Файл: vsime.com/files/inc/multi_select_head.php
Строк: 110
<?
if (isset($_GET['files_multi_select']) && $_GET['files_multi_select'] == 'start' && !isset($_SESSION['files_multi_select']) && $ank['id'] == $user['id']) {
if (hsc(@$_GET['mdp'])==$mdp) {
$_SESSION['files_multi_select'] = array();
locon(" ?dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
if (isset($_SESSION['files_multi_select']) && $ank['id']==$user['id']) {
// фильтруем список (убираем удаленные файлы)
foreach ($_SESSION['files_multi_select'] AS $key => $value) {
unset($_SESSION['files_multi_select'][$key]);
if (mysqli_result("SELECT COUNT(*) FROM `files` WHERE `id_user` = '$ank[id]' AND `type` = 'file' AND `id` = '$value'"))$_SESSION['files_multi_select'][$key] = $value;
}
$count_files_multi_select = count($_SESSION['files_multi_select']); // считаем выбранные файлы
// создаем новый массив
// присваиваем ключам массива значения массива $_SESSION['files_multi_select'], а значения массива - ключи массива $_SESSION['files_multi_select']
$array_files_multi_select_keyvalue = array();
foreach ($_SESSION['files_multi_select'] AS $key => $value) {
$array_files_multi_select_keyvalue[$value] = $key;
}
// считаем выбранные файлы, которые находятся в Зоне файлов
$array_files_fz = array();
foreach ($_SESSION['files_multi_select'] AS $key => $value) {
if (mysqli_result("SELECT COUNT(*) FROM `files_zone` WHERE `id_file` = '$value' AND `type` = 'file'")!=0)$array_files_fz[] = $value;
}
$count_files_fz_multi_select = count($array_files_fz);
// операции с файлами, которые в Зоне файлов
// удаляем из списка
if (isset($_GET['files_multi_select']) && $_GET['files_multi_select'] == 'action' && $count_files_fz_multi_select > 0) {
if (hsc(@$_GET['mdp'])==$mdp) {
if (isset($_GET['files_fz']) && $_GET['files_fz'] == 'dfl') {
foreach ($array_files_fz as $key => $value) {
unset($_SESSION['files_multi_select'][$array_files_multi_select_keyvalue[$value]]);
}
locon(" ?dir=$dir[id]");
exit();
}
// удаляем из Зоны обмена
if (isset($_GET['files_fz']) && $_GET['files_fz'] == 'dfz') {
foreach ($array_files_fz as $key => $value) {
$file = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `files` WHERE `id_user` = '$ank[id]' AND `type` = 'file' AND `id` = '$value'"));
mysqli_query($dbi, "DELETE FROM `files_zone` WHERE `id_files` = '$file[id]' AND `type` = 'file'");
}
locon(" ?dir=$dir[id]");
exit();
}
} else hacked_by_Killer();
}
// перемещаем файлы
if (isset($_GET['files_multi_select']) && $_GET['files_multi_select'] == 'finish' && ($dir['access']!='all' && $count_files_fz_multi_select == 0 || $dir['access']=='all')) {
if (hsc(@$_GET['mdp'])==$mdp) {
foreach ($_SESSION['files_multi_select'] AS $key => $value) {
$file = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `files` WHERE `id_user` = '$ank[id]' AND `type` = 'file' AND `id` = '$value'"));
$file['path'] = H."system/files/files/users/user$file[id_user]/dir$file[id_dir]/".$file['id'].".dat";
$file['path_new'] = H."system/files/files/users/user$file[id_user]/dir$dir[id]/".$file['id'].".dat";
mysqli_query($dbi, "UPDATE `files` SET `id_dir` = '$dir[id]', `counter` = '$dir[counter]$dir[id]/' WHERE `id` = '$file[id]'");
mysqli_query($dbi, "UPDATE `lenta` SET `id_object2` = '$dir[id]' WHERE `id_object` = '$file[id]' AND `type` = 'file'");
if (!file_exists(H."system/files/files"))mkdir(H."system/files/files", 0777);
if (!file_exists(H."system/files/files/users"))mkdir(H."system/files/files/users", 0777);
if (!file_exists(H."system/files/files/users/user$file[id_user]"))mkdir(H."system/files/files/users/user$file[id_user]", 0777);
if (!file_exists(H."system/files/files/users/user$file[id_user]/dir$dir[id]"))mkdir(H."system/files/files/users/user$file[id_user]/dir$dir[id]", 0777);
copy($file['path'], $file['path_new']);
if ($file['path'] != $file['path_new'])unlink($file['path']);
}
msg_sess("Перенесено ".sklon_text(count($_SESSION['files_multi_select']), array('файл', 'файла', 'файлов')));
unset($_SESSION['files_multi_select']);
locon(" ?dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
// выходим из режима перемещения файлов
if (isset($_GET['files_multi_select']) && $_GET['files_multi_select'] == 'cancel') {
if (hsc(@$_GET['mdp'])==$mdp) {
unset($_SESSION['files_multi_select']);
locon(" ?dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
// очищаем список
if (isset($_GET['files_multi_select']) && $_GET['files_multi_select'] == 'drop') {
if (hsc(@$_GET['mdp'])==$mdp) {
$_SESSION['files_multi_select'] = array();
locon(" ?dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
// полный список
