<?
// --- GOLD MEDIA --- //
session_start();
define('GOLD_BASE', dirname(empty($_SERVER['SCRIPT_FILENAME']) ? __FILE__ : $_SERVER['SCRIPT_FILENAME']).'/');
$document = '' . $_SERVER['DOCUMENT_ROOT'] . dirname('../../', $_SERVER['SCRIPT_NAME']);
require_once('../../gold-config.php');
if(GOLD_SUB_FOLDER != '') { $sub_folder = '/'.GOLD_SUB_FOLDER.''; }
$root .= 'http://' . $_SERVER['SERVER_NAME'] . $sub_folder;
$document .= $sub_folder;
// GOLD CONNECT
mysql_connect(GOLD_HOSTNAME,GOLD_USERNAME,GOLD_PASSWORD) or die("Gold MEDIA could not connect to MYSQL database " . mysql_error());
mysql_select_db(GOLD_DATABASE) or die("Gold MEDIA could not select database " . mysql_error());
mysql_query("SET CHARACTER SET utf8");
mysql_query("SET NAMES 'utf8'");
// GOLD FUNCTIONS
function set($set_name)
{
$q = mysql_query("SELECT * FROM gold_settings WHERE set_name='".$set_name."' LIMIT 1");
while($row = mysql_fetch_assoc($q)){
$GOLD_echo = $row['set_content']; // Inside while loop
}
return $GOLD_echo;
}
function LANG($title) {
include('../../gold-app/gold-lang/'.set('gold_lang').'.php');
return $LANG[$title];
}
function filter($string) {
$search = array ("'<script[?>]*?>.*?</script>'si", // Remove javascript.
"'<[\/\!]*?[^<?>]*?>'si", // Remove HTML tags.
"'<>'si", // Remove HTML tags.
"'([\r\n])[\s]+'", // Remove spaces.
"'&(quot|#34);'i", // Remove HTML entites.
"'&(amp|#38);'i",
"'&(lt|#60);'i",
"'&(gt|#62);'i",
"'&(nbsp|#160);'i",
"'&(iexcl|#161);'i",
"'&(cent|#162);'i",
"'&(pound|#163);'i",
"'&(copy|#169);'i",
"'&#(\d+);'e"); // Evaluate like PHP.
$replace = array ("",
"",
"\\1",
"\"",
"&",
"<",
"?>",
" ",
chr(161),
chr(162),
chr(163),
chr(169),
"chr(\\1)");
return mysql_real_escape_string(preg_replace ($search, $replace, $string));
}
function ru2lat($str){
$tr = array(
"А"=>"a", "Б"=>"b", "В"=>"v", "Г"=>"g", "Д"=>"d",
"Е"=>"e", "Ё"=>"yo", "Ж"=>"zh", "З"=>"z", "И"=>"i",
"Й"=>"j", "К"=>"k", "Л"=>"l", "М"=>"m", "Н"=>"n",
"О"=>"o", "П"=>"p", "Р"=>"r", "С"=>"s", "Т"=>"t",
"У"=>"u", "Ф"=>"f", "Х"=>"kh", "Ц"=>"ts", "Ч"=>"ch",
"Ш"=>"sh", "Щ"=>"sch", "Ъ"=>"", "Ы"=>"y", "Ь"=>"",
"Э"=>"e", "Ю"=>"yu", "Я"=>"ya", "а"=>"a", "б"=>"b",
"в"=>"v", "г"=>"g", "д"=>"d", "е"=>"e", "ё"=>"yo",
"ж"=>"zh", "з"=>"z", "и"=>"i", "й"=>"j", "к"=>"k",
"л"=>"l", "м"=>"m", "н"=>"n", "о"=>"o", "п"=>"p",
"р"=>"r", "с"=>"s", "т"=>"t", "у"=>"u", "ф"=>"f",
"х"=>"kh", "ц"=>"ts", "ч"=>"ch", "ш"=>"sh", "щ"=>"sch",
"ъ"=>"", "ы"=>"y", "ь"=>"", "э"=>"e", "ю"=>"yu",
"я"=>"ya", " "=>"-", "."=>"", ","=>"", "/"=>"-",
":"=>"", ";"=>"","—"=>"", "–"=>"-"
);
return strtr($str,$tr);
}
function slug($str) {
$str = preg_replace("/(å|ä|à|á|ạ|ả|ã|â|ầ|ấ|ậ|ẩ|ẫ|ă|ằ|ắ|ặ|ẳ|ẵ|ą)/", 'a', $str);
$str = preg_replace("/(è|é|ẹ|ẻ|ẽ|ê|ề|ế|ệ|ể|ễ|ę)/", 'e', $str);
$str = preg_replace("/(ì|í|ị|ỉ|ĩ|ı)/", 'i', $str);
$str = preg_replace("/(ö|ò|ó|ọ|ỏ|õ|ô|ồ|ố|ộ|ổ|ỗ|ơ|ờ|ớ|ợ|ở|ỡ)/", 'o', $str);
$str = preg_replace("/(ü|ù|ú|ụ|ủ|ũ|ư|ừ|ứ|ự|ử|ữ)/", 'u', $str);
$str = preg_replace("/(ỳ|ý|ỵ|ỷ|ỹ)/", 'y', $str);
$str = preg_replace("/(đ)/", 'd', $str);
$str = preg_replace("/(č|ç|ć)/", 'c', $str);
$str = preg_replace("/(š,ş,ś)/", 's', $str);
$str = preg_replace("/(ğ)/", 'g', $str);
$str = preg_replace("/(Ğ)/", 'g', $str);
$str = preg_replace("/(ž|ż|ź)/", 'z', $str);
$str = preg_replace("/(Ä|Å|À|Á|Ạ|Ả|Ã|Â|Ầ|Ấ|Ậ|Ẩ|Ẫ|Ă|Ằ|Ắ|Ặ|Ẳ|Ẵ|Ą)/", 'A', $str);
$str = preg_replace("/(È|É|Ẹ|Ẻ|Ẽ|Ê|Ề|Ế|Ệ|Ể|Ễ|Ę)/", 'E', $str);
$str = preg_replace("/(Ì|Í|Ị|Ỉ|Ĩ|İ)/", 'I', $str);
$str = preg_replace("/(Ö|Ò|Ó|Ọ|Ỏ|Õ|Ô|Ồ|Ố|Ộ|Ổ|Ỗ|Ơ|Ờ|Ớ|Ợ|Ở|Ỡ)/", 'O', $str);
$str = preg_replace("/(Ù|Ú|Ụ|Ủ|Ũ|Ư|Ừ|Ứ|Ự|Ử|Ữ)/", 'U', $str);
$str = preg_replace("/(Ỳ|Ý|Ỵ|Ỷ|Ỹ)/", 'Y', $str);
$str = preg_replace("/(Č|Ç|Ć)/", 'C', $str);
$str = preg_replace("/(Đ)/", 'D', $str);
$str = preg_replace("/(ł)/", 'l', $str);
$str = preg_replace("/(Ł)/", 'L', $str);
$str = preg_replace("/(Ń)/", 'n', $str);
$str = preg_replace("/(ń)/", 'n', $str);
$str = preg_replace("/(Š|Ś)/", 'S', $str);
$str = preg_replace("/(Ž|Ż|Ź)/", 'Z', $str);
$str = str_replace(" ", "-", str_replace("&*#39;","",$str));
$str = preg_replace('/[^A-Za-z0-9\-._]/', '', $str); // Removes special chars.
