Файл: group/group_new.php
Строк: 112
<?php
include_once '../sys/inc/start.php';
include_once '../sys/inc/compress.php';
include_once '../sys/inc/sess.php';
include_once '../sys/inc/home.php';
include_once '../sys/inc/settings.php';
include_once '../sys/inc/db_connect.php';
include_once '../sys/inc/ipua.php';
include_once '../sys/inc/fnc.php';
include_once '../sys/inc/user.php';
only_reg();
if ( $user['balls']<50 || mysql_result(mysql_query("SELECT COUNT(*) FROM `group` WHERE `user` = '$user[id]'"), 0) == 500 )
{header("Location: index.php?");exit;}
$set['title'] = 'Новое сообщество';
include_once '../sys/inc/thead.php';
title();
aut(); // форма авторизации
if (isset($_POST['name']) && isset($_POST['opis']))
{
$rnd = rand(00000,99999);
$opis = mysql_real_escape_string($_POST['opis']);
$name = mysql_real_escape_string($_POST['name']);
if (strlen2($name)<3 && strlen2($name)>32){header("Location: group_new.php?err=name&".SID);exit;}
if (strlen2($opis)>10 && strlen2($opis)>128){header("Location: group_new.php?err=msg&".SID);exit;}
$name_f = NULL;
if ($_POST['logo']==1 && isset($_FILES['file']) && $_FILES['file']!=NULL)
{
if (ereg("=|+|{|}|(|)|^|%|\$|#|@|!|~|'|"|:|;|`|,|?|<|>",$fname)) {header("Location: group_new.php?err=file");exit;}
if (filesize($_FILES['file']['tmp_name']) > 1024*1024) {header("Location: group_new.php?err=file_size");exit;}
$W = 128; // Ширина
$H = 128; // Высота
if (ereg('<?.*?>',file_get_contents($_FILES['file']['tmp_name'])))
{
header("Location: group_new.php?err=name&".SID);exit;
}
elseif (eregi('.jpe?g$',$_FILES['file']['name']) && $imgc=imagecreatefromjpeg($_FILES['file']['tmp_name']))
{
$img_x = imagesx($imgc);
$img_y = imagesy($imgc);
$name_f = $rnd.'_'.uniqid('').'.jpg';
if ($img_x<$W || $img_y<$H)
{
$W = $img_x;
$H = $img_y;
}
elseif ($img_x>$img_y)
{
$prop = $img_x/$img_y;
$H = ceil($W/$prop);
}
else
{
$prop = $img_y/$img_x;
$W = ceil($H/$prop);
}
$a = imagecreatetruecolor($W, $H);
imagecopyresized($a, $imgc, 0, 0, 0, 0, $W, $H, $img_x, $img_y);
imagejpeg($a, 'logo/'.$name_f,100);
}
elseif (eregi('.gif$',$_FILES['file']['name']) && $imgc=imagecreatefromgif($_FILES['file']['tmp_name']))
{
$img_x = imagesx($imgc);
$img_y = imagesy($imgc);
$name_f = $rnd.'_'.uniqid('').'.gif';
if ($img_x<$W || $img_y<$H)
{
$W = $img_x;
$H = $img_y;
}
elseif ($img_x>$img_y)
{
$prop = $img_x/$img_y;
$H = ceil($W/$prop);
}
else
{
$prop = $img_y/$img_x;
$W = ceil($H/$prop);
}
$a=ImageCreate($W, $H);
imagecopyresized($a, $imgc, 0, 0, 0, 0, $W, $H, $img_x, $img_y);
imagegif($a, 'logo/'.$name_f,100);
}
elseif (eregi('.png$',$_FILES['file']['name']) && $imgc=imagecreatefrompng($_FILES['file']['tmp_name']))
{
$img_x=imagesx($imgc);
$img_y=imagesy($imgc);
$name_f = $rnd.'_'.uniqid('').'.png';
if ($img_x<$W || $img_y<$H)
{
$W=$img_x;
$H=$img_y;
}
elseif ($img_x>$img_y)
{
$prop=$img_x/$img_y;
$H=ceil($W/$prop);
}
else
{
$prop=$img_y/$img_x;
$W=ceil($H/$prop);
}
$a=ImageCreate($W, $H);
imagecopyresized($a, $imgc, 0, 0, 0, 0, $W, $H, $img_x, $img_y);
imagepng($a,'logo/'.$name_f);
}
imagedestroy($imgc);
imagedestroy($a);
}
mysql_query("INSERT INTO `group` (`user`, `time`, `name`, `logo`, `about`, `all`) VALUES ('$user[id]', '$time', '$name', '$name_f', '$opis', '1')");
$m_id = mysql_insert_id();
mysql_query("INSERT INTO `group_u` (`user`, `id`, `time`) VALUES ('$user[id]', '$m_id', '$time')");
header("Location: index.php?".SID);
exit;
}
echo '<div class="rekl">Создать сообщество?</div>',
'<div class="rekl">',
'<form enctype="multipart/form-data" action="group_new.php" method="post">',
'Название (3-64)*:<br />
<input type = "text" name = "name" value = "" maxlength = "64"><br />',
'Описание (10-250)*:<br />',
'<textarea name="opis" rows="3" cols="35" maxlength = "520"></textarea><br />',
'<input type="submit" value="Создать"></form>',
' <a href="index.php">Отмена</a>';
echo '</div>'."n";
include_once '../sys/inc/tfoot.php';
?>