function page_admin_images($act = "", $id = "")
{
requires_admin();
use_template("admin");
if ($act == "add") {
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
db_query("INSERT INTO images (link) VALUES ('')");
$id = db_last_id();
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/" . $fname);
db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id);
redir("admin/images");
}
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
form_submit("Загрузить", "submit");
form_end();
$o = form();
return $o;
}
if ($act == "del") {
$im = db_object_get("images", $id);
@unlink("../{$im->link}");
}
$o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func");
return $o;
}
function page_admin_images($act = "", $id = "")
{
requires_admin();
use_layout("admin");
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
$caption = "Загрузить картинку";
if ($act == "edit") {
$caption = "Изменить картинку";
}
form_submit($caption, "submit");
form_end();
$upload = form();
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
$ext = strtolower(fileext($fname));
if (!($ext == "swf" || $ext == "jpg" || $ext == "gif" || $ext == "png" || $ext == "bmp" || $ext == "jpeg" || $ext == "pdf")) {
$o = "Данный тип файла не является картинкой";
return $o;
} else {
if ($act == "add") {
db_query("INSERT INTO images (link) VALUES ('')");
$id = db_last_id();
} else {
@unlink(db_result(db_query("SELECT link FROM images WHERE id=%d", $id)));
}
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/" . $fname);
db_query("UPDATE images SET link='img/{$fname}' WHERE id=%d", $id);
redir("admin/images/edit/{$id}");
}
}
if ($act == "add") {
$o = $upload;
return $o;
}
if ($act == "del") {
$im = db_object_get("images", $id);
@unlink("{$im->link}");
}
$o = table_edit("images", "admin/images", $act, $id, "", "", "", "image_func");
if ($act == 'edit') {
$im = db_object_get("images", $id);
$o .= "<img width=100px src={$im->link}><br>{$upload}";
}
return $o;
}
form_hidden('action', 'delete_file');
form_hidden('id', $file['id']);
form_hidden('challenge_id', $_GET['id']);
form_button_submit('Delete');
form_end();
echo '
</td>
</tr>
';
}
echo '
</tbody>
</table>
';
form_start(CONFIG_SITE_ADMIN_RELPATH . 'actions/edit_challenge', '', 'multipart/form-data');
form_file('file');
form_hidden('action', 'upload_file');
form_hidden('id', $_GET['id']);
form_button_submit('Upload file');
echo 'Max file size: ', bytes_to_pretty_size(max_file_upload_size());
form_end();
section_subhead('Hints');
echo '
<table id="hints" class="table table-striped table-hover">
<thead>
<tr>
<th>Added</th>
<th>Hint</th>
<th>Manage</th>
</tr>
</thead>
function admin_import()
{
global $rooms_import;
global $user;
$html = "";
$step = "input";
if (isset($_REQUEST['step']) && in_array($step, ['input', 'check', 'import'])) {
$step = $_REQUEST['step'];
}
if ($test_handle = fopen('../import/tmp', 'w')) {
fclose($test_handle);
unlink('../import/tmp');
} else {
error(_('Webserver has no write-permission on import directory.'));
}
$import_file = '../import/import_' . $user['UID'] . '.xml';
$shifttype_id = null;
$shifttypes_source = ShiftTypes();
if ($shifttypes_source === false) {
engelsystem_error('Unable to load shifttypes.');
}
$shifttypes = [];
foreach ($shifttypes_source as $shifttype) {
$shifttypes[$shifttype['id']] = $shifttype['name'];
}
switch ($step) {
case 'input':
$ok = false;
if (isset($_REQUEST['submit'])) {
$ok = true;
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
} else {
$ok = false;
error(_('Please select a shift type.'));
}
if (isset($_FILES['xcal_file']) && $_FILES['xcal_file']['error'] == 0) {
if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) {
libxml_use_internal_errors(true);
if (simplexml_load_file($import_file) === false) {
$ok = false;
error(_('No valid xml/xcal file provided.'));
unlink($import_file);
}
} else {
$ok = false;
error(_('File upload went wrong.'));
