<?php
/*
*****************************************************************
Mod_DownloadsManagement.php
*****************************************************************
LSP: Lunabyte Systems Portal
Open-Source Project Inspired by Zef Hemel (hide@address.com)
*****************************************************************
Software Version: LSP 2.0 "Enigma 2"
Software by: Lunabyte Systems (http://www.lunabyte.net)
Copyright 2002-2005 by: Lunabyte Systems (http://www.lunabyte.net)
Support, News, Updates at: http://www.lunabyte.net
*****************************************************************
This program is free software; you may redistribute it and/or modify it
under the terms of the provided license as published by Lunabyte Systems.
This program is distributed in the hope that it is and will be useful,
but WITHOUT ANY WARRANTIES; without even any implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
See the "LSP_license.txt" file for details of the LSP license.
The latest version can always be found at http://www.lunabyte.net.
*****************************************************************
*/
if (!defined('ENIGMA'))
die('<b>Access Violation</b><br />Direct Access to this location is not allowed.');
else
DownloadsManagement_Hub();
function DownloadsManagement_Hub()
{
global $context, $scripturl, $txt, $settings, $user_info;
$context['page_title'] = 'Downloads Management';
isAllowedTo('manage_downloads');
// Load the common admin stuff... select 'downloads_Management'.
if ($user_info['is_admin'])
adminIndex('Downloads_Management');
loadMTemplate('DownloadsManagement');
loadMLanguage('Downloads');
$context['current_cat'] = 0;
$context['cat_level'] = 0;
$context['cat_cache'] = array();
$_REQUEST['catd'] = !empty($_REQUEST['catd']) ? $_REQUEST['catd'] : NULL;
$sa = !empty($_REQUEST['sa']) ? $_REQUEST['sa'] : NULL;
$subActions = array(
'adddowncat',
'aedcat',
'aedown',
'aedown2',
'aedown_sub',
'deldowncat',
'ddwnld',
'eddowncat',
'eddowncat2',
'edwnld',
'edwnld2',
'resetcounter',
);
if (in_array($sa, $subActions))
$sa();
elseif (isset($subActions[$sa]))
$subActions[$sa]();
else
aedown();
unset($subActions);
$context['sub_template'] = 'rawdata';
$context['template_layers'][] = 'DlManage';
}
function aedcat()
{
global $context, $scripturl, $db_prefix, $settings, $txt;
$context['raw_data'] .= '
<a name="dcats"></a>
<div class="tborder">
<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
<tr>
<td class="catbg">
<b>' . $txt['dl_78'] . '</b>
</td>
<td class="catbg">
<b>' . $txt['dl_79'] . '</b>
</td>
<td class="catbg">
<b>' . $txt['dl_80'] . '</b>
</td>
</tr>
';
$request = db_query("
SELECT *
FROM {$db_prefix}download_cats
WHERE isSub=0
ORDER BY name ASC", __FILE__, __LINE__);
if (mysql_num_rows($request) > 0)
{
$subSelect = '';
while ($result = mysql_fetch_array($request))
{
$context['raw_data'] .= '
<tr><td class="windowbg2" style="font-weight: bold">'.$result['name'].'</td><td class="windowbg2">'.$result['description'].'</td>
<td class="windowbg2"><a href="'.$scripturl.'?module=DownloadsManagement;sa=eddowncat;ite='.$result['id'].'">'.$txt['dl_102'].'</a> | <a href="'.$scripturl.'?module=DownloadsManagement;sa=deldowncat;itd='.$result['id'].'">'.$txt['dl_103'].'</a></td></tr>';
$subSelect .= '<option value="' . $result['id'] . '">' . $result['name'] . '</option>';
$request2 = db_query("
SELECT *
FROM {$db_prefix}download_cats
WHERE isSub=" . $result['id'] . "
ORDER BY name ASC", __FILE__, __LINE__);
if (mysql_num_rows($request) > 0)
{
while ($result2 = mysql_fetch_array($request2))
{
$context['raw_data'] .= '
<tr><td class="windowbg2"><img src="' . $settings['images_url'] . '/blank.gif" style="border: 0; width: 15px" alt="" />- '.$result2['name'].'</td><td class="windowbg2">'.$result2['description'].'</td>
