Location: PHPKode > projects > Enigma > Enigma2/Enigma2_Install/modules/Mod_DownloadsManagement.php
<?php
/*
*****************************************************************

 Mod_DownloadsManagement.php
 
*****************************************************************
LSP: Lunabyte Systems Portal
Open-Source Project Inspired by Zef Hemel (hide@address.com)
*****************************************************************
Software Version:                  LSP 2.0 "Enigma 2"
Software by:                         Lunabyte Systems (http://www.lunabyte.net)
Copyright 2002-2005 by:       Lunabyte Systems (http://www.lunabyte.net)
Support, News, Updates at:    http://www.lunabyte.net
*****************************************************************
This program is free software; you may redistribute it and/or modify it 
under the terms of the provided license as published by Lunabyte Systems.

This program is distributed in the hope that it is and will be useful,                  
but WITHOUT ANY WARRANTIES; without even any implied warranty of           
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                        

See the "LSP_license.txt" file for details of the LSP license.
The latest version can always be found at http://www.lunabyte.net.
*****************************************************************
*/

if (!defined('ENIGMA'))
	die('<b>Access Violation</b><br />Direct Access to this location is not allowed.');
else
	DownloadsManagement_Hub();

function DownloadsManagement_Hub()
{
	global $context, $scripturl, $txt, $settings, $user_info;

	$context['page_title'] = 'Downloads Management';

	isAllowedTo('manage_downloads');

	// Load the common admin stuff... select 'downloads_Management'.
	if ($user_info['is_admin'])
		adminIndex('Downloads_Management');

	loadMTemplate('DownloadsManagement');
	loadMLanguage('Downloads');

	$context['current_cat'] = 0;
	$context['cat_level'] = 0;
	$context['cat_cache'] = array();
	$_REQUEST['catd'] = !empty($_REQUEST['catd']) ? $_REQUEST['catd'] : NULL;

	$sa = !empty($_REQUEST['sa']) ? $_REQUEST['sa'] : NULL;

	$subActions = array(
		'adddowncat',
		'aedcat',
		'aedown',
		'aedown2',
		'aedown_sub',
		'deldowncat',
		'ddwnld',
		'eddowncat',
		'eddowncat2',
		'edwnld',
		'edwnld2',
		'resetcounter',
	);

	if (in_array($sa, $subActions))
		$sa();
	elseif (isset($subActions[$sa]))
		$subActions[$sa]();
	else
		aedown();
	unset($subActions);

	$context['sub_template'] = 'rawdata';
	$context['template_layers'][] = 'DlManage';
}


function aedcat()
{
	global $context, $scripturl, $db_prefix, $settings, $txt;

	$context['raw_data'] .= '
	<a name="dcats"></a>
	<div class="tborder">
		<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
		<tr>
			<td class="catbg">
				<b>' . $txt['dl_78'] . '</b>
			</td>
			<td class="catbg">
				<b>' . $txt['dl_79'] . '</b>
			</td>
			<td class="catbg">
				<b>' . $txt['dl_80'] . '</b>
			</td>
		</tr>
';

	$request = db_query("
		SELECT *
		FROM {$db_prefix}download_cats
		WHERE isSub=0
		ORDER BY name ASC", __FILE__, __LINE__);

	if (mysql_num_rows($request) > 0)
	{
		$subSelect = '';
		while ($result = mysql_fetch_array($request))
		{
			$context['raw_data'] .= '
		       <tr><td class="windowbg2" style="font-weight: bold">'.$result['name'].'</td><td class="windowbg2">'.$result['description'].'</td>
		       <td class="windowbg2"><a href="'.$scripturl.'?module=DownloadsManagement;sa=eddowncat;ite='.$result['id'].'">'.$txt['dl_102'].'</a> | <a href="'.$scripturl.'?module=DownloadsManagement;sa=deldowncat;itd='.$result['id'].'">'.$txt['dl_103'].'</a></td></tr>';
	
			$subSelect .= '<option value="' . $result['id'] . '">' . $result['name'] . '</option>';

