phpop3clean.admin.php

一个基于页面实现的pop客户端程序

} elseif (IsAdminUser() && isset($_REQUEST['imgadmin'])) {

	if (@$_REQUEST['imgadmin'] == 'delete') {

		$SQLquery  = 'SELECT `md5`, `ext` FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'image`';
		$SQLquery .= ' WHERE (`md5` = "'.mysql_escape_string($_REQUEST['md5']).'")';
		$result = mysql_query_safe($SQLquery);
		if ($row = mysql_fetch_array($result)) {

			if ($_REQUEST['md5']) {
				$AllMatchingFiles = glob(PHPOP3CLEAN_MD5_IMAGE_CACHE.$_REQUEST['md5'].'*');
				foreach ($AllMatchingFiles as $matchingFilename) {
					echo 'Deleting: "'.basename($matchingFilename).'"<br>';
					@unlink($matchingFilename);
				}
			}

			$SQLquery  = 'DELETE FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'image`';
			$SQLquery .= ' WHERE (`md5` = "'.mysql_escape_string($_REQUEST['md5']).'")';
			mysql_query_safe($SQLquery);

		}
		echo 'Record deleted<br>';
		echo '<script>location = "'.$_SERVER['PHP_SELF'].'?imgadmin='.__LINE__.'&orderby='.urlencode(@$_GET['orderby']).'&orderorder='.urlencode(@$_GET['orderorder']).'&offset='.urlencode(@$_GET['offset']).'";</script>';

	} elseif (@$_POST['imgadmin'] == 'upload') {

		if (is_uploaded_file($_FILES['uploaded_image']['tmp_name'])) {

			ob_start();
			readfile($_FILES['uploaded_image']['tmp_name']);
			$image_data = ob_get_contents();
			ob_end_clean();

			$ThisIsBad = false;
			$WhyItsBad = '';
			BannedImageAttachmentDatabaseCheckSave($_FILES['uploaded_image']['name'], $image_data, $ThisIsBad, $WhyItsBad, $_FILES['uploaded_image']['tmp_name']);
			if ($ThisIsBad) {

				echo $WhyItsBad.'<hr>';

			} else {

				$GIS = @GetImageSize($_FILES['uploaded_image']['tmp_name']);
				$GIStypes = array(1=>'gif', 2=>'jpeg', 3=>'png', 4=>'swf', 5=>'psd', 6=>'bmp', 7=>'tiff', 8=>'tiff', 9=>'jpc', 10=>'jp2', 11=>'jpx', 12=>'jb2', 13=>'swc', 14=>'iff', 15=>'wbmp', 16=>'xbm');
				$image_x   = @$GIS[0];
				$image_y   = @$GIS[1];
				$image_ext = @$GIStypes[@$GIS[2]];
				//$image_md5 = md5($image_data);
				$thisFilesize = strlen($image_data);
				$pattern = AttachedImageDefaultPattern($thisFilesize, $image_ext);
				$calculatedMD5 = FilteredBinaryDataMD5($image_data, $pattern);

				$SQLquery  = 'INSERT IGNORE INTO `'.PHPOP3CLEAN_TABLE_PREFIX.'image` (`md5`, `image_data`, `ext`, `width`, `height`, `size`, `pattern`, `added`) VALUES (';
				$SQLquery .= '"'.mysql_escape_string($calculatedMD5).'",';
				$SQLquery .= '"'.mysql_escape_string($image_data).'", ';
				$SQLquery .= '"'.mysql_escape_string($image_ext).'", ';
				$SQLquery .= '"'.mysql_escape_string($image_x).'", ';
				$SQLquery .= '"'.mysql_escape_string($image_y).'", ';
				$SQLquery .= '"'.mysql_escape_string($thisFilesize).'", ';
				$SQLquery .= '"'.mysql_escape_string($pattern).'", ';
				$SQLquery .= '"'.mysql_escape_string(time()).'")';
				mysql_query_safe($SQLquery);
				//$mysql_error = mysql_error();

				$newfilename = PHPOP3CLEAN_MD5_IMAGE_CACHE.$calculatedMD5.'.'.$image_ext;
				if (!move_uploaded_file($_FILES['uploaded_image']['tmp_name'], $newfilename)) {
					echo 'ERROR: failed to move "'.$_FILES['uploaded_image']['tmp_name'].'" to "'.$newfilename.'"';
				//} elseif (eregi('^Duplicate entry', $mysql_error)) {
				//	// shouldn't happen
				//	echo 'ERROR: Image already in database';
				//} elseif ($mysql_error) {
				//	echo $SQLquery.'<hr>'.$mysql_error.'<hr>';
				} else {
					echo 'Record inserted<br><script>location = "'.$_SERVER['PHP_SELF'].'?imgadmin=edit&md5='.urlencode($calculatedMD5).'&orderby=added&orderorder='.urlencode(@$_POST['orderorder']).'&offset='.urlencode(@$_POST['offset']).'";</script>';
				}