<td class="windowbg2"><a href="'.$scripturl.'?module=DownloadsManagement;sa=eddowncat;ite='.$result2['id'].'">'.$txt['dl_102'].'</a> | <a href="'.$scripturl.'?module=DownloadsManagement;sa=deldowncat;itd='.$result2['id'].'">'.$txt['dl_103'].'</a></td></tr>';
}
mysql_free_result($request2);
}
}
}
else
{
$context['raw_data'] .= '
<tr><td class="windowbg2" colspan="3">' . $txt['dl_268'] . '</td></tr>';
}
mysql_free_result($request);
$context['raw_data'] .= '
</table>
</div><br /><br />
<form name="add_download_cat" method="post" action="' . $scripturl . '?module=DownloadsManagement;sa=adddowncat">
<a name="addcat"></a>
<div class="tborder">
<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
<tr>
<th class="titlebg" colspan="2">' . $txt['dl_83'] . '</th>
</tr><tr>
<td class="windowbg2">
<b>' . $txt['dl_78'] . '</b>:
</td>
<td class="windowbg2">
<input type="text" name="dcat_name" size="60">
</td>
</tr><tr>
<td class="windowbg2">
<b>' . $txt['dl_79'] . '</b>:
</td>
<td class="windowbg2">
<textarea name="dcat_desc" cols="60" rows="3"></textarea>
</td>
</tr><tr>
<td class="windowbg2">
<b>' . $txt['dl_174'] . '</b>
</td>
<td class="windowbg2">
<select name="subCat">
<option value="0">' . $txt['dl_175'] . '</option>
' . $subSelect . '
</select>
</td>
</tr><tr>
<td class="windowbg2">
<b>' . $txt['dl_13'] . '</b>
</td>
<td class="windowbg2">
' . groupselect('','dlmg[]',true) . '
</td>
</tr><tr>
<td class="windowbg2" colspan="2" align="center">
<input type="submit" name="submit" value="' . $txt['dl_83'] . '">
</td>
</tr>
</table>
</div>
</form>
';
}
function adddowncat()
{
global $context, $db_prefix, $scripturl;
$permission = (is_array($_REQUEST['dlmg'])) ? implode(',', $_REQUEST['dlmg']) : '';
$result = db_query("
INSERT INTO {$db_prefix}download_cats
(name, description, isSub, permission)
VALUES ('$_REQUEST[dcat_name]', '$_REQUEST[dcat_desc]', '$_REQUEST[subCat]', '$permission')", __FILE__, __LINE__);
redirectexit('module=DownloadsManagement;sa=aedcat');
}
function deldowncat()
{
global $context, $db_prefix, $scripturl;
$result = db_query("
DELETE FROM {$db_prefix}download_cats
WHERE id = $_REQUEST[itd]", __FILE__, __LINE__);
redirectexit('module=DownloadsManagement;sa=aedcat');
}
function eddowncat()
{
global $context, $db_prefix, $txt, $settings, $scripturl;
$request = db_query("
SELECT *
FROM {$db_prefix}download_cats
WHERE id = '$_REQUEST[ite]'", __FILE__, __LINE__);
$result = mysql_fetch_array($request);
mysql_free_result($request);
$request = db_query("
SELECT *
FROM {$db_prefix}download_cats
WHERE isSub=0
ORDER BY name ASC", __FILE__, __LINE__);
$subSelect = '';
while ($result2 = mysql_fetch_array($request))
{
$subSelect .= '<option value="' . $result2['id'] . '"' . (($result2['id'] == $result['isSub']) ? ' selected="selected"' : '') . '>' . $result2['name'] . '</option>';
}
mysql_free_result($request);
$context['raw_data'] .= '
<form name="edit_download_cat" method="post" action="' . $scripturl . '?module=DownloadsManagement;sa=eddowncat2">
<div class="tborder">
<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
<tr>
<th class="titlebg" colspan="2">' . $txt['dl_81'] . '</th>
</tr><tr>
<td class="windowbg2">
<b>' . $txt['dl_78'] . '</b>:
</td>
<td class="windowbg2">
<input type="text" name="dcat_name" size="60" value="' . $result['name'] . '">
</td>
</tr><tr>
<td class="windowbg2">
<b>' . $txt['dl_79'] . '</b>:
</td>
<td class="windowbg2">
<textarea name="dcat_desc" cols="60" rows="3">' . $result['description'] . '</textarea>
</td>
</tr><tr>
<td class="windowbg2">
<b>' . $txt['dl_174'] . '</b>
</td>
<td class="windowbg2">