			$request2 = db_query("
				SELECT *
				FROM {$db_prefix}download_cats
				WHERE isSub=" . $result['id'] . "
				ORDER BY name ASC", __FILE__, __LINE__);
			if (mysql_num_rows($request) > 0)
			{
				while ($result2 = mysql_fetch_array($request2))
				{
					$context['raw_data'] .= '
				       <tr><td class="windowbg2"><img src="' . $settings['images_url'] . '/blank.gif" style="border: 0; width: 15px" alt="" />- '.$result2['name'].'</td><td class="windowbg2">'.$result2['description'].'</td>
				       <td class="windowbg2"><a href="'.$scripturl.'?module=DownloadsManagement;sa=eddowncat;ite='.$result2['id'].'">'.$txt['dl_102'].'</a> | <a href="'.$scripturl.'?module=DownloadsManagement;sa=deldowncat;itd='.$result2['id'].'">'.$txt['dl_103'].'</a></td></tr>';
				}
				mysql_free_result($request2);
			}
		}
	}
	else
	{
		$context['raw_data'] .= '
		<tr><td class="windowbg2" colspan="3">' . $txt['dl_268'] . '</td></tr>';
	}
	mysql_free_result($request);

	$context['raw_data'] .= '
	</table>
</div><br /><br />	
	<form name="add_download_cat" method="post" action="' . $scripturl . '?module=DownloadsManagement;sa=adddowncat">
	<a name="addcat"></a>
	<div class="tborder">
		<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
			<tr>
				<th class="titlebg" colspan="2">' . $txt['dl_83'] . '</th>
			</tr><tr>
				<td class="windowbg2">
					<b>' . $txt['dl_78'] . '</b>:
				</td>
				<td class="windowbg2">
					<input type="text" name="dcat_name" size="60">
				</td>
			</tr><tr>
				<td class="windowbg2">
					<b>' . $txt['dl_79'] . '</b>:
				</td>
				<td class="windowbg2">
					<textarea name="dcat_desc" cols="60" rows="3"></textarea>
				</td>
			</tr><tr>
				<td class="windowbg2">
					<b>' . $txt['dl_174'] . '</b>
				</td>
				<td class="windowbg2">
					<select name="subCat">
						<option value="0">' . $txt['dl_175'] . '</option>
		' . $subSelect . '
					</select>
				</td>
			</tr><tr>
				<td class="windowbg2">
					<b>' . $txt['dl_13'] . '</b>
				</td>
				<td class="windowbg2">
		' . groupselect('','dlmg[]',true) . '
				</td>
			</tr><tr>
				<td class="windowbg2" colspan="2" align="center">
					<input type="submit" name="submit" value="' . $txt['dl_83'] . '">
				</td>
			</tr>
		</table>
	</div>
	</form>
';

}

function adddowncat()
{
	global $context, $db_prefix, $scripturl;

	$permission = (is_array($_REQUEST['dlmg'])) ? implode(',', $_REQUEST['dlmg']) : '';

	$result = db_query("
		INSERT INTO {$db_prefix}download_cats
			(name, description, isSub, permission)
		 VALUES ('$_REQUEST[dcat_name]', '$_REQUEST[dcat_desc]', '$_REQUEST[subCat]', '$permission')", __FILE__, __LINE__);

	redirectexit('module=DownloadsManagement;sa=aedcat');

}

function deldowncat()
{
	global $context, $db_prefix, $scripturl;

	$result = db_query("
		DELETE FROM {$db_prefix}download_cats
		WHERE id = $_REQUEST[itd]", __FILE__, __LINE__);

	redirectexit('module=DownloadsManagement;sa=aedcat');
}

function eddowncat()
{
	global $context, $db_prefix, $txt, $settings, $scripturl;

	$request = db_query("
		SELECT *
		FROM {$db_prefix}download_cats
		WHERE id = '$_REQUEST[ite]'", __FILE__, __LINE__);

	$result = mysql_fetch_array($request);
	mysql_free_result($request);

	$request = db_query("
		SELECT *
		FROM {$db_prefix}download_cats
		WHERE isSub=0
		ORDER BY name ASC", __FILE__, __LINE__);

