Location: PHPKode > projects > PHP File Database > fdat/files.php
<?php
/*
###############################################################################
# files.php                                                                   #
###############################################################################
# FDat (File Database) Beta Version                                          #
# Open-Source Project by Jeffrey Gelens (hide@address.com)                  #
# =========================================================================== #
# Copyright (c) 2001 Jeffrey Gelens - All Rights Reserved                     #
#                                                                             #
# This program is free software; you can redistribute it and/or               #
# modify it under the terms of the GNU General Public License                 #
# as published by the Free Software Foundation; either version 2              #
# of the License, or (at your option) any later version.                      #
###############################################################################
*/
require ('settings.php');
require ('sources/functions.php');

mysql_connect ($database['host'], $database['username'], $database['password']) or die ("Can't connect to database server");
mysql_select_db ($database['name']) or die ("Database doesn't exist, check settings.php");

$check = check($PHP_SELF);

if (!$check) {
  echo "Not logged in or session time is expired!!!";
  exit;
}

head();
head2();

if ($files == "search") {
  error_reporting (E_ALL & ~E_NOTICE & ~E_WARNING);

  $i = -1;
  mysql_connect ($database['host'], $database['username'], $database['password']) or die ("Can't connect to database server");
  mysql_select_db ($database['name']) or die ("Database doesn't exist, check settings.php");
  $userRank = get_UserData($koekje);

  if (!empty($search)) {
    $file_array = search_file("$fdathostdir/", "$search");

    echo "
    <table border='1' width='100%'>
  <tr>
    <td width='20'> &nbsp; </td>
    <td> File </td>
    <td> Description </td>
    <td> Filetype </td>
    <td> Subject </td>
    <td> User </td>
    <td width='20'> &nbsp; </td>
  </tr>
    ";

    while ($i++ < count($file_array)) {

    if ($which_subject == "allsubs") {
    $sql = "SELECT * FROM files WHERE file = '$file_array[$i]'";
    }
    else {
      $sql = "SELECT * FROM files WHERE file = '$file_array[$i]' AND subject = '$which_subject'";
    }

    $result = mysql_query($sql);
    $id = mysql_result($result, '', "id");
    $desc = mysql_result($result, '', "description");
    $filetype = mysql_result($result, '', "filetype");
    $subject = mysql_result($result, '', "subject");
    $getSchool = mysql_result($result, '', "school");
    $rank = mysql_result($result, '', "rank");
    $user = mysql_result($result, '', "user");



    $sql = "SELECT * FROM docs WHERE doctype = '$filetype'";
    $result = mysql_query($sql);
    $sort = mysql_result($result, '', "description");
    $icon = mysql_result($result, '', "icon");

 if ($getSchool != "a") {
  if ($getSchool == $school) {
   // echo " Doe niets";
  }
  elseif (($getSchool != $school) && ($school != "a")) {
   //echo " Doe nietsyo $getSchool $rank<br>";
    continue;
  }
}

if ($rank != "a") {
  if ($userRank == $rank) {
  //  echo " Doe niets";
  }
  elseif (($userRank != $rank) && ($userRank != "a")) {
 //  echo " Doe nietsyo $getSchool $rank $userRank<br>";
    continue;
  }
}



    if ((empty($sort)) && (empty($id))) {
      continue;
    }
    if (empty($sort)) {
      echo "<p>New filetype: $filetype<br>It must be added by an administrator!</p>";
      mail($admin_mail, "New FileType", "Add this filetype to FDat: $filetype");
    }

    $file = rawurlencode($file_array[$i]);

    echo "

   <tr>
    <td width='20'> <img src='$icondir/$icon'> </td>
    <td> <a href='$fdatdir/files/$file'>$file</a><br> </td>
    <td> $desc </td>
    <td> $sort </td>
    <td> $subject </td>
    <td> $user </td>
    <td width='20'> <a href='files.php?files=delete&id=$file'> DEL </a></td>
  </tr>
    ";
    }
    echo "</table>";
    error_reporting (E_ALL);
    }
  else {
    mysql_connect ($database['host'], $database['username'], $database['password']) or die ("Can't connect to database server");
    mysql_select_db ($database['name']) or die ("Database doesn't exist, check settings.php")
?>
  <table><tr><td>
  <form action="files.php?files=search" method="post">
  Keyword:</td>
  <td><input type="text" name="search"></td>
  <tr><td>
  Subject:</td><td>
  <?php
  get_Subjects("x");
  ?>
  </td></tr><td>
  School:</td><td>
  <select name='school'>
  <option value='a'>Both</option>
  <option value='h'>High School</option>
  <option value='v'>University</option>
  </select></td></tr></table>
  <input type="submit" value="Zoek">
  </form>