			}

		} else {
			echo 'ERROR: Failed to upload file.';
		}

	} elseif (@$_POST['imgadmin'] == 'update') {

		if ($_POST['md5'] != $_POST['oldmd5']) {
			$SQLquery = 'DELETE FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'image`';
			$SQLquery .= ' WHERE (`md5` = "'.mysql_escape_string($_POST['md5']).'")';
			mysql_query_safe($SQLquery);
		}

		$SQLquery  = 'UPDATE `'.PHPOP3CLEAN_TABLE_PREFIX.'image` SET';
		$SQLquery .= ' `description` = "'.mysql_escape_string($_POST['description']).'",';
		$SQLquery .= ' `pattern` = "'.mysql_escape_string($_POST['pattern']).'",';
		$SQLquery .= ' `ext` = "'.mysql_escape_string($_POST['ext']).'",';
		$SQLquery .= ' `md5` = "'.mysql_escape_string($_POST['md5']).'",';
		$SQLquery .= ' `size` = LENGTH(`image_data`)';
		$SQLquery .= ' WHERE (`md5` = "'.mysql_escape_string($_POST['oldmd5']).'")';
		mysql_query_safe($SQLquery);

		$oldname = PHPOP3CLEAN_MD5_IMAGE_CACHE.$_POST['oldmd5'].'.'.$_POST['ext'];
		$newname = PHPOP3CLEAN_MD5_IMAGE_CACHE.$_POST['md5'].'.'.$_POST['ext'];
		if ($newname != $oldname) {
			if (file_exists($newname) && !@unlink($newname)) {
				die('failed to delete existing "'.$newname.'"');
			}
			if (!rename($oldname, $newname)) {
				die('failed to rename "'.$oldname.'" to "'.$newname.'"');
			}
		}
		echo 'Record updated<br><script>location = "'.$_SERVER['PHP_SELF'].'?imgadmin='.__LINE__.'&orderby='.urlencode(@$_GET['orderby']).'&orderorder='.urlencode(@$_GET['orderorder']).'&offset='.urlencode(@$_GET['offset']).'";</script>';

	} elseif (@$_GET['imgadmin'] == 'scan') {

		$GIStypes = array(1=>'gif', 2=>'jpeg', 3=>'png', 4=>'swf', 5=>'psd', 6=>'bmp', 7=>'tiff', 8=>'tiff', 9=>'jpc', 10=>'jp2', 11=>'jpx', 12=>'jb2', 13=>'swc', 14=>'iff', 15=>'wbmp', 16=>'xbm');

		$SQLquery  = 'SELECT `md5`, `ext`, `image_data` FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'image`';
		$result = mysql_query_safe($SQLquery);
		$KnownMD5 = array();
		while ($row = mysql_fetch_array($result)) {
			$KnownMD5[$row['md5']] = true;
			$KnownMD5[md5($row['image_data'])] = true;
			$filename = PHPOP3CLEAN_MD5_IMAGE_CACHE.$row['md5'].'.'.$row['ext'];
			if (!file_exists($filename)) {
				if ($fp = @fopen($filename, 'wb')) {
					fwrite($fp, $row['image_data']);
					fclose($fp);
					echo '% creating '.basename($filename).' from database image data<br>';
					flush();
				}
			}
		}
		if ($dh = opendir(PHPOP3CLEAN_MD5_IMAGE_CACHE)) {
			while ($file = readdir($dh)) {
				$filename = PHPOP3CLEAN_MD5_IMAGE_CACHE.$file;
				if (is_file($filename)) {
					set_time_limit(PHPOP3CLEAN_TIMEOUT);
					$thisMD5 = md5_file($filename);
					$filedata = file_get_contents($filename);
					$thisFilesize = filesize($filename);
					$GIS = @GetImageSize($filename);
					$image_x   = @$GIS[0];
					$image_y   = @$GIS[1];
					$image_ext = @$GIStypes[@$GIS[2]];
					$pattern = AttachedImageDefaultPattern($thisFilesize, $image_ext);
					$calculatedMD5 = FilteredBinaryDataMD5($filedata, $pattern);
					if (!@$KnownMD5[$thisMD5] && !@$KnownMD5[$calculatedMD5]) {
						$newfilename = dirname($filename).'/'.$calculatedMD5.'.'.$image_ext;
						if (rename($filename, $newfilename)) {

							$SQLquery  = 'INSERT IGNORE INTO `'.PHPOP3CLEAN_TABLE_PREFIX.'image` (`md5`, `size`, `ext`, `pattern`, `width`, `height`, `image_data`, `added`) VALUES (';
							$SQLquery .= '"'.mysql_escape_string($calculatedMD5).'", ';
							$SQLquery .= '"'.mysql_escape_string($thisFilesize).'", ';
							$SQLquery .= '"'.mysql_escape_string($image_ext).'", ';
							$SQLquery .= '"'.mysql_escape_string($pattern).'", ';
							$SQLquery .= '"'.mysql_escape_string($image_x).'", ';
							$SQLquery .= '"'.mysql_escape_string($image_y).'", ';
							$SQLquery .= '"'.mysql_escape_string($filedata).'", ';
							$SQLquery .= '"'.mysql_escape_string(time()).'")';
							mysql_query_safe($SQLquery);

							echo '* Adding '.basename($newfilename).' ['.$file.']<br>';
						} else {
							echo '! Cannot rename('.$filename.', '.dirname($filename).'/'.$thisMD5.'.'.$image_ext.')<br>';
						}
						flush();
					}
				}
			}
		}
		echo '<hr>';
		flush();

