| Server IP : 172.67.187.206 / Your IP : 172.71.28.156 Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30 System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586 User : SYSTEM ( 0) PHP Version : 5.6.30 Disable Function : NONE MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : E:/Inetpub/www/news/group/ |
Upload File : |
<?php
session_start();
include('db.php');
$sitesettings = $mysqli->query("SELECT * FROM settings WHERE id=1");
$setingsrow = mysqli_fetch_array($sitesettings);
$auto = $setingsrow['approve'];
if(!isset($_SESSION['username']) AND !isset($_SESSION['xchk']) ){
$Uid = 0;
echo "<script>window.parent.location=\"logout.php\"</script>"; //31/03/2563
}else{
$uname = $_SESSION['username'];
$usersql = $mysqli->query("SELECT * FROM users WHERE username='$uname'");
$userrow = mysqli_fetch_array($usersql);
$usname = strtolower($userrow['username']);
$uid = $userrow['id'];
$storytitle = $_POST['storytitle'];
$detail = $_POST['detail'];
$storyurl = $_POST['storyurl'];
$catid = $_POST['catselecter'];
$hot = "1";
$create1 = $_POST['createby'];
$file_tmp=$_FILES["fileUpload"]["tmp_name"];
$filename = $_FILES["fileUpload"]["name"];
$file_basename = substr($filename, 0, strripos($filename, '.')); // get file extention
$file_ext = substr($filename, strripos($filename, '.')); // get file name
$filesize = $_FILES["fileUpload"]["size"];
$filenew =date("dmY-His"). "_$uid" .$file_ext;
move_uploaded_file($file_tmp,"uploads/".$filenew);
ini_set('memory_limit','1000M');
set_time_limit(200);
$images = "uploads/$filenew";
$size=getimagesize($images);
$img_w=$size[0];
if ($img_w >690) {
$new_images = "uploads/$filenew";
$width=750;
$size=GetimageSize($images);
$height=round($width*$size[1]/$size[0]);
$images_orig = ImageCreateFromJPEG($images);
$photoX = ImagesX($images_orig);
$photoY = ImagesY($images_orig);
$images_fin = ImageCreateTrueColor($width, $height);
ImageCopyResampled($images_fin, $images_orig, 0, 0, 0, 0, $width+1, $height+1, $photoX, $photoY);
ImageJPEG($images_fin,$new_images);
ImageDestroy($images_orig);
ImageDestroy($images_fin);
} else {}
if ($storytitle=="" AND $filenew==""){ } else {
$mysqli->query("INSERT INTO posts(title, description, ppost, url, image, cat_id, hot, active, uid) VALUES ('$storytitle', '$detail', '$create1', '$storyurl', '$filenew', '$catid','$hot', '$auto', '$uid')") or die (mysqli_error());
$SQL= $mysqli->query("SELECT * FROM posts where uid='$uid' ORDER BY id DESC");
$Row = mysqli_fetch_array($SQL);
$ids = $Row['id'];
$newuser = $Row['uid'];
$SQL1= $mysqli->query("SELECT * FROM users where id='$newuser' ");
$Row1 = mysqli_fetch_array($SQL1);
$school = $Row1['school'];
/*
$lineapi = "9MTPj1L5V50h1Yrd660TKAagfa37PmBFMBddecV9xLk";
date_default_timezone_set("Asia/Bangkok");
$chOne = curl_init();
curl_setopt( $chOne, CURLOPT_URL, "https://notify-api.line.me/api/notify");
curl_setopt( $chOne, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt( $chOne, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt( $chOne, CURLOPT_POST, 1);
// Message
curl_setopt( $chOne, CURLOPT_POSTFIELDS, "message=\n $storytitle \n http://news.sesao8.go.th/story.php?id=$ids \n\n $school");
curl_setopt( $chOne, CURLOPT_FOLLOWLOCATION, 1);
$headers = array( 'Content-type: application/x-www-form-urlencoded', 'Authorization: Bearer '.$lineapi.'', );
curl_setopt($chOne, CURLOPT_HTTPHEADER, $headers);
curl_setopt( $chOne, CURLOPT_RETURNTRANSFER, 1);
$result = curl_exec( $chOne );
if(curl_error($chOne)) { echo 'error:' . curl_error($chOne); }
else { $result_ = json_decode($result, true);
echo "status : ".$result_['status']; echo "message : ". $result_['message']; }
curl_close( $chOne );
*/
}
echo "<script>window.parent.location=\"allnews_edit.php?id=$uid\"</script>";
}
?>