exit; } $course = $_POST['course']; $user = Database::getUserId(Session::user()); $account = Database::getAccount($user, $course); if ($account === NULL || $account->canUpload() !== TRUE) { $message = urlencode("You do not have permission to upload files for this course."); header("Location: error.php?error={$message}"); exit; } $date = trim($_POST['date']); $date = date("Y-m-d", strtotime($date)); $fileType = Config::$ALLOWED_TYPES[$mime]; $myName = "Lecture_{$date}"; $fileName = Database::sanitizeFileName($myName); $id = Database::createNote($fileName, $fileType, $date, $course, $user); $result = true; //if the uploads folder does not exist, create it if (!file_exists("./uploads")) { $result = mkdir("./uploads"); } //if the upload has been created in the past at some point if ($result === true) { $dir = Database::getUploadPath($id, $fileType); if (file_exists($dir)) { $message = urlencode("The file already exists on the server."); Database::logError("{$message}\n", false); header("Location: error.php?error={$message}"); exit; } //move the uploaded file to the uploads folder under the name of its id