$str = preg_replace('/-+/', '-', $str);
$str = strtolower($str);
return $str;
}
function create_thumb($src, $dest, $desired_width) {
/* read the source image */
$info = pathinfo($src);
// continue only if this is a JPEG image
if ( strtolower($info['extension']) == 'gif' )
{
$source_image = imagecreatefromgif($src);
$width = imagesx($source_image);
$height = imagesy($source_image);
/* find the "desired height" of this thumbnail, relative to the desired width */
$desired_height = floor($height * ($desired_width / $width));
/* create a new, "virtual" image */
$virtual_image = imagecreatetruecolor($desired_width, $desired_height);
/* copy source image at a resized size */
imagecopyresampled($virtual_image, $source_image, 0, 0, 0, 0, $desired_width, $desired_height, $width, $height);
/* create the physical thumbnail image to its destination */
imagejpeg($virtual_image, $dest);
}
elseif ( strtolower($info['extension']) == 'png' )
{
$source_image = imagecreatefrompng($src);
$width = imagesx($source_image);
$height = imagesy($source_image);
/* find the "desired height" of this thumbnail, relative to the desired width */
$desired_height = floor($height * ($desired_width / $width));
/* create a new, "virtual" image */
$virtual_image = imagecreatetruecolor($desired_width, $desired_height);
/* copy source image at a resized size */
imagecopyresampled($virtual_image, $source_image, 0, 0, 0, 0, $desired_width, $desired_height, $width, $height);
/* create the physical thumbnail image to its destination */
imagejpeg($virtual_image, $dest);
} elseif ( strtolower($info['extension']) == 'jpg' || strtolower($info['extension']) == 'jpeg' )
{
$source_image = imagecreatefromjpeg($src);
$width = imagesx($source_image);
$height = imagesy($source_image);
/* find the "desired height" of this thumbnail, relative to the desired width */
$desired_height = floor($height * ($desired_width / $width));
/* create a new, "virtual" image */
$virtual_image = imagecreatetruecolor($desired_width, $desired_height);
/* copy source image at a resized size */
imagecopyresampled($virtual_image, $source_image, 0, 0, 0, 0, $desired_width, $desired_height, $width, $height);
/* create the physical thumbnail image to its destination */
imagejpeg($virtual_image, $dest);
}
}
function image_url_upload($file_url, $filename){
$file = file_get_contents($file_url);
$upload_folder = $document.'/gold-app/gold-uploads/media/';
if (!file_exists($upload_folder)) {
mkdir($upload_folder, 0777, true);
}
if(strpos($file_url, '.gif') > 0){
$extension = '.gif';
} elseif(strpos($file_url, '.jpg') > 0){
$extension = '.jpg';
} elseif(strpos($file_url, '.jpeg') > 0){
$extension = '.jpeg';
} elseif(strpos($file_url, '.png') > 0){
$extension = '.png';
}
$filename = $filename . $extension;
if (file_exists($upload_folder.$filename)) {
$filename = uniqid() . '-' . $filename . $extension;
}
if(strpos($file_url, '.gif') > 0){
$img = imagecreatefromstring(file_get_contents($file_url));
if ($img !== false)
imagejpeg($img, $document."/uploads/media_photos/$filename.jpg", 100);
}
file_put_contents($upload_folder.$filename, $file);
return '/' . $filename;
}
function http_decode($link) {
if (preg_match("#https?://#", $link) === 0)
$link = 'http://'.$link;
return $link;
}
function getdomain($url)
{
$parsed = parse_url($url);
return str_replace('www.','', strtolower($parsed['host']));
}
function get_youtube_thumb($url) {
$queryString = parse_url($url, PHP_URL_QUERY);
parse_str($queryString, $params);
if (isset($params['v']))
{
return "http://i3.ytimg.com/vi/" . trim($params['v']) . "/mqdefault.jpg";
}
return true;
}
function get_vimeo_thumb($url) {
preg_match('/(\d+)/', $url, $output);
$id = trim($output[0]);
$data = file_get_contents("http://vimeo.com/api/v2/video/$id.json");
$data = json_decode($data);
return $data[0]->thumbnail_medium;
}
function get_facebook_thumb($url) {
$queryString = parse_url($url, PHP_URL_QUERY);
parse_str($queryString, $params);
return "http://graph.facebook.com/" . trim($params['v']) . "/picture";
}
function get_vine_thumb($url) {
$id = trim(preg_replace('/^.*\//','',$url));
$vine_url = "http://vine.co/v/{$id}";
$data = file_get_contents($vine_url);
preg_match('~<\s*meta\s+property="(og:image)"\s+content="([^"]*)~i', $data, $matches);
return ($matches[2]) ? $matches[2] : false;
}
function get_dailymotion_thumb($url) {
$output = parse_url($url, PHP_URL_PATH);
$pieces = explode('/', $output);
$id = $pieces[2];
echo $id;
return "http://www.dailymotion.com/thumbnail/video/{$id}";
}
function get_metacafe_thumb($url) {
$path = parse_url($url, PHP_URL_PATH);
$pieces = explode('/', $path);
$id = $pieces[2];
$title = $pieces[3];
if($title=="")
$title = $id;
if($id && $title)
return "http://s4.mcstatic.com/thumb/{$id}/0/6/videos/0/6/{$title}.jpg";
else
return "";
}
function get_instagram_thumb($url) {
$path = parse_url($url, PHP_URL_PATH);
$pieces = explode('/', $path);
$id = $pieces[2];
return "http://instagr.am/p/".$id."/media/";
}
function time_ago($postedDateTime, $systemDateTime, $typeOfTime) {
$changePostedTimeDate=strtotime($postedDateTime);
$changeSystemTimeDate=strtotime($systemDateTime);
$timeCalc=$changeSystemTimeDate-$changePostedTimeDate;
if ($typeOfTime == "second") {
if ($timeCalc > 0) {
$typeOfTime = "second";
}
if ($timeCalc > 60) {
$typeOfTime = "minute";
}
if ($timeCalc > (60*60)) {
$typeOfTime = "hour";
}
if ($timeCalc > (60*60*24)) {
$typeOfTime = "day";
}
if ($timeCalc > (60*60*24*7)) {
$typeOfTime = "week";
}
if ($timeCalc > (60*60*24*30)) {
$typeOfTime = "month";
}
if ($timeCalc > (60*60*24*365)) {
$typeOfTime = "year";
}
}
if ($typeOfTime == "second") {
$timeCalc .= " second ago";
}
if ($typeOfTime == "minute") {
$timeCalc = round($timeCalc/60) . " minute ago";
}
if ($typeOfTime == "hour") {
$timeCalc = round($timeCalc/60/60) . " hour ago";
}
if ($typeOfTime == "day") {
$timeCalc = round($timeCalc/60/60/24) . " days ago";
}
if ($typeOfTime == "week") {
$timeCalc = round($timeCalc/60/60/24/7) . " week ago";
}
if ($typeOfTime == "month") {
$timeCalc = round($timeCalc/60/60/24/30) . " month ago";
}
if ($typeOfTime == "year") {
$timeCalc = round($timeCalc/60/60/24/365) . " year ago";
}
return $timeCalc;
}
function smilies( $text ) {
$smilies = array(
':D' => ' <img src="'.$root.'/gold-skins/default/images/smilies/laugh.png" />',
':)' => ' <img src="'.$root.'/gold-skins/default/images/smilies/happy.png" />',
':(' => ' <img src="'.$root.'/gold-skins/default/images/smilies/bored.png" />',
';)' => ' <img src="'.$root.'/gold-skins/default/images/smilies/wink.png" />',
':P' => ' <img src="'.$root.'/gold-skins/default/images/smilies/tongue.png" />',
':X' => ' <img src="'.$root.'/gold-skins/default/images/smilies/not_even.png" />',
':O' => ' <img src="'.$root.'/gold-skins/default/images/smilies/agape.png" />',
':grin:' => ' <img src="'.$root.'/gold-skins/default/images/smilies/grin.png" />',
':shocked:' => ' <img src="'.$root.'/gold-skins/default/images/smilies/shocked.png" />',
':cry:' => ' <img src="'.$root.'/gold-skins/default/images/smilies/cry.png" />',
':sunglasses:' => ' <img src="'.$root.'/gold-skins/default/images/smilies/sunglasses.png" />',
':wink:' => ' <img src="'.$root.'/gold-skins/default/images/smilies/wink.png" />'
);
return str_replace( array_keys( $smilies ), array_values( $smilies ), $text );
}
function GOLD_smilies($data_id) {
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":D"><img src="'.$root.'/gold-skins/default/images/smilies/laugh.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":)"><img src="'.$root.'/gold-skins/default/images/smilies/happy.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":("><img src="'.$root.'/gold-skins/default/images/smilies/bored.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=";)"><img src="'.$root.'/gold-skins/default/images/smilies/wink.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":P"><img src="'.$root.'/gold-skins/default/images/smilies/tongue.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":X"><img src="'.$root.'/gold-skins/default/images/smilies/not_even.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":O"><img src="'.$root.'/gold-skins/default/images/smilies/agape.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":grin:"><img src="'.$root.'/gold-skins/default/images/smilies/grin.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":shocked:"><img src="'.$root.'/gold-skins/default/images/smilies/shocked.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":cry:"><img src="'.$root.'/gold-skins/default/images/smilies/cry.png" /></a>';
