File: /home/httpd/html/baretube.com/admin/add_plug.php
<?php
require "db.php";
if (isset($_POST['formSubmit'])) {
$_POST = array_map_array('trim', $_POST);
if ($_POST['title'] == "") {
setMessage('Video "Title" cannot be empty!', 'error');
}
if ($_FILES['postroll']['tmp_name']) {
$ext = explode(".", strtolower($_FILES['postroll']['name']));
$ext = array_reverse($ext);
if (!in_array($ext[0], array('jpg', 'jpeg'))) {
setMessage('You may only upload image files for "Thumb"', 'error');
}
}
if (!getMessages(false, 'error')) {
$_POST['title'] = strip_tags($_POST['title']);
$_POST['description'] = strip_tags($_POST['description']);
$_POST['keywords'] = strip_tags($_POST['keywords']);
$_POST['url'] = strip_tags($_POST['url']);
$getUser = dbRow("SELECT `record_num` FROM `users` WHERE `username` = '" . mysqli_real_escape_string($dblink, $_POST['submitter']) . "'");
$_POST['submitter'] = is_array($getUser) ? $getUser['record_num'] : 0;
$insert_id = dbInsert('content', array(
'title' => $_POST['title'],
'description' => $_POST['description'],
'keywords' => $_POST['keywords'],
'date_added' => 'NOW()',
'approved' => 2,
'length' => $_POST['length'],
'embed' => $_POST['url'],
'submitter' => $_POST['submitter'],
'paysite' => $_POST['paysite'],
'plug_url' => 1,
'encoded_date' => 'NOW()',
));
if (is_numeric($insert_id)) {
if ($_FILES['postroll']['tmp_name']) {
$name = "$insert_id.jpg";
@mkdir("$thumb_path/embedded");
$fileIn = "$thumb_path/embedded/big-$name";
$fileOut = "$thumb_path/embedded/$name";
if (move_uploaded_file($_FILES['postroll']['tmp_name'], $fileOut)) {
makeImageThumbnail($fileOut, $fileIn, $thumbwidth, $thumbheight, 'mogrify');
$thisThumb = $thumb_path . '/embedded/' . $name;
if($ceph_enabled) {
if(cephUploadObject($thisThumb,str_replace("$basepath/media/","",$thisThumb))) {
if($ceph_delete_local) {
@unlink($thisThumb);
}
}
}
} else {
setMessage('"Thumb" was not saved (check if <em>' . $thumb_path . '/embedded</em> is writable!)', 'error');
}
}
dbQuery("INSERT INTO `content_views` (`content`, `views`) VALUES ('$insert_id', 0)");
if (count($_POST['niche']) > 0) {
foreach ($_POST['niche'] as $niche_id) {
dbQuery("INSERT INTO `content_niches` (`content`, `niche`) VALUES ('$insert_id', '$niche_id')");
}
}
if (count($_POST['pornstar']) > 0) {
foreach ($_POST['pornstar'] as $pornstar_id) {
dbQuery("INSERT INTO `content_pornstars` (`content`, `pornstar`) VALUES ('$insert_id', '$pornstar_id')");
}
}
setMessage('Plug successfully added!');
header("Location: $_SERVER[REQUEST_URI]");
exit();
}
}
}
entities_walk($_POST);
?>
<? require "header.php"; ?>
<div class="content-page">
<div class="header-area">
<div class="breadcrumbs">
<a href="index.php">Admin Home</a>
<span><a href="add_plug.php">Add Plug</a></span>
</div>
</div>
<div class="content-outer">
<h2>Add<strong>Plug</strong></h2>
<div class="content-inner">
<? echo getMessages(); ?>
<form action="" method="POST" enctype="multipart/form-data" class="form" novalidate autocomplete="off">
<table class="pagetable">
<thead>
<tr>
<th colspan="2">Video Details</th>
</tr>
</thead>
<tbody>
<tr>
<td>Title</td>
<td><input name="title" type="text" value="<? echo $_POST['title']; ?>" required /></td>
</tr>
<tr>
<td>Description</td>
<td><textarea name="description" cols="50" rows="8"><? echo $_POST['description']; ?></textarea></td>
</tr>
<tr>
<td>Length (seconds)</td>
<td>
<input name="length" type="number" class="short" min="0" value="<? echo $_POST['length']; ?>" />
<span class="suffix">seconds</span>
</td>
</tr>
<tr>
<td>Keywords</td>
<td><input name="keywords" type="text" value="<? echo $_POST['keywords']; ?>" /></td>
</tr>
<tr>
<td>Categories</td>
<td>
<select name="niche[]" multiple="multiple">
<?php $results = (array) dbQuery("SELECT `record_num`, `name` FROM `niches` ORDER BY `name`", false); ?>
<?php foreach ($results as $_row) { ?>
<option value="<?php echo $_row['record_num']; ?>"<? echo in_array($_row['record_num'], (array) $_POST['niche']) ? ' selected' : ''; ?>><?php echo $_row['name']; ?></option>
<?php } ?>
</select>
<p class="hint">(Hold CTRL to make multiple selections)</p>
</td>
</tr>
<tr>
<td>Models</td>
<td>
<select name="pornstar[]" multiple="multiple">
<?php $results = (array) dbQuery("SELECT `record_num`, `name` FROM `pornstars` ORDER BY `name`", false); ?>
<?php foreach ($results as $_row) { ?>
<option value="<?php echo $_row['record_num']; ?>"<? echo in_array($_row['record_num'], (array) $_POST['pornstar']) ? ' selected' : ''; ?>><?php echo $_row['name']; ?></option>
<?php } ?>
</select>
<p class="hint">(Hold CTRL to make multiple selections)</p>
</td>
</tr>
<tr>
<td>Paysite</td>
<td>
<select name="paysite">
<? $results = (array) dbQuery("SELECT `record_num`, `name` FROM `paysites` ORDER BY `name`", false); ?>
<? foreach ($results as $_row) { ?>
<option value="<? echo $_row['record_num']; ?>"<? echo $_row['record_num'] == $_POST['paysite'] ? ' selected' : ''; ?>><? echo $_row['name']; ?></option>
<? } ?>
</select>
</td>
</tr>
<tr>
<td>User</td>
<td>
<input type="text" name="submitter" id="contentAutocomplete" value="<? echo $_POST['submitter']; ?>" />
<script type="text/javascript">
$(document).ready(function () {
$("#contentAutocomplete").autocomplete({
source: "search_content.php?type=2",
minLength: 2
});
});
</script>
</td>
</tr>
<tr>
<td>Thumb</td>
<td><input type="file" name="postroll" data-extensions="jpg,jpeg" /></td>
</tr>
<tr>
<td>Url</td>
<td><input name="url" type="text" value="<? echo $_POST['url']; ?>" /></td>
</tr>
<tr class="item submit">
<td colspan="2">
<input type="hidden" name="formSubmit" value="1" />
<button type="submit" class="btn action-save">Submit</button>
</td>
</tr>
</tbody>
</table>
</form>
</div>
</div>
</div>
<? require "footer.php"; ?>