<?php
/* +--------------------------------------------
* |
* | Product: PHPEchoCMS
* | Author: Tigran Abrahamyan
* | License: GPL
* | Last updated: 16.02.07
* | For version: 1.6
* | Desc: Module for working with files module
* |
* +--------------------------------------------
*/
if( !ADMIN_LOAD )
{
die( "Base not loaded!" );
}
$mlang = $core->getlang("admin_files");
echo "<Br /><center><a href='index.php?module=admin&act=files'>".$mlang['001']."</a> | <a href='index.php?module=admin&act=files&op=add'>".$mlang['002']."</a><br /><br /></center>";
switch ( @$_GET['op'] )
{
case "add":
add($mlang);
break;
case "edit":
edit($mlang);
break;
case "delete":
del($mlang);
break;
default:
flist($mlang);
}
function add($lang)
{
$mlang = $lang;
if ( @$_POST['filename'] && $_FILES['filelink']['tmp_name'])
{
$hash = substr(md5(rand(1000000000,9999999999)),0,16);
copy ($_FILES['filelink']['tmp_name'], "uploads/file-".$hash);
query ( "INSERT INTO ".PREFIX."files VALUES ('', '".addslashes($_POST['filename'])."', 'file-".$hash."', '')", 1);
echo $mlang['003'];
}
else
echo "
<form enctype='multipart/form-data' action='index.php?module=admin&act=files&op=add' method='post' >
<input type=hidden name='MAX_FILE_SIZE' value='10000000'>
".$mlang['004']."<input type='text' name='filename' size=40><br>
".$mlang['005']."<input name='filelink' type='file' size=40><br>
<input type='submit' value='".$mlang['006']."'>
</form>
";
}
function edit($lang)
{
$mlang = $lang;
if ( @$_POST['filename'] )
{
query ( "UPDATE ".PREFIX."files SET file_name = '".addslashes($_POST['filename'])."' WHERE file_id = '".addslashes($_GET['id'])."'", 1);
echo $mlang['007'];
}
$file = query ( "SELECT * FROM ".PREFIX."files WHERE file_id = '".addslashes(@$_GET['id'])."'", 4);
if ( @$_GET['id'] && $file['file_id'] )
{
echo "
<center>
<form action='index.php?module=admin&act=files&op=edit&id=".$_GET['id']."' method='post'>
".$mlang['004']."<input type='text' name='filename' value='".$file['file_name']."'><Br />
<input type='submit' value='".$mlang['008']."'>
</form>
</center>
";
}
}
function del($lang)
{
$mlang = $lang;
$file_exist = query ( "SELECT * FROM ".PREFIX."files WHERE file_id = '".addslashes($_GET['id'])."'", 4);
if ($file_exist['file_id'])
{
unlink ("uploads/".$file_exist['file_link']);
query ("DELETE FROM ".PREFIX."files WHERE file_id = '".$file_exist['file_id']."'", 1);
echo $mlang['009'];
}
}
function flist($lang)
{
$mlang = $lang;
$list = query ("SELECT * FROM ".PREFIX."files order by `file_id` desc", 1);
echo "<table width='100%'>
<tr>
<td width='5%'>
<b>#</b>
</td>
<td width='35%'>
<b>".$mlang['010']."</b>
</td>
<td width='40%'>
<b>".$mlang['011']."</b>
</td>
<td width='10%'>
<b>".$mlang['012']."</b>
</td>
<td width='10%'>
<b>".$mlang['013']."</b>
</td>
</tr></table>
";
if (mysql_num_rows($list)>0)
while ( $file = mysql_fetch_array ( $list ) )
{
echo "
<table width='100%'><tr>
<td width='5%'>
".$file['file_id']."
</td>
<td width='35%'>
".$file['file_name']."
</td>
<td width='40%'>
".$file['file_link']."
</td>
<td width='10%'>
<a href='index.php?module=admin&act=files&op=delete&id=".$file['file_id']."'>".$mlang['012']."</a>
</td>
<td width='10%'>
<a href='index.php?module=admin&act=files&op=edit&id=".$file['file_id']."'>".$mlang['013']."</a>
</td>
</tr></table>
";
}
else
echo $mlang['014'];
}
?>