	$subSelect = '';
	while ($result2 = mysql_fetch_array($request))
	{
		$subSelect .= '<option value="' . $result2['id'] . '"' . (($result2['id'] == $result['isSub']) ? ' selected="selected"' : '') . '>' . $result2['name'] . '</option>';
	}
	mysql_free_result($request);

	$context['raw_data'] .= '
	<form name="edit_download_cat" method="post" action="' . $scripturl . '?module=DownloadsManagement;sa=eddowncat2">
	<div class="tborder">
		<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
			<tr>
				<th class="titlebg" colspan="2">' . $txt['dl_81'] . '</th>
			</tr><tr>
							<td class="windowbg2">
								<b>' . $txt['dl_78'] . '</b>:
							</td>
							<td class="windowbg2">
								<input type="text" name="dcat_name" size="60" value="' . $result['name'] . '">
							</td>
						</tr><tr>
							<td class="windowbg2">
								<b>' . $txt['dl_79'] . '</b>:
							</td>
							<td class="windowbg2">
								<textarea name="dcat_desc" cols="60" rows="3">' . $result['description'] . '</textarea>
							</td>
						</tr><tr>
							<td class="windowbg2">
								<b>' . $txt['dl_174'] . '</b>
							</td>
							<td class="windowbg2">
								<select name="subCat">
									<option value="0">' . $txt['dl_175'] . '</option>
					' . $subSelect . '
								</select>
							</td>
						</tr><tr>
							<td class="windowbg2">
								<b>' . $txt['dl_13'] . '</b>
							</td>
							<td class="windowbg2">
				' . groupselect($result['permission'],'dlmg[]') . '
							</td>
						</tr><tr>
							<td class="windowbg2" colspan="2" align="center">
								<input type="submit" name="submit" value="' . $txt['dl_81'] . '">
							</td>
						</tr>
					</table>
	</div>
	<input type="hidden" name="ite" value="' . $_REQUEST['ite'] . '">
</form>
';
}

function eddowncat2()
{
	global $context, $db_prefix, $scripturl;

	$permission = (is_array($_REQUEST['dlmg'])) ? implode(',', $_REQUEST['dlmg']) : '';

	$request = db_query("
		UPDATE {$db_prefix}download_cats
		SET name='$_REQUEST[dcat_name]', description='$_REQUEST[dcat_desc]',
		isSub='$_REQUEST[subCat]', permission='$permission'
		WHERE (id='$_REQUEST[ite]')", __FILE__, __LINE__);

	redirectexit('module=DownloadsManagement;sa=aedcat');
}

function aedown()
{
	global $context, $db_prefix, $scripturl, $settings, $txt;

	$context['raw_data'] = '
	<table width="100%" border="0" /><tr><td vAlign="top">

';
	if (!isset($_REQUEST['catd']))
	{
		$get_cats = db_query("
			SELECT *
			FROM {$db_prefix}download_cats
			ORDER BY name ASC", __FILE__, __LINE__);

		while ($cat = mysql_fetch_array($get_cats))
		{
			$get_tdown = db_query("
				SELECT downloads
				FROM {$db_prefix}download_items
				WHERE cat = '$cat[id]'", __FILE__, __LINE__);

			$downloads = 0;
			while ($tdown = mysql_fetch_row($get_tdown))
			{
				$downloads = ($downloads + $tdown[0]);
			}
			mysql_free_result ($get_tdown);

			$get_items = db_query("
				SELECT COUNT(*)
				FROM {$db_prefix}download_items
				WHERE (cat = '$cat[id]')", __FILE__, __LINE__);

			$items = mysql_fetch_row($get_items);
			$items = $items[0];
			