<select name="subCat">
<option value="0">' . $txt['dl_175'] . '</option>
' . $subSelect . '
</select>
</td>
</tr><tr>
<td class="windowbg2">
<b>' . $txt['dl_13'] . '</b>
</td>
<td class="windowbg2">
' . groupselect($result['permission'],'dlmg[]') . '
</td>
</tr><tr>
<td class="windowbg2" colspan="2" align="center">
<input type="submit" name="submit" value="' . $txt['dl_81'] . '">
</td>
</tr>
</table>
</div>
<input type="hidden" name="ite" value="' . $_REQUEST['ite'] . '">
</form>
';
}
function eddowncat2()
{
global $context, $db_prefix, $scripturl;
$permission = (is_array($_REQUEST['dlmg'])) ? implode(',', $_REQUEST['dlmg']) : '';
$request = db_query("
UPDATE {$db_prefix}download_cats
SET name='$_REQUEST[dcat_name]', description='$_REQUEST[dcat_desc]',
isSub='$_REQUEST[subCat]', permission='$permission'
WHERE (id='$_REQUEST[ite]')", __FILE__, __LINE__);
redirectexit('module=DownloadsManagement;sa=aedcat');
}
function aedown()
{
global $context, $db_prefix, $scripturl, $settings, $txt;
$context['raw_data'] = '
<table width="100%" border="0" /><tr><td vAlign="top">
';
if (!isset($_REQUEST['catd']))
{
$get_cats = db_query("
SELECT *
FROM {$db_prefix}download_cats
ORDER BY name ASC", __FILE__, __LINE__);
while ($cat = mysql_fetch_array($get_cats))
{
$get_tdown = db_query("
SELECT downloads
FROM {$db_prefix}download_items
WHERE cat = '$cat[id]'", __FILE__, __LINE__);
$downloads = 0;
while ($tdown = mysql_fetch_row($get_tdown))
{
$downloads = ($downloads + $tdown[0]);
}
mysql_free_result ($get_tdown);
$get_items = db_query("
SELECT COUNT(*)
FROM {$db_prefix}download_items
WHERE (cat = '$cat[id]')", __FILE__, __LINE__);
$items = mysql_fetch_row($get_items);
$items = $items[0];
$context['raw_data'] .= '<b><a href="'.$scripturl.'?module=DownloadsManagement;sa=aedown_sub;catd='.$cat['id'].'"><img src="'.$settings['images_url'] . '/icons/folder_open.gif" border="0"> '.$cat['name'].'</a></b><br /><img src="'.$settings['images_url'] . '/icons/tline.gif"><font size="1">'.$txt['dl_84'].': '.$items.'<br /><img src="'.$settings['images_url'] . '/icons/tline.gif">'.$txt['dl_85'].': '.$downloads.'</font><br /><br />';
mysql_free_result ($get_items);
}
mysql_free_result ($get_cats);
}
$context['raw_data'] .= '</td>
<td valign="top">
<a name="addd"></a>
<form enctype="multipart/form-data" name="add_download" method="post" action="' . $scripturl . '?module=DownloadsManagement;sa=aedown2">
<div class="tborder">
<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
<tr>
<th class="titlebg" colspan="2"><b>' . $txt['dl_86'] . '</b></th>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_89'] . '</b>:</td>
<td class="windowbg2"><input type="text" name="dtitle"></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_92'] . '</b>:</td>
<td class="windowbg2"><textarea name="ddesc" rows="4"></textarea></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_90'] . '</b>:</td>
<td class="windowbg2"><input type="file" name="UploadedFile"></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_197'] . '</b></td>
<td class="windowbg2"><input type="checkbox" name="upFile" value="1"></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_90'] . ' ' . $txt['dl_198'] . '</b></td>
<td class="windowbg2"><textarea name="nonUpFilename" rows="2"></textarea></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_91'] . ' ' . $txt['dl_198'] . '</b></td>
<td class="windowbg2"><input type="text" name="filesize" value="0"></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_93'] . '</b>:</td>
<td class="windowbg2"><input type="text" name="daname"></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_94'] . '</b>:</td>