}
} else {
$ok = false;
error(_('Please provide some data.'));
}
}
if ($ok) {
redirect(page_link_to('admin_import') . "&step=check&shifttype_id=" . $shifttype_id);
} else {
$html .= div('well well-sm text-center', [_('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import'))]) . div('row', [div('col-md-offset-3 col-md-6', [form(array(form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")), form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), form_file('xcal_file', _("xcal-File (.xcal)")), form_submit('submit', _("Import"))))])]);
}
break;
case 'check':
if (!file_exists($import_file)) {
error(_('Missing import file.'));
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
} else {
error(_('Please select a shift type.'));
redirect(page_link_to('admin_import'));
}
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id);
$html .= div('well well-sm text-center', ['<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import'))]) . form([div('row', [div('col-sm-6', ['<h3>' . _("Rooms to create") . '</h3>', table(_("Name"), $rooms_new)]), div('col-sm-6', ['<h3>' . _("Rooms to delete") . '</h3>', table(_("Name"), $rooms_deleted)])]), '<h3>' . _("Shifts to create") . '</h3>', table(array('day' => _("Day"), 'start' => _("Start"), 'end' => _("End"), 'shifttype' => _('Shift type'), 'title' => _("Title"), 'room' => _("Room")), shifts_printable($events_new, $shifttypes)), '<h3>' . _("Shifts to update") . '</h3>', table(array('day' => _("Day"), 'start' => _("Start"), 'end' => _("End"), 'shifttype' => _('Shift type'), 'title' => _("Title"), 'room' => _("Room")), shifts_printable($events_updated, $shifttypes)), '<h3>' . _("Shifts to delete") . '</h3>', table(array('day' => _("Day"), 'start' => _("Start"), 'end' => _("End"), 'shifttype' => _('Shift type'), 'title' => _("Title"), 'room' => _("Room")), shifts_printable($events_deleted, $shifttypes)), form_submit('submit', _("Import"))], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id);
break;
case 'import':
if (!file_exists($import_file)) {
error(_('Missing import file.'));
redirect(page_link_to('admin_import'));
}
if (!file_exists($import_file)) {
redirect(page_link_to('admin_import'));
}
if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) {
$shifttype_id = $_REQUEST['shifttype_id'];
} else {
error(_('Please select a shift type.'));
redirect(page_link_to('admin_import'));
}
list($rooms_new, $rooms_deleted) = prepare_rooms($import_file);
foreach ($rooms_new as $room) {
$result = Room_create($room, true, true);
if ($result === false) {
engelsystem_error('Unable to create room.');
}
$rooms_import[trim($room)] = sql_id();
}
foreach ($rooms_deleted as $room) {
sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1");
}
list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id);
foreach ($events_new as $event) {
$result = Shift_create($event);
if ($result === false) {
engelsystem_error('Unable to create shift.');
}
}
foreach ($events_updated as $event) {
$result = Shift_update_by_psid($event);
if ($result === false) {
engelsystem_error('Unable to update shift.');
}
}
foreach ($events_deleted as $event) {
$result = Shift_delete_by_psid($event['PSID']);
if ($result === false) {
engelsystem_error('Unable to delete shift.');
}
}
engelsystem_log("Pentabarf import done");
unlink($import_file);
$html .= div('well well-sm text-center', ['<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Validation') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Import') . glyph('ok-circle') . '</span>']) . success(_("It's done!"), true);
break;
default:
redirect(page_link_to('admin_import'));
}
return page_with_title(admin_import_title(), [msg(), $html]);
}
function draw_edit_control($field_name, &$field_array)
{
switch ($field_array["method"]) {
case 'textbox':
