$GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt';
-require_once(INC_WFPL . 'format.php');
-require_once(INC_WFPL . 'email.php');
-require_once(INC_WFPL . 'upload.php');
+require_once(__DIR__.'/'.'inc/wfpl/format.php');
+require_once(__DIR__.'/'.'inc/wfpl/email.php');
+require_once(__DIR__.'/'.'inc/wfpl/upload.php');
function admin_files_get_fields() {
$data = array();
#header('Content-Type: text/plain');
#print_r(array($_REQUEST['filename'], $_FILES['filename']));
#exit();
- $filename_filename_tmp = format_filename($_FILES['filename']['name']);
+ $filename_filename_tmp = format_filename($_FILES['filename']['name'], true);
if(!$filename_filename_tmp) {
$filename_filename_tmp = $GLOBALS['filename_file_name'];
}
if(_REQUEST_cut('delete_filename') == 'Yes') {
$data['filename'] = '';
} else {
- $data['filename'] = format_path(_REQUEST_cut('old_filename'));
+ $data['filename'] = format_path(_REQUEST_cut('old_filename'), true);
}
}
unset($_FILES['filename']);
function admin_files_main() {
- if(logged_in_as_admin()) {
- tem_set('admin_privs');
- } else {
- $_REQUEST['url'] = this_url();
- return 'admin_login';
- }
+ session_auth_must('admin_files');
$id = _REQUEST_cut('edit_id');
if($id) {