<td class="windowbg2"><input type="text" name="daemail"></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_95'] . ' ' . $txt['dl_96'] . '</b>:</td>
<td class="windowbg2"><input type="text" name="dawebsite"></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_95'] . ' ' . $txt['dl_100'] . '</b>:</td>
<td class="windowbg2"><input type="text" name="dawsname"></td>
</tr><tr>
<td class="windowbg2"><b>' . $txt['dl_98'] . '</b></td>
<td class="windowbg2"><select name="cat">
';
$get_cats = db_query("
SELECT *
FROM {$db_prefix}download_cats
ORDER BY name ASC", __FILE__, __LINE__);
while ($_REQUEST['cat'] = mysql_fetch_array($get_cats))
{
$context['raw_data'] .= '<option value="'.$_REQUEST['cat']['id'].'">'.$_REQUEST['cat']['name'].'</option>';
}
mysql_free_result ($get_cats);
$context['raw_data'] .= '
</select></td>
</tr><tr>
<td class="windowbg2" colspan="2" align="center"><input type="submit" name="submit" value="' . $txt['dl_99'] . '"></td>
</tr>
</table></div></form>
</tr></td></table>
';
}
function aedown2()
{
global $context, $db_prefix, $scripturl, $modSettings;
if (isset($_REQUEST['upFile']) && $_REQUEST['upFile'] == 1)
{
$absolute_path = $modSettings['dlsdir'];
$_REQUEST['UploadedFile'] = $_FILES['UploadedFile']['name'];
if (isset($_REQUEST['UploadedFile']))
{
$_REQUEST['UploadedFile_name'] = $_REQUEST['UploadedFile'];
if ($_REQUEST['UploadedFile_name'] == '')
{
fatal_error("You need to select a file before trying to upload.");
}
$serialize_filename=$_REQUEST['UploadedFile_name'];
$serialize_i=0;
while (file_exists($absolute_path . "/" . $serialize_filename))
{
$serialize_filename=$_REQUEST['UploadedFile_name'];
if (strpos(strrev($serialize_filename),'.') === false ) // note: three equal signs
{
// There is no 'dot' (.), so there is no file extension, serialize at the end
$serialize_filename=$_REQUEST['UploadedFile_name'] . $serialize_i;
}
else
{
// The last 'dot' is at $serialize_position
$serialize_position = strlen($serialize_filename) - (strpos(strrev($serialize_filename),'.')+1);
// If 'dot' is at beginning it's not an extension (it's a unix hidden file)
if ($serialize_position == 0)
{
$serialize_filename=$_REQUEST['UploadedFile_name'] . $serialize_i;
}
else
{
$serialize_filename=substr($_REQUEST['UploadedFile_name'], 0, $serialize_position) . $serialize_i . substr($_REQUEST['UploadedFile_name'],$serialize_position);
}
}
$serialize_i++;
}
$filename=$serialize_filename;
if (move_uploaded_file($_FILES['UploadedFile']['tmp_name'], $modSettings['dlsdir'].'/'.$filename))
{
}
else
{
fatal_error("Something blew up.");
}
@chmod ($modSettings['dlsdir'].'/'.$filename, 0644);
}
$filesize = 0;
}
else
{
if (empty($_REQUEST['nonUpFilename']))
fatal_error("You need to have a file enter.");
$filename = $_REQUEST['nonUpFilename'];
if(is_int($_REQUEST['filesize']))
$filesize = $_REQUEST['filesize'];
else
$filesize = 0;
}
$date = time();
$request = db_query("
INSERT INTO {$db_prefix}download_items (cat,name,ddesc,filename,author_name,author_email,filesize,downloads,website,website_title,date)
VALUES ('$_REQUEST[cat]','$_REQUEST[dtitle]','$_REQUEST[ddesc]','$filename','$_REQUEST[daname]',
'$_REQUEST[daemail]',$filesize,'0','$_REQUEST[dawebsite]','$_REQUEST[dawsname]','$date')", __FILE__, __LINE__);
if (!$request) { fatal_error(mysql_error()); }
redirectexit('module=DownloadsManagement;sa=aedown');
}
function aedown_sub()
{
global $context, $db_prefix, $txt, $settings, $scripturl, $modSettings;
$request = db_query("SELECT * FROM {$db_prefix}download_cats WHERE (id='$_REQUEST[catd]')", __FILE__, __LINE__);
$get_items = db_query("SELECT COUNT(*) FROM {$db_prefix}download_items WHERE (cat = '$_REQUEST[catd]')", __FILE__, __LINE__);