$GOLD_html .= '<a href="javascript:;" data-id="'.$data_id.'" title=":sunglasses:"><img src="'.$root.'/gold-skins/default/images/smilies/sunglasses.png" /></a>';
return $GOLD_html;
}
function watermarkImage ($SourceFile, $DestinationFile, $img_type) {
if($img_type == 'jpg' || $img_type == 'jpeg') {
$imgpath = $SourceFile;
$watermarkfile=$DestinationFile;
$watermark = imagecreatefrompng($watermarkfile);
list($watermark_width,$watermark_height) = getimagesize($watermarkfile);
$image = imagecreatefromjpeg($imgpath);
$size = getimagesize($imgpath);
$dest_x = $size[0] - $watermark_width - 15;
$dest_y = $size[1] - $watermark_height - 15;
imagecopy($image, $watermark, $dest_x, $dest_y, 0, 0, $watermark_width, $watermark_height);
//Finalize the image:
imagejpeg($image, $imgpath);
//Destroy the image and the watermark handles
imagedestroy($image);
imagedestroy($watermark);
}
elseif($img_type == 'png') {
$imgpath = $SourceFile;
$watermarkfile=$DestinationFile;
$watermark = imagecreatefrompng($watermarkfile);
list($watermark_width,$watermark_height) = getimagesize($watermarkfile);
$image = imagecreatefrompng($imgpath);
$size = getimagesize($imgpath);
$dest_x = $size[0] - $watermark_width - 15;
$dest_y = $size[1] - $watermark_height - 15;
imagecopy($image, $watermark, $dest_x, $dest_y, 0, 0, $watermark_width, $watermark_height);
//Finalize the image:
imagepng($image, $imgpath);
//Destroy the image and the watermark handles
imagedestroy($image);
imagedestroy($watermark);
}
return true;
}
// GOLD if($_POST['gold'] == '{POST VALUE}'))
if($_POST['submit_image']) {
$post_title = filter($_POST['title']);
$post_content = mysql_real_escape_string(strip_tags(trim($_POST['description'])));
$url = filter($_POST['url']);
$tags = $_POST['tags'];
$category = filter($_POST['category']);
$path = "gold-app/gold-uploads/media/";
$user = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_username='".$_SESSION['user_username']."' OR user_email='".$_SESSION['user_email']."'"));
if($user['user_group'] == '1' || $user['user_group'] == '2') { $post_status = '1'; } else { $post_status = '0'; }
if($user['user_id'] == '') { $user_id = "1"; } else { $user_id = $user['user_id']; }
if($_SESSION['user_username'] == '') { $user_id = "1"; }
$user_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
if($post_title && $category){
$GOLD_POST_RESULT_CHECK = mysql_query("SELECT * FROM gold_posts WHERE post_name='".slug(strip_tags(ru2lat(strip_tags(trim($post_title)))))."'");
if(mysql_num_rows($GOLD_POST_RESULT_CHECK) == '0') {
$post_name = slug(strip_tags(ru2lat(strip_tags(trim($post_title)))));
} else {
$title_seed = str_split('0123456789');
shuffle($title_seed);
$title_rand = '';
foreach (array_rand($title_seed, 7) as $k) $title_rand .= $title_seed[$k];
$post_name = slug(strip_tags(ru2lat(strip_tags(trim($post_title))))).'-'.$title_rand;
}
if($category != '') {
$GOLD_CHECK_CATEGORY = mysql_query("SELECT * FROM gold_categories WHERE category_id='".$category."'");
$GOLD_CATEGORY = mysql_fetch_array($GOLD_CHECK_CATEGORY);
}
if($url == ''){
for($i=0;$i < count($_FILES["file"]["name"]);$i++){
// you should check for the file if it is/ or not already there (something like this)
if (!file_exists($document."/gold-app/gold-uploads/media/".$_FILES["file"]["name"][$i]))
{ }
$seed = str_split('abcdefghijklmnopqrstuvwxyz'.'ABCDEFGHIJKLMNOPQRSTUVWXYZ'.'0123456789');
shuffle($seed);
$rand = '';
foreach (array_rand($seed, 30) as $k) $rand .= $seed[$k];
$ext = end(explode(".",strtolower($_FILES["file"]["name"][$i])));
$tmp = $_FILES['file']['tmp_name'][$i];
$actual_image_name = $rand.".".$ext;
$fileData = pathinfo(basename($_FILES["file"]["name"][$i]));
$file_name = $i.$_FILES['file']['name'][$i];
$file_size = $_FILES['file']['size'][$i];
$file_tmp = $_FILES['file']['tmp_name'][$i];
$file_type= $_FILES['file']['type'][$i];
$allowed = array('gif','png' ,'jpg' ,'jpeg');
$filename = $_FILES["file"]["name"][$i];
$ext2 = pathinfo($filename, PATHINFO_EXTENSION);
if(in_array($ext2,$allowed)) {
if(move_uploaded_file($_FILES["file"]["tmp_name"][$i], $document."/gold-app/gold-uploads/media/".$rand.".".$ext)){
if (@getimagesize($root."/gold-app/gold-uploads/watermark.png")) {
$SourceFile = $document."/gold-app/gold-uploads/media/".$rand.".".$ext;
$DestinationFile = $document."/gold-app/gold-uploads/watermark.png";
watermarkImage($SourceFile, $DestinationFile, $ext);
}
create_thumb($document."/gold-app/gold-uploads/media/".$rand.".".$ext, $document."/gold-app/gold-uploads/media/"."thumb_".$rand.".".$ext, 282);
mysql_query("INSERT INTO gold_multiple (`post_name`,`file_name`,`file_size`,`file_type`) VALUES('$post_name','$actual_image_name','$file_size','$file_type')");
}
$gold_multiple_sql = mysql_query("SELECT * FROM gold_multiple WHERE post_name = '$post_name' LIMIT 1");
$gold_multiple = mysql_fetch_array($gold_multiple_sql);
$url_thumb = "thumb_".$gold_multiple['file_name'];
$url_name = $gold_multiple['file_name'];
$result = mysql_query("INSERT INTO gold_posts (category_id, user_id, user_ip, post_created, post_updated, post_title, post_name, post_content, post_thumb, post_img, post_filename, post_tags, post_status)
VALUES ('".$category."','".$user_id."','".$user_ip."','".date("Y-m-d H:i:s")."','".date("Y-m-d H:i:s")."','".$post_title."','".$post_name."','".$post_content."','".$url_thumb."','".$url_name."','','".$post_tags."','".$post_status."')");
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_add_for_every_login').' WHERE user_id='.$user_id.'');
if($tags != '') {
$preview = mysql_fetch_array(mysql_query("SELECT * FROM gold_posts WHERE post_name='".$post_name."' LIMIT 1"));
$tags = explode(",", $_POST['tags']);
for ($x = 0; $x < count($tags); $x++){
$insert = mysql_query("INSERT INTO gold_tags (tag_name, post_id) VALUES('".$tags[$x]."', '".$preview['post_id']."')");
}
}
//print success message.
header('Location: '.$root."/".$GOLD_CATEGORY['name']."/".$post_name.'');
} else {
header('Location: '.$root.'');
}
} // GOLD CLOSE_FOREACH
} else {
$seed2 = str_split('abcdefghijklmnopqrstuvwxyz'.'ABCDEFGHIJKLMNOPQRSTUVWXYZ'.'0123456789');
shuffle($seed2);
$rand2 = '';
foreach (array_rand($seed2, 30) as $k) $rand2 .= $seed2[$k];
$ext = end(explode(".",strtolower($url)));
$url_url = $rand2;
$url_thumb = "thumb_".$url_url.".".$ext;
$url_name = $url_url.".".$ext;
image_url_upload($url, $url_url);
if (@getimagesize($root."/gold-app/gold-uploads/watermark.png")) {
$SourceFile = $document."/gold-app/gold-uploads/media/".$url_name;
$DestinationFile = $document."/gold-app/gold-uploads/watermark.png";
watermarkImage($SourceFile, $DestinationFile, $ext);
}
create_thumb($document."/gold-app/gold-uploads/media/".$url_name, $document."/gold-app/gold-uploads/media/"."thumb_".$url_name, 282);
$result = mysql_query("INSERT INTO gold_posts (category_id, user_id, user_ip, post_created, post_updated, post_title, post_name, post_content, post_thumb, post_img, post_filename, post_tags, post_status)
VALUES ('".$category."','".$user_id."','".$user_ip."','".date("Y-m-d H:i:s")."','".date("Y-m-d H:i:s")."','".$post_title."','".$post_name."','".$post_content."','".$url_thumb."','".$url_name."','','".$post_tags."','".$post_status."')");
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_add_for_every_login').' WHERE user_id='.$user_id.'');
if($tags != '') {
$preview = mysql_fetch_array(mysql_query("SELECT * FROM gold_posts WHERE post_name='".$post_name."' LIMIT 1"));
$tags = explode(",", $_POST['tags']);
for ($x = 0; $x < count($tags); $x++){
$insert = mysql_query("INSERT INTO gold_tags (tag_name, post_id) VALUES('".$tags[$x]."', '".$preview['post_id']."')");
}
}
//print success message.
