Файл: moduls/loads/edit.php
Строк: 193
<?php
/**
* @package Prime Social
* @link http://primesocial.ru
* @copyright Copyright (C) 2016 Prime Social
* @author BoB | http://primesocial.ru/about
*/
require_once('../../core/start.php');
require_once('func.php');
require_once('../../core/class/id.php');
check_auth();
$folder = DB::$dbs->queryFetch("SELECT * FROM ".LOADS." WHERE `id` = ? ", array(abs(num($_GET['folder']))));
if (empty($folder)) {
head('Bo`lim topilmadi');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/loads/">Yuklamalar</a> / <b>Bo`lim topilmadi</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
$folderc = DB::$dbs->queryFetch("SELECT * FROM ".LOADS_CAT." WHERE `id` = ? ", array(abs(num($_GET['folderc']))));
if (empty($folderc)) {
head('Ichki bo`lim topilmadi');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/loads/">Yuklamalar</a> / <b>Ichki bo`lim topilmadi</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
$file = DB::$dbs->queryFetch("SELECT * FROM ".LOADS_FILE." WHERE `id` = ? ", array(abs(num($_GET['file']))));
if (empty($file)) {
head('Fayl topilmadi');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/loads/">Yuklamalar</a> / <b>Fayl topilmadi</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
if (privilegy('zc') == FALSE) {
head('Kirishda xatolik');
echo DIV_ERROR . 'Xatolik!' . CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/loads/">Yuklamalar</a> / <b>Kirishda xatolik</b>' . CLOSE_DIV;
require_once('../../core/stop.php');
exit();
}
switch ($select) {
case 'screen':
head('' . $file['name'] . ' skrinshotlarini boshqarish');
if (!empty($_GET['del'])) {
$scr = DB::$dbs->queryFetch("SELECT * FROM ".LOADS_SCREEN." WHERE `id` = ? ", array(abs(num($_GET['del']))));
unlink(HOME . '/files/loads/screen/'.$scr['url']);
DB::$dbs->query("DELETE FROM ".LOADS_SCREEN." WHERE `id` = ? ", array(abs(num($_GET['del']))));
header("Location: ".HOME."/loads/".$folder['id']."/".$folderc['id']."/".$file['id']."/edit/screen/");
}
if (!empty($_POST['upload'])) {
if (isset($_FILES['screen']['name']) && $folder['type'] > 3) {
foreach ($_FILES['screen']['name'] as $k=>$v) {
$name = $_FILES['screen']['name'][$k];
$ext = strtolower(strrchr($name, '.')); # Fayl formati
if (preg_match('/.php/i', $name) || preg_match('/.pl/i', $name) || $name == '.htaccess' || !in_array($ext, type(1))) {
} else {
$name_screen = md5(time() . rand(1,100)).$ext;
copy($_FILES['screen']['tmp_name'][$k], '../../files/loads/screen/'.$name_screen);
DB::$dbs->query("INSERT INTO ".LOADS_SCREEN." (`file_id`, `url`) VALUES (?,?)", array($file['id'], $name_screen));
}
}
}
header("Location: ".HOME."/loads/".$folder['id']."/".$folderc['id']."/".$file['id']."/edit/screen/");
}
echo DIV_BLOCK;
$screens = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".LOADS_SCREEN." WHERE `file_id` = ? ", array($file['id']));
if (!empty($screens)) {
$sql = DB::$dbs->query("SELECT * FROM ".LOADS_SCREEN." WHERE `file_id` = ? ", array($file['id']));
while($screen = $sql -> fetch()) {
echo '<a href="'.HOME.'/files/loads/screen/'.$screen['url'].'"><img src="'.HOME.'/files/loads/screen/'.$screen['url'].'" wight="80" height="80" /></a> <a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/edit/screen/?del='.$screen['id'].'">[x]</a><br />';
}
} else {
echo 'Skrinshotlar hali joylanmagan';
}
