Просмотр файла modules/share/add_file.php

Размер файла: 5.08Kb
  1. <?php
  2. /**********************************
  3. * @package: PerfCMS *
  4. * @year: 2012 *
  5. * @author: Artas *
  6. * @link: http://perfcms.pp.ua *
  7. **********************************/
  8. $locate = 'in_share';
  9. if(!isset($user) || !isset($_GET['cat_id'])) { header('Location:/'); }
  10. if($db->query("SELECT * FROM `share_c` WHERE `id` = '". $_GET['cat_id'] ."'")->rowCount() == 0) {
  11. header('Location:/share/');
  12. }
  13. if(isset($_POST['add']) && $_GET['act'] == 'add') {
  14. $file_dir = ROOT .'/files/share/';
  15. if ($_FILES['file']['tmp_name']) {
  16. if(!empty($_POST['name'])) {$file_name = mb_substr(escape($_POST['name']), 0, 55);} else { $err = 'Name is empty'; }
  17. if(!empty($_POST['about'])) {$file_text = mb_substr(escape($_POST['about']), 0, 5000);} else { $err = 'Text is empty'; }
  18. $patch = pathinfo($_FILES['file']['name']);
  19. if (!in_array($patch['extension'], explode(';', $system['files_types']))) { $err = 'File extention not allowed.<br />'; }
  20. $name_start = cyrlat($patch['filename']);
  21. $name_short = trim($name_start).time();
  22. $name_end = mb_convert_encoding($name_short, "UTF-8");
  23. $name = 'perfcms_'.$name_end.'.'. $patch['extension'];
  24. if (file_exists($file_dir . $name)) { $err = 'This file exists<br />'; }
  25. if(!isset($err)) {
  26. move_uploaded_file($_FILES['file']['tmp_name'], $file_dir . $name);
  27. if (empty($file_name)) $file_name = str_replace('.'. $patch['extension'], '', $patch['basename']);
  28. $db->query("INSERT INTO `share_files` SET `time` = '". time() ."', `name` = '". input($file_name) ."', `size` = '". $_FILES['file']['size'] ."', `path_name` = '". $name."', `ext` = '$patch[extension]', `path` = '$file_dir', `user_id` = '". $user['id'] ."', `text` = '". input($file_text) ."', `cat_id` = '". $_GET['cat_id'] ."', `moderate` = '0'");
  29. // print_r($db->errorInfo());
  30. header('Location:/share/file/'. $db->lastInsertId() .'/');
  31. } else { echo $err; }
  32. }
  33. }
  34. elseif(isset($_POST['import']) && $_GET['act'] == 'import') {
  35. $file_dir = ROOT .'/files/share/';
  36. if (!empty($_POST['file'])) {
  37. if(!empty($_POST['name'])) {
  38. $file_name = mb_substr(escape($_POST['name']), 0, 55);
  39. }
  40. else {
  41. $err = 'Name is empty';
  42. }
  43. if(!empty($_POST['about'])) {
  44. $file_text = mb_substr(escape($_POST['about']), 0, 5000);
  45. }
  46. else {
  47. $err = 'Text is empty';
  48. }
  49. $urlinfo = pathinfo(parse_url(input($_POST['file']),PHP_URL_PATH));
  50. $name = 'perfcms_'.cyrlat($urlinfo['filename']).time().'.'.$urlinfo['extension'];
  51. if (file_exists($file_dir . $name)) { $err = 'This file exists<br />'; }
  52. copy(input($_POST['file']), ROOT.'/files/share/'.$name);
  53. $filesize = filesize(ROOT.'/files/share/'.$name);
  54. if(!isset($err)) {
  55. if (empty($file_name)) $file_name = $name;
  56. $db->query("INSERT INTO `share_files` SET `time` = '". time() ."', `name` = '". input($file_name) ."', `size` = '". $filesize ."', `path_name` = '". $name."', `ext` = '$urlinfo[extension]', `path` = '$file_dir', `user_id` = '". $user['id'] ."', `text` = '". input($file_text) ."', `cat_id` = '". $_GET['cat_id'] ."', `moderate` = '0'");
  57. // print_r($db->errorInfo());
  58. header('Location:/share/file/'. $db->lastInsertId() .'/');
  59. } else { echo $err; }
  60. }
  61. }
  62. if(isset($_GET['type']) && $_GET['type'] == 'import') {
  63. $title = $lang->word('import');
  64. require_once(SYS.'/view/header.php');
  65. $tpl->div('title', $lang->word('import'));
  66. echo '<form action="/share/add_file/'. $_GET['cat_id'] .'/?act=import" method="post">
  67. <div class="menu">
  68. <b>'. $lang->word('name') .'</b>:<br/>
  69. <input type="text" name="name" /><br/>
  70. <b>'. $lang->word('import_adress') .'</b>:<br/>
  71. <input name="file" type="text" value="http://"/><br/>
  72. <b>'. $lang->word('about') .'</b>:<br/>
  73. <textarea name="about" rows="5" cols="26"></textarea><br/>
  74. <input name="import" type="submit" value="'. $lang->word('import') .'" /><br/>
  75. </div>
  76. </form>';
  77. $tpl->div('block', img('upload.png'). '<a href="/share/add_file/'. $_GET['cat_id'] .'/">'.$lang->word('upload').'</a><br/>'. NAV .'<a href="/share/">'. $lang->word('share') .'</a><br/>' . HICO .'<a href="/">'. $lang->word('home').'</a>');
  78. require_once(SYS.'/view/footer.php');
  79. exit;
  80. }
  81. $title = $lang->word('add_file');
  82. require_once(SYS.'/view/header.php');
  83. $tpl->div('title', $lang->word('add_file'));
  84. echo '<form action="/share/add_file/'. $_GET['cat_id'] .'/?act=add" method="post" enctype="multipart/form-data">
  85. <div class="menu">
  86. <b>'. $lang->word('name') .'</b>:<br/>
  87. <input type="text" name="name" /><br/>
  88. <b>'. $lang->word('choose_file') .'</b>:<br/>
  89. <input name="file" type="file" /><br/>
  90. <b>'. $lang->word('about') .'</b>:<br/>
  91. <textarea name="about" rows="5" cols="26"></textarea><br/>
  92. <input name="add" type="submit" value="'. $lang->word('upload') .'" /><br/>
  93. </div>
  94. </form>';
  95. $tpl->div('block', img('upload.png'). '<a href="/share/add_file/'. $_GET['cat_id'] .'/?type=import">'.$lang->word('import').'</a><br/>'. NAV .'<a href="/share/">'. $lang->word('share') .'</a><br/>' . HICO .'<a href="/">'. $lang->word('home').'</a>');
  96. require_once(SYS.'/view/footer.php');
  97. ?>