$GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt';
-require_once(DOCROOT . 'inc/wfpl/format.php');
-require_once(DOCROOT . 'inc/wfpl/email.php');
-require_once(DOCROOT . 'inc/wfpl/upload.php');
+require_once(__DIR__.'/'.'inc/wfpl/format.php');
+require_once(__DIR__.'/'.'inc/wfpl/email.php');
+require_once(__DIR__.'/'.'inc/wfpl/upload.php');
function admin_files_get_fields() {
- $data = array();
-
- $data['description'] = format_oneline(_REQUEST_cut('description'));
-
- #header('Content-Type: text/plain');
- #print_r(array($_REQUEST['filename'], $_FILES['filename']));
- #exit();
- $filename_filename_tmp = format_filename($_FILES['filename']['name']);
- if(!$filename_filename_tmp) {
- $filename_filename_tmp = $GLOBALS['filename_file_name'];
- }
- if($_FILES['filename'] && $_FILES['filename']['error'] == 0) {
- $data['filename'] = save_uploaded_file('filename', $GLOBALS['upload_directory'] . $filename_filename_tmp);
- } else {
- if(_REQUEST_cut('delete_filename') == 'Yes') {
- $data['filename'] = '';
- } else {
- $data['filename'] = format_path(_REQUEST_cut('old_filename'));
- }
- }
- unset($_FILES['filename']);
-
- return $data;
+ $data = array();
+
+ $data['description'] = format_oneline(_REQUEST_cut('description'));
+
+ #header('Content-Type: text/plain');
+ #print_r(array($_REQUEST['filename'], $_FILES['filename']));
+ #exit();
+ $filename_filename_tmp = format_filename($_FILES['filename']['name'], true);
+ if(!$filename_filename_tmp) {
+ $filename_filename_tmp = $GLOBALS['filename_file_name'];
+ }
+ if($_FILES['filename'] && $_FILES['filename']['error'] == 0) {
+ $data['filename'] = save_uploaded_file('filename', $GLOBALS['upload_directory'] . $filename_filename_tmp);
+ } else {
+ if(_REQUEST_cut('delete_filename') == 'Yes') {
+ $data['filename'] = '';
+ } else {
+ $data['filename'] = format_path(_REQUEST_cut('old_filename'), true);
+ }
+ }
+ unset($_FILES['filename']);
+
+ return $data;
}
function admin_files_main() {
- if(logged_in_as_admin()) {
- tem_set('admin_privs');
- } else {
- $_REQUEST['url'] = this_url();
- return 'admin_login';
- }
-
- $id = _REQUEST_cut('edit_id');
- if($id) {
- return admin_files_main_form($id);
- }
-
- $id = _REQUEST_cut('admin_files_delete_id');
- if($id) {
- return admin_files_main_delete($id);
- }
-
- if(_REQUEST_cut('new')) {
- return admin_files_main_form();
- }
-
- if(_REQUEST_cut('list')) {
- return admin_files_main_listing();
- }
-
- if(isset($_POST['description'])) {
- return admin_files_main_form();
- }
-
- # default action:
- return admin_files_main_listing();
+ session_auth_must('admin_files');
+
+ $id = _REQUEST_cut('edit_id');
+ if($id) {
+ return admin_files_main_form($id);
+ }
+
+ $id = _REQUEST_cut('admin_files_delete_id');
+ if($id) {
+ return admin_files_main_delete($id);
+ }
+
+ if(_REQUEST_cut('new')) {
+ return admin_files_main_form();
+ }
+
+ if(_REQUEST_cut('list')) {
+ return admin_files_main_listing();
+ }
+
+ if(isset($_POST['description'])) {
+ return admin_files_main_form();
+ }
+
+ # default action:
+ return admin_files_main_listing();
}
function admin_files_main_delete($id) {
- $fn = db_get_value('files', 'filename', 'where id=%i', $id);
- if ($fn) {
- unlink($fn);
- db_delete('files', 'where id=%i', $id);
- message('File deleted.');
- } else {
- message("Couldn't find file to delete. Maybe it's already been deleted?");
- }
- return './admin_files';
+ $fn = db_get_value('files', 'filename', 'where id=%i', $id);
+ if ($fn) {
+ unlink($fn);
+ db_delete('files', 'where id=%i', $id);
+ message('File deleted.');
+ } else {
+ message("Couldn't find file to delete. Maybe it's already been deleted?");
+ }
+ return './admin_files';
}
function admin_files_main_listing() {
- $listing_rows = db_get_assocs('files', 'id,filename,description', 'order by coalesce(nullif(description, ""), substring(filename, 7)) limit 100');
- tem_set('listings', $listing_rows);
+ $listing_rows = db_get_assocs('files', 'id,filename,description', 'order by coalesce(nullif(description, ""), substring(filename, 7)) limit 100');
+ tem_set('listings', $listing_rows);
}
function admin_files_main_form($id = false) {
- if($id) {
- tem_set('id', $id);
- }
-
- if(isset($_POST['description'])) {
- $data = admin_files_get_fields();
-
- if("you're happy with the POSTed values") {
- if($id) {
- db_update_assoc('files', $data, 'where id=%i', $id);
- message('File updated.');
- } else {
- db_insert_assoc('files', $data);
- message('File saved.');
- }
- if($error !== true) {
- return './admin_files';
- }
- }
- # otherwise, we display the form again. admin_files_get_fields() has
- # already put the posted values back into the template engine, so they will
- # show up in the form fields. You should add some message asking people to
- # fix their entry in whatever way you require.
- } elseif($id) {
- # we've recieved an edit id, but no data. So we grab the values to be edited from the database
- $data = db_get_assoc('files', ADMIN_FILES_DB_FIELDS, 'where id=%i', $id);
- } else {
- # form not submitted, you can set default values like so:
- #$data = array('description' => 'Yes');
- $data = array();
- }
-
- tem_set('upload_max_filesize', upload_max_filesize());
-
- tem_set('form', $data);
+ if($id) {
+ tem_set('id', $id);
+ }
+
+ if(isset($_POST['description'])) {
+ $data = admin_files_get_fields();
+
+ if("you're happy with the POSTed values") {
+ if($id) {
+ db_update_assoc('files', $data, 'where id=%i', $id);
+ message('File updated.');
+ } else {
+ db_insert_assoc('files', $data);
+ message('File saved.');
+ }
+ if($error !== true) {
+ return './admin_files';
+ }
+ }
+ # otherwise, we display the form again. admin_files_get_fields() has
+ # already put the posted values back into the template engine, so they will
+ # show up in the form fields. You should add some message asking people to
+ # fix their entry in whatever way you require.
+ } elseif($id) {
+ # we've recieved an edit id, but no data. So we grab the values to be edited from the database
+ $data = db_get_assoc('files', ADMIN_FILES_DB_FIELDS, 'where id=%i', $id);
+ } else {
+ # form not submitted, you can set default values like so:
+ #$data = array('description' => 'Yes');
+ $data = array();
+ }
+
+ tem_set('upload_max_filesize', upload_max_filesize());
+
+ tem_set('form', $data);
}