header('Location: '.$root."/".$GOLD_CATEGORY['name']."/".$post_name.'');
}
} else {
$post_title = filter($_POST['title']);
$category = filter($_POST['category']);
header('Location: '.$root.'/submit/image/?error=1&title='.$post_title.'&category='.$category.'');
}
}
// GOLD if($_POST['gold'] == '{POST VALUE}'))
if($_POST['submit_video']) {
$post_title = mysql_real_escape_string($_POST['title']);
$post_content = mysql_real_escape_string(strip_tags(trim($_POST['description'])));
$url = http_decode(trim(mysql_real_escape_string($_POST['url'])));
$tags = mysql_real_escape_string($_POST['tags']);
$category = filter($_POST['category']);
$path = "gold-app/gold-uploads/media/";
$user = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_username='".$_SESSION['user_username']."' OR user_email='".$_SESSION['user_email']."'"));
if($user['user_group'] == '1' || $user['user_group'] == '2') { $post_status = '1'; } else { $post_status = '0'; }
if($user['user_id'] == '') { $user_id = "1"; } else { $user_id = $user['user_id']; }
if($_SESSION['user_username'] == '') { $user_id = "1"; }
$user_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
if($post_title && $category){
$GOLD_POST_RESULT_CHECK = mysql_query("SELECT * FROM gold_posts WHERE post_name='".slug(strip_tags(ru2lat(strip_tags(trim($post_title)))))."'");
if(mysql_num_rows($GOLD_POST_RESULT_CHECK) == '0') {
$post_name = slug(strip_tags(ru2lat(strip_tags(trim($post_title)))));
} else {
$title_seed = str_split('0123456789');
shuffle($title_seed);
$title_rand = '';
foreach (array_rand($title_seed, 7) as $k) $title_rand .= $title_seed[$k];
$post_name = slug(strip_tags(ru2lat(strip_tags(trim($post_title))))).'-'.$title_rand;
}
if($category != '') {
$GOLD_CHECK_CATEGORY = mysql_query("SELECT * FROM gold_categories WHERE category_id='".$category."'");
$GOLD_CATEGORY = mysql_fetch_array($GOLD_CHECK_CATEGORY);
}
if($url == ''){
for($i=0;$i < count($_FILES["file"]["name"]);$i++){
// you should check for the file if it is/ or not already there (something like this)
if (!file_exists($document."/gold-app/gold-uploads/media/".$_FILES["file"]["name"][$i]))
{ }
$seed = str_split('abcdefghijklmnopqrstuvwxyz'.'ABCDEFGHIJKLMNOPQRSTUVWXYZ'.'0123456789');
shuffle($seed);
$rand = '';
foreach (array_rand($seed, 30) as $k) $rand .= $seed[$k];
$ext = end(explode(".",strtolower($_FILES["file"]["name"][$i])));
$tmp = $_FILES['file']['tmp_name'][$i];
$actual_image_name = $rand.".".$ext;
$fileData = pathinfo(basename($_FILES["file"]["name"][$i]));
$file_name = $i.$_FILES['file']['name'][$i];
$file_size = $_FILES['file']['size'][$i];
$file_tmp = $_FILES['file']['tmp_name'][$i];
$file_type= $_FILES['file']['type'][$i];
if(move_uploaded_file($_FILES["file"]["tmp_name"][$i], $document."/gold-app/gold-uploads/media/".$rand.".".$ext)){
create_thumb($document."/gold-app/gold-uploads/media/".$rand.".".$ext, $document."/gold-app/gold-uploads/media/"."thumb_".$rand.".".$ext, 282);
mysql_query("INSERT INTO gold_multiple (`post_name`,`file_name`,`file_size`,`file_type`) VALUES('$post_name','$actual_image_name','$file_size','$file_type')");
}
} // GOLD CLOSE_FOREACH
$gold_multiple_sql = mysql_query("SELECT * FROM gold_multiple WHERE post_name = '$post_name' LIMIT 1");
$gold_multiple = mysql_fetch_array($gold_multiple_sql);
$url_thumb = "thumb_".$gold_multiple['file_name'];
$url_name = $gold_multiple['file_name'];
$post_type="1";
} else {
$type = getdomain($url);
if($type=="youtube.com")
{
$photo=get_youtube_thumb($url);
}
else if($type=="vimeo.com")
{
$photo=get_vimeo_thumb($url);
}
else if($type=="facebook.com")
{
$photo=get_facebook_thumb($url);
}
else if($type=="vine.co")
{
$photo=get_vine_thumb($url);
}
else if($type=="dailymotion.com")
{
$photo=get_dailymotion_thumb($url);
}
else if($type=="metacafe.com")
{
$photo=get_metacafe_thumb($url);
}
else if($type=="instagram.com")
{
$photo=get_instagram_thumb($url);
}
$post_type="1";
}
$result = mysql_query("INSERT INTO gold_posts (category_id, post_type, user_id, user_ip, post_created, post_updated, post_title, post_name, post_content, post_thumb, post_img, post_filename, post_tags, post_status)
VALUES ('".$category."','".$post_type."','".$user_id."','".$user_ip."','".date("Y-m-d H:i:s")."','".date("Y-m-d H:i:s")."','".$post_title."','".$post_name."','".$post_content."','".$photo."','".$photo."','".$url."','".$post_tags."','".$post_status."')");
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_add_for_every_login').' WHERE user_id='.$user_id.'');
if($tags != '') {
$preview = mysql_fetch_array(mysql_query("SELECT * FROM gold_posts WHERE post_name='".$post_name."' LIMIT 1"));
$tags = explode(",", $_POST['tags']);
for ($x = 0; $x < count($tags); $x++){
$insert = mysql_query("INSERT INTO gold_tags (tag_name, post_id) VALUES('".$tags[$x]."', '".$preview['post_id']."')");
}
}
//print success message.
header('Location: '.$root."/".$GOLD_CATEGORY['name']."/".$post_name.'');
} else {
$post_title = filter($_POST['title']);
$category = filter($_POST['category']);
header('Location: '.$root.'/submit/video/?error=1&title='.$post_title.'&category='.$category.'');
}
}
if($_GET['GOLD'] == 'autocomplete') {
$q = $_GET['term'];
$tag_data = mysql_real_escape_string($q);
$sql = "SELECT tag_name FROM gold_tags WHERE tag_name LIKE '%$tag_data%' ORDER BY tag_name";
$result = mysql_query($sql) or die(mysql_error());
$return = array();
if($result) {
while($row = mysql_fetch_array($result)) {
$rows = array_push($return,array('label'=>$row['tag_name'],'value'=>$row['tag_name']));
}
}
echo(json_encode($return));
}
// GOLD if($_POST['gold'] == '{POST VALUE}'))
if($_POST['submit_feedback']) {
$full_name = filter($_POST['full_name']);
$email = filter($_POST['email']);
$comments = nl2br($_POST['comments']);
if($full_name && $email && $comments){
//get todays date
$todayis = date("l, F j, Y, g:i a") ;
//set a title for the message
$subject = "Message from Your Website";
$body = 'From <b style="color: #EC3A39;">'.$full_name.'</b>,
<div style="padding: 40px 0px;">- '.$comments.'</div>
<div>
<b>Sender Details:</b><br>
Full Name: <b><font color="#EC3A39">'.$full_name.'</font></b><br>
Email: <b><font color="#EC3A39">'.$email.'</font></b><br>
IP: <b><font color="#EC3A39">'.$_SERVER['HTTP_X_FORWARDED_FOR'].'</font></b>
</div>';
$headers = 'From: '.$email.'' . "\r\n" .
'Reply-To: '.$email.'' . "\r\n" .
