#!/usr/bin/perl use CGI ':cgi'; use admin::Configs; use DBI; use admin::GlobalSettings; use GD; use Image::Size; $action = param('action'); if($action eq "default") { &default; } elsif($action eq "addimages") { &addimages; } elsif($action eq "confirm") { &confirm; } else { &default; } sub default { my $formtitle = "Submit your Pictures"; my $formhtml = ""; if ($postform eq "CHECKED") { my $cboCountry = ""; my $sqlquery = ""; $sqlquery .= "SELECT pic_tblCountries.CountryID, pic_tblCountries.CountryName, pic_tblCountries.Flag1, pic_tblCountries.Flag2 FROM pic_tblCountries "; $sqlquery .= "ORDER BY pic_tblCountries.CountryName;"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $cboCountry .= "\n"; while (my ($qryCountryID, $qryCountryName, $qryFlag1, $qryFlag2) = $sth->fetchrow_array()) { $cboCountry .= "\n"; } $sth->finish(); $formhtml .= qq~
* Model Name:
* Country:
* Email:
Publish Email:
Publish Email:
ICQ:
Website URL:
Affiliate Program or Recip Link:
* Title:
* Description:
   
~; } else { $formhtml .= "Posting Disabled"; } $formhtml =~ s/%scripturl%/$scripturl/gi; open(PAGE, "$scriptdir/templates/webmaster/form.html"); chomp(@page=); close(PAGE); $page_html=join("\n", @page); $page_html =~ s/%scripturl%/$scripturl/gi; $page_html =~ s/%mainurl%/$mainurl/gi; $page_html =~ s/%username%/$username/gi; $page_html =~ s/%user_pass%/$user_pass/gi; $page_html =~ s/%formtitle%/$formtitle/gi; $page_html =~ s/%formhtml%/$formhtml/gi; $page_html =~ s/%back%/$back/gi; print "Content-type: text/html\n\n"; print "$page_html\n"; &dbclose; } sub addimages { my $formtitle = "Submit your Pictures"; my $formhtml = ""; my $response = ""; my $response1 = ""; my $postname = param('PostName'); my $postcountry = param('PostCountry'); my $postemail = param('PostEmail'); my $postemailpublic = param('PostEmailPublic'); my $posticq = param('PostICQ'); my $postmsn = param('PostMSN'); my $posturl = param('PostURL'); my $postrecip = param('PostRecip'); my $postdesc = param('PostDesc'); my $postcomments = param('PostComments'); my $submissionid = param('SubmissionID'); my $ipaddress = $ENV{'REMOTE_ADDR'}; my $imagepos = ""; # Save Data and get SubmissionID if ($submissionid eq "") { $postname =~ s/\'/\'\'/gi; $postemail =~ s/\'/\'\'/gi; $posticq =~ s/\'/\'\'/gi; $posticq =~ s/\-//gi; $postmsn =~ s/\'/\'\'/gi; $posturl =~ s/\'/\'\'/gi; $postrecip =~ s/\'/\'\'/gi; $postdesc =~ s/\'/\'\'/gi; $postcomments =~ s/\'/\'\'/gi; $postemail = lc($postemail); $posturl = lc($posturl); $postrecip = lc($postrecip); $postmsn = lc($postmsn); my $thistime = time(); my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime($thistime); $year = $year + 1900; $mon++; my $postdate = "$year-$mon-$mday $hour:$min:$sec"; my $PostThumb = ""; # Validate if ($postname eq "") { $response = "Error"; $response1 = "Please hit back and enter a Model's Name."; } elsif ($postemail eq "" || $postemail eq "you\@domain.com") { $response = "Error"; $response1 = "Please hit back and enter an Email Address."; # } elsif ($posturl eq "") { # $response = "Error"; # $response1 = "Please hit back and enter the Website URL."; } elsif ($postdesc eq "") { $response = "Error"; $response1 = "Please hit back and enter a Description."; } elsif ($postcomments eq "") { $response = "Error"; $response1 = "Please hit back and enter a Story."; } if (!$postemailpublic > 0) { $postemailpublic = 0; } if ($response eq "") { my $sqlquery = ""; $sqlquery .