Файл: user/files/edit.php
Строк: 91
<?php
require_once '../../sys/inc/start.php';
require_once '../../sys/inc/compress.php';
require_once '../../sys/inc/sess.php';
require_once '../../sys/inc/settings.php';
require_once '../../sys/inc/db_connect.php';
require_once '../../sys/inc/ipua.php';
require_once '../../sys/inc/fnc.php';
require_once '../../sys/inc/user.php';
$set['title'] = 'Файлы';
require_once '../../sys/inc/thead.php';
only_reg();
aut();
$dir = intval($_GET['id']);
if ($_GET['id'] == 0) {
$folder['id_user'] = $user['id'];
} else {
if (mysql_result(mysql_query("SELECT COUNT(*) FROM `user_dir` WHERE `id` = '$dir' AND `id_user` = '$user[id]' LIMIT 1"), 0) == 0) {
header("Location: /index.php?");
exit;
}
$folder = mysql_fetch_array(mysql_query("SELECT * FROM `user_dir` WHERE `id` = '$dir' LIMIT 1"));
}
if ($folder['id_user'] == $user['id'] && isset($_GET['act']) && $_GET['act'] == 'delete' && isset($_GET['ok'])) {
$q2 = mysql_query("SELECT * FROM `user_files` WHERE `dir` = '$folder[id]'");
while ($post = mysql_fetch_array($q2)) {
unlink(H . 'sys/files/' . $post['name'] . '.dat');
}
mysql_query("DELETE FROM `user_files` WHERE `dir` = '$folder[id]'");
mysql_query("DELETE FROM `user_dir` WHERE `id` = '$folder[id]'");
mysql_query("DELETE FROM `user_dir` WHERE `dir` = '$folder[id]'");
header('Location: index.php');
}
if ($folder['id_user'] == $user['id'] && isset($_GET['act']) && $_GET['act'] == 'rename' && isset($_GET['ok']) && isset($_POST['name'])) {
if ($_POST['name'] == NULL) {
$err[] = "Введите название папки";
}
if (!preg_match("#^([A-zА-я0-9-_ ])+$#ui", $_POST['name'])) {
$err[] = 'В нике присутствуют запрещенные символы';
}
if (preg_match("#(^ )|( $)#ui", $_POST['name'])) {
$err[] = 'Запрещено использовать пробел в начале и конце ника';
}
if (!isset($err)) {
mysql_query("UPDATE `user_dir` SET `name`='" . mysql_real_escape_string($_POST['name']) . "' WHERE `id` = '$folder[id]' LIMIT 1");
if ($folder['dir'] == 0) {
header('Location: index.php?id=' . $user['id'] . '');
} else {
header('Location: dir.php?dir=' . $folder['dir'] . '');
}
}
}
if ($folder['id_user'] == $user['id'] && isset($_GET['act']) && $_GET['act'] == 'new' && isset($_GET['ok']) && isset($_POST['name'])) {
if ($_POST['name'] == NULL) {
$err[] = "Введите название папки";
}
if (!preg_match("#^([A-zА-я0-9-_ ])+$#ui", $_POST['name'])) {
$err[] = 'В нике присутствуют запрещенные символы';
}
if (preg_match("#(^ )|( $)#ui", $_POST['name'])) {
$err[] = 'Запрещено использовать пробел в начале и конце ника';
}
if (!isset($err)) {
mysql_query("INSERT INTO `user_dir` (`name` , `dir` , `id_user`) VALUES ('" . mysql_real_escape_string($_POST['name']) . "', '$dir', '$user[id]')");
if ($dir == 0) {
header('Location: index.php?id=' . $user['id'] . '');
} else {
header('Location: dir.php?dir=' . $folder['id'] . '');
}
}
}
err();
if ($folder['id_user'] == $user['id'] && isset($_GET['act']) && $_GET['act'] == 'new') {
echo "<form class = 'foot' action='?id=$dir&act=new&ok' method="post">";
echo "Название папки:<br />n";
echo "<input type='text' name='name' value='' /><br />n";
echo "<div class = 'right' id = 'hide'>";
echo "<a href = 'dir.php?id=$dir' title = 'Отмена'><img src = '/style/icons/cross.png' /></a>";
echo "</div><button class = 'btn'>";
echo "<img src = '/style/icons/add.png' /> Добавить папку";
echo "</button></form>";
}
if ($folder['id_user'] == $user['id'] && isset($_GET['act']) && $_GET['act'] == 'rename') {
echo "<form class = 'foot' action='?id=$dir&act=rename&ok' method="post">";
echo "Название папки:<br />n";
echo "<input type="text" name="name" value="" . htmlentities($folder['name'], ENT_QUOTES, 'UTF-8') . ""/><br />n";
echo "<div class = 'right' id = 'hide'>";
echo "<a href = 'dir.php?id=$dir' title = 'Отмена'><img src = '/style/icons/cross.png' /></a>";
echo "</div><button class = 'btn'>";
echo "<img src = '/style/icons/save.png' /> Сохранить изменения";
echo "</button></form>";
}
if ($folder['id_user'] == $user['id'] && isset($_GET['act']) && $_GET['act'] == 'delete') {
echo "<div class='err'>Удалить текущую папку <b>$folder[name]</b>?<br />n";
echo "<a href='?id=$dir&act=delete&ok'>Да</a> | ";
echo "<a href='dir.php?dir=$dir'>Нет</a></div>n";
}
require_once '../../sys/inc/tfoot.php';