			$context['raw_data'] .= '<b><a href="'.$scripturl.'?module=DownloadsManagement;sa=aedown_sub;catd='.$cat['id'].'"><img src="'.$settings['images_url'] . '/icons/folder_open.gif" border="0"> '.$cat['name'].'</a></b><br /><img src="'.$settings['images_url'] . '/icons/tline.gif"><font size="1">'.$txt['dl_84'].': '.$items.'<br /><img src="'.$settings['images_url'] . '/icons/tline.gif">'.$txt['dl_85'].': '.$downloads.'</font><br /><br />';

			mysql_free_result ($get_items);
		}
		mysql_free_result ($get_cats);
	}

	$context['raw_data'] .= '</td>
		<td valign="top">
		<a name="addd"></a>
		<form enctype="multipart/form-data" name="add_download" method="post" action="' . $scripturl . '?module=DownloadsManagement;sa=aedown2">
		<div class="tborder">
			<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
				<tr>
					<th class="titlebg" colspan="2"><b>' . $txt['dl_86'] . '</b></th>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_89'] . '</b>:</td>
					<td class="windowbg2"><input type="text" name="dtitle"></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_92'] . '</b>:</td>
					<td class="windowbg2"><textarea name="ddesc" rows="4"></textarea></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_90'] . '</b>:</td>
					<td class="windowbg2"><input type="file" name="UploadedFile"></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_197'] . '</b></td>
					<td class="windowbg2"><input type="checkbox" name="upFile" value="1"></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_90'] . ' ' . $txt['dl_198'] . '</b></td>
					<td class="windowbg2"><textarea name="nonUpFilename" rows="2"></textarea></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_91'] . ' ' . $txt['dl_198'] . '</b></td>
					<td class="windowbg2"><input type="text" name="filesize" value="0"></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_93'] . '</b>:</td>
					<td class="windowbg2"><input type="text" name="daname"></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_94'] . '</b>:</td>
					<td class="windowbg2"><input type="text" name="daemail"></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_95'] . ' ' . $txt['dl_96'] . '</b>:</td>
					<td class="windowbg2"><input type="text" name="dawebsite"></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_95'] . ' ' . $txt['dl_100'] . '</b>:</td>
					<td class="windowbg2"><input type="text" name="dawsname"></td>
				</tr><tr>
					<td class="windowbg2"><b>' . $txt['dl_98'] . '</b></td>
					<td class="windowbg2"><select name="cat">
';
		$get_cats = db_query("
			SELECT *
			FROM {$db_prefix}download_cats
			ORDER BY name ASC", __FILE__, __LINE__);

		while ($_REQUEST['cat'] = mysql_fetch_array($get_cats))
		{
			$context['raw_data'] .= '<option value="'.$_REQUEST['cat']['id'].'">'.$_REQUEST['cat']['name'].'</option>';
		}
		mysql_free_result ($get_cats);

	$context['raw_data'] .= '
						</select></td>
				</tr><tr>
					<td class="windowbg2" colspan="2" align="center"><input type="submit" name="submit" value="' . $txt['dl_99'] . '"></td>
				</tr>
		</table></div></form>
			</tr></td></table>
';

}

function aedown2()
{
	global $context, $db_prefix, $scripturl, $modSettings;

     if (isset($_REQUEST['upFile']) && $_REQUEST['upFile'] == 1)
     {
	  $absolute_path = $modSettings['dlsdir'];

	  $_REQUEST['UploadedFile'] = $_FILES['UploadedFile']['name'];

		if (isset($_REQUEST['UploadedFile']))
		{
			$_REQUEST['UploadedFile_name'] = $_REQUEST['UploadedFile'];
			
	       if ($_REQUEST['UploadedFile_name'] == '')
			{
			fatal_error("You need to select a file before trying to upload.");
			}
			$serialize_filename=$_REQUEST['UploadedFile_name'];
			$serialize_i=0;
			while (file_exists($absolute_path . "/" . $serialize_filename))
			{
				$serialize_filename=$_REQUEST['UploadedFile_name'];
				if (strpos(strrev($serialize_filename),'.') === false ) // note: three equal signs
				{
					// There is no 'dot' (.), so there is no file extension, serialize at the end
					$serialize_filename=$_REQUEST['UploadedFile_name'] . $serialize_i;
				}
				else
				{
					// The last 'dot' is at $serialize_position
					$serialize_position = strlen($serialize_filename) - (strpos(strrev($serialize_filename),'.')+1);
					// If 'dot' is at beginning it's not an extension (it's a unix hidden file)
					if ($serialize_position == 0)
					{
					  $serialize_filename=$_REQUEST['UploadedFile_name'] . $serialize_i;
					}
					else
					{
					  $serialize_filename=substr($_REQUEST['UploadedFile_name'], 0, $serialize_position) . $serialize_i . substr($_REQUEST['UploadedFile_name'],$serialize_position);
					}
				}
			  $serialize_i++;
			}
			$filename=$serialize_filename;