= "SELECT pic_tblBlacklists.BLType, pic_tblBlacklists.BLText FROM pic_tblBlacklists;"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); while (my ($qryBLType, $qryBLText ) = $sth->fetchrow_array()) { if ($qryBLType eq "Email") { if ($postemail =~ /$qryBLText/i) { $response = "Blacklisted"; $response1 = "You have been blacklisted. Please email the admin if you feel this is a mistake."; } } elsif ($qryBLType eq "URL") { if ($posturl =~ /$qryBLText/i) { $response = "Blacklisted"; $response1 = "You have been blacklisted. Please email the admin if you feel this is a mistake."; } if ($postrecip =~ /$qryBLText/i) { $response = "Blacklisted"; $response1 = "You have been blacklisted. Please email the admin if you feel this is a mistake."; } } elsif ($qryBLType eq "IP") { if ($ipaddress =~ /$qryBLText/i) { $response = "Blacklisted"; $response1 = "You have been blacklisted. Please email the admin if you feel this is a mistake."; } } } $sth->finish(); my $sqlquery = ""; $sqlquery .= "INSERT INTO pic_tblSubmissions ( CountryID, PostStatus, ModelName, Email, PublishEmail, ICQ, MSN, WebsiteURL, RecipURL, Description, Comments, IPAddress, SubmissionDate ) "; $sqlquery .= "VALUES ($postcountry,0,'$postname','$postemail',$postemailpublic,'$posticq','$postmsn','$posturl','$postrecip','$postdesc','$postcomments','$ipaddress','$postdate');"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $sth->finish(); my $sqlquery = ""; $sqlquery .= "SELECT pic_tblSubmissions.SubmissionID FROM pic_tblSubmissions "; $sqlquery .= "WHERE (((pic_tblSubmissions.Email)='$postemail')) "; $sqlquery .= "ORDER BY pic_tblSubmissions.SubmissionID DESC;"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); while (my ($qrySubmissionID ) = $sth->fetchrow_array()) { $submissionid = $qrySubmissionID; last; } $sth->finish(); } if (!$submissionid > 0) { $submissionid = 0; } } if ($response eq "") { # Save Images if ($submissionid > 0) { # Query Current Images my $imagecnt = 0; my $sqlquery = ""; $sqlquery .= "SELECT pic_tblImages.ImagePos, pic_tblImages.ImageName FROM pic_tblImages "; $sqlquery .= "WHERE (((pic_tblImages.SubmissionID)=$submissionid));"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $imagecnt = $sth->rows; $sth->finish(); my $imagecntsoft = 0; my $sqlquery = ""; $sqlquery .= "SELECT pic_tblImages.ImagePos, pic_tblImages.ImageName FROM pic_tblImages "; $sqlquery .= "WHERE (((pic_tblImages.SubmissionID)=$submissionid) "; $sqlquery .= "AND ((pic_tblImages.ImagePos) LIKE 'soft%'));"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $imagecntsoft = $sth->rows; $sth->finish(); my $imagecnthard = 0; my $sqlquery = ""; $sqlquery .= "SELECT pic_tblImages.ImagePos, pic_tblImages.ImageName FROM pic_tblImages "; $sqlquery .= "WHERE (((pic_tblImages.SubmissionID)=$submissionid) "; $sqlquery .= "AND ((pic_tblImages.ImagePos) LIKE 'hard%'));"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $imagecnthard = $sth->rows; $sth->finish(); my $imagecntextra = 0; my $sqlquery = ""; $sqlquery .= "SELECT pic_tblImages.ImagePos, pic_tblImages.ImageName FROM pic_tblImages "; $sqlquery .= "WHERE (((pic_tblImages.SubmissionID)=$submissionid) "; $sqlquery .= "AND ((pic_tblImages.ImagePos) LIKE 'extra%'));"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $imagecntextra = $sth->rows; $sth->finish(); my $y = 0; my $z = 1; my $a = 1; my $b = 1; my $c = 1; for ($x=1;$x<=12;$x++) { $imagepos = param("ImagePos$x"); if ($imagepos ne "") { my $upload = upload("Image$x"); if ($upload) { if ($imagepos eq "Soft") { $imagepos .= "" . $imagecntsoft+$a; $a++; } elsif ($imagepos eq "Hard") { $imagepos .= "" . $imagecnthard+$b; $b++; } elsif ($imagepos eq "Extra") { $imagepos .= "" . $imagecntextra+$c; $c++; } $y = $z + $imagecnt; if (!