Mister Spy Say ="Hello Kids ... :D"
___ ____ _ _____
| \/ (_) | | / ___|
| . . |_ ___| |_ ___ _ __ \ `--. _ __ _ _
| |\/| | / __| __/ _ \ '__| `--. \ '_ \| | | |
| | | | \__ \ || __/ | /\__/ / |_) | |_| |
\_| |_/_|___/\__\___|_| \____/| .__/ \__, |
| | __/ |
|_| |___/
Bot Mister Spy V3
Mister Spy
Mister Spy
<?php
require_once dirname(__FILE__).'/accesscheck.php';
class imageUpload {
var $type = "image";
var $description = "Image";
function image() {
}
function viewImageLink($id,$width,$height,$text) {
return sprintf('<a href="javascript:viewImage(\'?page=image&id=%d\',%d,%d);">%s</a>',$id,$width,$height,$text);
}
function showInput($name,$value,$template_id = 0) {
# find image in database
global $config,$tables;
$html = '<table class="classimage" border="0">';
if ($name && $template_id) {
$req = Sql_Query(sprintf('select * from %s where template = %d
and filename = "%s"',$tables["templateimage"],$template_id,$name));
$imdata = Sql_Fetch_array($req);
$width = $imdata["width"];
$height = $imdata["height"];
}
$originalname = $name;
$name = safeImageName($name);
$html .= '
<script language="Javascript">
function unCheck'.$name.'() {
if (this.document.forms[0].'.$name.') {
if ((this.document.forms[0].'.$name.'_keep.checked) && (this.document.forms[0].'.$name.'.value != ""))
this.document.forms[0].'.$name.'_keep.checked = false;
}
}
</script>
';
if (!empty($imdata["data"]) && !empty($imdata["width"]) && !empty($imdata["height"])) {
$html .= '<tr><td colspan=3>'.$GLOBALS['I18N']->get('An image exists on the server, check this box to keep the existing one').' <input type="checkbox" name="'.$name.'_keep" value="yes" checked> ';
$html .= sprintf('%s</td></tr>',$this->viewImageLink($imdata["id"],$imdata["width"],$imdata["height"],$GLOBALS['I18N']->get('View Image')));
}
else
$html .= '<tr><td colspan=3><input type="hidden" name="'.$name.'_keep" value="no">'.$GLOBALS['I18N']->get('No Image was found').'</td></tr>';
$html .= '<tr><td colspan=2>'.$GLOBALS['I18N']->get('Upload new image').':</td><td><input type="hidden" name="'.$name.'_originalname" value="'.$originalname.'"><input type=file name="'.$name.'" onChange="unCheck'.$name.'();"></td></tr>';
# $html .= '<tr><td colspan=2>Caption: </td><td><input type=text name="'.$name.'_caption" size="40" value="'.$imdata["caption"].'"></td></tr>';
# $html .= '<tr><td colspan=2>Alt Tag: </td><td><input type=text name="'.$name.'_alttag" size="40" value="'.$imdata["alttag"].'"></td></tr>';
return $html . '</table>';
}
function getSubData($parent,$fielddata) {
if ($fielddata[type] != "image" || !$fielddata[data])
# invalid call
return "";
$result = array();
$req = Sql_Query(sprintf('select * from image where id = %d',$fielddata[data]));
$att = Sql_Fetch_Array($req);
while (list($key,$val) = each ($att))
$result[$fielddata[name].".".$key] = $val;
return $result;
}
function fix_php_upload_bug($tmp) {
global $config;
# dbg("Fixing upload bug in $tmp");
# copy($tmp,"/tmp/prefix.jpg");
$infile=fopen($tmp,"r"); // Open the file for the copy
$outfile=fopen("$tmp.new","w"); // create a new temp file
$file=fopen("$tmp.stripped","w"); // create a new temp file for the stripped stuff for debugging
$header=fgets($infile,255); //get the 1st line (netscape sometimes doesn't add a Content-type line)
fwrite($file,$header,strlen($header)); //copying contents to new temp file
// if its more than just a \r\n sequence then
// aargh, now I'm getting even more headers in the file
while (strlen($header)>2) {
$header=fgets($infile,255); //get next line also
fwrite($file,$header,strlen($header)); //copying contents to new temp file
}
fclose($file);
if (!$config["debug"])
unlink("$tmp.stripped");
while(!feof($infile)) { // Loop through the remaining file
$temp=fread($infile,128);
fwrite($outfile,$temp,strlen($temp)); //copying contents to new temp file
}
fclose($outfile);
fclose($infile);
copy("$tmp.new","$tmp"); //replace the original with our new bug fixed file
unlink("$tmp.new"); //and delete the new file
return filesize($tmp); //return a true file size
}
function detect_php_upload_bug($tmp) {
## extremely old workaround of PHP Bug that was fixed years ago.
return 0;
}
function uploadImage($imagename,$templateid) {
global $tables;
global $config;
$imagename = safeImageName($imagename);
$tmpimagefile = $_FILES[$imagename]['tmp_name'];
$originalname = $_POST[$imagename.'_originalname'];
$filename = $_FILES[$imagename]["name"];
$type = $_FILES[$imagename]["type"];
$keep = $_REQUEST[$imagename."_keep"];
# dbg("Uploading Name $imagename, File $tmpimagefile, Location $location, Type $type, ". $$type . " Location ". $$location);
# dbg("existing $existingid - $keep => ".$$keep);
if ($filename && $tmpimagefile && $tmpimagefile != "none" && ltrim($keep) != "yes") {
# dbg("Uploading $tmpimagefile");
if (!$type && $type = $this->detect_php_upload_bug($tmpimagefile))
$this->fix_php_upload_bug($tmpimagefile);
list($width,$height) = GetImageSize($tmpimagefile);
if ($width && $height) {
$fd = fopen ($tmpimagefile, "r");
$contents = fread ($fd, filesize ($tmpimagefile));
fclose ($fd);
} else {
dbg("Error detecting size of $tmpimagefile");
copy($tmpimagefile,"/tmp/invalidUpload.jpg");
}
Sql_Query(sprintf('delete from %s where template = %d and filename = "%s"',
$tables["templateimage"],$templateid,$originalname));
Sql_query(sprintf('insert into %s (template,filename,mimetype,width,height,data)
values(%d,"%s","%s",%d,%d,"%s")',
$tables["templateimage"],$templateid,
$originalname,$type,$width,$height,base64_encode($contents))
);
return Sql_Insert_Id($tables['templateimage'], 'id');
} elseif (trim($keep) == "yes") {
# do nothing...
}
return 0;
}
}
?>
Mr. DellatioNx196 GaLers xh3LL Backd00r 1.0, Coded By Mr. DellatioNx196 - Bogor BlackHat