<?php
-# This form requires wfpl. See: http://jasonwoof.org/wfpl
-
-# This form was initially auto-generated. If you would like to alter the
-# parameters and generate a new one try this URL:
-#
-# http://metaform.l/?file_name=admin_files&table_name=files&singular=file&plural=files&opt_email=No&opt_db=Yes&opt_listing=Yes&opt_display=No&opt_pass=Yes&opt_public_form=No&opt_public_display=No&fields=filename+file%0D%0Adescription+textbox&edit=yes
-
-
-# SETUP
-
-# To save results to a database, you'll need to create the files table
-# (the file admin_files.sql should help with this), and create the file
-# 'code/db_connect.php' which calls db_connect() see:
-# code/wfpl/examples/db_connect.php
-#
-# if you rename any of the database fields, you'll need to update this:
+# This form requires wfpl. See: http://sametwice.com/wfpl
define('ADMIN_FILES_DB_FIELDS', 'filename,description');
# Set this to the path to your uploads directory. It can be relative to the
# location of this script. IT MUST END WITH A SLASH
-$GLOBALS['upload_directory'] = 'uploads/';
+$GLOBALS['upload_directory'] = 'files/';
-$GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt'; # comment this out to use uploader's filename
+# emergency backup in case uploaders file name is blank somehow
+$GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt';
-require_once('code/wfpl/format.php');
-require_once('code/wfpl/email.php');
-require_once('code/wfpl/upload.php');
+require_once(DOCROOT . 'inc/wfpl/format.php');
+require_once(DOCROOT . 'inc/wfpl/email.php');
+require_once(DOCROOT . 'inc/wfpl/upload.php');
function admin_files_get_fields() {
$data = array();
$data['description'] = format_oneline(_REQUEST_cut('description'));
- $filename_filename_tmp = $GLOBALS['filename_file_name'];
+ #header('Content-Type: text/plain');
+ #print_r(array($_REQUEST['filename'], $_FILES['filename']));
+ #exit();
+ $filename_filename_tmp = format_filename($_FILES['filename']['name']);
if(!$filename_filename_tmp) {
- $filename_filename_tmp = format_filename(_REQUEST_cut('filename'));
+ $filename_filename_tmp = $GLOBALS['filename_file_name'];
}
if($_FILES['filename'] && $_FILES['filename']['error'] == 0) {
$data['filename'] = save_uploaded_file('filename', $GLOBALS['upload_directory'] . $filename_filename_tmp);
function admin_files_main() {
- if(logged_in_as_admin()) {
- tem_set('admin_privs');
- } else {
- $_REQUEST['url'] = this_url();
- return 'admin_login';
- }
+ session_auth_must('manage_files');
$id = _REQUEST_cut('edit_id');
if($id) {
}
function admin_files_main_delete($id) {
- db_delete('files', 'where id=%i', $id);
- message('File deleted.');
+ $fn = db_get_value('files', 'filename', 'where id=%i', $id);
+ if ($fn) {
+ unlink($fn);
+ db_delete('files', 'where id=%i', $id);
+ message('File deleted.');
+ } else {
+ message("Couldn't find file to delete. Maybe it's already been deleted?");
+ }
return './admin_files';
}
function admin_files_main_listing() {
- $listing_rows = db_get_assocs('files', 'id,filename,description', 'order by description limit 100');
+ $listing_rows = db_get_assocs('files', 'id,filename,description', 'order by coalesce(nullif(description, ""), substring(filename, 7)) limit 100');
tem_set('listings', $listing_rows);
}