$archivelink = '<a class="btn1" href="' . $phpself . '?mode=archive&id=' . $msg_id . '"><img src="' . $CONF_MSG['imgset'] . '/pm_archive.gif" align="absmiddle" border="0" alt="' . $LANG_MSG['ARCHIVEMSG'] . '">';
$msg_row->set_var('link2_end', '</a>');
} else {
$archivelink = '<div class="msgDisabledBtn">';
$msg_row->set_var('link2_end', '</div>');
}
// Set View Original Message Link - active if this is a reply to one of your messages
if ($reply_msgid > 0 and DB_count($_TABLES['messenger_msg'], "id", $reply_msgid)) {
$view_sentmsg = sprintf($LANG_MSG['VIEWORIGINAL'], $_CONF['site_url'] . '/messenger/index.php?folder=SENT&replyid=' . $reply_msgid);
} else {
$view_sentmsg = '';
}
// Set Broadcast Display flag
$broadcast_flag = $target == 0 ? '<IMG SRC="' . $CONF_MSG['imgset'] . '/pm_broadcast.gif" border="0" align="absmiddle" alt="' . $LANG_MSG['BROADCAST_MSG'] . '">' : '';
if ($source != $_USER['uid']) {
if (DB_COUNT($_TABLES['messenger_buddies'], array('uid', 'buddy_id'), array($_USER['uid'], $source)) > 0) {
$LANG_buddy = $LANG_MSG['DELBUDDY'];
$buddylink = '<a href="' . $phpself . '?action=delbuddy&buddy=' . $source . '&sortoption=' . $sortoption . '"><img align="absmiddle" src="' . $CONF_MSG['imgset'] . '/del_buddy.gif" border="0" ALT="' . $LANG_buddy . '">';
} else {
$LANG_buddy = $LANG_MSG['ADDBUDDY'];
$buddylink = '<a href="' . $phpself . '?action=addbuddy&buddy=' . $source . '&sortoption=' . $sortoption . '"><img align="absmiddle" src="' . $CONF_MSG['imgset'] . '/add_buddy.gif" border="0" ALT="' . $LANG_buddy . '">';
}
}
if ($CONF_MSG['smiliesEnabled']) {
$message = msg_replaceEmoticons($message);
}
if ($folder == "INBOX" or $folder == "ARCHIVE") {
$msg_row->set_var('LANG_whom', $LANG_MSG['FROM']);
} else {
$msg_row->set_var('LANG_whom', $LANG_MSG['TO']);
}
private function _renderBlockMenu()
{
global $_USER, $_TABLES, $_CONF, $CONF_NEXMENU;
$retval = COM_startBlock('', '', 'nexmenu/procssmenu/blockheader.thtml');
$t = new Template($_CONF['path_layout'] . 'nexmenu/procssmenu');
$t->set_file('menu', 'blockmenu.thtml');
$t->set_var('menuitems', $this->_renderMenuItems());
$t->parse('output', 'menu');
$retval .= $t->finish($t->get_var('output'));
$retval .= COM_endBlock('nexmenu/procssmenu/blockfooter.thtml');
if ($CONF_NEXMENU['loginform'] and $_USER['uid'] < 2 and DB_COUNT($_TABLES['nexmenu'], 'url', 'usermenu') > 0) {
// Now check the default useroptions block or gluserlogin block is not enabled
$sql = "SELECT * FROM {$_TABLES['blocks']} WHERE is_enabled=1 AND (name='user_block' OR phpblockfn='phpblock_gluserlogin')";
if (DB_numRows(DB_query($sql)) == 0) {
$retval .= phpblock_glusermenu();
}
}
return $retval;
}
/**
* Returns a formatted listbox of categories user has access
* First checks for View access so that delegated admin can be just for sub-categories
*
* @param string|array $perms Single perm 'admin' or array of permissions as required by fm_getPermission()
* @param int $selected Will make this item the selected item in the listbox
* @param string $cid Parent category to start at and then recursively check
* @param string $level Used by this function as it calls itself to control the ident formatting
* @param string $selectlist Used by this function to be able to append to the formatted select list
