Файл: modules/down/file.php
Строк: 148
<?php
define('R', $_SERVER['DOCUMENT_ROOT']);
define('S', R.'/system');
require_once(R.'/system/kernel.php');
$tmp->header('zc');
$id=my_int($_GET['id']);
$p=$db->fass("select * from `zc_file` where `id` = '" .$id."'");
$tmp->title('title', $p['name']);
User::panel();
if(!$p){
$tmp->div('error', Language::config('error'));
$tmp->div('menu', '<a href="/">'.img('link.png').' '.Language::config('home').'</a>');
$tmp->footer();
exit();
}
if(isset($_GET['do'])) {
if(User::aut()){
$db->query("UPDATE `zc_file` set `down` = '".($p['down'] + 1)."' where `id` = '".$id."'");
header('location: /files/zc/'.$p['file']);
} else {
$tmp->div('error', Language::config('need_auth'));
}
}
if(isset($_GET['del'])){
if(User::aut()){
if(User::ID() == $p['kto'] || User::level() >= 3){
$db->query("DELETE FROM `zc_file` WHERE `id` = '".$id."' limit 1 ");
header('location: /zc/cat'.$p['category'].'/pc'.$p['section'].'');
}
}
}
if(isset($_GET['edit'])){
if(User::ID() == $p['kto'] || User::level() >= 3){
if(isset($_POST['submit'])){
$name = $db->guard($_POST['name']);
$opis = $db->guard($_POST['opis']);
$screen = $db->guard($_FILES['screen']['name']);
if (!empty($screen)) {
$dirs = R.'/files/zc/screen';
$exts = strtolower(strrchr($screen, '.'));
if ($_FILES['screen']['size'] > (1048576 * 2)) $error .= Language::config('max_size_zc_screen').'. [Max. 2 mb.]<br />';
if (preg_match('/.php/i', $screen) || preg_match('/.pl/i', $screen) || $screen == '.htaccess' || !in_array(substr($exts, 1), array('jpg', 'png', 'gif', 'jpeg'))) {
$error .= Language::config('error_ext_scr').'<br />';
}
$screens = rand(1,999).'_NOMICMS_'.rand(1,999). $exts;
}
if(empty($name) || mb_strlen($_POST['name'], 'UTF-8')<2){
$error .= Language::config('no_name');
}
if(!isset($error)) {
if(!empty($screen)){
copy($_FILES['screen']['tmp_name'], $dirs . '/' . $screens );
$db->query("UPDATE `zc_file` set `name` = '".$name."', `opis` = '".$opis."', `screen` = '".$screens."' where `id` ='".$id."' ");
} else {
$db->query("UPDATE `zc_file` set `name` = '".$name."', `opis` = '".$opis."' where `id` ='".$id."' ");
}
header('location: /zc/file'.$id);
}
}
error($error);
upload_file();
$tmp->div('main', '<form action="" method="post" enctype="multipart/form-data">
'.Language::config('name').':<br/>
<input name="name" value="'.$p['name'].'" /><br />
'.Language::config('opis').':<br/>
<textarea name="opis">'.$p['opis'].'</textarea><br />
'.Language::config('screen').':<br/>
<input name="screen" type="file" id="file" onchange="uploadFile(this)">
<label id="select_file" for="file">'.img('file.png').'<label id="file-name" for="file">Выбрать файл</label></label><br />
<input type="submit" name="submit" value="'.Language::config('save').'" /></form>');
$tmp->div('menu', '<hr><a href="/zc/file'.$id.'">'.img('link.png').' '.Language::config('back').'</a>');
$tmp->footer();
exit();
}
}
$tmp->div('title', $p['name']);
echo ($p['opis'] ? '<hr><div class="main">'.bb(smile($p['opis'])). '</div>' : NULL );
if(in_array(strtolower(explode('.', $p['file'])[1]), array('jpg', 'png', 'gif', 'jpeg'))){
$tmp->div('main', '<a target="_blank" href="../files/zc/'.$p['file'].'"><img src="../files/zc/'.$p['file'].'" style="max-width: 210px; max-height: 210px;"/></a>');
} else {
if(!empty($p['screen'])){
$tmp->div('main', '<a target="_blank" href="/files/zc/screen/'.$p['screen'].'"><img src="/files/zc/screen/'.$p['screen'].'" style="max-width: 100px; max-height: 100px;"/></a>');
}
}
$tmp->div('menu', '<a class="items" href="/zc/file'.$p['id'].'?do">'.img('down.png').' '.Language::config('down').' ('.format_filesize(R.'/files/zc/'.$p['file']).')</a>');
$tmp->div('main', Language::config('add_name').': '.nick_new($p['kto']).' '.(User::level() >= 3 || User::ID() == $p['kto'] ? '<a class="de" href="/zc/file'.$p['id'].'?del">'.img('delete.png" style="width: inherit').'</a> <a class="de" href="/zc/file'.$p['id'].'?edit">'.img('edit.png" style="width: inherit').'</a>' : NULL).' <span class="times">'.times($p['time']).'</span><br>'.Language::config('downl').': '.$p['down']);
if(User::aut()) {
$count=$db->fass_c("SELECT COUNT(*) as count FROM `zc_comments` where `zc_file` = '".$id."'");
$tmp->div('menu', '<hr><a href="/zc/comment'.$p['id'].'">'.img('com.png').' '.Language::config('comments').' <span>'.$count.'</span></a>');
}
$tmp->div('menu', '<hr><a href="/zc/cat'.$p['category'].'/pc'.$p['section'].'">'.img('link.png').' '.Language::config('back').'</a>');
$tmp->footer();
?>