		$SQLquery  = 'SELECT `md5`, `ext` FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'image`';
		$SQLquery .= ' WHERE (`height` = 0)';
		$SQLquery .= ' OR (`width` = 0)';
		$SQLquery .= ' OR (`ext` = "")';
		$result = mysql_query_safe($SQLquery);
		while ($row = mysql_fetch_array($result)) {
			$filename = PHPOP3CLEAN_MD5_IMAGE_CACHE.$row['md5'].'.'.$row['ext'];
			if (is_file($filename)) {
				set_time_limit(PHPOP3CLEAN_TIMEOUT);
				$GIS = @GetImageSize($filename);
				$SQLquery  = 'UPDATE `'.PHPOP3CLEAN_TABLE_PREFIX.'image` SET';
				$SQLquery .= ' `width` = "'.mysql_escape_string($GIS[0]).'"';
				$SQLquery .= ', `height` = "'.mysql_escape_string($GIS[1]).'"';
				$SQLquery .= ', `ext` = "'.mysql_escape_string(@$GIStypes[@$GIS[2]]).'"';
				$SQLquery .= ' WHERE (`md5` = "'.$row['md5'].'")';
				mysql_query_safe($SQLquery);

				echo '* Updating dimensions and/or extension on '.basename($filename).'<br>';
				flush();

				if ($row['ext'] != @$GIStypes[@$GIS[2]]) {
					$newname = dirname($filename).'/'.$row['md5'].'.'.@$GIStypes[@$GIS[2]];
					rename($filename, $newname);

					echo '* * renaming: '.basename($filename).' to '.basename($newname).'<br>';
					flush();
				}
			}
		}

		echo '<hr><a href="'.htmlspecialchars(linkencode($_SERVER['PHP_SELF'].'?imgadmin='.__LINE__.'&orderby=added'), ENT_QUOTES).'">Continue</a><br>';

	} elseif (@$_GET['imgadmin'] == 'edit') {

		$SQLquery  = 'SELECT `image_data`, `ext`, `size`, `md5`, `pattern`, `description`, `width`, `height`, (`size` + (`width` * `height`)) AS `BytesWidthHeight` FROM `'.PHPOP3CLEAN_TABLE_PREFIX.'image`';
		$SQLquery .= ' WHERE (`md5` = "'.mysql_escape_string($_REQUEST['md5']).'")';
		$result = mysql_query_safe($SQLquery);
		if ($row = mysql_fetch_array($result)) {
			echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post" name="attachedimageeditform">';
			echo '<table border="0">';

			echo '<tr><th align="right">MD5:</th><td>';
			if ($row['image_data']) {
				$calculatedMD5 = FilteredBinaryDataMD5($row['image_data'], $row['pattern']);
				echo (($calculatedMD5 != $row['md5']) ? '<span style="background-color: orangered; padding: 3px;">Should be <a href="#" onClick="document.attachedimageeditform.md5.value = \''.$calculatedMD5.'\'; return false;" style="background-color: limegreen;" title="Make it so">'.$calculatedMD5.'</a> according to stored data+pattern</span><br>' : '');
			}
			echo '<input type="text" name="md5" value="'.htmlentities($row['md5'], ENT_QUOTES).'" size="34" maxlength="32" style="font-family: monospace; font-size: 8pt;"></td></tr>';

			if (!$row['pattern']) {
				$row['pattern'] = AttachedImageDefaultPattern($row['size'], $row['ext']);
			}
			echo '<tr><th align="right">Partial Match Pattern:</th><td><input type="text" size="40" name="pattern" value="'.htmlentities($row['pattern'], ENT_QUOTES).'" maxlength="255"><br><i>ex: 17440|144-146;204-205;480-481;488-489</i></td></tr>';

			echo '<tr><th align="right">Description:</th><td><input type="text" size="40" name="description" value="'.htmlentities($row['description'], ENT_QUOTES).'"></td></tr>';
			echo '<tr><th align="right">Image Type:</th><td><input type="text" size="4" maxlength="4" name="ext" value="'.htmlentities($row['ext'], ENT_QUOTES).'" readonly></td></tr>';
			echo '<tr><th align="right">Dimensions:</th><td><input type="text" size="3" readonly value="'.htmlentities($row['width'], ENT_QUOTES).'"> x <input type="text" size="3" value="'.htmlentities($row['height'], ENT_QUOTES).'" readonl