* @param string $restricted Used if you do not want to show this categories subfolders
* @return string Return a formatted HTML Select listbox of categories
*/
function nexdoc_recursiveAccessOptions($perms, $selected = '', $cid = '0', $level = '1', $selectlist = '', $restricted = '')
{
global $_TABLES, $LANG_FM02;
if (empty($selectlist) and $level == 1) {
if (SEC_hasRights('nexfile.admin')) {
$selectlist = '<option value="0">' . $LANG_FM02['TOP_CAT'] . '</option>' . LB;
}
}
$query = DB_QUERY("SELECT cid,pid,name FROM {$_TABLES['nxfile_categories']} WHERE PID='{$cid}' ORDER BY CID");
while (list($cid, $pid, $name, $description) = DB_fetchARRAY($query)) {
$indent = ' ';
// Check if user has access to this category
if ($cid != $restricted and fm_getPermission($cid, 'view')) {
// Check and see if this category has any sub categories - where a category record has this cid as it's parent
if (DB_COUNT($_TABLES['nxfile_categories'], 'pid', $cid) > 0) {
if ($level > 1) {
for ($i = 2; $i <= $level; $i++) {
$indent .= "--";
}
$indent .= ' ';
}
if (fm_getPermission($cid, $perms)) {
if ($indent != '') {
$name = " {$name}";
}
$selectlist .= '<option value="' . $cid;
if ($cid == $selected) {
$selectlist .= '" selected="selected">' . $indent . $name . '</option>' . LB;
} else {
$selectlist .= '">' . $indent . $name . '</option>' . LB;
}
$selectlist = nexdoc_recursiveAccessOptions($perms, $selected, $cid, $level + 1, $selectlist, $restricted);
} elseif ($perms == 'admin') {
// Need to check for any folders with admin even subfolders of parents that user does not have access
$selectlist = nexdoc_recursiveAccessOptions($perms, $selected, $cid, $level + 1, $selectlist, $restricted);
}
} else {
if ($level > 1) {
for ($i = 2; $i <= $level; $i++) {
$indent .= "--";
}
$indent .= ' ';
}
if (fm_getPermission($cid, $perms)) {
if ($indent != '') {
$name = " {$name}";
}
$selectlist .= '<option value="' . $cid;
if ($cid == $selected) {
$selectlist .= '" selected="selected">' . $indent . $name . '</option>' . LB;
} else {
$selectlist .= '">' . $indent . $name . '</option>' . LB;
}
}
}
}
}
return $selectlist;
}
private function add_accessmetrics($itemid, $tagids)
{
// Test that a valid array of tag id's is passed in
if (is_array($tagids) and count($tagids) > 0) {
// Test that a valid item record exist
if (DB_count($this->_tagitems, array('type', 'itemid'), array($this->_type, $itemid))) {
// Get item permissions to determine what rights to use for tag metrics record
$perms = $this->get_itemperms($itemid);
// Add any new tags
foreach ($tagids as $id) {
if (!empty($id)) {
if ($perms['perm_anon']) {
DB_query("UPDATE {$this->_tagwords} SET metric=metric+1 WHERE id={$id}");
if (DB_COUNT($this->_tagmetrics, array('tagid', 'type', 'grpid'), array($id, $this->_type, $this->_allusers))) {
$sql = "UPDATE {$this->_tagmetrics} set metric=metric+1, last_updated=now() ";
$sql .= "WHERE tagid={$id} AND type='{$this->_type}' and grpid={$this->_allusers}";
} else {
$sql = "INSERT INTO {$this->_tagmetrics} (tagid,type,grpid,metric,last_updated) ";
$sql .= "VALUES ({$id},'{$this->_type}',{$this->_allusers},1,NOW())";
}
DB_query($sql);
} elseif ($perms['perm_members']) {
DB_query("UPDATE {$this->_tagwords} SET metric=metric+1 WHERE id={$id}");
