Вход Регистрация
Файл: public_html/modules/downloads/attach_files.php
Строк: 107
<?php
/**********************************
*    @package: PerfCMS              *
*    @year: 2012                      *
*    @author: Artas                  *
*    @link: http://perfcms.net     *
* ------------------------------- *
*    @package: PerfCMS Ultra          *
*    @year: 2013                      *
*   @author: wanya26ua & Tesla    *
*   @link: http://perfclub.ru     *
**********************************/
$locate    'in_downloads';
$file_id abs(intval($_GET['id']));
if(!isset(
$file_id) && $db->query("SELECT * FROM `downloads_files` WHERE `id` = '$file_id'")->rowCount() == || $user['level'] < 4)
    {
        
header('location: /downloads/');
        exit;
    }
$filei $db->query("SELECT * FROM `downloads_files` WHERE `id` = '"$file_id ."'")->fetch();
$root_dir $db->query("SELECT server_path FROM `downloads` WHERE `id` = '"$filei['ref_id'] ."'")->fetchColumn();
if(isset(
$_POST['upload'])) {
    
$numf substr(abs(intval($_POST['dl_num_files'])), 02);
    
$err false;
    for(
$i=1;$i<=$numf;$i++)
        {
            if(
$_FILES['dl_num_file_'.$i]['tmp_name'] && !empty($_POST['dl_name_file_'.$i]))
                {
                    
$namef mb_substr(input($_POST['dl_name_file_'.$i]), 064);
                    
$file_info pathinfo($_FILES['dl_num_file_'.$i]['name']);
                    
$file_info['extension'] = strtolower($file_info['extension']);
                    
$servname cyrlat($file_info['filename']).'.'.$file_info['extension'];
                    if (!
in_array($file_info['extension'], explode(';'$system['files_types']))) { $err 'File extension not allowed.<br />'; }
                    if(
$err == false)
                        {
                            
move_uploaded_file($_FILES['dl_num_file_'.$i]['tmp_name'], ROOT.'/files/downloads/'.$root_dir.'/'.$filei['server_dir'].'/'.$servname);
                            
$db->query("INSERT INTO `downloads_archive` SET `name` = '$namef', `file_id` = '$filei[id]', `server_name`='$servname', `size` = '".$_FILES['dl_num_file_'.$i]['size']."', `ext` = '".$file_info['extension']."'");
                            
$db->query("UPDATE `downloads_files` SET `time` = '"time() ."' WHERE `id` = '$filei[id]'");
                            
header('location: /downloads/file/'.$file_id);
                            exit;
                        }
                    else
                        {
                            echo 
$err;
                        }
                }
        }
    }
$title $lang->word('dl_attach_files').' | '.$lang->word('downloads');
require_once(
SYS.'/view/header.php');
$tpl->div('title'$lang->word('dl_attach_files'));
echo 
'<div class="menu">
        <form action="/downloads/attach_files/'
.$file_id.'?" method="post" enctype="multipart/form-data">
        '
.$lang->word('dl_num_files').': <input type="text" size="2" value="1" name="dl_num_files" />
        <input type="submit" value="Go!" /><br/>'
;
        
$num_files substr(abs(intval($_POST['dl_num_files'])), 02);
        if(isset(
$_POST['dl_num_files'])) {
        for(
$i=1;$i<=$num_files;$i++)
            {
                echo 
$lang->word('dl_file_name').' '.$i.':<br/>
                <input type="text" name="dl_name_file_'
.$i.'" /><br/>
                '
.$lang->word('dl_file').' '.$i.':<br/>
                <input type="file" name="dl_num_file_'
.$i.'" /><br/>';
            }
echo 
'     <input name="upload" type="submit" value="'$lang->word('add') .'" />';
    }
        echo 
'</form>';
echo    
'</div>';
$tpl->div('block'img('nav.png') . ' <a href="/downloads/file/'.$file_id.'">'$lang->word('back') .'</a><br/>' 
                
img('download.png') . ' <a href="/downloads/">'$lang->word('downloads') .'</a><br/>'
                
HICO .' <a href="/">'$lang->word('home') .'</a>');
require_once(
SYS.'/view/footer.php');
?>
Онлайн: 5
Реклама