST['edit']) and ($_REQUEST['edit'] == "on")) {
+       $caption = $_REQUEST['caption'];
+       $caption = ucfirst($caption);
+       if (!file_exists("data/items/{$_REQUEST['entry']}/album")) {
+               mkdir("data/items/{$_REQUEST['entry']}/album");
+       }
+       if (!file_exists("data/items/{$_REQUEST['entry']}/album/captions")) {
+               mkdir("data/items/{$_REQUEST['entry']}/album/captions");
+       }
+       $open_caption_txt_file = fopen("data/items/{$_REQUEST['entry']}/album/captions/{$_REQUEST['show']}.txt","w");
+       fwrite($open_caption_txt_file,$caption);
+       fclose($open_caption_txt_file);
+}
+
+?>
+
+<style>
+body
+{
+       color: #666666;
+       margin: 10px;
+       padding: 0px;
+       text-align: left;
+       font-family: verdana, helvetica, sans-serif;
+       background-color: #FFFFFF;
+}
+p
+{
+       font-size: 11px;
+}
+a
+{
+       font-weight: bold;
+       text-decoration: none;
+}
+a:link, a:visited
+{
+       color: #666666;
+}
+a:hover
+{
+       color: #336699;
+}
+a:active {
+       color: #336699;
+}
+.input {      
+       color: #666666;
+       background: #FFFFFF;
+       border: #999999 solid 1px;
+       width: 100%;
+       font-family: verdana,helvetica,sans-serif;
+       font-size: 11px;
+}
+</style>
+
+<?php
+
+if (file_exists("images/{$_REQUEST['entry']}/album/{$_REQUEST['show']}")) {
+       echo "<table cellspacing=1 cellpadding=2 border=0 bgcolor=#cccccc>";
+
+       echo "<tr bgcolor=#ffffff><td><p align=center><b>{$_REQUEST['show']}</b></p></td><td><p align=center>";
+
+       $album_image_size = getimagesize("images/{$_REQUEST['entry']}/album/{$_REQUEST['show']}");
+       $album_image_width = $album_image_size[0];
+       $album_image_height = $album_image_size[1];
+
+       echo "$album_image_width x $album_image_height pixels";
+
+       $size = filesize("images/{$_REQUEST['entry']}/album/{$_REQUEST['show']}");
+       $size_string = ($size > 512)?(  ($size/1024 > 512)  ?sprintf("%.02f MB",($size/1024)/1024)  :sprintf("%.02f KB",$size/1024))  :sprintf("%d B",$size);
+       echo "</p></td><td><p align=center>$size_string</p></td></tr>";
+
+       echo "<tr bgcolor=#ffffff><td colspan=3>";
+       echo "<img src=images/{$_REQUEST['entry']}/album/{$_REQUEST['show']} width=$album_image_width height=$album_image_height border=0>";
+       echo "</td></tr>";
+       if (isset($_SESSION['logged_in']) and ($_SESSION['logged_in'] == $login_username)) {
+               echo "<form enctype=\"multipart\/form-data\" action=\"{$_SERVER['PHP_SELF']}\" method=\"post\"><tr bgcolor=#ffffff><td colspan=3>";
+               echo "<textarea class=input name=caption rows=3>";
+               if (file_exists("data/items/{$_REQUEST['entry']}/album/captions/{$_REQUEST['show']}.txt")) {
+                       readfile("data/items/{$_REQUEST['entry']}/album/captions/{$_REQUEST['show']}.txt");
+               }
+               echo "</textarea>";
+               echo "<input type=hidden name=entry value={$_REQUEST['entry']}><input type=hidden name=show value={$_REQUEST['show']}><input type=hidden name=edit value=on><input type=submit class=input value=\"click here to update caption\"></td></tr></form>";
+       }
+       if (!isset($_SESSION['logged_in']) or ($_SESSION['logged_in'] != $login_username)) {
+               if (file_exists("data/items/{$_REQUEST['entry']}/album/captions/{$_REQUEST['show']}.txt")) {
+                       echo "<tr bgcolor=#ffffff><td colspan=3><p>";
+                       readfile("data/items/{$_REQUEST['entry']}/album/captions/{$_REQUEST['show']}.txt");
+                       echo "</p></td></tr>";
+               }
+       }
+
+       echo "</table>";
+
+}
+
+echo "<p></p>";
+
+echo "<table cellspacing=1 cellpadding=2 border=0 bgcolor=#cccccc><tr bgcolor=#ffffff><td><p><b>Album</b></p></td></tr><tr bgcolor=#ffffff><td width={$album_image_width}>";
+
+if (file_exists("images/{$_REQUEST['entry']}/thumbnails")) {
+       if ($dh_album = opendir("images/{$_REQUEST['entry']}/thumbnails")) {
+               while (($thumbnail_album = readdir($dh_album)) !== false) {
+                       if ($thumbnail_album != "." && $thumbnail_album != ".." && fnmatch("*",$thumbnail_album)) {
+                               $current_thumbnail = "images/{$_REQUEST['entry']}/thumbnails/$thumbnail_album";
+                               $parent_image = str_replace("-thumbnail.jpg","",$thumbnail_album);
+                               $parent_image = "images/{$_REQUEST['entry']}/album/$parent_image";
+                               if (file_exists($current_thumbnail) and !file_exists($parent_image)) {
+                                       unlink($current_thumbnail);
+                               }
+                       }
+               }
+       }
+}
+      
+
+if (file_exists("images/{$_REQUEST['entry']}/album")) {
+       if ($dh_album = opendir("images/{$_REQUEST['entry']}/album")) {
+               while (($entry_album = readdir($dh_album)) !== false) {
+                       if ($entry_album != "." && $entry_album != ".." && fnmatch("*", $entry_album)) {
+                               $sort_album[] = $entry_album;
+                       }
+               }
+       closedir($dh_album);
+       }
+      
+       sort($sort_album);
+       reset($sort_album);
+       $count_album_entry = count($sort_album);
+                              
+       if ($count_album_entry < 1) {
+               rmdirr("images/{$_REQUEST['entry']}/album");
+               rmdirr("images/{$_REQUEST['entry']}/thumbnails");                              
+       }
+       else {
+               foreach($sort_album as $album_entry) {
+                       $current_image = "images/{$_REQUEST['entry']}/album/$album_entry";
+                       $current_image_size = getimagesize($current_image);
+                       $current_width = $current_image_size[0];
+                       $current_height = $current_image_size[1];
+                       $max_width = 98;
+                       $max_height = 73;
+      
+                       if (($current_width > $max_width) || ($current_height > $max_height)) {  
+                               if ($current_height > $current_width) {
+                                       $sizefactor = (double) ($max_height / $current_height);
+                               }
+                               else {
+                                       $sizefactor = (double) ($max_width / $current_width) ;
+                               }
+                       }
+
+                       $new_width = (int) ($current_width * $sizefactor);
+                       $new_height = (int) ($current_height * $sizefactor);
+
+                       if (!file_exists("images/{$_REQUEST['entry']}/thumbnails/{$album_entry}-thumbnail.jpg")) {
+      
+                               $work_thumb = imagecreatetruecolor($new_width,$new_height);
+                               $get_mimetype = image_type_to_mime_type(exif_imagetype($current_image));
+                               switch($get_mimetype) {
+                                       case "image/jpg":
+                                       case "image/jpeg":
+                                               $work_image = imagecreatefromjpeg($current_image);
+                                               break;
+                                       case "image/gif":
+                                               $work_image = imagecreatefromgif($current_image);
+                                               break;
+                                       case "image/png":
+                                               $work_image = imagecreatefrompng($current_image);
+                                               break;
+                               }
+      
+                               imagecopyresampled($work_thumb, $work_image ,0, 0, 0, 0, $new_width, $new_height, $current_width, $current_height);
+      
+                               if (!file_exists("images/{$_REQUEST['entry']}/thumbnails")) {
+                                       mkdir("images/{$_REQUEST['entry']}/thumbnails");
+                               }
+      
+                               imagejpeg($work_thumb, "images/{$_REQUEST['entry']}/thumbnails/{$album_entry}-thumbnail.jpg", 80);
+      
+                       }
+
+                       echo "<a href=\"album.php?entry={$_REQUEST['entry']}&show=$album_entry\">";
+
+                       if (!file_exists("images/{$_REQUEST['entry']}/thumbnails/{$album_entry}-thumbnail.jpg")) {
+                               echo "<img src=\"images/{$_REQUEST['entry']}/album/$album_entry\" width=$new_width height=$new_height border=0 hspace=2 vspace=2";
+                       }
+                       else {
+                               echo "<img src=\"images/{$_REQUEST['entry']}/thumbnails/{$album_entry}-thumbnail.jpg\" width=$new_width height=$new_height border=0 hspace=2 vspace=2";
+                       }
+
+                       if (file_exists("data/items/{$_REQUEST['entry']}/album/captions/{$album_entry}.txt")) {
+                               echo ' alt="';
+                               readfile("data/items/{$_REQUEST['entry']}/album/captions/{$album_entry}.txt");
+                               echo '"';
+                       }
+                       echo "></a>";
+               }
+       }
+}
+
+echo "</td></tr><form method=post action=index.php?entry={$_REQUEST['entry']}&show=album><tr bgcolor=#ffffff><td><input class=input type=submit value=\"click here to go to the main entry\"></td></tr></form><form method=post action=index.php><tr bgcolor=#ffffff><td><input class=input type=submit value=\"click here to go to the index page\"></td></tr></form></table>";
+
+?>
diff --git a/index.php b/index.php
index 0c6bbcf..4b179ad 100644
--- a/index.php
+++ b/index.php
@@ -1904,7 +1904,8 @@ else {
                                                        imagejpeg($work_thumb, "images/$d/thumbnails/{$album_entry}-thumbnail.jpg", 80);
       