if (DB_COUNT($this->_tagmetrics, array('tagid', 'type', 'grpid'), array($id, $this->_type, $this->_sitemembers))) {
$sql = "UPDATE {$this->_tagmetrics} set metric=metric+1, last_updated=now() ";
$sql .= "WHERE tagid={$id} AND type='{$this->_type}' and grpid={$this->_sitemembers}";
} else {
$sql = "INSERT INTO {$this->_tagmetrics} (tagid,type,grpid,metric,last_updated) ";
$sql .= "VALUES ({$id},'{$this->_type}',{$this->_sitemembers},1,NOW())";
}
DB_query($sql);
} elseif ($perms['group_id'] >= 2) {
DB_query("UPDATE {$this->_tagwords} SET metric=metric+1 WHERE id={$id}");
if (DB_COUNT($this->_tagmetrics, array('tagid', 'type', 'grpid'), array($id, $this->_type, $perms['group_id']))) {
$sql = "UPDATE {$this->_tagmetrics} set metric=metric+1, last_updated=now() ";
$sql .= "WHERE tagid={$id} AND type='{$this->_type}' and grpid={$perms['group_id']}";
} else {
$sql = "INSERT INTO {$this->_tagmetrics} (tagid,type,grpid,metric,last_updated) ";
$sql .= "VALUES ({$id},'{$this->_type}',{$perms['group_id']},1,NOW())";
}
DB_query($sql);
}
}
}
}
}
}
function recursive_node(&$node, $id)
{
global $_CONF, $_TABLES, $CONF_NEXMENU, $showdisabled, $idCurrent, $menulocation;
$query = DB_QUERY("SELECT id,pid,label,url,menuorder, menutype,is_enabled FROM {$_TABLES['nexmenu']} WHERE PID='{$id}' ORDER BY menuorder");
$menuOrd = 10;
$stepNumber = 10;
while (list($id, $pid, $label, $url, $order, $menutype, $enabled) = DB_fetchARRAY($query)) {
if ($idCurrent == $id) {
$label = '<span class="treeMenuSelected">' . $label . '</span>';
} elseif ($enabled == '0') {
$label = '<span class="treeMenuDisabled">' . $label . '</span>';
}
/* Re-order any menuitems that may have just been moved */
if ($order != $menuOrd) {
DB_query("UPDATE {$_TABLES['nexmenu']} SET menuorder = '{$menuOrd}' WHERE id = '{$id}'");
}
$menuOrd += $stepNumber;
// Check and see if this category has any sub categories - where a category record has this cid as it's parent
if (DB_COUNT($_TABLES['nexmenu'], 'pid', $id) > 0) {
if ($enabled == '1' or $enabled == 0 and $showdisabled == '1') {
$subnode[$id] = new HTML_TreeNode(array('text' => $label, 'link' => $_CONF['site_admin_url'] . "/plugins/nexmenu/index.php?op=display&id={$id}&showdisabled={$showdisabled}&menulocation={$menulocation}", 'icon' => $folder_icon));
recursive_node($subnode[$id], $id);
$node->addItem($subnode[$id]);
}
} else {
if ($enabled == '1' or $enabled == 0 and $showdisabled == '1') {
$icon = $CONF_NEXMENU['icons'][$menutype];
$node->addItem(new HTML_TreeNode(array('text' => $label, 'link' => $_CONF['site_admin_url'] . "/plugins/nexmenu/index.php?op=display&id={$id}&showdisabled={$showdisabled}&menulocation={$menulocation}", 'icon' => $icon)));
}
}
}
}
function upload_picture($filename, $isLarge)
{
global $_TABLES;
global $_CONF;
$error = "";
if ($filename != "") {
$uploaddir = $_CONF['path_html'] . "ecommerce/images/item/";
//Check if file for large picture exist. If it does and random numbers to the end.
$count = 0;
if ($isLarge) {
$count = DB_COUNT($_TABLES['ecom_item'], "ecom_item_picture_large", $filename);
$tmp_file = $_FILES['picture_large']['tmp_name'];
} else {
$count = DB_COUNT($_TABLES['ecom_item'], "ecom_item_picture_small", $filename);
$tmp_file = $_FILES['picture_small']['tmp_name'];
}
//Check if file for small picture exist. If it does and random numbers to the end.