'Content-type: text/html; charset=utf-8' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
//put your email address here
mail(set('gold_email'), $subject, $body, $headers);
header('Location: '.$root.'/pages/feedback?success=1');
} else {
header('Location: '.$root.'/pages/feedback?error=1&full_name='.$full_name.'&email='.$email.'&comments='.$comments.'');
}
}
if($_POST['gold'] == 'login') {
session_start();
$username = mysql_real_escape_string($_POST['name']);
$password = md5(mysql_real_escape_string($_POST['password']));
$q = mysql_query("SELECT * FROM gold_users WHERE user_username='".$username."' OR user_email='".$username."' AND user_active='1'");
$num_row = mysql_num_rows($q);
$row=mysql_fetch_assoc($q);
if($username != '' && $password != '') {
if($num_row == 1) {
if($password == $row['user_password']) {
echo 'true';
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_add_for_every_login').' WHERE user_id='.$row['user_id'].'');
$_SESSION['user_username'] = $row['user_username'];
$_SESSION['user_email'] = $row['user_email'];
$_SESSION['user_id'] = $row['user_id'];
} else {
echo 'Wrong username or password';
}
} else {
echo 'Wrong username or password';
}
} else {
echo 'Wrong username or password';
}
}
if($_POST['submit_edit_profile'] != '') {
$username = filter(mysql_real_escape_string($_POST['user_username']));
$email = filter(mysql_real_escape_string($_POST['user_email']));
$fullname = filter(mysql_real_escape_string($_POST['user_fullname']));
$location = filter(mysql_real_escape_string($_POST['user_location']));
$website = filter(mysql_real_escape_string($_POST['user_website']));
$about = filter(mysql_real_escape_string($_POST['user_about']));
$session = $_SESSION['user_username'];
if(!empty($email))
{
mysql_query("UPDATE gold_users SET user_email='$email' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
}
if(!empty($fullname))
{
mysql_query("UPDATE gold_users SET user_fullname='$fullname' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
}
if(!empty($location))
{
mysql_query("UPDATE gold_users SET user_location='$location' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
}
if(!empty($website))
{
mysql_query("UPDATE gold_users SET user_website='$website' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
}
if(!empty($about))
{
mysql_query("UPDATE gold_users SET user_about='$about' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
}
if(empty($_POST['avatar'])) {
$path = "/gold-app/gold-uploads/avatars/";
$name = $_FILES['avatar']['name'];
$size = $_FILES['avatar']['size'];
list($txt, $ext) = explode(".", $name);
$actual_image_name = time().substr($txt, 5).".".$ext;
$tmp = $_FILES['avatar']['tmp_name'];
$allowed = array('gif','png' ,'jpg' ,'jpeg');
$filename = $_FILES["avatar"]["name"];
$ext2 = pathinfo($filename, PATHINFO_EXTENSION);
if(in_array($ext2,$allowed)) {
if(move_uploaded_file($tmp, $document.$path.$actual_image_name)) {
mysql_query("UPDATE gold_users SET user_avatar='$actual_image_name' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
} else {
header('Location: '.$root.'');
}
} else {
header('Location: '.$root.'');
}
}
if(empty($_POST['cover'])) {
$path = "/gold-app/gold-uploads/covers/";
$name = $_FILES['cover']['name'];
$size = $_FILES['cover']['size'];
list($txt, $ext) = explode(".", $name);
$actual_image_name = time().substr($txt, 5).".".$ext;
$tmp = $_FILES['cover']['tmp_name'];
$allowed = array('gif','png' ,'jpg' ,'jpeg');
$filename = $_FILES["cover"]["name"];
$ext2 = pathinfo($filename, PATHINFO_EXTENSION);
if(in_array($ext2,$allowed)) {
if(move_uploaded_file($tmp, $document.$path.$actual_image_name)) {
mysql_query("UPDATE gold_users SET user_cover='$actual_image_name' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
} else {
header('Location: '.$root.'');
}
} else {
header('Location: '.$root.'');
}
}
if(!empty($username))
{
$select = mysql_query("SELECT * FROM gold_users WHERE user_username='$username'");
$row = mysql_fetch_array($select);
if(mysql_num_rows($select) == '0') {
mysql_query("UPDATE gold_users SET user_username='$username' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
$_SESSION['user_username'] = $username;
$session = $username;
header('Location: '.$root.'/user/'.$session.'/details');
} else {
if($_SESSION['user_username'] == $row['user_username']) {
header('Location: '.$root.'/user/'.$username.'/details');
} else {
header('Location: '.$root.'/user/'.$username.'/details?error=1&error_username='.$username.'');
}
}
}
}
if($_POST['submit_edit_password'] != '') {
$password = md5(mysql_real_escape_string($_POST['user_password']));
if(!empty($password))
{
mysql_query("UPDATE gold_users SET user_password='$password' WHERE user_id='".$_SESSION['user_id']."'") or die(mysql_error());
}
header('Location: '.$root.'/user/'.$_SESSION['user_username'].'/details');
}
// GOLD if($_POST['gold'] == '{POST VALUE}'))
if($_POST['gold'] == 'admin_menu') {
$action = mysql_real_escape_string($_POST['action']);
$updateRecordsArray = $_POST['recordsArray'];
if ($action == "updateRecordsListings"){
$listingCounter = 1;
foreach ($updateRecordsArray as $recordIDValue) {
$query = "UPDATE gold_menu SET menu_id = " . $listingCounter . " WHERE id = " . $recordIDValue;
mysql_query($query) or die('Error, insert query failed');
$listingCounter = $listingCounter + 1;
}
echo '<pre>';
print_r($updateRecordsArray);
echo '</pre>';
echo 'If you refresh the page, you will see that records will stay just as you modified.';
}
elseif ($action == "main_sidebar_updateRecordsListings"){
$listingCounter = 1;
foreach ($_POST['MainSidebarArray'] as $recordIDValue) {
$query = "UPDATE gold_blocks SET block_position = " . $listingCounter . " WHERE block_type='main' AND block_id = " . $recordIDValue;
mysql_query($query) or die('Error, insert query failed');
$listingCounter = $listingCounter + 1;
}
echo '<pre>';
print_r($_POST['MainSidebarArray']);
echo '</pre>';
echo 'If you refresh the page, you will see that records will stay just as you modified.';
}
elseif ($action == "profile_sidebar_updateRecordsListings"){
$listingCounter = 1;
foreach ($_POST['ProfileSidebarArray'] as $recordIDValue) {
$query = "UPDATE gold_blocks SET block_position = " . $listingCounter . " WHERE block_type='profile' AND block_id = " . $recordIDValue;
mysql_query($query) or die('Error, insert query failed');
$listingCounter = $listingCounter + 1;
}
echo '<pre>';
print_r($_POST['ProfileSidebarArray']);
echo '</pre>';
echo 'If you refresh the page, you will see that records will stay just as you modified.';
} elseif ($action == "post_sidebar_updateRecordsListings"){
$listingCounter = 1;
foreach ($_POST['PostSidebarArray'] as $recordIDValue) {
$query = "UPDATE gold_blocks SET block_position = " . $listingCounter . " WHERE block_type='post' AND block_id = " . $recordIDValue;
mysql_query($query) or die('Error, insert query failed');
$listingCounter = $listingCounter + 1;
}
echo '<pre>';
print_r($_POST['PostSidebarArray']);
echo '</pre>';
echo 'If you refresh the page, you will see that records will stay just as you modified.';
}
}
// GOLD if($_POST['gold'] == '{POST VALUE}'))
if($_POST['register_button']) {
$username = filter(mysql_real_escape_string($_POST['signin-username']));
$email = filter(mysql_real_escape_string($_POST['signin-email']));
$password_extract = mysql_real_escape_string($_POST['signin-password']);
$password = mysql_real_escape_string(md5($_POST['signin-password']));
$confirmation_code = bin2hex(openssl_random_pseudo_bytes(15));
$select_username = mysql_query("SELECT * FROM gold_users WHERE user_username='".$username."' LIMIT 1");
$select_email = mysql_query("SELECT * FROM gold_users WHERE user_email='".$email."' LIMIT 1");
if(mysql_num_rows($select_username) != '0') { header('Location: '.$root.'/register?error=1&email='.$email.'&error_username='.$username.'&password='.$password_extract); }
if(mysql_num_rows($select_email) != '0') { header('Location: '.$root.'/register?error=1&error_email='.$email.'&username='.$username.'&password='.$password_extract); }
$select = mysql_query("SELECT * FROM gold_users WHERE user_username='".$username."' AND user_email='".$email."' LIMIT 1");
if(mysql_num_rows($select) != '0') { header('Location: '.$root.'/register?error=1&error_email='.$email.'&error_username='.$username.'&password='.$password_extract); }
if(!$username == '' && !$email == '' && !$password == ''){
if(mysql_num_rows($select_username) == '0' && mysql_num_rows($select_email) == '0') {
$result = mysql_query("INSERT INTO gold_users ( user_login_ip, user_confirmation_code, user_active, user_created, user_create_ip, user_username, user_email ) VALUES
( '".$_SERVER['HTTP_X_FORWARDED_FOR']."', '".$confirmation_code."', '0', '".date("Y-m-d H:i:s")."', '".$_SERVER['HTTP_X_FORWARDED_FOR']."', '".@$username."', '".$email."' )");
$check_row = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_username='".$username."' AND user_email='".$email."' LIMIT 1"));
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_add_for_all_users').' WHERE user_id='.$check_row['user_id'].'');
$_SESSION['user_username'] = $check_row['user_username'];
$_SESSION['user_email'] = $check_row['user_email'];
$_SESSION['user_id'] = $check_row['user_id'];
//get todays date
$todayis = date("l, F j, Y, g:i a");
//set a title for the message
$subject = set('gold_email_template_register_title');
$root_url = $root;
$root_theme = $root_url.'/gold-skins/default';
$template_data = set('gold_email_template_register');
$old = array('{$root}', '{$skin}', '{$confirmation_code}', '{$username}', '{$email}', '{$password}', '{$fullname}');
$new = array($root_url, $root_theme, $check_row['user_confirmation_code'], $check_row['user_username'], $check_row['user_email'], $password_extract, $check_row['user_fullname']);
$body = str_replace($old, $new, $template_data);
$headers = 'From: '.set('gold_email').'' . "\n" .
'Reply-To: '.set('gold_email').'' . "\n" .
'Content-type: text/html; charset=utf-8' . "\n" .