                                                }
-                                               echo "<a href=\"images/$d/album/$album_entry\">";
+//                                             echo "<a href=\"images/$d/album/$album_entry\">";
+                                               echo "<a href=\"album.php?entry=$d&show=$album_entry\">";
 
                                                /* auto-thumbnails (20060519) - Just in case php-gd does not exist, do it the old way. */
 
 
Credits
Sunday, Sep 18, 2005, 12:00 AM (Revision 11 - Thursday, Jul 14, 2011, 7:30 PM)
Open Source enables software developers to stand on the shoulders of giants instead of reinventing the wheel, so to speak. Kudos and many thanks to the folks who made their work freely available for reuse in MAJ.

read more
Bugs and Exploits
Friday, Aug 26, 2005, 12:00 AM (Revision 23 - Wednesday, May 29, 2013, 5:25 AM)
Although MAJ started as a family project, care has been taken to make it as "safe" as possible. With more people now working on MAJ, bugs and exploitable code may sometimes slip in. We invite you to poke around and see if you can find any. Generally, there are two things you can do when you find a MAJ or PHP-related bug or exploit:

1. Take advantage of it. But hey, what's so exciting about messing up someone's blog? Ho-hum, right?
2. Report it here so that we can work on a fix and make MAJ better.

read more
Search
Download
MAJ 2.0
75 files
35361 downloads
MAJ 1.0
26 files
14145 downloads
MAJ 0.14
45 files
36697 downloads