<?php
include("config.inc.php");
include("include/functions.inc.php");

if(!defined('INSTALLED')) {
	redirect("install/");
}

if($_POST["title"] && $_POST["description"] && $_FILES["image"]["tmp_name"]) {
	;// nothing, continue on
}
else {
	messageSet('error', 'Please fill out all the fields.');
	redirect('upload.php');
}

$image = $_FILES["image"];
if(is_uploaded_file($image["tmp_name"])) {
	
	$extension = substr($image["name"], strrpos($image["name"], '.'));
	$name = substr($image["name"], 0, strrpos($image["name"], '.'));
	
	$name = md5($name);
	
	while(file_exists('uploads/'.$name.$extension)) {
		$name = md5($name);
	}
	
	$filename = $name.$extension;
	
	move_uploaded_file($image["tmp_name"], 'uploads/'.$filename);
	
	//resize image
	$size = getimagesize('uploads/'.$filename);
	//print_r($size);
	
	if($size[0] > 350 || $size[1] > 350) {
		$max = max($size[0], $size[1]);
		
		if($max == $size[0]) {
			$direction = 'width';
			//need new height
			$new_height = intval(350 * ($size[1] / $size[0]));
			$new_width = 350;
		}
		else {
			$direction = 'height';
			$new_width = intval(350 * ($size[0] / $size[1]));
			$new_height = 350;
		}
		
		if($size["mime"] == 'image/png') {
			$image = imagecreatefrompng('uploads/'.$filename);
		}
		elseif(preg_match('/jpg|jpeg/', $size["mime"])) {
			$image = imagecreatefromjpeg('uploads/'.$filename);
		}
		elseif($size["mime"] == 'image/gif') {
			$image = imagecreatefromgif('uploads/'.$filename);
		}
		
		$dst = ImageCreateTrueColor($new_width, $new_height);
		imagecopyresampled($dst, $image,0,0,0,0,$new_width, $new_height, $size[0], $size[1]); 
		
		if($size["mime"] == 'image/png') {
			imagepng($dst, 'uploads/'.$filename);
		}
		elseif(preg_match('/jpg|jpeg/', $size["mime"])) {
			imagejpeg($dst, 'uploads/'.$filename);
		}
		elseif($size["mime"] == 'image/gif') {
			imagegif($dst, 'uploads/'.$filename);
		}
		
		imagedestroy($image);
		imagedestroy($dst);
	}
	
	$data = array(
		'title' => $_POST["title"],
		'description' => $_POST["description"], 
		'filename' => $filename,
		'submitted_by' => $_SERVER["REMOTE_ADDR"]
	);
	
	$sql = getInsertSQL(PREFIX.'images', $data);
	$result = query($sql);
	
	messageSet('success', 'Saved image.');
	
	redirect('index.php');
}

redirect('index.php');
?>