if ($count > 0) {
//Rename the file with timestamp
$arr_filename = explode('.', $filename);
$filename = $arr_filename[0] . time() . "." . $arr_filename[1];
}
$uploadfile = $uploaddir . $filename;
if (!move_uploaded_file($tmp_file, $uploadfile)) {
$error = "Uploading image failed.<br>";
return $error;
}
}
echo filename;
return $error;
}
// Check if filename entered
if ($_FILES['newfile']['name'] != '') {
$name = $_FILES['newfile']['name'];
$url = rawurlencode($name);
$name = $myts->makeTboxData4Save($name);
$url = $myts->makeTboxData4Save($url);
} else {
$eh->show("1016");
}
// Check if Description entered
if ($_POST['description'] == '') {
$eh->show("1008");
}
$uploadfilename = $myts->makeTboxData4Save($_FILES['newfile']['name']);
// Check if file is already on file
if (DB_COUNT($_TABLES['filemgmt_filedetail'], 'url', $uploadfilename) > 0) {
$eh->show("1108");
}
if (!empty($_POST['cid'])) {
$cid = (int) COM_applyFilter($_POST['cid'], true);
} else {
$cid = 0;
$eh->show("1109");
}
$AddNewFile = false;
// Set true if fileupload was sucessfull
$name = $myts->makeTboxData4Save($name);
$title = $myts->makeTboxData4Save($_POST['title']);
$homepage = $myts->makeTboxData4Save($_POST['homepage']);
$version = $myts->makeTboxData4Save($_POST['version']);
$size = intval($_FILES['newfile']['size']);
private function _renderBlockMenu()
{
global $_USER, $_TABLES, $_CONF, $CONF_NEXMENU;
$retval = '<script>
with(milonic=new menuname("Site Menu")) {' . LB;
$retval .= 'style=' . $this->_blockMenuStyle . ';' . LB;
$retval .= $CONF_NEXMENU['blockmenu_default_styles'] . $this->_blockMenuProperties . LB;
$retval .= $this->_renderMenuItems();
$retval .= '} drawMenus();' . LB . '</script>' . LB;
if ($CONF_NEXMENU['loginform'] and $_USER['uid'] < 2 and DB_COUNT($_TABLES['nexmenu'], 'url', 'usermenu') > 0) {
// Now check the default useroptions block or gluserlogin block is not enabled
$sql = "SELECT * FROM {$_TABLES['blocks']} WHERE is_enabled=1 AND (name='user_block' OR phpblockfn='phpblock_gluserlogin')";
if (DB_numRows(DB_query($sql)) == 0) {
$retval .= phpblock_glusermenu();
}
}
return $retval;
}
function gf_check4files($id, $tempfile = false)
{
global $_FILES, $_CONF, $_TABLES, $_USER, $CONF_FORUM, $LANG_GF00;
global $_FM_TABLES, $CONF_FORUM, $filemgmt_FileStore;
$filelinks = '';
$uploadfile = $_FILES['file_forum'];
$cid = COM_applyFilter($_POST['filemgmtcat'], true);
$use_filestore = false;
if ($uploadfile['name'] != '') {
if ($_POST['chk_usefilemgmt'] == 1 and $cid > 0) {
$filename = $uploadfile['name'];
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
$use_filestore = true;
} else {
$uploadfilename = ppRandomFilename();
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
$filename = "{$uploadfilename}.{$ext}";
//COM_errorlog("Forum file upload: Original file: {$uploadfile['name']} and new filename: $filename");
}
if ($use_filestore) {
if ($CONF_FORUM['FM_PLUGIN'] == 'filemgmt') {
$filestore_path = $filemgmt_FileStore;
} elseif ($CONF_FORUM['FM_PLUGIN'] == 'nexfile') {
$filestore_path = $_CONF['path_html'] . 'nexfile/data/' . $cid . '/';
} else {
$filestore_path = $CONF_FORUM['uploadpath'];
}
} else {
$filestore_path = $CONF_FORUM['uploadpath'];
}
if (gf_uploadfile($filename, $uploadfile, $CONF_FORUM['allowablefiletypes'], $filestore_path)) {
if (array_key_exists($uploadfile['type'], $CONF_FORUM['inlineimageypes']) and function_exists(MG_resizeImage)) {
if ($_POST['chk_usefilemgmt'] == 1) {
$srcImage = "{$filemgmt_FileStore}{$filename}";
$destImage = "{$CONF_FORUM['uploadpath']}/tn/{$filename}";
} else {
$srcImage = "{$CONF_FORUM['uploadpath']}/{$filename}";