-e "$thumbsdir/$submissionid/$y.jpg") { system("mkdir $thumbsdir/$submissionid"); open DAT, ">$thumbsdir/$submissionid/$y.jpg"; binmode DAT; while (<$upload>) { print DAT; } close DAT; system("chmod 0666 $thumbsdir/$submissionid/$y.jpg"); GD::Image->trueColor(1); # Create default Thumbnail my $tnheight = 0; my $tnwidth = 0; if ($pic_tnheight > $pic_tnwidth) { $tnheight = $pic_tnheight; $tnwidth = $pic_tnheight; } else { $tnheight = $pic_tnwidth; $tnwidth = $pic_tnwidth; } open DAT, "$thumbsdir/$submissionid/$y.jpg"; my $simage=GD::Image->newFromJpeg(DAT); close DAT; my($swidth,$sheight)=imgsize("$thumbsdir/$submissionid/$y.jpg"); # Resize Members Pic my $h = 0; my $w = 0; my $perc = 0; my $maxheight = $pic_membersmaxheight; my $maxwidth = $pic_membersmaxwidth; if ($sheight > $maxheight || $swidth > $maxwidth) { if ($swidth > $sheight) { $perc = $maxwidth / $swidth; } elsif ($swidth < $sheight) { $perc = $maxheight / $sheight; } $h = $sheight * $perc; $w = $swidth * $perc; $h = int($h); $w = int($w); my $nimg=new GD::Image($w,$h); $nimg->copyResampled($simage,0,0,0,0,$w,$h,$swidth,$sheight); open DAT, ">$thumbsdir/$submissionid/members_$y.jpg"; binmode DAT; print DAT $nimg->jpeg; close DAT; # Resize main pic system("cp $thumbsdir/$submissionid/$y.jpg $thumbsdir/$submissionid/full_$y.jpg"); system("chmod 0666 $thumbsdir/$submissionid/full_$y.jpg"); open DAT, ">$thumbsdir/$submissionid/$y.jpg"; binmode DAT; print DAT $nimg->jpeg; close DAT; } else { system("cp $thumbsdir/$submissionid/$y.jpg $thumbsdir/$submissionid/members_$y.jpg"); } system("chmod 0666 $thumbsdir/$submissionid/members_$y.jpg"); # Resize Free Pic my $h = 0; my $w = 0; my $perc = 0; my $maxheight = $pic_freemaxheight; my $maxwidth = $pic_freemaxwidth; if ($sheight > $maxheight || $swidth > $maxwidth) { if ($swidth > $sheight) { $perc = $maxwidth / $swidth; } elsif ($swidth < $sheight) { $perc = $maxheight / $sheight; } $h = $sheight * $perc; $w = $swidth * $perc; $h = int($h); $w = int($w); my $nimg=new GD::Image($w,$h); $nimg->copyResampled($simage,0,0,0,0,$w,$h,$swidth,$sheight); open DAT, ">$thumbsdir/$submissionid/free_$y.jpg"; binmode DAT; print DAT $nimg->jpeg; close DAT; } else { system("cp $thumbsdir/$submissionid/$y.jpg $thumbsdir/$submissionid/free_$y.jpg"); } system("chmod 0666 $thumbsdir/$submissionid/free_$y.jpg"); #if ($swidth > $sheight) { $perc = $tnwidth / $swidth; #} elsif ($swidth < $sheight) { # $perc = $tnheight / $sheight; #} $h = $sheight * $perc; $w = $swidth * $perc; $h = int($h); $w = int($w); my $nimg=new GD::Image($w,$h); $nimg->copyResampled($simage,0,0,0,0,$w,$h,$swidth,$sheight); open DAT, ">$thumbsdir/$submissionid/tn_$y.jpg"; binmode DAT; print DAT $nimg->jpeg; close DAT; system("chmod 0666 $thumbsdir/$submissionid/tn_$y.jpg"); # Crop Landscape $tnheight = $pic_tnheight; $tnwidth = $pic_tnwidth; $h = 0; $w = 0; $perc = 0; my $cl = 0; my $ct = 0; open DAT, "$thumbsdir/$submissionid/tn_$y.jpg"; my $simage=GD::Image->newFromJpeg(DAT); close DAT; my($swidth,$sheight)=imgsize("$thumbsdir/$submissionid/tn_$y.jpg"); $cl = ($swidth/2)-($tnwidth/2); $ct = ($sheight/2)-($tnheight/2); my $nimg=new GD::Image($tnwidth,$tnheight); if ($swidth > $sheight) { $nimg->copyResampled($simage,0,0,0,0,$tnwidth,$tnheight,$swidth,$sheight); } else { #cut heads / center #$nimg->copyResized($simage,0,0,$cl,$ct,$tnwidth,$tnheight,$tnwidth,$tnheight); #start top $nimg->copyResampled($simage,0,0,$cl,0,$tnwidth,$tnheight,$tnwidth,$tnheight); } open DAT, ">$thumbsdir/$submissionid/tn_$y.jpg"; binmode DAT; print DAT $nimg->jpeg; close DAT; my $sqlquery = ""; $sqlquery .= "INSERT INTO pic_tblImages ( SubmissionID, ImagePos, ImageName ) "; $sqlquery .= "VALUES ($submissionid,'$imagepos','$y.jpg');"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $sth->finish(); $z++; } } } open(PAGE, "$scriptdir/templates/display/softcore.html"); chomp(@page=); close(PAGE); $soft_html=join("\n", @page); open(PAGE, "$scriptdir/templates/display/hardcore.html"); chomp(@page=); close(PAGE); $hard_html=join("\n", @page); } $imagecnt = 0; my $sqlquery = ""; $sqlquery .