'X-Mailer: PHP/' . phpversion();
//put your email address here
mail($email, $subject, $body, $headers);
header('Location: '.$root.'/');
}
} else {
$select = mysql_query("SELECT * FROM gold_users WHERE user_username='".$username."' AND user_email='".$email."' LIMIT 1");
$select_username = mysql_query("SELECT * FROM gold_users WHERE user_username='".$username."' LIMIT 1");
$select_email = mysql_query("SELECT * FROM gold_users WHERE user_email='".$email."' LIMIT 1");
if(mysql_num_rows($select_username) == '0') { header('Location: '.$root.'/register?error=1&email='.$email.'&error_username='.$username.'&password='.$password_extract); }
if(mysql_num_rows($select_email) != '0') { header('Location: '.$root.'/register?error=1&error_email='.$email.'&username='.$username.'&password='.$password_extract); }
if(mysql_num_rows($select) != '0') {
header('Location: '.$root.'/register?error=1&error_username='.$username.'&error_email='.$email.'&password='.$password_extract.'');
} else {
}
}
}
function random_password( $length = 8 ) {
$chars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789!@#$%^&*()_-=+;:,.?";
$password = substr( str_shuffle( $chars ), 0, $length );
return $password;
}
// GOLD if($_POST['gold'] == '{POST VALUE}'))
if($_POST['forgot_button']) {
$username = filter(mysql_real_escape_string($_POST['signin-username']));
$password = random_password(10);
if(!$username == ''){
$check_row = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_username='".$username."' OR user_email='".$username."' LIMIT 1"));
$email = $check_row['user_email'];
if($check_row['user_id'] != '') {
//get todays date
$todayis = date("l, F j, Y, g:i a");
//set a title for the message
$subject = set('gold_email_template_forgot_title');
$root_url = $root;
$root_theme = $root_url.'/gold-skins/default';
$template_data = set('gold_email_template_forgot');
$old = array('{$root}', '{$skin}', '{$username}', '{$email}', '{$password}', '{$fullname}');
$new = array($root_url, $root_theme, $check_row['user_username'], $check_row['user_email'], $password, $check_row['user_fullname']);
$body = str_replace($old, $new, $template_data);
$headers = 'From: '.set('gold_email').'' . "\r\n" .
'Reply-To: '.set('gold_email').'' . "\r\n" .
'Content-type: text/html; charset=utf-8' . "\r\n" .
'X-Mailer: PHP/' . phpversion();
//put your email address here
mail($email, $subject, $body, $headers);
$update = mysql_query("UPDATE gold_users SET user_password='".md5($password)."' WHERE user_username='".$username."' OR user_email='".$username."' LIMIT 1");
header('Location: '.$root.'/forgot?action=sent');
} else {
header('Location: '.$root.'/forgot?error=1&error_username='.$username.'');
}
} else {
$select = mysql_query("SELECT * FROM gold_users WHERE user_username='".$username."' OR user_email='".$username."' LIMIT 1");
if(mysql_num_rows($select) != '0') {
header('Location: '.$root.'/forgot?error=1&username='.$username.'');
} else {
header('Location: '.$root.'/forgot?error=1&username='.$username.'');
}
}
}
if($_POST['gold'] == 'comments') {
session_start();
if($_SESSION['user_id'] == '') { } else { $emoticons='id="reply_emoticons"'; }
if($_SESSION['user_id'] != '') {
$user = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_id='".$_SESSION['user_id']."'"));
if($_SESSION['user_id']) {
$post_id = mysql_real_escape_string($_POST['post_id']);
$comment_reply = mysql_real_escape_string($_POST['comment_reply']);
$comment_author = $user['user_id'];
$comment_author_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
$comment_content = mysql_real_escape_string($_POST['comment']);
$comment_date = date("Y/m/d H:i:s");
$comment_status = 1;
$insert_comment = mysql_query("INSERT INTO gold_comments (post_id, comment_reply, comment_author, comment_author_ip, comment_content, comment_date, comment_status)
VALUES ('".$post_id."','".$comment_reply."','".$comment_author."','".$comment_author_ip."','".$comment_content."','".$comment_date."','".$comment_status."')");
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_posting_a_comment').' WHERE user_id='.$comment_author.'');
}
$comments_data = mysql_query("SELECT * FROM gold_comments WHERE post_id='".$post_id."' AND comment_reply='0' ORDER BY comment_id DESC");
while($comments = mysql_fetch_array($comments_data)) {
$GOLD_check_comment_votes = mysql_num_rows(@mysql_query("SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id='".$comments['comment_id']."'"));
$GOLD_comment_votes = mysql_num_rows(@mysql_query("SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id='".$comments['comment_id']."' AND user_id='".$_SESSION['user_id']."'"));
$GOLD_comment_flags = mysql_num_rows(@mysql_query("SELECT * FROM gold_flags WHERE flag_type='comment' AND post_id='".$comments['comment_id']."' AND user_ip='".$_SERVER['HTTP_X_FORWARDED_FOR']."' AND user_id='".$_SESSION['user_id']."'"));
if ($GOLD_comment_votes == '1'){ $comment_votes_num = "up"; } elseif ($GOLD_comment_votes == '0'){ $comment_votes_num = "down"; }
if ($GOLD_comment_flags != '0'){ $comments_div_flag = ""; } elseif ($GOLD_comment_votes != '1'){ $comments_div_flag = "comments-div-flag"; }
if ($GOLD_check_comment_votes == '1'){ $count_0 = ""; } elseif ($GOLD_comment_votes != '0'){ $count_0 = "count-0"; }
if($_SESSION['user_id'] == '') { $tooltip_upvote = '<span class="tooltip">'.LANG('you_must_sign_in_to_up_vote').'</span>'; $tooltip_downvote = '<span class="tooltip">'.LANG('you_must_sign_in_to_down_vote').'.</span>'; } else { $count_num = $comments['comment_id']; }
$GOLD_reply_comments = mysql_query("SELECT * FROM gold_comments WHERE post_id='".$post_id."' AND comment_reply='".$comments['comment_id']."' ORDER BY comment_id ASC");
$author = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_id='".$comments['comment_author']."'"));
if($author['user_type'] == '') { $avatar = $root.'/gold-app/gold-uploads/avatars/'.$author['user_avatar']; } else { $avatar = $author['user_avatar']; }
print '
<li id="comment-'.$comments['comment_id'].'">
<div class="comment-content">
<div class="avatar">
<a href="'.$root.'/user/'.$author['user_username'].'">
<img src="'.$avatar.'" alt="Avatar">
</a>
</div>
<div class="comment-body">
<header>
<span class="post-byline">
<span class="author publisher-anchor-color"><a href="'.$root.'/user/'.$author['user_username'].'">'.$author['user_username'].'</a></span>
</span>
<span class="post-meta">
<span class="bullet time-ago-bullet" aria-hidden="true">•</span>
<a href="#comment-'.$comments['comment_id'].'" data-role="relative-time" class="time-ago">'.time_ago($comments['comment_date'], date("Y-m-d H:i:s"), 'second').'</a>
</span>
</header>
<div class="comment-body-inner">
<p>';
echo smilies($comments['comment_content']);
print '</p>
</div>
<footer>
<menu>
<li class="voting horizontal-comments-vote '.$comment_votes_num.'" id="vote_buttons'.$comments['comment_id'].'">
<a class="comments-vote-up '.$count_0.'" href="javascript:;" id="'.$comments['comment_id'].'" user_id="'.$user_id.'">
<span id="comment_votes'.$count_num.'" class="updatable count" data-role="likes">'.$GOLD_check_comment_votes.'</span>
<span class="control"><i aria-hidden="true" class="icon icon-arrow-2"></i></span>
'.$tooltip_upvote.'
</a>
<a class="comments-vote-down" href="javascript:;" id="'.$comments['comment_id'].'" user_id="'.$user_id.'">
<span class="control"><i aria-hidden="true" class="icon icon-arrow"></i></span>
'.$tooltip_downvote.'
