Location: PHPKode > projects > Spacemarc News > spacemarc-news/admin/files.php
<?php

/*****************************************************************
*  Spacemarc News
*  Version: 1.2.0
*  Author and copyright (C): Marcello Vitagliano
*  Web site: http://www.spacemarc.it
*  License: GNU General Public License
*
*  This program is free software: you can redistribute it and/or
*  modify it under the terms of the GNU General Public License
*  as published by the Free Software Foundation, either version 3
*  of the License, or (at your option) any later version.
*
*  Current file: files.php
*****************************************************************/
session_start();
define('IN_NEWS', true);

//includo i file di configurazione
require_once (dirname(__FILE__) . '/../config.php');
require_once (dirname(__FILE__) . '/functions.php');
require_once (dirname(__FILE__) . '/../lang/lang.php');
$db = mysql_connect($db_host, $db_user, $db_password) or die("Impossibile connettersi a MySQL<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
mysql_select_db($db_name, $db) or die("Impossibile selezionare il database $db_name<br />Numero errore: " . mysql_errno() . "<br />Tipo di errore: " . mysql_error());
check_login();

if (isset($_GET['user_id']) && preg_match('/^[0-9]{1,4}$/', $_GET['user_id'])) {
    $get_dir = intval($_GET['user_id']);
    $checkid = mysql_query("SELECT user_id, nome_cognome FROM $tab_utenti WHERE user_id=$get_dir LIMIT 1");
    $rigaid = mysql_fetch_assoc($checkid);
    
    if (mysql_num_rows($checkid) == 0) {
        die("Non ci sono file inviati dall'utente user_id $get_dir");
    }
    
    if ($_SESSION['livello_id'] != 1 && $get_dir != $_SESSION['user_id'] && $rigaid['user_id'] != $_SESSION['user_id']) {
        die("Puoi visualizzare solo i tuoi file");
    }
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"   "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">  
  <head>    
    <title>File inviati
    </title>    
    <link rel="stylesheet" href="../style.css" type="text/css" />		
<script language="JavaScript" src="../javascript.js" type="text/JavaScript"></script>  
  </head>  
  <body>    
    <div align="center">
<?php
    $dir = "../$file_dir/$get_dir";
    $id_file = 0;
    echo "<span class=\"text\"><b>" . $lang['file_inviati'] . " " . $rigaid['nome_cognome'] . "</b></span><br /><br />";
    echo "<form method=\"post\" action=\"files.php?user_id=$get_dir\" name=\"admin\">";
    echo "<table border=\"0\" cellpadding=\"2\" cellspacing=\"1\" width=\"550\">";
    echo "<tr><td>&nbsp;</td>";
    echo "<td class=\"text\" align=\"center\">ID news*</td>";
    echo "<td class=\"text\" align=\"center\">Nome file</td>";
    echo "<td class=\"text\" align=\"center\">Size</td>";
    echo "<td class=\"text\" align=\"center\">Data di invio</td></tr>";
    
    foreach(glob("$dir/*.*") as $filename) {
        
        if ($filename == '.' || $filename == '..' || basename($filename) == 'index.html') continue;
        ++$id_file;
        $nome = basename($filename);
        $dimensione = round(filesize($filename) / 1024, 1);

        //icone estensione file
        $estensione_file = pathinfo($filename);
        
        switch ($estensione_file['extension']) {
            case 'gif':
                $icon_file = "<img src=\"$img_path/icon_gif.gif\" alt=\"gif\" />";
            break;
            case 'jpg':
                $icon_file = "<img src=\"$img_path/icon_jpg.gif\" alt=\"jpg\" />";
            break;
            case 'zip':
                $icon_file = "<img src=\"$img_path/icon_zip.gif\" alt=\"zip\" />";
            break;
            case 'pdf':
                $icon_file = "<img src=\"$img_path/pdf.gif\" alt=\"pdf\" />";
            break;
        }

        //vedo in quali news sono presenti i files
        $file_news = mysql_query("SELECT id FROM $tab_news WHERE testo LIKE '%$nome%'");
        $riga = mysql_fetch_array($file_news);
        echo "<tr><td align=\"center\" bgcolor=\"#EEEEEE\"><input type=\"checkbox\" name=\"cb_id[]\" value=\"$nome\" id=\"f_$id_file\" /></td>\n";
        echo "<td align=\"center\" bgcolor=\"#EEEEEE\"><a href=\"modifica.php?id=" . $riga['id'] . "\" title=\"Modifica [Nuova finestra]\" class=\"piccolo\" target=\"_blank\">" . $riga['id'] . "</a></td>\n";
        echo "<td align=\"left\" bgcolor=\"#EEEEEE\">$icon_file <a href=\"$dir/$nome\" target=\"blank\" class=\"piccolo\" title=\"Visualizza\">$nome</a></td>\n";
        echo "<td class=\"text2\" align=\"center\" bgcolor=\"#EEEEEE\">$dimensione KiB</td>\n";
        echo "<td class=\"text2\" align=\"center\" bgcolor=\"#EEEEEE\">" . date("d/m/Y H:i:s", filemtime($filename)) . "</td></tr>";
    }
    echo "<tr><td colspan=\"5\" class=\"text2\" align=\"left\">* " . $lang['files_orfani_descr2'] . " <br /><br />Seleziona: <a href=\"javascript:onClick=checkTutti()\" class=\"piccolo\">tutti</a>, <a href=\"javascript:onClick=uncheckTutti()\" class=\"piccolo\">nessuno</a> <input type=\"submit\" name=\"canc_file\" value=\"Cancella file\" onclick=\"return confirmSubmit()\" /></td></tr>";
    echo "</table></form><br />";
    
    if (isset($_POST['canc_file'])) {
        
        if (isset($_POST['cb_id'])) {
            $uid = implode(",", $_POST['cb_id']);
            
            if (count($_POST['cb_id']) == 1) {
                @unlink($dir . "/" . $uid);
                echo "<div id=\"success\">" . $lang['file_cancellato'] . "</div>";
                echo "<script language=\"JavaScript\" type=\"text/javascript\">
										      <!--
		      								function doRedirect() { location.href = \"files.php?user_id=$get_dir\"; }
		      								window.setTimeout(\"doRedirect()\", 1500);
		      								//-->
		      								</script>";
            }
            else {
                $dirs = explode(",", $uid);
                
                foreach($dirs as $del_dirs) {
                    @unlink($dir . "/" . $del_dirs);
                    $del_msg = "<div id=\"success\">" . $lang['file_cancellati'] . "</div>
																<script language=\"JavaScript\" type=\"text/javascript\">
																<!--
																function doRedirect() { location.href = \"files.php?user_id=$get_dir\"; }
																window.setTimeout(\"doRedirect()\", 1500);
																//-->
																</script>";
                }
                echo $del_msg;
            }
        }
    }
}
else {
    die("Utente non valido");
}
?>    
    </div>  
  </body>
</html>
Return current item: Spacemarc News