= "SELECT pic_tblImages.ImagePos, pic_tblImages.ImageName FROM pic_tblImages "; $sqlquery .= "WHERE (((pic_tblImages.SubmissionID)=$submissionid));"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $imagecnt = $sth->rows; $sth->finish(); if ($imagecnt > 0) { my $sqlquery = ""; $sqlquery .= "SELECT pic_tblImages.ImagePos, pic_tblImages.ImageName FROM pic_tblImages "; $sqlquery .= "WHERE (((pic_tblImages.SubmissionID)=$submissionid)) "; $sqlquery .= "ORDER BY pic_tblImages.ImagePos;"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); my $image_html = ""; while (my ($qryImagePos, $qryImageName ) = $sth->fetchrow_array()) { $image_html = ""; $soft_html =~ s/%$qryImagePos%/$image_html/i; $hard_html =~ s/%$qryImagePos%/$image_html/i; } $sth->finish(); for ($x=1;$x<=20;$x++) { $soft_html =~ s/%soft$x%//gi; $hard_html =~ s/%soft$x%//gi; $soft_html =~ s/%hard$x%//gi; $hard_html =~ s/%hard$x%//gi; } $soft_html =~ s/%extra%//gi; $hard_html =~ s/%extra%//gi; $soft_html =~ s/%thumbsurl%/$thumbsurl/gi; $hard_html =~ s/%thumbsurl%/$thumbsurl/gi; $soft_html =~ s/%submissionid%/$submissionid/gi; $hard_html =~ s/%submissionid%/$submissionid/gi; my $sqlquery = ""; $sqlquery .= "SELECT pic_tblSubmissions.UpdateNumber, pic_tblSubmissions.CountryID, pic_tblSubmissions.ModelName, pic_tblSubmissions.Email, pic_tblSubmissions.PublishEmail, pic_tblSubmissions.WebsiteURL, pic_tblSubmissions.Description, pic_tblSubmissions.Comments, pic_tblSubmissions.SubmissionDate "; $sqlquery .= "FROM pic_tblSubmissions "; $sqlquery .= "WHERE (((pic_tblSubmissions.SubmissionID)=$submissionid));"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); while (my ($qryUpdateNumber, $qryCountryID, $qryModelName, $qryEmail, $qryPublishEmail, $qryWebsiteURL, $qryDescription, $qryComments, $qrySubmissionDate ) = $sth->fetchrow_array()) { $soft_html =~ s/%updatenumber%/$qryUpdateNumber/gi; $hard_html =~ s/%updatenumber%/$qryUpdateNumber/gi; $soft_html =~ s/%modelname%/$qryModelName/gi; $hard_html =~ s/%modelname%/$qryModelName/gi; if ($qryPublishEmail == 1) { $soft_html =~ s/%email%/$qryEmail/gi; $hard_html =~ s/%email%/$qryEmail/gi; } else { $soft_html =~ s/%email%//gi; $hard_html =~ s/%email%//gi; } if ($qryWebsiteURL ne "") { my $websitelink = "$qryWebsiteURL"; $soft_html =~ s/%websiteurl%/$websitelink/gi; $hard_html =~ s/%websiteurl%/$websitelink/gi; } else { $soft_html =~ s/%websiteurl%//gi; $hard_html =~ s/%websiteurl%//gi; } $soft_html =~ s/%desc%/$qryDescription/gi; $hard_html =~ s/%desc%/$qryDescription/gi; $soft_html =~ s/%comments%/$qryComments/gi; $hard_html =~ s/%comments%/$qryComments/gi; $soft_html =~ s/%date%/$qrySubmissionDate/gi; $hard_html =~ s/%date%/$qrySubmissionDate/gi; $soft_html =~ s/%websiteurl%/$qryWebsiteURL/gi; $hard_html =~ s/%websiteurl%/$qryWebsiteURL/gi; if ($qryCountryID > 0) { $sqlquery = ""; $sqlquery .= "SELECT pic_tblCountries.CountryName, pic_tblCountries.Flag1, pic_tblCountries.Flag2 "; $sqlquery .= "FROM pic_tblCountries "; $sqlquery .= "WHERE (((pic_tblCountries.CountryID)=$qryCountryID));"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); while (my ($qryCountryName, $qryFlag1, $qryFlag2) = $sth->fetchrow_array()) { $flagsml = ""; $flaglrg = ""; $soft_html =~ s/%flagsml%/$flagsml/gi; $hard_html =~ s/%flagsml%/$flagsml/gi; $soft_html =~ s/%flaglrg%/$flaglrg/gi; $hard_html =~ s/%flaglrg%/$flaglrg/gi; last; } $sth->finish(); } $soft_html =~ s/%flaglrg%//gi; $hard_html =~ s/%flagsml%//gi; last; } $sth->finish(); $soft_html =~ s/%mainurl%/$mainurl/gi; $hard_html =~ s/%mainurl%/$mainurl/gi; # Display Preview $formhtml .= "