$destImage = "{$CONF_FORUM['uploadpath']}/tn/{$uploadfilename}.{$ext}";
}
$ret = MG_resizeImage($srcImage, $destImage, $CONF_FORUM['inlineimage_height'], $CONF_FORUM['inlineimage_width']);
}
// Store both the created filename and the real file source filename
$realfilename = $filename;
$filename = "{$filename}:{$uploadfile['name']}";
if ($tempfile) {
$temp = 1;
} else {
$temp = 0;
}
if ($use_filestore) {
// Check and see if nexfile or the filemgmt plugin is being used
if ($CONF_FORUM['FM_PLUGIN'] == 'nexfile') {
DB_query("INSERT INTO {$_TABLES['fm_files']} (cid,fname,title,version,ftype,size,submitter,status,date)\r\n VALUES ('{$cid}','{$realfilename}','{$realfilename}','1','file','{$uploadfile['size']}','{$_USER['uid']}','1',UNIX_TIMESTAMP())");
$fid = DB_insertId();
DB_query("INSERT INTO {$_TABLES['fm_detail']} (fid,description,platform,hits,rating,votes,comments)\r\n VALUES ('{$fid}','','','0','0','0','0')");
DB_query("INSERT INTO {$_TABLES['fm_versions']} (fid,fname,ftype,version,size,notes,date,uid,status)\r\n VALUES ('{$fid}','{$realfilename}','file','1','{$uploadfile['size']}','',UNIX_TIMESTAMP(),'{$_USER['uid']}','1')");
DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,repository_id,filename,tempfile)\r\n VALUES ('{$id}',{$fid},'{$filename}',{$temp})");
} elseif ($CONF_FORUM['FM_PLUGIN'] == 'filemgmt') {
$sql = "INSERT INTO {$_FM_TABLES['filemgmt_filedetail']} (cid, title, url, size, submitter, status,date ) ";
$sql .= "VALUES ('{$cid}', '{$realfilename}', '{$realfilename}', '{$uploadfile['size']}', '{$_USER['uid']}', 1, UNIX_TIMESTAMP())";
DB_query($sql);
$newid = DB_insertID();
DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,repository_id,filename,tempfile)\r\n VALUES ('{$id}',{$newid},'{$filename}',{$temp})");
$description = ppPrepareForDB($_POST['filemgmt_desc']);
DB_query("INSERT INTO {$_FM_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')");
}
} else {
DB_query("INSERT INTO {$_TABLES['gf_attachments']} (topic_id,filename,tempfile)\r\n VALUES ('{$id}','{$filename}',{$temp})");
}
} else {
COM_errorlog("upload error:" . $GLOBALS['gf_errmsg']);
$errmsg = $GLOBALS['gf_errmsg'];
}
}
if (!$tempfile and $_POST['uniqueid'] > 0 and DB_COUNT($_TABLES['gf_topic'], 'id', $id)) {
DB_query("UPDATE {$_TABLES['gf_attachments']} SET topic_id={$id}, tempfile=0 WHERE topic_id={$_POST['uniqueid']}");
}
return $filelinks;
}
function nexcontent_getFolderList($selected = '', $mode = '', $exclude = '0', $pid = '0', $level = '1', $selectlist = '')
{
global $_TABLES;
/* Retrieve all enabled TOP Level Menu Items for this level */
$sql = "SELECT id,pid, type, name FROM {$_TABLES['nexcontent_pages']} WHERE pid='{$pid}' AND type='category'";
if ($mode == '') {
$sql .= COM_getPermSQL('AND', '0', 2);
} else {
$sql .= COM_getPermSQL('AND', '0', 3);
}
$sql .= ' ORDER BY pageorder';
$query = DB_query($sql);
while (list($id, $pid, $type, $label) = DB_fetchARRAY($query)) {
//echo "<br>Mode:$mode,Type:$pagetype, id:$id, selected:$selected, exclude:$exclude";
if ($id != $exclude and DB_COUNT($_TABLES['nexcontent_pages'], 'pid', $id) > 0) {
$selectlist .= '<option value="' . $id;
$indent = '';
if ($level > 1) {
for ($i = 2; $i <= $level; $i++) {
$indent .= "--";
}
}
if ($id == $selected) {
$selectlist .= '" Selected>' . $indent . $label . '</option>' . LB;
} else {
$selectlist .= '">' . $indent . $label . '</option>' . LB;
}
$selectlist = nexcontent_getFolderList($selected, $mode, $exclude, $id, $level + 1, $selectlist);
} elseif ($mode == '' or $mode == 'add' or $mode == 'edit' and $id != $exclude) {
// Don't show current category in list if in Edit Category Mode - Can't make it a linked to itself