</a>
</li>
<li class="bullet" aria-hidden="true">•</li>
<li class="reply" data-role="reply-link">
<a href="javascript:;" class="reply" id="'.$comments['comment_id'].'" data-action="reply"><span class="text">Reply</span></a>
</li>
<li class="bullet" aria-hidden="true">•</li>
<li class="flag '.$comments_div_flag.'" id="flag_buttons'.$comments['comment_id'].'">
<a href="javascript:;" class="flag" id="'.$comments['comment_id'].'" user_id="'.$user_id.'"><i aria-hidden="true" class="icon icon-flag"></i><span class="text">'.LANG('flag').'</span></a>
</li>
</menu>
</footer>
</div>
</div>
<div id="gold_comments_error'.$comments['comment_id'].'" class="gold_comments_error" style="display:none; padding-top: 0; padding-left: 40px; padding-bottom: 5px;">'.LANG('please_fill_the_complete_details').'</div>
<div id="reply_comment'.$comments['comment_id'].'" style="display: none; padding-bottom: 34px; width: 93%; margin-left: 39px;">
<a '.$username_href.' class="gold_avatar">
<img src="'.$avatar.'" width="48px" height="48px" alt="">
</a>
<input id="post_id" value="'.$post_id.'" type="hidden">
<textarea id="reply_textarea'.$comments['comment_id'].'" class="add_comment" style="height: 35px; margin-top: 0px; margin-bottom: 12px;" '.$disabled_comment.' '.$disabled.'></textarea>
<div '.$emoticons.' style="float: left; width: 220px;" class="reply_emotions_icons" data-id="'.$comments['comment_id'].'">';
print GOLD_smilies($comments['comment_id']);
print '</div>
<input data-id="'.$comments['comment_id'].'" user-id="'.$user_id.'" id="submit_reply_comment" type="submit" value="'.LANG('add_comment').'" class="submit_comment" style="margin-right: 8px; display: inline-block; float: right;">
</div>
<ul id="comment_children_tree'.$comments['comment_id'].'" class="comment_children_tree">';
if(mysql_num_rows($GOLD_reply_comments) > 0){
while($reply_comments = mysql_fetch_array($GOLD_reply_comments)) {
$GOLD_reply_check_comment_votes = mysql_num_rows(@mysql_query("SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id='".$comments['comment_id']."'"));
$GOLD_reply_comment_votes = mysql_num_rows(@mysql_query("SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id='".$comments['comment_id']."' AND user_id='".$_SESSION['user_id']."'"));
$GOLD_reply_comment_flags = mysql_num_rows(@mysql_query("SELECT * FROM gold_flags WHERE flag_type='comment' AND post_id='".$comments['comment_id']."' AND user_ip='".$_SERVER['HTTP_X_FORWARDED_FOR']."' AND user_id='".$_SESSION['user_id']."'"));
if ($GOLD_reply_comment_votes == '1'){ $comment_votes_num = "up"; } elseif ($GOLD_reply_comment_votes == '0'){ $comment_votes_num = "down"; }
if ($GOLD_reply_comment_flags != '0'){ $comments_div_flag = ""; } elseif ($GOLD_reply_comment_flags != '1'){ $comments_div_flag = "comments-div-flag"; }
if ($GOLD_reply_check_comment_votes == '1'){ $count_0 = ""; } elseif ($GOLD_reply_check_comment_votes != '0'){ $count_0 = "count-0"; }
if($_SESSION['user_id'] == '') { $reply_tooltip_upvote = '<span class="tooltip">'.LANG('you_must_sign_in_to_up_vote').'.</span>'; $reply_tooltip_downvote = '<span class="tooltip">'.LANG('you_must_sign_in_to_down_vote').'.</span>'; } else { $reply_count_num = $reply_comments['comment_id']; }
$reply_author = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_id='".$reply_comments['comment_author']."'"));
if($reply_author['user_type'] == '') { $reply_avatar = $root.'/gold-app/gold-uploads/avatars/'.$reply_author['user_avatar']; } else { $reply_avatar = $reply_author['user_avatar']; }
$reply_user_id = $_SESSION['user_id'];
print '
<li>
<div class="comment-content">
<div class="avatar">
<a href="'.$root.'/user/'.$reply_author['user_username'].'">
<img src="'.$reply_avatar.'" alt="Avatar">
</a>
</div>
<div class="comment-body">
<header>
<span class="post-byline">
<span class="author publisher-anchor-color"><a href="'.$root.'/user/'.$reply_author['user_username'].'">'.$reply_author['user_username'].'</a></span>
</span>
<span class="post-meta">
<span class="bullet time-ago-bullet" aria-hidden="true">•</span>
<a href="#comment-'.$reply_comments['comment_id'].'" data-role="relative-time" class="time-ago">'.time_ago($reply_comments['comment_date'], date("Y-m-d H:i:s"), 'second').'</a>
</span>
</header>
<div class="comment-body-inner">
<p>';
echo smilies($reply_comments['comment_content']);
print '</p>
</div>
<footer>
<menu>
<li class="voting horizontal-comments-vote '.$reply_comment_votes_num.'" id="vote_buttons'.$reply_comments['comment_id'].'">
<a class="comments-vote-up '.$reply_count_0.'" href="javascript:;" id="'.$reply_comments['comment_id'].'" user_id="'.$reply_user_id.'">
<span id="comment_votes'.$reply_count_num.'" class="updatable count" data-role="likes">'.$GOLD_reply_check_comment_votes.'</span>
<span class="control"><i aria-hidden="true" class="icon icon-arrow-2"></i></span>
'.$reply_tooltip_upvote.'
</a>
<a class="comments-vote-down" href="javascript:;" id="'.$reply_comments['comment_id'].'" user_id="'.$reply_user_id.'">
<span class="control"><i aria-hidden="true" class="icon icon-arrow"></i></span>
'.$reply_tooltip_downvote.'
</a>
</li>
<li class="bullet" aria-hidden="true">•</li>
<li class="flag '.$reply_comments_div_flag.'" id="flag_buttons'.$reply_comments['comment_id'].'">
<a href="javascript:;" class="flag" id="'.$reply_comments['comment_id'].'" user_id="'.$reply_user_id.'"><i aria-hidden="true" class="icon icon-flag"></i><span class="text">'.LANG('flag').'</span></a>
</li>
</menu>
</footer>
</div>
</div>
</li>';
}
}
print '</ul>
</li>';
}
}
}
if($_POST['gold'] == 'submit_reply_comments') {
session_start();
if($_SESSION['user_id'] != '') {
$user = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_id='".$_SESSION['user_id']."'"));
if($_SESSION['user_id']) {
$post_id = mysql_real_escape_string($_REQUEST['post_id']);
$comment_reply = mysql_real_escape_string($_REQUEST['reply_comment_id']);
$comment_author = $user['user_id'];
$comment_author_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
$comment_content = $_REQUEST['comment'];
$comment_date = date("Y/m/d H:i:s");
$comment_status = 1;
$insert_comment = mysql_query("INSERT INTO gold_comments (post_id, comment_reply, comment_author, comment_author_ip, comment_content, comment_date, comment_status)
VALUES ('".$post_id."','".$comment_reply."','".$comment_author."','".$comment_author_ip."','".$comment_content."','".$comment_date."','".$comment_status."')");
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_posting_a_comment').' WHERE user_id='.$comment_author.'');
}
$GOLD_reply_comments = mysql_query("SELECT * FROM gold_comments WHERE post_id='".$post_id."' AND comment_reply='".$comment_reply."' ORDER BY comment_id ASC");
while($reply_comments = mysql_fetch_array($GOLD_reply_comments)) {
$GOLD_check_comment_votes = mysql_num_rows(@mysql_query("SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id='".$comments['comment_id']."'"));
$GOLD_comment_votes = mysql_num_rows(@mysql_query("SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id='".$comments['comment_id']."' AND user_id='".$_SESSION['user_id']."'"));
$GOLD_comment_flags = mysql_num_rows(@mysql_query("SELECT * FROM gold_flags WHERE flag_type='comment' AND post_id='".$comments['comment_id']."' AND user_ip='".$_SERVER['HTTP_X_FORWARDED_FOR']."' AND user_id='".$_SESSION['user_id']."'"));
if ($GOLD_comment_votes == '1'){ $comment_votes_num = "up"; } elseif ($GOLD_comment_votes == '0'){ $comment_votes_num = "down"; }
if ($GOLD_comment_flags != '0'){ $comments_div_flag = ""; } elseif ($GOLD_comment_votes != '1'){ $comments_div_flag = "comments-div-flag"; }
if ($GOLD_check_comment_votes == '1'){ $count_0 = ""; } elseif ($GOLD_comment_votes != '0'){ $count_0 = "count-0"; }
if($_SESSION['user_id'] == '') { $reply_tooltip_upvote = '<span class="tooltip">'.LANG('you_must_sign_in_to_up_vote').'.</span>'; $reply_tooltip_downvote = '<span class="tooltip">'.LANG('you_must_sign_in_to_down_vote').'.</span>'; } else { $reply_count_num = $reply_comments['comment_id']; }
$reply_author = mysql_fetch_array(mysql_query("SELECT * FROM gold_users WHERE user_id='".$reply_comments['comment_author']."'"));
if($reply_author['user_type'] == '') { $reply_avatar = $root.'/gold-app/gold-uploads/avatars/'.$reply_author['user_avatar']; } else { $reply_avatar = $reply_author['user_avatar']; }
print '
<li>
<div class="comment-content">
<div class="avatar">
<a href="'.$root.'/gold-skins/default/user/'.$reply_author['user_username'].'">
<img src="'.$reply_avatar.'" alt="Avatar">
</a>
</div>
<div class="comment-body">
<header>
<span class="post-byline">
<span class="author publisher-anchor-color"><a href="'.$root.'/gold-skins/default/user/'.$reply_author['user_username'].'">'.$reply_author['user_username'].'</a></span>
</span>
<span class="post-meta">
<span class="bullet time-ago-bullet" aria-hidden="true">•</span>
<a href="#comment-'.$reply_comments['comment_id'].'" data-role="relative-time" class="time-ago">'.time_ago($reply_comments['comment_date'], date("Y-m-d H:i:s"), 'second').'</a>
</span>
</header>
<div class="comment-body-inner">
<p>'.smilies($reply_comments['comment_content']).'</p>
</div>
<footer>
<menu>
<li class="voting horizontal-comments-vote '.$reply_comment_votes_num.'" id="vote_buttons'.$reply_comments['comment_id'].'">
<a class="comments-vote-up '.$reply_count_0.'" href="javascript:;" id="'.$reply_comments['comment_id'].'" user_id="'.$reply_user_id.'">
<span id="comment_votes'.$reply_count_num.'" class="updatable count" data-role="likes">'.$GOLD_check_reply_comment_votes.'</span>
<span class="control"><i aria-hidden="true" class="icon icon-arrow-2"></i></span>
'.$reply_tooltip_upvote.'