<?php
}
}

if ($files == "delete") {
  if ($agree == "yes") {

    $del = unlink("$fdathostdir/$id");

    mysql_connect ($database['host'], $database['username'], $database['password']) or die ("Can't connect to database server");
    mysql_select_db ($database['name']) or die ("Database doesn't exist, check settings.php");

    if ($del) {
    $sql = "DELETE FROM files WHERE file = '$id'";
    $result = mysql_query($sql);
    echo "File '$id' deleted!";
    }
    else {
      echo "Deleting has failed!";
    }
  }
  else {
    $id = rawurlencode($id);
    echo "Are you sure? <a href='files.php?files=delete&id=$id&agree=yes'>Yes</a>/<a href='files.php?files=show'>No</a>";
  }
}

if ($files == "add") {
?>
Upload File:
<form action="sources/upload.php" method="post" enctype="multipart/form-data">
<table><tr><td>
File:</td>
<td><input type="file" name="file"></td></tr>
<tr><td>
School:</td><td>
<select name='school'>
  <option value='h'>High School</option>
  <option value='v'>University</option>
</select></td></tr>
<tr><td>
Access:</td><td>
<select name='rank'>
  <option value='a'>Everyone</option>
  <option value='p'>Only Pupils</option>
  <option value='t'>Only Teachers</option>
</select></td></tr><tr><td>
Subject:</td><td>
<?php
mysql_connect ($database['host'], $database['username'], $database['password']) or die ("Can't connect to database server");
mysql_select_db ($database['name']) or die ("Database doesn't exist, check settings.php");

get_subjects("upload");
?>
</td></tr><tr><td>Description:</td>
<td><textarea name="description" rows="4" cols="50"></textarea></td>
</tr>
</table>
<input type="submit" value="Upload File">

</form>

<?php
}
if ($files == "show") {
  mysql_connect ($database['host'], $database['username'], $database['password']) or die ("Can't connect to database server");
  mysql_select_db ($database['name']) or die ("Database doesn't exist, check settings.php");

  echo "<table><tr><form action='files.php' method='post'>
  <td>Vak:</td><td>
  ";
  get_subjects("x");
  echo"
  </td><br><tr><td>School:</td>
  <td><select name='school'>
  <option value='a'>Both</option>
  <option value='h'>High School</option>
  <option value='v'>University</option>
  </select></td></tr></table>
  <input type='submit' value='View'>
  <input type='hidden' name='files' value='subject'>
  </form>

  ";
}

if ($files == "subject") {
error_reporting (E_ALL);

mysql_connect ($database['host'], $database['username'], $database['password']) or die ("Can't connect to database server");
mysql_select_db ($database['name']) or die ("Database doesn't exist, check settings.php");

echo "
<table border='1' width='100%'>
  <tr>
    <td width='20'> &nbsp; </td>
    <td> File </td>
    <td> Description </td>
    <td> Filetype </td>
    <td> Subject </td>
    <td> User </td>
    <td width='20'> &nbsp; </td>
  </tr>
";

$userRank = get_UserData($koekje);

if ($which_subject == "allsubs") {
   $sql = "SELECT * FROM files";
}
else {
   $sql = "SELECT * FROM files WHERE subject = '$which_subject'";
}
$result = mysql_query($sql);

while ($files = mysql_fetch_array($result)) {

$id = $files["id"];
$file = $files["file"];
$desc = $files["description"];
$filetype = $files["filetype"];
$subject = $files["subject"];
$getSchool = $files["school"];
$user = $files["user"];
$rank = $files["rank"];

$sql = "SELECT * FROM docs WHERE doctype = '$filetype'";
$result2 = mysql_query($sql);
$sort = mysql_result($result2, '', "description");
$icon = mysql_result($result2, '', "icon");


if ($getSchool != "a") {
  if ($getSchool == $school) {
    //echo " Doe niets";
  }
  elseif (($getSchool != $school) && ($school != "a")) {
   //echo " Doe nietsyo $file<br>";
    continue;
  }
}

if ($rank != "a") {
  if ($userRank == $rank) {
    //echo " Doe niets";
  }
  elseif (($userRank != $rank) && ($userRank != "a")) {
  // echo " Doe nietsyo $file<br>";
    continue;
  }
}


if ((empty($sort)) && (empty($id))) {
  continue;
}
if ((empty($sort)) && (!empty($id))) {
  echo "<p>New Filetype: $filetype<br>It must be added by an administrator!</p>";
  mail($mail_admin, "New FileType", "Add this filetype: $filetype");
}

$file = rawurlencode($file);

echo "
<tr>
    <td width='20'> <img src='$icondir/$icon'> </td>
    <td> <a href='$fdatdir/files/$file'>$file</a><br> </td>
    <td> $desc </td>
    <td> $sort </td>
    <td> $subject </td>
    <td> $user </td>
    <td width='20'> <a href='files.php?files=delete&id=$file'> DEL </a></td>
  </tr>
";
}
echo "</table>";
error_reporting (E_ALL);
?>


<?php
}
foot();
?>
Return current item: PHP File Database