Файл: vsime.com/comm/inc/multi_select_head.php
Строк: 84
<?
if (isset($_GET["files_comm_multi_select_$comm[id]"]) && $_GET["files_comm_multi_select_$comm[id]"] == 'start' && !isset($_SESSION["files_comm_multi_select_$comm[id]"]) && ($ank['id']==$user['id'] && isset($user) || $uinc['access']=='adm'))
{
if (hsc(@$_GET['mdp'])==$mdp)
{
$_SESSION["files_comm_multi_select_$comm[id]"] = array();
header("Location: ?act=files&id=$comm[id]&dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
if (isset($_SESSION["files_comm_multi_select_$comm[id]"]) && ($ank['id']==$user['id'] && isset($user) || $uinc['access']=='adm'))
{
// фильтруем список (убираем удаленные файлы)
foreach ($_SESSION["files_comm_multi_select_$comm[id]"] AS $key => $value)
{
unset($_SESSION["files_comm_multi_select_$comm[id]"][$key]);
if (mysqli_result("SELECT COUNT(*) FROM `files_comm` WHERE `id` = '$value' AND `id_comm` = '$comm[id]'"))$_SESSION["files_comm_multi_select_$comm[id]"][$key] = $value;
}
$count_files_comm_multi_select = count($_SESSION["files_comm_multi_select_$comm[id]"]); // считаем выбранные файлы
// создаем новый массив
// присваиваем ключам массива значения массива $_SESSION["files_comm_multi_select_$comm[id]"], а значения массива - ключи массива $_SESSION["files_comm_multi_select_$comm[id]"]
$array_files_comm_multi_select_keyvalue = array();
foreach ($_SESSION["files_comm_multi_select_$comm[id]"] AS $key => $value)
{
$array_files_comm_multi_select_keyvalue[$value] = $key;
}
// перемещаем файлы
if (isset($_GET["files_comm_multi_select_$comm[id]"]) && $_GET["files_comm_multi_select_$comm[id]"] == 'finish')
{
if (hsc(@$_GET['mdp'])==$mdp)
{
foreach ($_SESSION["files_comm_multi_select_$comm[id]"] AS $key => $value)
{
$file = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `files_comm` WHERE `id` = '$value' AND (`type` = 'file' OR `type` = 'foto') AND `id_comm` = '$comm[id]'"));
mysqli_query($dbi, "UPDATE `files_comm` SET `id_dir` = '$dir[id]', `counter` = '$dir[counter]$dir[id]/' WHERE `id` = '$file[id]' AND `id_comm` = '$comm[id]'");
}
msg_sess("Перенесено ".sklon_text(count($_SESSION["files_comm_multi_select_$comm[id]"]), array('файл', 'файла', 'файлов')));
unset($_SESSION["files_comm_multi_select_$comm[id]"]);
header("Location: ?act=files&id=$comm[id]&dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
// выходим из режима перемещения файлов
if (isset($_GET["files_comm_multi_select_$comm[id]"]) && $_GET["files_comm_multi_select_$comm[id]"] == 'cancel')
{
if (hsc(@$_GET['mdp'])==$mdp)
{
unset($_SESSION["files_comm_multi_select_$comm[id]"]);
header("Location: ?act=files&id=$comm[id]&dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
// очищаем список
if (isset($_GET["files_comm_multi_select_$comm[id]"]) && $_GET["files_comm_multi_select_$comm[id]"] == 'drop')
{
if (hsc(@$_GET['mdp'])==$mdp)
{
$_SESSION["files_comm_multi_select_$comm[id]"] = array();
header("Location: ?act=files&id=$comm[id]&dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
// полный список
if (isset($_GET["files_comm_multi_select_$comm[id]"]) && $_GET["files_comm_multi_select_$comm[id]"] == 'full_list')
{
echo "<div class='list'>n";
if ($count_files_comm_multi_select > 0)
{
if (isset($_GET['delete']))
{
if (hsc(@$_GET['mdp'])==$mdp)
{
if (in_array(intval($_GET['delete']), $_SESSION["files_comm_multi_select_$comm[id]"]))unset($_SESSION["files_comm_multi_select_$comm[id]"][$array_files_comm_multi_select_keyvalue[intval($_GET['delete'])]]);
msg_sess("Файл удален из списка");
header("Location: ?dir=$dir[id]&files_comm_multi_select_$comm[id]=full_list&page=$page");
exit();
} else hacked_by_Killer();
}
echo "Выбрано ".sklon_text($count_files_comm_multi_select, array('файл', 'файла', 'файлов')).":<br />n";
foreach ($_SESSION["files_comm_multi_select_$comm[id]"] as $key => $value)
{
$file = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `files_comm` WHERE (`type` = 'file' OR `type` = 'foto') AND `id` = '$value' AND `id_comm` = '$comm[id]'"));
if ($file['type']=='file')