					if (move_uploaded_file($_FILES['UploadedFile']['tmp_name'], $modSettings['dlsdir'].'/'.$filename))
			 {
			 }
			 else
			 {
			  fatal_error("Something blew up.");
			 }
					@chmod ($modSettings['dlsdir'].'/'.$filename, 0644);

		}
		$filesize = 0;
	}
	else
	{
		if (empty($_REQUEST['nonUpFilename']))
			fatal_error("You need to have a file enter.");

		$filename = $_REQUEST['nonUpFilename'];
		if(is_int($_REQUEST['filesize']))
			$filesize = $_REQUEST['filesize'];
		else
			$filesize = 0;
	}
	$date = time();
	$request = db_query("
	  INSERT INTO {$db_prefix}download_items (cat,name,ddesc,filename,author_name,author_email,filesize,downloads,website,website_title,date)
	  VALUES ('$_REQUEST[cat]','$_REQUEST[dtitle]','$_REQUEST[ddesc]','$filename','$_REQUEST[daname]',
	       '$_REQUEST[daemail]',$filesize,'0','$_REQUEST[dawebsite]','$_REQUEST[dawsname]','$date')", __FILE__, __LINE__);

	if (!$request) { fatal_error(mysql_error()); }

	redirectexit('module=DownloadsManagement;sa=aedown');

}

function aedown_sub()
{
	global $context, $db_prefix, $txt, $settings, $scripturl, $modSettings;

	$request = db_query("SELECT * FROM {$db_prefix}download_cats WHERE (id='$_REQUEST[catd]')", __FILE__, __LINE__);
	$get_items = db_query("SELECT COUNT(*) FROM {$db_prefix}download_items WHERE (cat = '$_REQUEST[catd]')", __FILE__, __LINE__);
	$get_tdown = db_query("SELECT * FROM {$db_prefix}download_items WHERE (cat = '$_REQUEST[catd]')", __FILE__, __LINE__);


	$result = mysql_fetch_array($request);
	$items = mysql_fetch_row($get_items);
	$items = $items[0];

	$context['raw_data'] = '';

	$downloads = 0;
	while ($tdown = mysql_fetch_array($get_tdown))
	{
		$downloads = ($downloads + $tdown['downloads']);
	}

	$context['raw_data'] .= '
		<b><a href="' . $scripturl . '?module=DownloadsManagement;sa=aedown_sub&catd=' . $_REQUEST['catd'] . '"><img src="' . $settings['images_url'] . '/icons/folder_open.gif" border="0" /> ' . $result['name'] . '</a></b>
		<br /><img src="' . $settings['images_url'] . '/icons/tline.gif"><font size="1">' . $txt['dl_84'] . ': ' . $items . '<br />
		<img src="' . $settings['images_url'] . '/icons/tline2.gif">' . $txt['dl_85'] . ': ' . $downloads . '</font><br /><br />