form_text_box($field_name, $field_array["value"], isset($field_array["default"]) ? $field_array["default"] : "", $field_array["max_length"], isset($field_array["size"]) ? $field_array["size"] : "40", "text", isset($field_array["form_id"]) ? $field_array["form_id"] : "");
break;
case 'filepath':
form_filepath_box($field_name, $field_array["value"], isset($field_array["default"]) ? $field_array["default"] : "", $field_array["max_length"], isset($field_array["size"]) ? $field_array["size"] : "40", "text", isset($field_array["form_id"]) ? $field_array["form_id"] : "");
break;
case 'dirpath':
form_dirpath_box($field_name, $field_array["value"], isset($field_array["default"]) ? $field_array["default"] : "", $field_array["max_length"], isset($field_array["size"]) ? $field_array["size"] : "40", "text", isset($field_array["form_id"]) ? $field_array["form_id"] : "");
break;
case 'textbox_password':
form_text_box($field_name, $field_array["value"], isset($field_array["default"]) ? $field_array["default"] : "", $field_array["max_length"], isset($field_array["size"]) ? $field_array["size"] : "40", "password");
print "<br>";
form_text_box($field_name . "_confirm", $field_array["value"], isset($field_array["default"]) ? $field_array["default"] : "", $field_array["max_length"], isset($field_array["size"]) ? $field_array["size"] : "40", "password");
break;
case 'textarea':
form_text_area($field_name, $field_array["value"], $field_array["textarea_rows"], $field_array["textarea_cols"], isset($field_array["default"]) ? $field_array["default"] : "", isset($field_array["class"]) ? $field_array["class"] : "", isset($field_array["on_change"]) ? $field_array["on_change"] : "");
break;
case 'drop_array':
form_dropdown($field_name, $field_array["array"], "", "", $field_array["value"], isset($field_array["none_value"]) ? $field_array["none_value"] : "", isset($field_array["default"]) ? $field_array["default"] : "", isset($field_array["class"]) ? $field_array["class"] : "", isset($field_array["on_change"]) ? $field_array["on_change"] : "");
break;
case 'drop_sql':
form_dropdown($field_name, db_fetch_assoc($field_array["sql"]), "name", "id", $field_array["value"], isset($field_array["none_value"]) ? $field_array["none_value"] : "", isset($field_array["default"]) ? $field_array["default"] : "", isset($field_array["class"]) ? $field_array["class"] : "", isset($field_array["on_change"]) ? $field_array["on_change"] : "");
break;
case 'drop_multi':
form_multi_dropdown($field_name, $field_array["array"], db_fetch_assoc($field_array["sql"]), "id", isset($field_array["class"]) ? $field_array["class"] : "", isset($field_array["on_change"]) ? $field_array["on_change"] : "");
break;
case 'drop_multi_rra':
form_multi_dropdown($field_name, array_rekey(db_fetch_assoc("select id,name from rra order by timespan"), "id", "name"), empty($field_array["form_id"]) ? db_fetch_assoc($field_array["sql_all"]) : db_fetch_assoc($field_array["sql"]), "id", isset($field_array["class"]) ? $field_array["class"] : "", isset($field_array["on_change"]) ? $field_array["on_change"] : "");
break;
case 'drop_tree':
grow_dropdown_tree($field_array["tree_id"], $field_name, $field_array["value"]);
break;
case 'drop_color':
form_color_dropdown($field_name, $field_array["value"], "None", isset($field_array["default"]) ? $field_array["default"] : "", isset($field_array["class"]) ? $field_array["class"] : "", isset($field_array["on_change"]) ? $field_array["on_change"] : "");
break;
case 'checkbox':
form_checkbox($field_name, $field_array["value"], $field_array["friendly_name"], isset($field_array["default"]) ? $field_array["default"] : "", isset($field_array["form_id"]) ? $field_array["form_id"] : "", isset($field_array["class"]) ? $field_array["class"] : "", isset($field_array["on_change"]) ? $field_array["on_change"] : "");
break;
case 'checkbox_group':
while (list($check_name, $check_array) = each($field_array["items"])) {