$get_tdown = db_query("SELECT * FROM {$db_prefix}download_items WHERE (cat = '$_REQUEST[catd]')", __FILE__, __LINE__);
$result = mysql_fetch_array($request);
$items = mysql_fetch_row($get_items);
$items = $items[0];
$context['raw_data'] = '';
$downloads = 0;
while ($tdown = mysql_fetch_array($get_tdown))
{
$downloads = ($downloads + $tdown['downloads']);
}
$context['raw_data'] .= '
<b><a href="' . $scripturl . '?module=DownloadsManagement;sa=aedown_sub&catd=' . $_REQUEST['catd'] . '"><img src="' . $settings['images_url'] . '/icons/folder_open.gif" border="0" /> ' . $result['name'] . '</a></b>
<br /><img src="' . $settings['images_url'] . '/icons/tline.gif"><font size="1">' . $txt['dl_84'] . ': ' . $items . '<br />
<img src="' . $settings['images_url'] . '/icons/tline2.gif">' . $txt['dl_85'] . ': ' . $downloads . '</font><br /><br />
<div class="tborder">
<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
<tr>
<td class="windowbg" ><b>' . $txt['dl_100'] . '</b></td>
<td class="windowbg"><b>' . $txt['dl_90'] . '</b></td>
<td class="windowbg"><b>' . $txt['dl_91'] . '</b></td>
<td class="windowbg"><b>' . $txt['dl_93'] . '</b></td>
<td class="windowbg"><b>' . $txt['dl_95'] . '</b></td>
<td class="windowbg"><b>' . $txt['dl_104'] . '</b></td>
<td class="windowbg"><b>' . $txt['dl_101'] . '</b></td></tr>
';
$get_tdown = db_query("SELECT * FROM {$db_prefix}download_items WHERE (cat='$_REQUEST[catd]') ORDER BY date ASC", __FILE__, __LINE__);
while ($item = mysql_fetch_array($get_tdown))
{
$filesizedecimal = '';
if(strtolower(substr($item['filename'], 0, 7)) == "http://" || strtolower(substr($item['filename'], 0, 6)) == "ftp://"){
if($item['filesize'] == 0){
$u = $item['filename'];
$ourhead = "";
$url=parse_url($u);
$host=$url["host"];
$path=$url["path"];
$fp = fsockopen($host, 80, $errno, $errstr, 20);
if(!$fp)
die("error");
else {
fputs($fp,"HEAD $u HTTP/1.1\r\n");
fputs($fp,"HOST: dummy\r\n");
fputs($fp,"Connection: close\r\n\r\n");
while (!feof($fp))
$ourhead = sprintf("%s%s", $ourhead, fgets ($fp,128));
}
fclose ($fp);
$split_head = explode("Content-Length: ",$ourhead);
$size = round(abs($split_head[1]));
$filesize = $size;
} else
$filesize = $item['filesize'];
} else
$filesize = @filesize($modSettings['dlsdir'].'/'.$item['filename']);
if ($filesize >= 1073741824)
{
$filesize = $filesize / 1073741824;
$sizetype = 'GB';
$alreadyconverted = 1;
}
if ($filesize > 1048576 || $filesize == 1048576 && $alreadyconverted != 1)
{
$number = 1048576;
$filesize = ($filesize / $number);
$sizetype = 'MB';
$alreadyconverted = 1;
}
if ($filesize > 1024 || $filesize == 1024 && $alreadyconverted != 1)
{
$number = 1024;
$filesize = ($filesize / $number);
$sizetype = 'KB';
$alreadyconverted = 1;
}
if (!isset($alreadyconverted))
$sizetype = 'B';
if (strpos($filesize, '.') > 0)
{
$filesize = explode('.',$filesize);
$filesize[1] = substr($filesize[1], 0, 2);
if (!empty($filesize[1]))
$filesizedecimal = '.' . $filesize[1];
}
if(strlen($item['filename']) > 30)
$filename = substr($item['filename'],0,30).'...';
else
$filename = $item['filename'];
$context['raw_data'] .= '
<tr><td class="windowbg2">'.$item['name'].'</td>
<td class="windowbg2"><a href="' . $modSettings['dlsurl'] . '/' . $item['filename'].'">'.$filename.'</a></td>
<td class="windowbg2">'.$filesize[0].$filesizedecimal.' '.$sizetype.'</td>
<td class="windowbg2"><a href="mailto:'.$item['author_email'].'">'.$item['author_name'].'</a></td>
<td class="windowbg2"><a href="'.$item['website'].'">'.$item['website_title'].'</a></td>
<td class="windowbg2">'.$item['downloads'].'</td>
<td class="windowbg2"><a href="'.$scripturl.'?module=DownloadsManagement;sa=edwnld;ite='.$item['id'].';catd='.$_REQUEST['catd'].'">'.$txt['dl_102'].'