		<div class="tborder">
			<table cellspacing="2" cellpadding="3" width="100%" border="0" align="center">
				<tr>
					<td class="windowbg" ><b>' . $txt['dl_100'] . '</b></td>
					<td class="windowbg"><b>' . $txt['dl_90'] . '</b></td>
					<td class="windowbg"><b>' . $txt['dl_91'] . '</b></td>
					<td class="windowbg"><b>' . $txt['dl_93'] . '</b></td>
					<td class="windowbg"><b>' . $txt['dl_95'] . '</b></td>
					<td class="windowbg"><b>' . $txt['dl_104'] . '</b></td>
					<td class="windowbg"><b>' . $txt['dl_101'] . '</b></td></tr>
';
	$get_tdown = db_query("SELECT * FROM {$db_prefix}download_items WHERE (cat='$_REQUEST[catd]') ORDER BY date ASC", __FILE__, __LINE__);
	while ($item = mysql_fetch_array($get_tdown))
	{
		$filesizedecimal = '';
		if(strtolower(substr($item['filename'], 0, 7)) == "http://" || strtolower(substr($item['filename'], 0, 6)) == "ftp://"){
			if($item['filesize'] == 0){
				$u = $item['filename'];
				$ourhead = "";
				$url=parse_url($u);
				$host=$url["host"];
				$path=$url["path"];
				$fp = fsockopen($host, 80, $errno, $errstr, 20);
				if(!$fp)
					die("error");
				else {
					fputs($fp,"HEAD $u HTTP/1.1\r\n");
					fputs($fp,"HOST: dummy\r\n");
					fputs($fp,"Connection: close\r\n\r\n");
					while (!feof($fp))
						$ourhead = sprintf("%s%s", $ourhead, fgets ($fp,128));
				}
				fclose ($fp);
				$split_head = explode("Content-Length: ",$ourhead);
				$size = round(abs($split_head[1]));
				$filesize = $size;
			} else
				$filesize = $item['filesize'];
		} else
			$filesize = @filesize($modSettings['dlsdir'].'/'.$item['filename']);

		if ($filesize >= 1073741824)
		{
			$filesize = $filesize / 1073741824;
			$sizetype = 'GB';
			$alreadyconverted = 1;
		}
		if ($filesize > 1048576 || $filesize == 1048576 && $alreadyconverted != 1)
		{
			$number = 1048576;
			$filesize = ($filesize / $number);
			$sizetype = 'MB';
			$alreadyconverted = 1;
	    }
	      if ($filesize > 1024 || $filesize == 1024 && $alreadyconverted != 1)
		{
			$number = 1024;
			$filesize = ($filesize / $number);
			$sizetype = 'KB';
			$alreadyconverted = 1;
		}
		if (!isset($alreadyconverted))
			$sizetype = 'B';

		if (strpos($filesize, '.') > 0)
		{
			$filesize = explode('.',$filesize);
			$filesize[1] = substr($filesize[1], 0, 2);

			if (!empty($filesize[1]))
				$filesizedecimal = '.' . $filesize[1];
		}

		if(strlen($item['filename']) > 30)
			$filename = substr($item['filename'],0,30).'...';
		else
			$filename = $item['filename'];

		$context['raw_data'] .= '
	       <tr><td class="windowbg2">'.$item['name'].'</td>
	       <td class="windowbg2"><a href="' . $modSettings['dlsurl'] . '/' . $item['filename'].'">'.$filename.'</a></td>
	       <td class="windowbg2">'.$filesize[0].$filesizedecimal.' '.$sizetype.'</td>
	       <td class="windowbg2"><a href="mailto:'.$item['author_email'].'">'.$item['author_name'].'</a></td>
	       <td class="windowbg2"><a href="'.$item['website'].'">'.$item['website_title'].'</a></td>
	       <td class="windowbg2">'.$item['downloads'].'</td>
	       <td class="windowbg2"><a href="'.$scripturl.'?module=DownloadsManagement;sa=edwnld;ite='.$item['id'].';catd='.$_REQUEST['catd'].'">'.$txt['dl_102'].'
		    </a> | <a href="'.$scripturl.'?module=DownloadsManagement;sa=ddwnld;itd='.$item['id'].';catd='.$_REQUEST['catd'].'">'.$txt['dl_103'].'
		    </a> | <a href="'.$scripturl.'?module=DownloadsManagement;sa=resetcounter;itr='.$item['id'].';catd='.$_REQUEST['catd'].'">'.$txt['dl_138'].'</a></td></tr>';
	}
	$context['raw_data'] .= '</table></div>';

}

function ddwnld()
{
	global $context, $db_prefix, $scripturl, $modSettings;



