Вход Регистрация
Файл: public_html/modules/downloads/add_file.php
Строк: 146
<?php
/**********************************
*    @package: PerfCMS              *
*    @year: 2012                      *
*    @author: Artas                  *
*    @link: http://perfcms.net     *
* ------------------------------- *
*    @package: PerfCMS Ultra          *
*    @year: 2013                      *
*   @author: wanya26ua & Tesla    *
*   @link: http://perfclub.ru     *
**********************************/
$locate    'in_downloads';
$dir_id = (isset($_GET['dir_id']) ? abs(intval($_GET['dir_id'])) : 0);
if(
$dir_id != && $db->query("SELECT * FROM `downloads` WHERE `id` = '$dir_id'")->rowCount() == || $user['level'] < 4)
    {
        
header('location: /downloads/');
        exit;
    }
if(isset(
$_GET['act']) && $_GET['act'] == 'add')
    {
        
$err false;
        
$name mb_substr(input($_POST['file_name']), 0100);
        
$desc input($_POST['file_desc']);
        
$trans_name cyrlat(input($_POST['file_name']));
        
$root_dir $db->query("SELECT server_path FROM `downloads` WHERE `id` = '"$dir_id ."'")->fetchColumn();
        if (
$_FILES['dl_file']['tmp_name']) 
        {
            
$file_info pathinfo($_FILES['dl_file']['name']);
            
$file_info['extension'] = strtolower($file_info['extension']);

            if (!
in_array($file_info['extension'], explode(';'$system['files_types']))) { $err 'File extension not allowed.<br />'; }
            
$servname cyrlat($file_info['filename']).'.'.$file_info['extension'];
            if (
file_exists(ROOT.'/files/downloads/'.$root_dir.'/'.$trans_name.'/'.$servname)) { $err 'This is file exists<br />'; }
            if(
$err == false && !empty($name) && !empty($desc))
                {
                    
mkdir(ROOT.'/files/downloads/'.$root_dir.'/'.$trans_name);
                    
move_uploaded_file($_FILES['dl_file']['tmp_name'], ROOT.'/files/downloads/'.$root_dir.'/'.$trans_name.'/'.$servname);
                    
$db->query("INSERT INTO `downloads` SET `name` = '$name', `type` = '1', `dir_id` = '$dir_id', `server_path` = '', `description` = ''");
                    
// print_r($db->errorInfo());
                    
$db->query("INSERT INTO `downloads_files` SET `name` = '$name', `description` = '$desc', `server_name` = '$servname', `server_dir`='$trans_name', `ext` = '".$file_info['extension']."', `user_id`='"$user['id'] ."', `time` = '"time() ."', `ref_id` = '$dir_id', `from_id` = '"$db->lastInsertId() ."', `size` = '"$_FILES['dl_file']['size'] ."', `dl_times` = '0'");
                    
// print_r($db->errorInfo());
                        
if(preg_match('/png|jpg|jpeg|gif/i'$file_info['extension'])) {
                        
copy(ROOT.'/files/downloads/'.$root_dir.'/'.$trans_name.'/'.$servnameROOT.'/tmp/'.$servname);
                        
import_lib('upload.class');
                        
$handle = new upload(ROOT.'/tmp/'.$servname);
                        if (
$handle->uploaded) {
                            
$handle->allowed = array('image/*');
                            
$handle->file_new_name_body     'cache_'.$servname;
                            
$handle->image_convert         'png';
                            
$handle->image_resize            true;
                            
$handle->image_x                100;
                            
$handle->image_y                140;
                            
$handle->process(ROOT.'/cache/downloads_images/');
                        if (
$handle->processed) {
                            
// echo 'image resized';
                            
$handle->clean();
                            } 
                        else {
                            echo 
'error : ' $handle->error;
                            }
                        }
                    }
                    
header('location: /downloads/dir/'.$dir_id);
                    exit;
                }
        }
    }
$title $lang->word('dl_add_file').' | '.$lang->word('downloads');
require_once(
SYS.'/view/header.php');
$tpl->div('title'$lang->word('dl_add_file'));
echo 
'<div class="menu">
        <form action="/downloads/add_file?act=add'
.($dir_id != '&amp;dir_id='.$dir_id NULL).'" method="post" enctype="multipart/form-data">
        '
.$lang->word('dl_file_name').':<br/>
        <input type="text" name="file_name" /><br/>
        <b>'
$lang->word('dl_choose_file') .'</b>:<br/>
            <input name="dl_file" type="file" /><br/>
        '
.$lang->word('dl_file_desc').':<br/>
        <textarea name="file_desc" rows="5" cols="25"></textarea><br/>
        <input type="submit" value="'
$lang->word('add') .'" />
        </form>
    </div>'
;
$tpl->div('block', ($dir_id != img('folder.png') .' <a href="/downloads/dir/'$dir_id.'">'.$db->query("SELECT name FROM `downloads` WHERE `id` = '"$dir_id ."'")->fetchColumn().'</a><br/>' img('folder.png') . ' <a href="/downloads/">'$lang->word('back') .'</a><br/>').
                '
img('download.png') . ' <a href="/downloads/">'$lang->word('downloads') .'</a><br/>'
                
HICO .' <a href="/">'$lang->word('home') .'</a>');
require_once(
SYS.'/view/footer.php');
?>
Онлайн: 2
Реклама