if (isset($_GET['files_multi_select']) && $_GET['files_multi_select'] == 'full_list') {
echo "<div class='list'>n";
if ($count_files_multi_select > 0) {
if (isset($_GET['delete'])) {
if (hsc(@$_GET['mdp'])==$mdp) {
if (in_array(intval($_GET['delete']), $_SESSION['files_multi_select']))unset($_SESSION['files_multi_select'][$array_files_multi_select_keyvalue[intval($_GET['delete'])]]);
msg_sess("Файл удален из списка");
locon(" ?dir=$dir[id]&files_multi_select=full_list&page=$page");
exit();
} else hacked_by_Killer();
}
echo "Выбрано ".sklon_text($count_files_multi_select, array('файл', 'файла', 'файлов')).":<br />n";
foreach ($_SESSION['files_multi_select'] as $key => $value) {
$file = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `files` WHERE `id` = '$value'"));
echo "<a href='?file=$file[id]'".title_link('Открыть файл').">n";
if (is_file(H.'/i/file_type/'.$file['ras'].'.png'))echo "<img src='/i/file_type/$file[ras].png' alt='$file[ras]' /> n";
else echo "<img src='/i/file_type/file.png' alt='file' /> n";
echo hsc($file['name']).".".hsc($file['ras'])."</a> <a href='?dir=$dir[id]&files_multi_select=full_list&page=$page&delete=$file[id]&mdp=$mdp'>$config[code_delete]</a><br />";
}
echo ($count_files_multi_select > 0?"<span class='right'><a href='?dir=$dir[id]&files_multi_select=delete&page=$page'>Удалить файлы</a> | <a href='?dir=$dir[id]&files_multi_select=drop&page=$page&mdp=$mdp'>Очистить список</a></span>":null);
echo "<div class='clear'></div>n";
} else echo "Список пустn";
echo "</div>n";
echo "<div class='foot'>n";
echo image_back()." <a href='?dir=$dir[id]&page=$page'>Назад</a>n";
echo "</div>n";
ex_foot();
}
// удаляем выбраныйе файлы
if (isset($_GET['files_multi_select']) && $_GET['files_multi_select'] == 'delete') {
if (isset($_POST['submited'])) {
if (hsc(@$_POST['mdp'])==$mdp) {
foreach ($_SESSION['files_multi_select'] AS $key => $value) {
$file = mysqli_fetch_array(mysqli_query($dbi, "SELECT * FROM `files` WHERE `id_user` = '$ank[id]' AND `type` = 'file' AND `id` = '$value'"));
$file['path'] = H."system/files/files/users/user$file[id_user]/dir$file[id_dir]/".$file['id'].".dat";
mysqli_query($dbi, "DELETE FROM `files_komm` WHERE `id_file` = '$file[id]'");
mysqli_query($dbi, "DELETE FROM `files` WHERE `id` = '$file[id]' AND `type` = 'file'");
mysqli_query($dbi, "DELETE FROM `files_zone` WHERE `id_file` = '$file[id]' AND `type` = 'file'");
mysqli_query($dbi, "DELETE FROM `lenta` WHERE `id_object` = '$file[id]' AND `type` = 'file'");
unlink($file['path']);
if (is_file(H."i/tmp_flv/".$file['id'].".video.flv"))unlink(H."i/tmp_flv/".$file['id'].".video.flv");
}
msg_sess("Удалено ".sklon_text(count($_SESSION['files_multi_select']), array('файл', 'файла', 'файлов')));
//unset($_SESSION['files_multi_select']);
$_SESSION['files_multi_select'] = array();
locon(" ?dir=$dir[id]");
exit();
} else hacked_by_Killer();
}
echo "<div class=list><form method='POST' action=''>n";
echo "Подтвердите удаление файлов<br />n";
echo "<input type='hidden' name='mdp' value='$mdp'>n";
echo "<input type='submit' name='submited' value='Удалить' /> <a href='?dir=$dir[id]&page=$page'>Отмена</a>n";
echo "</form></div>n";
ex_foot();
}
// вводим выбранные файлы в список
if (isset($_POST['multi_select_submited'])) {
if (hsc(@$_POST['mdp'])==$mdp) {
$query = mysqli_query($dbi, "SELECT * FROM `files` WHERE `id_user` = '$ank[id]' AND `type` = 'file' AND `id_dir` = '$dir[id]' ORDER BY `name` ASC LIMIT $start, $config[rop]");
while ($post = mysqli_fetch_array($query)) {
if (in_array($post['id'], $_SESSION['files_multi_select']))unset($_SESSION['files_multi_select'][$array_files_multi_select_keyvalue[$post['id']]]);
}
foreach ($_POST as $key => $value) {
if (preg_match('#^multi_select_file_([0-9]*)$#', $key, $postnum) && $value == 1) {
if (mysqli_result("SELECT COUNT(*) FROM `files` WHERE `id_user` = '$ank[id]' AND `type` = 'file' AND `id_dir` = '$dir[id]' AND `id` = '$postnum[1]'"))$_SESSION['files_multi_select'][] = $postnum[1];
}
}
locon(" ?dir=$dir[id]&page=$page");
exit();
} else hacked_by_Killer();
}
echo "<form method='post' action='' class='multi'>n";
echo "<div class='list_dr'>n";
if ($count_files_multi_select > 0) {
echo "Выбрано ".sklon_text($count_files_multi_select, array('файл', 'файла', 'файла')).".n";
if ($dir['access']!='all' && $count_files_fz_multi_select == 0 || $dir['access']=='all')echo " Выберите папку для перемещения и нажмите «<a href='?dir=$dir[id]&page=$page&files_multi_select=finish&mdp=$mdp'>Переместить сюдa</a>»n";
}
else echo "Выберите файлы для перемещенияn";
echo "</div>n";
}
?>