</a> | <a href="'.$scripturl.'?module=DownloadsManagement;sa=ddwnld;itd='.$item['id'].';catd='.$_REQUEST['catd'].'">'.$txt['dl_103'].'
</a> | <a href="'.$scripturl.'?module=DownloadsManagement;sa=resetcounter;itr='.$item['id'].';catd='.$_REQUEST['catd'].'">'.$txt['dl_138'].'</a></td></tr>';
}
$context['raw_data'] .= '</table></div>';
}
function ddwnld()
{
global $context, $db_prefix, $scripturl, $modSettings;
$request = db_query("SELECT filename FROM {$db_prefix}download_items WHERE (id = $_REQUEST[itd])", __FILE__, __LINE__);
$UploadedFilename = mysql_fetch_array($request);
if(strtolower(substr($UploadedFilename[0], 0, 7)) == "http://"){
} else {
@unlink($modSettings['dlsdir'].'/'.$UploadedFilename[0]);
}
$request = db_query("DELETE FROM {$db_prefix}download_items WHERE (id = $_REQUEST[itd])", __FILE__, __LINE__);
if (!$request) { fatal_error(mysql_error()); }
redirectexit('module=DownloadsManagement;sa=aedown_sub;catd=' . $_REQUEST['catd']);
}
function edwnld()
{
global $context, $db_prefix, $txt, $settings, $scripturl;
$request = db_query("SELECT * FROM {$db_prefix}download_items WHERE (id='$_REQUEST[ite]')", __FILE__, __LINE__);
if (!$request) { fatal_error(mysql_error()); }
$item = mysql_fetch_array($request);
$context['raw_data'] .= '
<form enctype="multipart/form-data" name="edit_download" method="post" action="' . $scripturl . '?module=DownloadsManagement;sa=edwnld2;ite=' . $_REQUEST['ite'] . '">
<table width="100%" border="0">
<tr><td align="left" colspan="2"><img src="' . $settings['images_url'] . '/icons/folder_open.gif"> <b>' . $txt['dl_86'] . '</b>:</td></tr>
<tr><td><b>' . $txt['dl_89'] . '</b>:</td><td><input type="text" name="dtitle" value="' . $item['name'] . '"></td></tr>
<tr><td><b>' . $txt['dl_92'] . '</b>:</td><td><textarea name="ddesc" rows="4">' . $item['ddesc'] . '</textarea>
<tr><td><b>' . $txt['dl_90'] . '</b>:</td><td><input type="text" name="dfilen" value="' . $item['filename'] . '"></td></tr>
<tr><td><b>' . $txt['dl_132'] . '</b>:</td><td><input type="checkbox" name="uploadnewfile"></td></tr>
<tr><td><b>' . $txt['dl_133'] . '</b>:</td><td><input type="file" name="UploadedFile"></td></tr>
<tr><td><b>' . $txt['dl_93'] . '</b>:</td><td><input type="text" name="daname" value="' . $item['author_name'] . '"></td></tr>
<tr><td><b>' . $txt['dl_94'] . '</b>:</td><td><input type="text" name="daemail" value="' . $item['author_email'] . '"></td></tr>
<tr><td><b>' . $txt['dl_95'] . ' ' . $txt['dl_96'] . '</b>:</td><td><input type="text" name="dawebsite" value="' . $item['website'] . '"></td></tr>
<tr><td><b>' . $txt['dl_95'] . ' ' . $txt['dl_100'] . '</b>:</td><td><input type="text" name="dawsname" value="' . $item['website_title'] . '"></td></tr>
<tr><td><b>' . $txt['dl_98'] . '</b></td><td><select name="cat">
';
$get_cats = db_query("SELECT * FROM {$db_prefix}download_cats ORDER BY name ASC", __FILE__, __LINE__);
while ($_REQUEST['cat'] = mysql_fetch_array($get_cats))
{
$id = $_REQUEST['cat']['id'];
if ($item['cat'] == $id) { $sel[$id] = 'selected'; }
$context['raw_data'] .= '<option value="'.$id.'" '.$sel[$id].'>'.$_REQUEST['cat']['name'].'</option>';
}
$context['raw_data'] .= '
</select></td></tr>
