Location: PHPKode > projects > chillyCMS > chillyCMS/modules/download/addfiles.include.php
<?php
defined('DOIT') or die('Restricted access');

function add_files($msg) {
	global $showfolder,$mysession,$is_admin,$l_edit,$l_gen,$mod_dl,$modid,$page;
	echo "<div class='popup'><br><h3 class='center'>$mod_dl[lbl_addfiles]</h3>";
	$folders=array();
	$path="../../media";
	$folders[]=$path;
	folderselect_recursive($path,$folders);
	$sql="select name from system_groups where";
	foreach ($mysession->user->gids as $gid) {
		$sql.=" gid=$gid or";
	}
	$sql=substr($sql,0,-3);
	$page->query($sql);
	$result = $page->db->getdata_array();
	//$result = db_query_array($sql);
	$okgroups=array();
	foreach ($result as $group) {
		$okgroups[]=$group["name"];
	}
	echo $msg;
	echo "<form class='downloadlinklist' method='post' action='addfiles.php'>".
	"<select name='folder' size='1' class='button'>";
	sort($folders);
	foreach ($folders as $folder) {
		$folderend=explode("/",$folder);
		$folderend=array_pop($folderend);
		//either a group the user is in or the media folder
		if (in_array($folderend,$okgroups) or $folderend=="media" or $is_admin) {
			if ($showfolder==$folder) {
				echo "<option selected='selected' value='$folder'>".substr($folder,3)."</option>";
			} else {
				echo "<option value='$folder'>".substr($folder,3)."</option>";
			}
		}
	}
	echo "</select><input type='submit' class='button' value='$l_gen[lbl_show]'></input>".
	"<input type='hidden' name='modid' value='$modid' /></form>";
	show_files($showfolder);
	echo "</div>";
}
//Show links to all items /////////////////////////////////////////////////////////////////////////
function show_files($path) {
	global $showfolder,$mysession,$is_admin,$l_tools,$l_edit,$l_gen,$modid,$page;
	$realpath=PATH."/".cut_doubledots($path);
	$path="/".cut_doubledots($path);
	//Open selected folder
	$fh = opendir($realpath);
	$verzeichnisinhalt = array();
	while (true == ($file = readdir($fh))) {
		if (!is_dir($realpath."/".$file) && $file!="." && $file!="..") {
			$verzeichnisinhalt[] = $file;
		}
	}
	//Check if the directory is a groupfolder
	$thisfolder=explode("/",substr($path,0,-1));
	$foldername=array_pop($thisfolder);
	//$db = new Database();
	$sql="select u.uid from system_groups as g, system_users as u where g.name='$foldername' and g.moderator=u.uid";
	$page->query($sql);
	$uid = $page->db->getdata();
	//$db->query($sql);
	//$uid=$db->getdata();
	$sql="select * from mod_download where `modid`=$modid";
	$page->query($sql);
	$filesfordownload = $page->db->getdata_array();
	//$db->query($sql);
	//$filesfordownload=$db->getdata_array();
	//$db->close();
	//sort the files for download
	$downloadfiles=array();
	foreach ($filesfordownload as $df) {
		$downloadfiles[] = $df["filename"];
	}
	//The moderator's uid
	$moduid=$uid["uid"];
	$is_mod=false;
	if ($moduid == $mysession->user->uid) { $is_mod=true; }
	//append / if required
	if (substr($path,-1)!="/") { $path.="/"; }
	if (substr($realpath,-1)!="/") { $realpath.="/"; }
	sort($verzeichnisinhalt);
	echo "\t\t<div>\n".
	"\t\t\t<table class='downloadlinklist' style='width:100%' cellspacing='0'>\n".
	"<tr><th>$l_edit[lbl_name]</th>".
	"<th class='center'>$l_tools[lbl_filesize]</th>".
	"<th></th></tr>";
	$style="odd";
	//read content of all files that are already in the download module
	foreach ($verzeichnisinhalt as $vi) {
		$filesize=filesize_text(filesize($realpath.$vi));
		echo "\t\t\t\t<tr class='$style'>\n".
		"\t\t\t\t\t<td class='left'>$vi</td>".
		"<td class='right' width='60px'>$filesize</td>\n";
		//if file is not yet in list show add button
		echo "<td width='20px'>";
		if (!in_array($vi,$downloadfiles)) {
			echo "<form method='post' action='addfiles.php'>".
			"<input type='hidden' name='folder' value='$showfolder' />".
			"<input type='hidden' name='modid' value='$modid' />".
			"<input type='hidden' name='action' value='add' />".
			"<input type='hidden' name='file' value='$vi' />".
			"<input type='hidden' name='location' value='$path' />".
			"<input type='submit' class='imageinactive' title='$l_gen[lbl_add]' />".
			"</form>";
		} else {
			echo "<form method='post' action='addfiles.php'>".
			"<input type='hidden' name='folder' value='$showfolder' />".
			"<input type='hidden' name='modid' value='$modid' />".
			"<input type='hidden' name='action' value='remove' />".
			"<input type='hidden' name='file' value='$vi' />".
			"<input type='submit' class='imageactive' title='$l_gen[lbl_remove]' />".
			"</form>";
		}
		echo "</td>\t\t\t\t</tr>\n";
		if ($style=="odd") { $style="even"; } else { $style="odd"; }
	}
	echo "\t\t\t</table>\n".
	"\t\t</div>\n".
//	"\t<div class='clr'></div>\n".
	"\t</div>\n";
}
//Show folder select///////////////////////////////////////////////////////////////////////////////
function folderselect_recursive($path,&$folders) {
	global $mysession,$is_admin,$page;
	$handle = opendir($path);
	$result = false;
	//does the directory exist and can it be accessed?
	if ($handle) {
		//is there any content?
		while (false !== ($file = readdir($handle))) {
			//file is not the folder itself or the parent folder
			if ($file != "." && $file != "..") {
				$name = $path."/".$file;
				$printname=substr($name,strlen($path)+1);
				//"file" is a folder
				if (is_dir($name)) {
					array_push($folders,$name);
					//is the user allowed to see the folder? if not stop recursing into it
					$foldername=explode("/",$name);
					$myfolder=array_pop($foldername);
					//$result = db_query("select `gid` from system_groups where name='$myfolder'");
					$sql = "select `gid` from system_groups where name='$myfolder'";
					$page->query($sql);
					$result = $page->db->getdata();
					//If the user is in that group show him the folder
					if ($is_admin or $result>2) {
						$ar = folderselect_recursive($name,$folders);
					}
				}
			}
		}	
	}
	//close directory and return the contents
	closedir($handle);
	return $result; 
}
//Add a file to the download list//////////////////////////////////////////////////////////////////
function add_file($modid,$file,$location) {
	global $page;
	$location=cut_doubledots($location);
	$file=cut_doubledots($file);
	$myfile=PATH."/".$location."/".$file;
	if (is_file($myfile) && $modid>0) {
		$file=escape($file);
		$location=escape($location);
		$sql="insert into mod_download (`modid`,`filename`,`location`) values ($modid,'$file','$location')";
		$page->query($sql);
	}
}
//Remove a file from the download list/////////////////////////////////////////////////////////////
function remove_file($modid,$file) {
	global $page;
	$sql="delete from mod_download where `modid`=$modid and `filename`='$file'";
	$page->query($sql);
}
?>
Return current item: chillyCMS