    $request = db_query("SELECT filename FROM {$db_prefix}download_items WHERE (id = $_REQUEST[itd])", __FILE__, __LINE__);
    $UploadedFilename = mysql_fetch_array($request);

if(strtolower(substr($UploadedFilename[0], 0, 7)) == "http://"){

} else {

    @unlink($modSettings['dlsdir'].'/'.$UploadedFilename[0]);

}

	$request = db_query("DELETE FROM {$db_prefix}download_items WHERE (id = $_REQUEST[itd])", __FILE__, __LINE__);
	if (!$request) { fatal_error(mysql_error()); }

	redirectexit('module=DownloadsManagement;sa=aedown_sub;catd=' . $_REQUEST['catd']);
}

function edwnld()
{
	global $context, $db_prefix, $txt, $settings, $scripturl;

	$request = db_query("SELECT * FROM {$db_prefix}download_items WHERE (id='$_REQUEST[ite]')", __FILE__, __LINE__);
	if (!$request) { fatal_error(mysql_error()); }
	$item = mysql_fetch_array($request);



	$context['raw_data'] .= '

		<form enctype="multipart/form-data" name="edit_download" method="post" action="' . $scripturl . '?module=DownloadsManagement;sa=edwnld2;ite=' . $_REQUEST['ite'] . '">
		<table width="100%" border="0">
		<tr><td align="left" colspan="2"><img src="' . $settings['images_url'] . '/icons/folder_open.gif"> <b>' . $txt['dl_86'] . '</b>:</td></tr>
		<tr><td><b>' . $txt['dl_89'] . '</b>:</td><td><input type="text" name="dtitle" value="' . $item['name'] . '"></td></tr>
		<tr><td><b>' . $txt['dl_92'] . '</b>:</td><td><textarea name="ddesc" rows="4">' . $item['ddesc'] . '</textarea>
		<tr><td><b>' . $txt['dl_90'] . '</b>:</td><td><input type="text" name="dfilen" value="' . $item['filename'] . '"></td></tr>
		<tr><td><b>' . $txt['dl_132'] . '</b>:</td><td><input type="checkbox" name="uploadnewfile"></td></tr>
		<tr><td><b>' . $txt['dl_133'] . '</b>:</td><td><input type="file" name="UploadedFile"></td></tr>
		<tr><td><b>' . $txt['dl_93'] . '</b>:</td><td><input type="text" name="daname" value="' . $item['author_name'] . '"></td></tr>
		<tr><td><b>' . $txt['dl_94'] . '</b>:</td><td><input type="text" name="daemail" value="' . $item['author_email'] . '"></td></tr>
		<tr><td><b>' . $txt['dl_95'] . ' ' . $txt['dl_96'] . '</b>:</td><td><input type="text" name="dawebsite" value="' . $item['website'] . '"></td></tr>
		<tr><td><b>' . $txt['dl_95'] . ' ' . $txt['dl_100'] . '</b>:</td><td><input type="text" name="dawsname" value="' . $item['website_title'] . '"></td></tr>
		<tr><td><b>' . $txt['dl_98'] . '</b></td><td><select name="cat">
';
		$get_cats = db_query("SELECT * FROM {$db_prefix}download_cats ORDER BY name ASC", __FILE__, __LINE__);
		while ($_REQUEST['cat'] = mysql_fetch_array($get_cats))
		{
			$id = $_REQUEST['cat']['id'];
			if ($item['cat'] == $id) { $sel[$id] = 'selected'; }
			$context['raw_data'] .= '<option value="'.$id.'" '.$sel[$id].'>'.$_REQUEST['cat']['name'].'</option>';
		}
	$context['raw_data'] .= '
		</select></td></tr>
		<tr><td colspan="2" align="center"><input type="submit" name="submit" value="' . $txt['dl_102'] . '"></td></tr>
		</table></form>
';

}

function edwnld2()
{
	global $context, $db_prefix, $scripturl, $modSettings;

