Размер файла: 1.13Kb
<?php
require_once('../wu_init.php');
if (!wu_token()) { exit('wu-error'); }
if (!USER_LOGGED) { exit('3'); }
$id = intval($_POST['item']);
if (empty($id)) { exit('3'); }
$nu = mysqli_fetch_assoc(mysqli_query($connect_db, "SELECT id,usr,siz,st FROM ".DB_PREFIX."_es WHERE id='$id' LIMIT 1"));
if ($nu['usr'] != $u_id) { exit('3'); }
if ($nu['siz'] > 0) { exit('3'); }
if ($nu['st'] == 1) { exit('3'); }
$valid_types = array('rar','zip', '7z', 'RAR', 'ZIP', '7Z');
$path = '../../eshop/items/';
$exts = substr($_FILES['arch']['name'], 1 + strrpos($_FILES['arch']['name'], "."));
$size = $_FILES['arch']['size'];
$mb = '1048576';
$esize = $size / $mb;
$fn = mysqli_real_escape_string($connect_db, $_FILES['arch']['name']);
if($size>(50*1024*1024)) { exit('4'); }
if (!in_array($exts, $valid_types)) { exit('0'); }
$rand = rand(0,999);
$src_s = $path.$dt.'_'.$rand.'.'.$exts;
$srcs = $dt.'_'.$rand.'.'.$exts;
if (move_uploaded_file($_FILES['arch']['tmp_name'], $src_s)) {
mysqli_query($connect_db, "UPDATE `".DB_PREFIX."_es` SET `siz` = '$esize', `fi` = '$fn', `sec` = '$srcs' WHERE id = '$id' AND usr='$u_id' LIMIT 1");
exit('1');
} else {
exit('3');
}
?>