echo CLOSE_DIV;
echo DIV_AUT;
echo '<form action="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/edit/screen/" enctype="multipart/form-data" method="POST">';
echo '<b>Screen kiritish:</b> [Multitanlash]<br /><input name="screen[]" type="file" multiple="true" /><br />';
echo '<input type="submit" name="upload" value="Yuklash" />';
echo '</form>';
echo CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/loads/">Yuklamalar</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/">'.$folder['name'].'</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/">'.$folderc['name'].'</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/">'.$file['name'].'</a> / <b>Skrinshotlarni boshqarish</b>' . CLOSE_DIV;
break;
case 'edit':
head('Faylni tahrirlash: ' . $file['name']);
if (!empty($_POST['edit'])) {
$name = html($_POST['name']);
$info = html($_POST['info']);
$lang = html($_POST['lang']);
if (empty($name)) {
echo DIV_ERROR . 'Nomni to`ldiring' . CLOSE_DIV;
} else {
DB::$dbs->query("UPDATE ".LOADS_FILE." SET `name` = ?, `lang` = ?, `info` = ? WHERE `id` = ? ", array($name, $lang, $info, $file['id']));
echo DIV_MSG . 'O`zgaririshlar qabul qilindi' . CLOSE_DIV;
}
}
echo DIV_AUT;
echo '<form action="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/edit/edit/" enctype="multipart/form-data" method="POST">';
echo 'Fayl nomi:<br /><input type="text" name="name" value="'.$file['name'].'" /><br /><br />';
echo 'Ta`rif:<br /><textarea name="info" />'.$file['info'].'</textarea><br /><br />';
echo 'Til:<br /><input type="text" name="lang" value="'.$file['lang'].'" /><br /><br />';
echo '<input type="submit" name="edit" value="O`zgartirish" />';
echo '</form>';
echo CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/loads/">Yuklamalar</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/">'.$folder['name'].'</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/">'.$folderc['name'].'</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/">'.$file['name'].'</a> / <b>Faylni tahrirlash</b>' . CLOSE_DIV;
break;
case 'ver':
head('Fayl versiyalarini boshqarish: ' . $file['name']);
if (!empty($_GET['del'])) {
$file_dop = DB::$dbs->queryFetch("SELECT * FROM ".LOADS_FILE_DOP." WHERE `id` = ? ", array(abs(num($_GET['del']))));
unlink(HOME . '/files/loads/files/'.$file_dop['url']);
DB::$dbs->query("DELETE FROM ".LOADS_FILE_DOP." WHERE `id` = ? ", array(abs(num($_GET['del']))));
header("Location: ".HOME."/loads/".$folder['id']."/".$folderc['id']."/".$file_dop['id']."/edit/ver/");
}
if (!empty($_GET['edit'])) {
$file_dop = DB::$dbs->queryFetch("SELECT * FROM ".LOADS_FILE_DOP." WHERE `id` = ? ", array(abs(num($_GET['edit']))));
if (!empty($_POST['edit'])) {
$name = html($_POST['name']);
$lang = html($_POST['lang']);
if (empty($name)) {
echo DIV_ERROR . 'Nomni kiriting' . CLOSE_DIV;
} else {
DB::$dbs->query("UPDATE ".LOADS_FILE_DOP." SET `name` = ?, `lang` = ? WHERE `id` = ? ", array($name, $lang, $file_dop['id']));
echo DIV_MSG . 'O`zgartirishlar qabul qilindi' . CLOSE_DIV;
}
}
echo DIV_AUT;
echo '<form action="#" method="POST">';
echo 'Fayl nomi:<br /><input type="text" name="name" value="'.$file_dop['name'].'" /><br /><br />';
echo 'Til:<br /><input type="text" name="lang" value="'.$file_dop['lang'].'" /><br /><br />';
echo '<input type="submit" name="edit" value="O`zgartirish" /></form>';
