array( 'host' => 'localhost', 'user' => 'fitsBank', 'pass' => 'TTJG$Vjs9', 'db' => 'fitsBank', ), 'path' => array( 'fits' => '/mnt/monstr/fitsBank/fits/', 'jpegs' => '/mnt/monstr/fitsBank/jpegs/', 'preview' => '/www/astro.milantiev.com/www/fitsBank/cache/', 'previewFit' => '/www/astro.milantiev.com/www/fitsBank/preview/', 'download' => '/www/astro.milantiev.com/www/fitsBank/download/', 'ftp' => '/www/astro.milantiev.com/www/fitsBank/uploads/', ), 'preview' => array( 'width' => 200, 'height' => 200, ), 'admin' => array( 'email' => 'oleg@milantiev.com', ), '' => 0, '' => 0, '' => 0, '' => 0, );0); function authLogin($email, $passwd) { $query = 'select * from users where email = "' . mysql_escape_string($email) . '" and passwd = "' . mysql_escape_string($passwd) . '"'; if ($res = mysql_query($query, $GLOBALS['conn'])) { $_SESSION['auth'] = $GLOBALS['auth'] = mysql_fetch_array($res); } } function authLogout() { $_SESSION['auth'] = $GLOBALS['auth'] = array('id'=>0); } ')); } function modelFiles() { global $conn, $auth; $data = array(); $query = ' SELECT fits . * FROM fits WHERE user = '.$auth['id'].' ORDER BY fits.object'; $res = mysql_query($query, $conn); while ($row = mysql_fetch_array($res)) { $data[$row['object']]['fits'][] = $row; } $query = ' SELECT jpegs . * FROM jpegs WHERE user = '.$auth['id'].' ORDER by jpegs.object'; $res = mysql_query($query, $conn); while ($row = mysql_fetch_array($res)) { $data[$row['object']]['jpegs'][] = $row; } return $data; } function modelObject() { global $conn, $config; if (isset($_GET['fit'])) { $table = 'fits'; $id = intval($_GET['fit']); } if (isset($_GET['jpeg'])) { $table = 'jpegs'; $id = intval($_GET['jpeg']); } $query = ' SELECT data . * , users.name user_name FROM ' . $table . ' data JOIN users ON data.user = users.id WHERE data.id = ' . $id; $res = mysql_query($query, $conn); if ($row = mysql_fetch_array($res)) { if (($table == 'fits') and (file_exists($config['path']['previewFit'].$id.'.jpg'))) { $row['preview'] = $config['path']['previewFit'].$id.'.jpg'; } return $row; } return false; } function modelLinks() { global $conn; if (isset($_GET['jpeg'])) { $id = intval($_GET['jpeg']); $data = array(); $query = ' SELECT fits. *, users.name user_name FROM fits_jpegs JOIN fits ON fits_jpegs.fit = fits.id JOIN users ON fits.user = users.id WHERE fits_jpegs.jpeg = ' . $id; $res = mysql_query($query, $conn); while ($row = mysql_fetch_array($res)) { $data[] = $row; } return $data; } return false; } function modelObjects($search) { global $conn; global $config; $data = array(); $query = ' SELECT fits . * , users.name user_name FROM fits JOIN users ON fits.user = users.id '. (($search)?'WHERE object like "%'.mysql_escape_string($search).'%" ':''). 'ORDER BY fits.object'; $res = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($res)) { $data[$row['object']]['fits'][] = $row; } $query = ' SELECT jpegs . * , users.name user_name FROM jpegs JOIN users ON jpegs.user = users.id '. (($search)?'WHERE object like "%'.mysql_escape_string($search).'%" ':''). 'ORDER by jpegs.object'; $res = mysqli_query($conn, $query); while ($row = mysqli_fetch_array($res)) { $data[$row['object']]['jpegs'][] = $row; } $files = array(); if ($handle = opendir($config['path']['ftp'])) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { $files[] = $file; } } closedir($handle); } $data['files'] = $files; return $data; } function modelUpload() { global $conn, $config, $auth; if (isset($_POST['file']) and ($_POST['file'])) { $file = $config['path']['ftp'] . $_POST['file']; $size = (file_exists($file)) ?filesize($file) :0; } else { $size = intval($_FILES['file']['size']); } $query = 'insert into fits (title, object, telescope, ccd, fwhm, permission, time, pixel, place, descr, size, user, DC) values ("'. input2sql($_POST['title']) . '", "'. input2sql($_POST['object']) . '", "'. input2sql($_POST['telescope']) . '", "'. input2sql($_POST['ccd']) . '", '. round($_POST['fwhm'],4) . ', '. round($_POST['permission']) . ', '. round($_POST['time']) . ', '. round($_POST['pixel'],4) . ', "'. input2sql($_POST['place']) . '", "'. input2sql($_POST['descr']) . '", '. $size . ', '. $auth['id'] . ', NOW() )'; $res = mysql_query($query, $conn); $id = false; if ($res and ($id = mysql_insert_id($conn) )) { if (isset($_POST['file']) and ($_POST['file'])) { $file = $config['path']['ftp'] . $_POST['file']; if (file_exists($file)) { rename($file, $config['path']['fits'] . $id . '.zip'); } } else { move_uploaded_file( $_FILES['file']['tmp_name'], $config['path']['fits'] . $id . '.zip'); } adminNotify('Added fit http://astro.milantiev.com/fitsBank/?action=object&fit=' . $id, 'uploadFit.php'); } return $id; } function modelJpeg() { global $conn, $config, $auth; $query = 'insert into jpegs (title, object, descr, size, user, DC) values ("'. input2sql(trim($_POST['title'])) . '", "'. input2sql(trim($_POST['object'])) . '", "'. input2sql($_POST['descr']) . '", '. intval($_FILES['file']['size']) . ', '. $auth['id'] . ', NOW() )'; $res = mysql_query($query, $conn); $id = false; if ($res and ($id = mysql_insert_id($conn) )) { move_uploaded_file( $_FILES['file']['tmp_name'], $config['path']['jpegs'] . $id . '.jpg'); $w=$config['preview']['width']; $h=$config['preview']['height']; $IMG=ImageCreateFromJPEG($config['path']['jpegs'] . $id . '.jpg'); $width =ImageSX($IMG); $height=ImageSY($IMG); $vertical =($width<$height)?1:0; $horizontal=1-$vertical; if ( ($vertical) or (!$w) ) $w=($h*$width)/$height; else $h=($w*$height)/$width; $dst_img=ImageCreateTrueColor($w,$h); ImageCopyResampled($dst_img,$IMG,0,0,0,0,$w,$h,$width,$height); ImageJPEG($dst_img, $config['path']['preview'] . $config['preview']['width'] . 'x' . $config['preview']['height'] . 'x' . $id . '.jpg'); if (isset($_POST['fit'])) { if (is_array($_POST['fit']) and count($_POST['fit'])) { foreach($_POST['fit'] as $key => $val) { $query = 'insert into fits_jpegs (jpeg, fit) values ('.$id.', '.$key.')'; mysql_query($query, $conn); } } } adminNotify('Added jpeg http://astro.milantiev.com/fitsBank/?action=object&jpeg=' . $id, 'uploadJpeg.php'); } return $id; } function downloadFit($id) { global $config, $conn; $query = 'select permission from fits where id = ' . intval($id); $res = mysql_query($query, $conn); if ($row = mysql_fetch_array($res)) { download($config['path']['fits'] . $id . '.zip', $row['permission']); } } function downloadJpeg($id) { global $config, $conn; $query = 'select permission from jpegs where id = ' . intval($id); $res = mysql_query($query, $conn); if ($row = mysql_fetch_array($res)) { download($config['path']['jpegs'] . $id . '.jpg', $row['permission']); } } function download($file, $permission) { global $auth; if ($auth['id'] or $permission) { if (file_exists($file)) { downloadViaSymlink($file); } } } function downloadViaSymlink($file) { global $config; $ext = explode('.', $file); $hash = md5(time()*1.5); exec('/bin/ln -s ' . $file . ' ' . $config['path']['download'] . $hash . '.' . $ext[count($ext)-1]); header('Location: download/' . $hash . '.' . $ext[count($ext)-1]); exit; } function downloadViaPHP($file) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename='.basename($file)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); ob_clean(); flush(); readfile($file); } function adminNotify($text, $template) { global $config; include "template/email/" . $template; mail($config['admin']['email'], 'fitsBank admin notify', $body); } $mod; $i++) { $size /= $mod; } return round($size, 2) . ' ' . $units[$i]; }