Location: PHPKode > projects > @1 File Store > copyf.php
<?

if(isset($_GET["id"]) && $_GET["id"]!="") {

	$id=$_GET['id'];

} else {

	exit("Bad request");

}

if(isset($_GET["folder"]) && $_GET["folder"]!="") {

	$folder_id=$_GET['folder'];

} else {

	exit("Bad request");

}

$MustLogin=1|2|4;

require_once("libs/header.php");

require_once(LIBPATH."multipage.php");

require_once("libs/databasetree.php");



$userlevel=$CurUser->getlevel();

$userid=$CurUser->getid();



$folisttree=new databasetree($mysql, DB_PREFIX."folders");

$folisttreeresult=$folisttree->get_array("Root Folder", "...&nbsp;&nbsp;");

$flist = $folisttreeresult;

$flisttest = $flist;



if($userlevel==-1 || $userlevel==0) {

	$flisttest=$folisttreeresult;

} else 



if($userlevel!=-1 || $userlevel!=0) {

	$group1=array();

	$sql1 = "SELECT * FROM `".DB_PREFIX."access_list` WHERE group_id='".$userlevel."'";

	if(!$mysql->query($sql1)) {

		exit($mysql->error);

	}

	while(!$mysql->EOF) {

		$group1[$mysql->field("folder_id")]=$mysql->field("group_id");

		$mysql->movenext();

	}

	$group2=array();

	$sql2 = "SELECT * FROM `".DB_PREFIX."access_list` WHERE group_id!='".$userlevel."'";

	if(!$mysql->query($sql2)) {

		exit($mysql->error);

	}

	while(!$mysql->EOF) {

		$group2[$mysql->field("folder_id")]=$mysql->field("group_id");

		$mysql->movenext();

	}



	foreach ($group2 as $kgroup2 => $vgroup2) {

		if (!array_key_exists($kgroup2, $group1) and strval($kgroup2) != '0') {

			unset($flisttest[$kgroup2]);

		}

	}



	foreach ($flist as $kflisttest => $vflisttest) {

		if (!array_key_exists($kflisttest, $group1) and !array_key_exists($kflisttest, $group2) and strval($kflisttest) != '0') {

			unset($flisttest[$kflisttest]);

		}

	}

}



$form=array(

	"method"=>"POST",

	"action"=>"",

	"message"=>"",

	"errorcount"=>0,

	"fields"=>array(

		       "choose"=>array("type"=>"select",

		       		"description"=>$lang['copy_to'],

		       		"error"=>$lang['select_destination_folder'],

		       		"extra"=>$flisttest

		       	     )

		      ),

	"submit"=>$lang['copy']

);

$userform=new UserForms($form["fields"]);



$smarty->assign("action", $lang['copy_file']);

$form["submit"]=$lang['copy'];

if($_SERVER["REQUEST_METHOD"]==$form["method"]) {

	$userform->load($form["fields"], $_POST);

	$form["errorcount"]=$userform->check($form["fields"]);

	if($form["errorcount"]==0) {

		$cleanup = $userform->sql($form["fields"]);

		$do = preg_match("/\d+/", $cleanup, $matches);

		if ($do = true) {

			$clean=$matches['0'];

			$found = $clean;

			if ($found!='0') {

				$goodtogo = '1';

			}

			if ($found=='0') {

				$goodtogo = '0';

				$form["errorcount"]=1;

				$form["message"]=$lang['no_move_this_file'];

			}

		} else { exit("Bad request"); }

		if($goodtogo == '1') {

			$sql3 = "SELECT * FROM `".DB_PREFIX."file_list` WHERE id='".$_GET['id']."'";

			if(!$mysql->query($sql3)) {

				exit($mysql->error);

			}

			$rfid = $mysql->field("id");

			$rfilename = $mysql->field("filename");

			$rdownload = $mysql->field("download");

			$rfolder_id =$mysql->field("folder_id");

			$rdescript = $mysql->field("descript");

			$rfile_type = $mysql->field("file_type");

			$ruser_id = $mysql->field("user_id");

			$rfilesize = $mysql->field("filesize");

			$rdateadd = $mysql->field("dateadd");

			$rconfirm = $mysql->field("confirm");

			$rlastchange = $mysql->field("lastchange");

			$name=strval(time()).'u'.$userid.'.dat';



			$SQL="INSERT INTO fstore_file_list SET filename='".strval($rfilename)."', download='".strval($name)."', folder_id='".strval($found)."', descript='".strval($rdescript)."', file_type='".strval($rfile_type)."', user_id='".strval($userid)."', filesize='".strval($rfilesize)."', dateadd=NOW(), confirm='".strval($rconfirm)."'";



			if(!$mysql->query($SQL)) {

				exit($mysql->error);

			}

			copy('data/'.$rdownload, 'data/'.$name);

			Header("Location:folder.php?id=".$_GET['folder']);

			exit();

		}

	}

}

$smarty->assign("form", $form);

$smarty->display("control/form2.tpl");

?>
Return current item: @1 File Store