echo CLOSE_DIV;
}
if (!empty($_POST['upload'])) {
$file_name = html($_POST['name']);
$file_lang = html($_POST['lang']);
if (!empty($_FILES['file'])) {
$name = $_FILES['file']['name']; # Fayl nomi
$ext = strtolower(strrchr($name, '.')); # Fayl formati
$size = $_FILES['file']['size']; # Fayl hajmi
$file1 = time().$ext;
if (preg_match('/.php/i', $name) || preg_match('/.pl/i', $name) || $name == '.htaccess') {
$err .= 'Fayl shaklida xatolik.<br />';
}
if (empty($file_name)) {
$file_name = html($_FILES['file']['name']);
}
if (empty($err)) {
copy($_FILES['file']['tmp_name'], '../../files/loads/files/'.$file1);
DB::$dbs->query("INSERT INTO ".LOADS_FILE_DOP." (`folder_id`, `folderc_id`, `file_id`, `name`, `url`, `time`, `size`, `lang`, `type`) VALUES
(?,?,?,?,?,?,?,?,?)", array($folder['id'], $folderc['id'], $file['id'], $file_name, $file1, time(), $size, $file_lang, $ext));
header("Location: ".HOME."/loads/".$folder['id']."/".$folderc['id']."/".$file['id']."/edit/ver/");
} else {
echo $err;
}
}
}
echo DIV_BLOCK;
$files = DB::$dbs->querySingle("SELECT COUNT(`id`) FROM ".LOADS_FILE_DOP." WHERE `file_id` = ? ", array($file['id']));
if (!empty($files)) {
$sql = DB::$dbs->query("SELECT * FROM ".LOADS_FILE_DOP." WHERE `file_id` = ? ", array($file['id']));
while($dop = $sql -> fetch()) {
echo '<a href="'.HOME.'/files/loads/files/'.$dop['url'].'">'.$dop['name'].'</a> [Til: '.$dop['lang'].' / Hajmi: '.get_size($dop['size']).'
/ '.$dop['type'].'] <a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/edit/ver/?del='.$dop['id'].'">[x]</a>
<a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/edit/ver/?edit='.$dop['id'].'">[edit]</a><br />';
}
} else {
echo 'Qo`shimcha fayllar kiritilmagan';
}
echo CLOSE_DIV;
echo DIV_AUT;
echo '<form action="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/edit/ver/" enctype="multipart/form-data" method="POST">';
echo '<b>Joylash:</b><br />';
echo 'Fayl nomi:<br /><input type="text" name="name" /><br />';
echo 'Til:<br /><input type="text" name="lang" /><br />';
echo '<input name="file" type="file" /><br />';
echo '<input type="submit" name="upload" value="Kiritish" />';
echo '</form>';
echo CLOSE_DIV;
echo DIV_GO . '<a href="'.HOME.'/">Bosh sahifa</a> / <a href="'.HOME.'/loads/">Yuklamalar</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/">'.$folder['name'].'</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/">'.$folderc['name'].'</a> / <a href="'.HOME.'/loads/'.$folder['id'].'/'.$folderc['id'].'/'.$file['id'].'/">'.$file['name'].'</a> / <b>Fayl versiyalarini boshqarish</b>' . CLOSE_DIV;
break;
case 'delete':
unlink(HOME . '/files/loads/files/'.$file['url']);
$sql = DB::$dbs->query("SELECT * FROM ".LOADS_FILE_DOP." WHERE `file_id` = ? ", array($file['id']));
while($dop = $sql -> fetch()) {
unlink('../../files/loads/files/'.$dop['url']);
}
DB::$dbs->query("DELETE FROM ".LOADS_FILE_DOP." WHERE `file_id` = ? ", array($file['id']));
DB::$dbs->query("DELETE FROM ".LOADS_RATING." WHERE `file_id` = ? ", array($file['id']));
DB::$dbs->query("DELETE FROM ".LOADS_COMM." WHERE `file_id` = ? ", array($file['id']));
DB::$dbs->query("DELETE FROM ".LOADS_FILE." WHERE `id` = ? ", array($file['id']));
header("Location: ".HOME."/loads/".$folder['id']."/".$folderc['id']."/");
break;
}
require_once('../../core/stop.php');
?>