{
$file_user = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `files` WHERE `id` = '$file[id_file]'"));
$file_user['link'] = "/files/?file=$$file_user[id]";
} elseif ($file['type']=='foto') {
$file_user = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `foto` WHERE `id` = '$file[id_file]'"));
$file_user['link'] = "/fotos/?foto=$$file_user[id]";
}
echo "<a href='$file_user[link]'".title_link('Открыть файл').">n";
if (is_file(H.'/i/file_type/'.$file_user['ras'].'.png'))echo "<img src='/i/file_type/$file_user[ras].png' alt='$file_user[ras]' /> n";
else echo "<img src='/i/file_type/file.png' alt='file' /> n";
echo hsc($file_user['name']).".".hsc($file_user['ras'])."</a> <a href='?act=files&id=$comm[id]&dir=$dir[id]&files_comm_multi_select_$comm[id]=full_list&page=$page&delete=$file[id]&mdp=$mdp'>$config[code_delete]</a><br />";
}
echo ($count_files_comm_multi_select > 0?"<span class='right'><a href='?act=files&id=$comm[id]&dir=$dir[id]&files_comm_multi_select_$comm[id]=delete&page=$page'>Удалить файлы</a> | <a href='?act=files&id=$comm[id]&dir=$dir[id]&files_comm_multi_select_$comm[id]=drop&page=$page&mdp=$mdp'>Очистить список</a></span>":null);
echo "<div class='clear'></div>n";
} else echo "Список пустn";
echo "</div>n";
echo "<div class='foot'>n";
echo image_back()." <a href='?act=files&id=$comm[id]&dir=$dir[id]&page=$page'>Назад</a>n";
echo "</div>n";
ex_foot();
}
// удаляем выбраныйе файлы
if (isset($_GET["files_comm_multi_select_$comm[id]"]) && $_GET["files_comm_multi_select_$comm[id]"] == 'delete')
{
if (isset($_POST['submited']))
{
if (hsc(@$_POST['mdp'])==$mdp)
{
foreach ($_SESSION["files_comm_multi_select_$comm[id]"] AS $key => $value)
{
$file = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `files_comm` WHERE `id` = '$value' AND (`type` = 'file' OR `type` = 'foto') AND `id_comm` = '$comm[id]'"));
mysqli_query($dbi, "DELETE FROM `files_comm` WHERE `id` = '$file[id]' AND `id_comm` = '$comm[id]'");
}
msg_sess("Удалено ".sklon_text(count($_SESSION["files_comm_multi_select_$comm[id]"]), array('файл', 'файла', 'файлов')));
$_SESSION["files_comm_multi_select_$comm[id]"] = array();
header("Location: ?act=files&id=$comm[id]&dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
echo "<form method='POST' action=''>n";
echo "Подтвердитье удаление файлов<br />n";
echo "<input type='hidden' name='mdp' value='$mdp'>n";
echo "<input type='submit' name='submited' value='Удалить' /> <a href='?act=files&id=$comm[id]&dir=$dir[id]&page=$page'>Отмена</a>n";
echo "</form>n";
ex_foot();
}
// вводим выбранные файлы в список
if (isset($_POST['multi_select_submited']))
{
if (hsc(@$_POST['mdp'])==$mdp)
{
$query = mysqli_query($dbi, "SELECT * FROM `files_comm` WHERE `id_dir` = '$dir[id]' AND (`type` = 'file' OR `type` = 'foto') AND `id_comm` = '$comm[id]' ORDER BY `time` DESC LIMIT $start, $config[rop]");
while ($post = mysqli_fetch_array($query))
{
if (in_array($post['id'], $_SESSION["files_comm_multi_select_$comm[id]"]))unset($_SESSION["files_comm_multi_select_$comm[id]"][$array_files_comm_multi_select_keyvalue[$post['id']]]);
}
foreach ($_POST as $key => $value)
{
if (preg_match('#^multi_select_file_([0-9]*)$#', $key, $postnum) && $value == 1)
{
if (mysqli_result("SELECT COUNT(*) FROM `files_comm` WHERE `id` = '$postnum[1]' AND (`type` = 'file' OR `type` = 'foto') AND `id_comm` = '$comm[id]'"))$_SESSION["files_comm_multi_select_$comm[id]"][] = $postnum[1];
}
}
header("Location: ?act=files&id=$comm[id]&dir=$dir[id]&page=$page");
exit();
} else hacked_by_Killer();
}
echo "<form method='POST' action='' class='multi'>n";
echo "<div class='list_dr'>n";
if ($count_files_comm_multi_select > 0)
{
echo "Выбрано ".sklon_text($count_files_comm_multi_select, array('файл', 'файла', 'файла')).".n";
echo " Выберите папку для перемещения и нажмите «<a href='?act=files&id=$comm[id]&dir=$dir[id]&page=$page&files_comm_multi_select_$comm[id]=finish&mdp=$mdp'>Переместить сюдa</a>»n";
}
else echo "Выберите файлы для перемещения.n";
echo "</div>n";
}
?>