Softcore Preview


\n"; $formhtml .= "

$soft_html

\n"; $formhtml .= "

Hardcore Preview


\n"; $formhtml .= "

$hard_html

\n"; } # Upload Images Form if ($postform eq "CHECKED") { $formhtml .= qq~
~; my $y = 1; for ($x=1;$x<=12;$x++) { $formhtml .= qq~ ~; } $formhtml .= qq~
Upload/Add Images
~; if ($imagecnt > 1) { $formhtml .= qq~
~; } } else { $formhtml .= "Posting Disabled"; } $formhtml =~ s/%scripturl%/$scripturl/gi; } else { $response = "Error"; $response1 = "Submission ID not found in Database, please try again."; } } if ($response eq "") { open(PAGE, "$scriptdir/templates/webmaster/form.html"); } else { open(PAGE, "$scriptdir/templates/webmaster/response.html"); } chomp(@page=); close(PAGE); $page_html=join("\n", @page); $page_html =~ s/%scripturl%/$scripturl/gi; $page_html =~ s/%mainurl%/$mainurl/gi; $page_html =~ s/%username%/$username/gi; $page_html =~ s/%user_pass%/$user_pass/gi; if ($response eq "") { $page_html =~ s/%formtitle%/$formtitle/gi; $page_html =~ s/%formhtml%/$formhtml/gi; } else { $page_html =~ s/%response%/$response/gi; $page_html =~ s/%response1%/$response1/gi; } $page_html =~ s/%back%/$back/gi; print "Content-type: text/html\n\n"; print "$page_html\n"; &dbclose; } sub confirm { my $response = ""; my $response1 = ""; my $postemail = param('PostEmail'); my $submissionid = param('SubmissionID'); my $sqlquery = ""; $sqlquery .= "UPDATE pic_tblSubmissions SET pic_tblSubmissions.PostStatus = 1 "; $sqlquery .= "WHERE (((pic_tblSubmissions.SubmissionID)=$submissionid));"; my $sth = $dbh->prepare($sqlquery); $sth->execute(); $sth->finish(); if ($emailconfirm eq "CHECKED") { open(PAGE, "$scriptdir/templates/email/confirm.txt"); chomp(@page=); close(PAGE); $maincontent=join("\n", @page); $subject = @page[0]; $maincontent =~ s/$subject\n\n//gi; $header = "From: $adminemail\r\nTo: $postemail\r\nSubject: $subject"; open (MAIL, "|$mailprog") || die "Can't open $mailprog!\n"; print MAIL $header."\n\n"; print MAIL "$maincontent\n\n"; print MAIL "\n\n"; close (MAIL); } $response = "Success"; $response1 = "Your post has been added for review."; open(PAGE, "$scriptdir/templates/webmaster/response.html"); chomp(@page=); close(PAGE); $page_html=join("\n", @page); $page_html =~ s/%scripturl%/$scripturl/gi; $page_html =~ s/%mainurl%/$mainurl/gi; $page_html =~ s/%username%/$username/gi; $page_html =~ s/%user_pass%/$user_pass/gi; $page_html =~ s/%response%/$response/gi; $page_html =~ s/%response1%/$response1/gi; $page_html =~ s/%back%/$back/gi; print "Content-type: text/html\n\n"; print "$page_html\n"; &dbclose; } sub dbclose { $dbh->disconnect(); exit; }