Файл: obmen/index.php
Строк: 36
<?php
include_once '../system/head.php';
echo'
<div class="menu">
<form action = "#" method = "post" enctype = "multipart/form-data">
<input type = "file" name = "somename" /><br />
<img src="/captcha.php" height="30" alt="" />:<br /><input type="text" name="code"><br />
<input type = "submit" value = "Загрузить" />
</form></div> ';
if($_COOKIE['code'] == $_POST['code']){
$uploadfile = "files/".$_FILES['somename']['name'];
$filee=$_FILES['somename']['name'];
if(move_uploaded_file($_FILES['somename']['tmp_name'], $uploadfile)){
mysql_query("INSERT INTO `obmen` SET `name`='$filee', `avtor`= '$user[id]', `time`='$time'");
echo'<div class="menu">Файл добавлен -> <a href="/obmen">Далее</a><br /><input type="text" value="http://'.$_SERVER['HTTP_HOST'].'/obmen/file.php?id='.mysql_insert_id().'"/></div>';
}
}
$k_post=mysql_result(mysql_query("SELECT COUNT(*) FROM `obmen`"),0);
$k_page=k_page($k_post,$set['p_str']);$page=page($k_page);$start=$set['p_str']*$page-$set['p_str'];
$query = mysql_query("select * from `obmen` ORDER BY `id` DESC LIMIT $start, $set[p_str]");
$total = mysql_result(mysql_query("select count(*) from `obmen`"),0);
if($total>0){
while ($row = mysql_fetch_assoc($query)){
echo '<div class="menu">- <a href="file.php?id='.protect($row['id']).'">'.$row['name'].'</a> ';
if($user['level']==1){echo '<a href="/?mode=admin&fid=del_file&id='.protect($row['id']).'">[x]</a>';}
echo'</div>';
}
}else{echo'<div class="menu">Файло еще нет</div>';}
if ($k_page>1)str('?mode=admin&fid=news&',$k_page,$page); // Вывод страниц
require_once '../system/foot.php';
?>