assign("error","You must be logged in as a registered user to proceed."); $smarty->display(TEMPLATE_DIR . "gallery_template.tpl.smrt"); die(); } $bike_id = nBase::get_value("bike_id", $_POST, $_GET, 0); if (strlen($_GET['bike_id']) > 1 && $bike_id == '') {//implies an illegal name in the URL which might be an injection attack include BASE_PATH.'includes/unavailable_404.inc.php'; die; } $year = null; $make = null; $model = null; if (WEEK_BIKE != 0 && WEEK_BIKE == $bike_id) { $smarty->assign("error","Bike of the Week can not be edited."); $smarty->display(TEMPLATE_DIR . "gallery_template.tpl.smrt"); die(); } $bike = new GalleryBike($db, $bike_id); if ($bike_id && $bike->user_id != USERID && !ISADMIN) { $smarty->assign("error","You can not edit or modify a bike that doesn't belong to you."); $smarty->display(TEMPLATE_DIR . "gallery_template.tpl.smrt"); die(); } if (!$bike->error) { $submit = nBase::get_value("submit", $_POST, NULL, false); if ($submit) { foreach($_POST as $key => $value) { $bike->$key = $value; } $bike->validate(); if (ISADMIN && $bike->status == 'denied' && $bike->denied_reason =="") { $bike->error .= "You must have a reason for denying this bike. Please enter it."; } $captions = nBase::get_value('caption', $_POST, NULL, ''); if (isset($_FILES["myimage"])) { for ($i = 0; $i < 5; $i++) { if ($_FILES["myimage"]['tmp_name'][$i]) { $bike->images[$i] = new Image($_FILES["myimage"]['tmp_name'][$i]); $bike->images[$i]->caption = $captions[$i]; } } } if (!$bike->error) { if ($bike_id == 0) { $bike->user_id = USERID; } $bike->save(); if ($bike->images) { $file_dir = UPLOAD_PATH; $mod = $bike->bike_id % 64; $file_dir .= "$mod/"; if (!file_exists($file_dir)) { mkdir($file_dir); chmod($file_dir, 0777); } $extra = md5(mktime() + mktime()); foreach ($bike->images as $key => $pic) { if (get_class($pic) == "Image") { $thumb_name = $mod . "/" . $bike->bike_id . "_" . $key . "_thumb_" . $extra; $medium_name = $mod . "/" . $bike->bike_id . "_" . $key . "_medium_" . $extra; $large_name = $mod . "/" . $bike->bike_id . "_" . $key . "_large_" . $extra; $thumb_name = $pic->save_bg($thumb_name, 150, 150, 77); $medium_name = $pic->save_bg($medium_name, 300, 425); $large_name = $pic->save_bg($large_name, 1024, 768); db_save_image("bike", $bike->bike_id, USERID, $thumb_name, $medium_name, $large_name, $caption[$key]); } } } } } if (ISADMIN) { $bike->denied_reason = stripslashes($bike->denied_reason); } $bike->set_edit_html_fields(); $smarty->assign("page_tpl",TEMPLATE_DIR . "gallery/edit_bike.tpl.smrt"); } if (ISADMIN) { $slist = $db->get_object_from_enum(tbl_bg_bikes, 'status'); $bike->statushtml = display_select_list('status', $slist, 'item', 'item', $bike->status); } // Bike Model Linked Select Box include BASEDIR . 'includes/select_bike_model.php'; $model_box_html = $smarty->fetch('select_bike_model.tpl.smrt'); $smarty->assign( array( "bike" => $bike, "show_box" => 5 - sizeof($bike->images), "error" => $bike->error, "model_box_html" => $model_box_html )); $smarty->display(TEMPLATE_DIR . "gallery_template.tpl.smrt");