	$time = time();
	if (isset($_REQUEST['uploadnewfile']))
	{
		$_REQUEST['UploadedFile'] = !empty($_REQUEST['UploadedFile']) ? $_REQUEST['UploadedFile'] : (!empty($_FILES['UploadedFile']['name']) ? $_FILES['UploadedFile']['name'] : '');
		$_REQUEST['UploadedFile_name'] = !empty($_FILES['UploadedFile']['name']) ? $_FILES['UploadedFile']['name'] : '';
		$absolute_path = $modSettings['dlsdir'];

		if (isset($_REQUEST['UploadedFile']))
		{
			if ($_REQUEST['UploadedFile_name'] =='')
				fatal_error("You need to select a file before trying to upload.");

			$serialize_filename = $_REQUEST['UploadedFile_name'];
			$serialize_i = 0;

			while (file_exists($absolute_path . '/' . $serialize_filename))
			{
				$serialize_filename = $_REQUEST['UploadedFile_name'];
				if (strpos(strrev($serialize_filename),'.') === false ) // note: three equal signs
				{
					// There is no 'dot' (.), so there is no file extension, serialize at the end
					$serialize_filename = $_REQUEST['UploadedFile_name'] . $serialize_i;
				}
				else
				{
					// The last 'dot' is at $serialize_position
					$serialize_position = strlen($serialize_filename) - (strpos(strrev($serialize_filename),".")+1);
					// If 'dot' is at beginning it's not an extension (it's a unix hidden file)
					if ($serialize_position == 0)
					{
						$serialize_filename = $_REQUEST['UploadedFile_name'] . $serialize_i;
					}
					else
					{
						$serialize_filename = substr($_REQUEST['UploadedFile_name'], 0, $serialize_position) . $serialize_i . substr($_REQUEST['UploadedFile_name'],$serialize_position);
					}
				}
				$serialize_i++;
			}
			$_REQUEST['UploadedFile_name']=$serialize_filename;
		}
		$request = db_query("SELECT filename FROM {$db_prefix}download_items WHERE (id = '$_REQUEST[ite]')", __FILE__, __LINE__);
		$UploadedFilename = mysql_fetch_array($request);
		move_uploaded_file($_FILES['UploadedFile']['tmp_name'], $modSettings['dlsdir'].'/'.$_REQUEST['UploadedFile_name']);
		@unlink($modSettings['dlsdir'].'/'.$UploadedFilename[0]);
		@chmod ($modSettings['dlsdir'].'/'.$_REQUEST['UploadedFile_name'], 0644);

		db_query("
			UPDATE {$db_prefix}download_items
			SET cat='$_REQUEST[cat]', name='$_REQUEST[dtitle]', ddesc='$_REQUEST[ddesc]',
			filename='$_REQUEST[UploadedFile_name]', author_name='$_REQUEST[daname]',
			author_email='$_REQUEST[daemail]', website='$_REQUEST[dawebsite]',
			website_title='$_REQUEST[dawsname]', date='$time'
			WHERE (id = '$_REQUEST[ite]')", __FILE__, __LINE__);
	}
	else
	{
		$request = db_query("
	       UPDATE {$db_prefix}download_items SET cat='$_REQUEST[cat]',name='$_REQUEST[dtitle]',ddesc='$_REQUEST[ddesc]',
		    filename='$_REQUEST[dfilen]',author_name='$_REQUEST[daname]',author_email='$_REQUEST[daemail]',
		    website='$_REQUEST[dawebsite]',website_title='$_REQUEST[dawsname]',date='$time'
	       WHERE (id = '$_REQUEST[ite]')", __FILE__, __LINE__);
	}

	redirectexit('module=DownloadsManagement;sa=aedown_sub;catd=' . $_REQUEST['cat']);
}

function resetcounter()
{
	global $context, $db_prefix;

	$result = db_query("
		UPDATE {$db_prefix}download_items
		SET downloads='0'
		WHERE id = '$_REQUEST[itr]'", __FILE__, __LINE__);

	redirectexit('module=DownloadsManagement;sa=aedown_sub;catd=' . $_REQUEST['catd']);
}

?>
Return current item: Enigma