</a>
<a class="comments-vote-down" href="javascript:;" id="'.$reply_comments['comment_id'].'" user_id="'.$reply_user_id.'">
<span class="control"><i aria-hidden="true" class="icon icon-arrow"></i></span>
'.$reply_tooltip_downvote.'
</a>
</li>
<li class="bullet" aria-hidden="true">•</li>
<li class="flag '.$reply_comments_div_flag.'" id="flag_buttons'.$reply_comments['comment_id'].'">
<a href="javascript:;" class="flag" id="'.$reply_comments['comment_id'].'" user_id="'.$reply_user_id.'"><i aria-hidden="true" class="icon icon-flag"></i><span class="text">'.LANG('flag').'</span></a>
</li>
</menu>
</footer>
</div>
</div>
</li>';
}
}
}
if($_POST['gold'] == 'comments_vote_up') {
if($_SESSION['user_id'] != '') {
$id = $_POST['id'];
$user_id = $_POST['user_id'];
function GOLD_VOTES($id) { $gold_votes = array(); $q = "SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id = $id"; $r = mysql_query($q); if(mysql_num_rows($r)==1) { $row = mysql_fetch_assoc($r); $gold_votes[0] = $row['gold_votes']; } return $gold_votes; }
function GET_GOLD_VOTES($id) { $query = "SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id = $id"; $result = mysql_query($query); $vote = mysql_num_rows($result); return $vote; }
$current_votes = GOLD_VOTES($id);
$votes_up = $current_votes[0]+1;
$GOLD_QUERY = mysql_query("SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id='$id' AND user_id='$user_id'");
if (mysql_num_rows($GOLD_QUERY)) { } else {
$GOLD_INSERT_QUERY = mysql_query('INSERT INTO gold_votes (vote_type, post_id, user_id) VALUES ("comment", "'.$id.'", "'.$user_id.'")');
}
$row = mysql_fetch_array(mysql_query("SELECT * FROM gold_comments WHERE comment_id='".$id."' LIMIT 1"));
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_per_up_vote_on_your_media').' WHERE user_id='.$row['comment_author'].'');
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_voting_up_a_media').' WHERE user_id='.$user_id.'');
echo GET_GOLD_VOTES($id);
}
}
if($_POST['gold'] == 'comments_vote_down') {
if($_SESSION['user_id'] != '') {
$id = $_POST['id'];
$user_id = $_POST['user_id'];
function GOLD_VOTES($id) { $gold_votes = array(); $q = "SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id = $id"; $r = mysql_query($q); if(mysql_num_rows($r)==1) { $row = mysql_fetch_assoc($r); $gold_votes[0] = $row['gold_votes']; } return $gold_votes; }
function GET_GOLD_VOTES($id) { $query = "SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id = $id"; $result = mysql_query($query); $vote = mysql_num_rows($result); return $vote; }
$current_votes = GOLD_VOTES($id);
$votes_up = $current_votes[1]+1;
$GOLD_QUERY = mysql_query("SELECT * FROM gold_votes WHERE vote_type='comment' AND post_id='$id' AND user_id='$user_id'");
if(mysql_num_rows($GOLD_QUERY)) {
$GOLD_DELETE_QUERY = mysql_query('DELETE FROM gold_votes WHERE vote_type="comment" AND post_id="'.$id.'" AND user_id="'.$user_id.'"');
}
$row = mysql_fetch_array(mysql_query("SELECT * FROM gold_comments WHERE comment_id='".$id."' LIMIT 1"));
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_per_down_vote_on_your_media').' WHERE user_id='.$row['comment_author'].'');
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_voting_down_a_media').' WHERE user_id='.$user_id.'');
echo GET_GOLD_VOTES($id);
}
}
if($_POST['gold'] == 'vote_up') {
if($_SESSION['user_id'] != '') {
$id = $_POST['id'];
$user_id = $_POST['user_id'];
function GOLD_VOTES($id) { $gold_votes = array(); $q = "SELECT * FROM gold_votes WHERE vote_type='post' AND post_id = $id"; $r = mysql_query($q); if(mysql_num_rows($r)==1) { $row = mysql_fetch_assoc($r); $gold_votes[0] = $row['gold_votes']; } return $gold_votes; }
function GET_GOLD_VOTES($id) { $query = "SELECT * FROM gold_votes WHERE vote_type='post' AND post_id = $id"; $result = mysql_query($query); $vote = mysql_num_rows($result); return $vote; }
$current_votes = GOLD_VOTES($id);
$votes_up = $current_votes[0]+1;
$GOLD_QUERY = mysql_query("SELECT * FROM gold_votes WHERE vote_type='post' AND post_id='$id' AND user_id='$user_id'");
if (mysql_num_rows($GOLD_QUERY)) { } else {
$GOLD_INSERT_QUERY = mysql_query('INSERT INTO gold_votes (vote_type, post_id, user_id) VALUES ("post", "'.$id.'", "'.$user_id.'")');
}
$row = mysql_fetch_array(mysql_query("SELECT * FROM gold_posts WHERE post_id='".$id."' LIMIT 1"));
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_per_up_vote_on_your_media').' WHERE user_id='.$row['user_id'].'');
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_voting_up_a_media').' WHERE user_id='.$user_id.'');
echo GET_GOLD_VOTES($id);
} else {
echo "<a href='".$root."/login'>Please Log in</a>";
}
}
if($_POST['gold'] == 'vote_down') {
if($_SESSION['user_id'] != '') {
$id = $_POST['id'];
$user_id = $_POST['user_id'];
function GOLD_VOTES($id) { $gold_votes = array(); $q = "SELECT * FROM gold_votes WHERE vote_type='post' AND post_id = $id"; $r = mysql_query($q); if(mysql_num_rows($r)==1) { $row = mysql_fetch_assoc($r); $gold_votes[0] = $row['gold_votes']; } return $gold_votes; }
function GET_GOLD_VOTES($id) { $query = "SELECT * FROM gold_votes WHERE vote_type='post' AND post_id = $id"; $result = mysql_query($query); $vote = mysql_num_rows($result); return $vote; }
$current_votes = GOLD_VOTES($id);
$votes_up = $current_votes[1]+1;
$GOLD_QUERY = mysql_query("SELECT * FROM gold_votes WHERE vote_type='post' AND post_id='$id' AND user_id='$user_id'");
if(mysql_num_rows($GOLD_QUERY)) {
$GOLD_DELETE_QUERY = mysql_query('DELETE FROM gold_votes WHERE vote_type="post" AND post_id="'.$id.'" AND user_id="'.$user_id.'"');
}
$row = mysql_fetch_array(mysql_query("SELECT * FROM gold_posts WHERE post_id='".$id."' LIMIT 1"));
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_per_up_vote_on_your_media').' WHERE user_id='.$row['user_id'].'');
mysql_query('UPDATE gold_users SET user_points = user_points + '.set('points_voting_up_a_media').' WHERE user_id='.$user_id.'');
echo GET_GOLD_VOTES($id);
} else {
echo "<a href='".$root."/login'>Please Log in</a>";
}
}
if($_POST['gold'] == 'flag') {
$id = $_POST['id'];
$user_id = $_POST['user_id'];
$type = $_POST['type'];
$user_ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
if($type == 'post') {
$GOLD_QUERY = mysql_query("SELECT * FROM gold_flags WHERE flag_type='post' AND post_id='$id' AND user_ip='$user_ip' AND user_id='$user_id'");
if (mysql_num_rows($GOLD_QUERY)) { } else {
$GOLD_INSERT_QUERY = mysql_query('INSERT INTO gold_flags (flag_type, post_id, user_ip, user_id) VALUES ("post", "'.$id.'", "'.$user_ip.'", "'.$user_id.'")');
}
} elseif($type == '') {
$GOLD_QUERY = mysql_query("SELECT * FROM gold_flags WHERE flag_type='comment' AND post_id='$id' AND user_ip='$user_ip' AND user_id='$user_id'");
if (mysql_num_rows($GOLD_QUERY)) { } else {
$GOLD_INSERT_QUERY = mysql_query('INSERT INTO gold_flags (flag_type, post_id, user_ip, user_id) VALUES ("comment", "'.$id.'", "'.$user_ip.'", "'.$user_id.'")');
}
}
}