Просмотр файла modules/downloads/attach_files.php

Конкурс дизайнеров на 15000 рублей
Скрипты | CMS | Боты
Размер файла: 3.1Kb 
  1. <?php
  2. /**********************************
  3. *	@package: PerfCMS			  *
  4. *	@year: 2012					  *
  5. *	@author: Artas				  *
  6. *	@link: http://perfcms.org.ua  *
  7. **********************************/
  8. $locate	= 'in_downloads';
  9. $file_id = abs(intval($_GET['id']));
  10. if(!isset($file_id) && $db->query("SELECT * FROM `downloads_files` WHERE `id` = '$file_id'")->rowCount() == 0 || $user['level'] < 4)
  11. 	{
  12. 		header('location: /downloads/');
  13. 		exit;
  14. 	}
  15. $filei = $db->query("SELECT * FROM `downloads_files` WHERE `id` = '". $file_id ."'")->fetch();
  16. $root_dir = $db->query("SELECT server_path FROM `downloads` WHERE `id` = '". $filei['ref_id'] ."'")->fetchColumn();
  17. if(isset($_POST['upload'])) {
  18. 	$numf = substr(abs(intval($_POST['dl_num_files'])), 0, 2);
  19. 	$err = false;
  20. 	for($i=1;$i<=$numf;$i++)
  21. 		{
  22. 			if($_FILES['dl_num_file_'.$i]['tmp_name'] && !empty($_POST['dl_name_file_'.$i]))
  23. 				{
  24. 					$namef = mb_substr(input($_POST['dl_name_file_'.$i]), 0, 64);
  25. 					$file_info = pathinfo($_FILES['dl_num_file_'.$i]['name']);
  26. 					$file_info['extension'] = strtolower($file_info['extension']);
  27. 					$servname = cyrlat($file_info['filename']).'.'.$file_info['extension'];
  28. 					if (!in_array($file_info['extension'], explode(';', $system['files_types']))) { $err = 'File extension not allowed.<br />'; }
  29. 					if($err == false)
  30. 						{
  31. 							move_uploaded_file($_FILES['dl_num_file_'.$i]['tmp_name'], ROOT.'/files/downloads/'.$root_dir.'/'.$filei['server_dir'].'/'.$servname);
  32. 							$db->query("INSERT INTO `downloads_archive` SET `name` = '$namef', `file_id` = '$filei[id]', `server_name`='$servname', `size` = '".$_FILES['dl_num_file_'.$i]['size']."', `ext` = '".$file_info['extension']."'");
  33. 							$db->query("UPDATE `downloads_files` SET `time` = '". time() ."' WHERE `id` = '$filei[id]'");
  34. 							header('location: /downloads/file/'.$file_id);
  35. 							exit;
  36. 						}
  37. 					else
  38. 						{
  39. 							echo $err;
  40. 						}
  41. 				}
  42. 		}
  43. 	}
  44. $title = $lang->word('dl_attach_files').' | '.$lang->word('downloads');
  45. require_once(SYS.'/view/header.php');
  46. $tpl->div('title', $lang->word('dl_attach_files'));
  47. echo '<div class="menu">
  48. 		<form action="/downloads/attach_files/'.$file_id.'?" method="post" enctype="multipart/form-data">
  49. 		'.$lang->word('dl_num_files').': <input type="text" size="2" value="1" name="dl_num_files" />
  50. 		<input type="submit" value="Go!" /><br/>';
  51. 		$num_files = substr(abs(intval($_POST['dl_num_files'])), 0, 2);
  52. 		if(isset($_POST['dl_num_files'])) {
  53. 		for($i=1;$i<=$num_files;$i++)
  54. 			{
  55. 				echo $lang->word('dl_file_name').' '.$i.':<br/>
  56. 				<input type="text" name="dl_name_file_'.$i.'" /><br/>
  57. 				'.$lang->word('dl_file').' '.$i.':<br/>
  58. 				<input type="file" name="dl_num_file_'.$i.'" /><br/>';
  59. 			}
  60. echo ' 	<input name="upload" type="submit" value="'. $lang->word('add') .'" />';
  61. 	}
  62. 		echo '</form>';
  63. echo	'</div>';
  64. $tpl->div('block', img('nav.png') . ' <a href="/downloads/file/'.$file_id.'">'. $lang->word('back') .'</a><br/>' 
  65. 				. img('download.png') . ' <a href="/downloads/">'. $lang->word('downloads') .'</a><br/>'
  66. 				. HICO .' <a href="/">'. $lang->word('home') .'</a>');
  67. require_once(SYS.'/view/footer.php');
  68. ?>