Файл: modules/downloads/file_edit.php
Строк: 83
<?php
/**
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) 2013, Taras Chornyi, Sergiy Mazurenko, Ivan Kotliar
* @link http://perf-engine.net
* @package PerfEngine
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
$locate = 'in_downloads';
$file_id = abs(intval($_GET['id']));
if(!isset($_GET['id']) && $db->query("SELECT * FROM `downloads_files` WHERE `id` = '$file_id'")->rowCount() == 0 || !User::logged())
{
redirect('/downloads/');
}
if($db->query("SELECT user_id FROM `downloads_files` WHERE `id` = '$file_id'")->fetchColumn() != User::Id() && User::level() < 5)
{
redirect('/downloads/file/'.$file_id);
}
$filei = $db->query("SELECT * FROM `downloads_files` WHERE `id` = '". $file_id ."'")->fetch();
if(isset($_GET['act']) && $_GET['act'] == 'save')
{
$name = mb_substr(input($_POST['file_name']), 0, 100);
$desc = input($_POST['file_desc']);
$dir = num($_POST['directory']);
if(!empty($name) && !empty($desc))
{
$db->query("UPDATE `downloads_files` SET `name` = '$name', `description` = '$desc', `ref_id` = '$dir' WHERE `id` = '$file_id'");
$db->query("UPDATE `downloads` SET `name` = '$name', `description` = '$desc', `dir_id` = '$dir' WHERE `id` = '".$filei['from_id']."'");
header('location: /downloads/file/'.$file_id);
exit;
}
}
$title = _t('dl_edit_file').' | '._t('downloads');
include_header($title);
$tpl->div('title', _t('dl_add_file'));
echo '<div class="post">
<form action="/downloads/file_edit/'.$file_id.'?act=save" method="post">
'._t('dl_file_name').':<br/>
<input type="text" value="'.$filei['name'].'" name="file_name" /><br/>
'._t('dl_file_desc').':<br/>
<textarea name="file_desc" rows="5" cols="25">'.$filei['description'].'</textarea><br/>';
$directories = $db->query("SELECT * FROM `downloads` WHERE `type` = '0'".(User::level() < 5 ? " AND `access` = '1'" : null)."");
if($directories->rowCount() != 0)
{
echo _t('move').':<br/>
<select name="directory">
'.(User::level() >=5 ? '<option value="0"'.($filei['ref_id'] == 0 ? ' selected="selected"' : null).'>Home folder</option>' : null);
foreach($directories as $directory)
{
echo '<option value="'.$directory['id'].'"'.($filei['ref_id'] == $directory['id'] ? ' selected="selected"' : null).'>'.$directory['name'].'</option>';
}
echo '</select><br/>';
}
echo '<input type="submit" value="'. _t('save') .'" />
</form>
</div>';
$tpl->div('block', img('nav.png') . ' <a href="/downloads/file/'.$file_id.'">'. _t('back') .'</a><br/>'
. img('download.png') . ' <a href="/downloads/">'. _t('downloads') .'</a><br/>'
. HICO .' <a href="/">'. _t('home') .'</a>');
include_footer();
?>