<tr><td colspan="2" align="center"><input type="submit" name="submit" value="' . $txt['dl_102'] . '"></td></tr>
</table></form>
';
}
function edwnld2()
{
global $context, $db_prefix, $scripturl, $modSettings;
$time = time();
if (isset($_REQUEST['uploadnewfile']))
{
$_REQUEST['UploadedFile'] = !empty($_REQUEST['UploadedFile']) ? $_REQUEST['UploadedFile'] : (!empty($_FILES['UploadedFile']['name']) ? $_FILES['UploadedFile']['name'] : '');
$_REQUEST['UploadedFile_name'] = !empty($_FILES['UploadedFile']['name']) ? $_FILES['UploadedFile']['name'] : '';
$absolute_path = $modSettings['dlsdir'];
if (isset($_REQUEST['UploadedFile']))
{
if ($_REQUEST['UploadedFile_name'] =='')
fatal_error("You need to select a file before trying to upload.");
$serialize_filename = $_REQUEST['UploadedFile_name'];
$serialize_i = 0;
while (file_exists($absolute_path . '/' . $serialize_filename))
{
$serialize_filename = $_REQUEST['UploadedFile_name'];
if (strpos(strrev($serialize_filename),'.') === false ) // note: three equal signs
{
// There is no 'dot' (.), so there is no file extension, serialize at the end
$serialize_filename = $_REQUEST['UploadedFile_name'] . $serialize_i;
}
else
{
// The last 'dot' is at $serialize_position
$serialize_position = strlen($serialize_filename) - (strpos(strrev($serialize_filename),".")+1);
// If 'dot' is at beginning it's not an extension (it's a unix hidden file)
if ($serialize_position == 0)
{
$serialize_filename = $_REQUEST['UploadedFile_name'] . $serialize_i;
}
else
{
$serialize_filename = substr($_REQUEST['UploadedFile_name'], 0, $serialize_position) . $serialize_i . substr($_REQUEST['UploadedFile_name'],$serialize_position);
}
}
$serialize_i++;
}
$_REQUEST['UploadedFile_name']=$serialize_filename;
}
$request = db_query("SELECT filename FROM {$db_prefix}download_items WHERE (id = '$_REQUEST[ite]')", __FILE__, __LINE__);
$UploadedFilename = mysql_fetch_array($request);
move_uploaded_file($_FILES['UploadedFile']['tmp_name'], $modSettings['dlsdir'].'/'.$_REQUEST['UploadedFile_name']);
@unlink($modSettings['dlsdir'].'/'.$UploadedFilename[0]);
@chmod ($modSettings['dlsdir'].'/'.$_REQUEST['UploadedFile_name'], 0644);
db_query("
UPDATE {$db_prefix}download_items
SET cat='$_REQUEST[cat]', name='$_REQUEST[dtitle]', ddesc='$_REQUEST[ddesc]',
filename='$_REQUEST[UploadedFile_name]', author_name='$_REQUEST[daname]',
author_email='$_REQUEST[daemail]', website='$_REQUEST[dawebsite]',
website_title='$_REQUEST[dawsname]', date='$time'
WHERE (id = '$_REQUEST[ite]')", __FILE__, __LINE__);
}
else
{
$request = db_query("
UPDATE {$db_prefix}download_items SET cat='$_REQUEST[cat]',name='$_REQUEST[dtitle]',ddesc='$_REQUEST[ddesc]',
filename='$_REQUEST[dfilen]',author_name='$_REQUEST[daname]',author_email='$_REQUEST[daemail]',
website='$_REQUEST[dawebsite]',website_title='$_REQUEST[dawsname]',date='$time'
WHERE (id = '$_REQUEST[ite]')", __FILE__, __LINE__);
}
redirectexit('module=DownloadsManagement;sa=aedown_sub;catd=' . $_REQUEST['cat']);
}
function resetcounter()
{
global $context, $db_prefix;
$result = db_query("
UPDATE {$db_prefix}download_items
SET downloads='0'
WHERE id = '$_REQUEST[itr]'", __FILE__, __LINE__);
redirectexit('module=DownloadsManagement;sa=aedown_sub;catd=' . $_REQUEST['catd']);
}
?>