$indent = '';
if ($level > 1) {
for ($i = 2; $i <= $level; $i++) {
$indent .= "--";
}
}
$selectlist .= '<option value="' . $id;
if ($id == $selected) {
$selectlist .= '" Selected>' . $indent . $label . '</option>' . LB;
} else {
$selectlist .= '">' . $indent . $label . '</option>' . LB;
}
}
}
return $selectlist;
}
function _ff_check4files($id, $tempfile = false)
{
global $_FILES, $_CONF, $_TABLES, $_USER, $_FF_CONF, $LANG_GF00, $_FF_CONF, $filemgmt_FileStore;
$retval = '';
for ($z = 1; $z <= $_FF_CONF['maxattachments']; $z++) {
$filelinks = '';
$varName = 'file_forum' . $z;
$chk_usefilemgmt = 'chk_usefilemgmt' . $z;
$filemgmtcat = 'filemgmtcat' . $z;
$filemgmt_desc = 'filemgmt_desc' . $z;
if (isset($_FILES[$varName]) && is_array($_FILES[$varName])) {
$uploadfile = $_FILES[$varName];
} else {
$uploadfile['name'] = '';
}
if ($uploadfile['name'] != '') {
if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) {
$filename = $uploadfile['name'];
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
} else {
$uploadfilename = glfRandomFilename();
$pos = strrpos($uploadfile['name'], '.') + 1;
$ext = strtolower(substr($uploadfile['name'], $pos));
$filename = "{$uploadfilename}.{$ext}";
}
$set_chk_usefilemgmt = isset($_POST[$chk_usefilemgmt]) ? (int) $_POST[$chk_usefilemgmt] : 0;
if (_ff_uploadfile($filename, $uploadfile, $_FF_CONF['allowablefiletypes'], $set_chk_usefilemgmt)) {
if (array_key_exists($uploadfile['type'], $_FF_CONF['inlineimageypes'])) {
if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) {
$srcImage = "{$filemgmt_FileStore}{$filename}";
$destImage = "{$_FF_CONF['uploadpath']}/tn/{$filename}";
} else {
$srcImage = "{$_FF_CONF['uploadpath']}/{$filename}";
$destImage = "{$_FF_CONF['uploadpath']}/tn/{$uploadfilename}.{$ext}";
}
$ret = IMG_resizeImage($srcImage, $destImage, $_FF_CONF['inlineimage_height'], $_FF_CONF['inlineimage_width']);
}
// Store both the created filename and the real file source filename
$realfilename = $filename;
$filename = "{$filename}:{$uploadfile['name']}";
if ($tempfile) {
$temp = 1;
} else {
$temp = 0;
}
if (isset($_POST[$chk_usefilemgmt]) && $_POST[$chk_usefilemgmt] == 1) {
$cid = COM_applyFilter($_POST[$filemgmtcat], true);
$sql = "INSERT INTO {$_TABLES['filemgmt_filedetail']} (cid, title, url, size, submitter, status,date ) ";
$sql .= "VALUES ('" . DB_escapeString($cid) . "', '" . DB_escapeString($realfilename) . "', '" . DB_escapeString($realfilename) . "', '" . DB_escapeString($uploadfile['size']) . "', '{$_USER['uid']}', 1, UNIX_TIMESTAMP())";
DB_query($sql);
$newid = DB_insertID();
DB_query("INSERT INTO {$_TABLES['ff_attachments']} (topic_id,repository_id,filename,tempfile)\n VALUES ('" . DB_escapeString($id) . "',{$newid},'" . DB_escapeString($filename) . "',{$temp})");
$description = glfPrepareForDB($_POST[$filemgmt_desc]);
DB_query("INSERT INTO {$_TABLES['filemgmt_filedesc']} (lid, description) VALUES ({$newid}, '{$description}')");
} else {
DB_query("INSERT INTO {$_TABLES['ff_attachments']} (topic_id,filename,tempfile)\n VALUES ('" . DB_escapeString($id) . "','" . DB_escapeString($filename) . "',{$temp})");
}
} else {
COM_errorlog("upload error:" . $GLOBALS['ff_errmsg']);
$retval .= $GLOBALS['ff_errmsg'];
$filelinks = -1;
}
}
}
if (!$tempfile and isset($_POST['uniqueid']) and COM_applyFilter($_POST['uniqueid'], true) > 0 and DB_COUNT($_TABLES['ff_topic'], 'id', (int) $id)) {
$tid = COM_applyFilter($_POST['uniqueid']);
DB_query("UPDATE {$_TABLES['ff_attachments']} SET topic_id=" . (int) $id . ", tempfile=0 WHERE topic_id=" . (int) $tid);
}
return $retval;
}