form_checkbox($check_name, $check_array["value"], $check_array["friendly_name"], isset($check_array["default"]) ? $check_array["default"] : "", isset($check_array["form_id"]) ? $check_array["form_id"] : "", isset($field_array["class"]) ? $field_array["class"] : "", isset($check_array["on_change"]) ? $check_array["on_change"] : (isset($field_array["on_change"]) ? $field_array["on_change"] : ""));
print "<br>";
}
break;
case 'radio':
while (list($radio_index, $radio_array) = each($field_array["items"])) {
form_radio_button($field_name, $field_array["value"], $radio_array["radio_value"], $radio_array["radio_caption"], isset($field_array["default"]) ? $field_array["default"] : "", isset($field_array["class"]) ? $field_array["class"] : "", isset($field_array["on_change"]) ? $field_array["on_change"] : "");
print "<br>";
}
break;
case 'custom':
print $field_array["value"];
break;
case 'template_checkbox':
print "<em>" . html_boolean_friendly($field_array["value"]) . "</em>";
form_hidden_box($field_name, $field_array["value"], "");
break;
case 'template_drop_array':
print "<em>" . $field_array["array"][$field_array["value"]] . "</em>";
form_hidden_box($field_name, $field_array["value"], "");
break;
case 'template_drop_multi_rra':
$items = db_fetch_assoc($field_array["sql_print"]);
if (sizeof($items) > 0) {
foreach ($items as $item) {
print htmlspecialchars($item["name"], ENT_QUOTES) . "<br>";
}
}
break;
case 'font':
form_font_box($field_name, $field_array["value"], isset($field_array["default"]) ? $field_array["default"] : "", $field_array["max_length"], isset($field_array["size"]) ? $field_array["size"] : "40", "text", isset($field_array["form_id"]) ? $field_array["form_id"] : "");
break;
case 'file':
form_file($field_name, isset($field_array["size"]) ? $field_array["size"] : "40");
break;
default:
print "<em>" . htmlspecialchars($field_array["value"], ENT_QUOTES) . "</em>";
form_hidden_box($field_name, $field_array["value"], "");
break;
}
}
function form_item($name, $value, $item)
{
$type = $item['type'];
if (!$type) {
$type = 'string';
}
$default_class = array('textarea' => 'span6', 'select' => 'span1', 'date' => 'span1 datetime', 'datetime' => 'span1 datetime', 'number' => 'span1', 'file' => '', 'radio' => '', 'checkbox' => '', 'string' => 'span6');
$class = $item['class'];
if (!$class) {
$class = $default_class[$type];
}
if ($item['class'] !== 'editor' && $item['type'] != 'checkbox') {
$class .= ' form-control input-sm';
}
if ($item['disabled']) {
$attr_string = "disabled='disabled' ";
$class .= ' disabled';
} else {
if ($item['type'] == 'checkbox') {
$name = "name='" . $name . "[]'";
} else {
$attr_string = "id='{$name}' name='{$name}'";
}
}
if (is_null($value) && $item['default']) {
$value = $item['default'];
}
if ($type !== "textarea" && $type !== "checkbox" && $value) {
$attr_string .= " value='{$value}'";
}
$attr_string .= " class='{$class}' " . gen_extra_attribute($item['extra_attribute']);
if ($item['placeholder']) {
$attr_string .= " placeholder='{$item['placeholder']}'";
}
if ($type == "textarea") {
$html = form_textarea($attr_string, $value);
} else {
if ($type == "select") {
$html = form_select($attr_string, $value, $item['options']);
} else {
if ($type == 'checkbox') {
if (unserialize($value) !== false) {
$value = unserialize($value);
}
$html = form_checkbox($name, $value, $class, $item['options']);
} else {
if ($type == "date") {
$html = form_date($attr_string, $value);
} else {
if ($type == "datetime") {
$html = form_date($attr_string, $value, 'yyyy-mm-dd hh:ii');
} else {
if ($type == "number") {
$html = form_number($attr_string, $value, $param);
} else {
if ($type == "file") {
$html = form_file($name, $class, $value, $param);
} else {
if ($type == "radio") {
$html = form_radio($name, $class, $value, $item);
} else {
if ($type == "image") {
$html = form_image_upload($name, $value, $item['placeholder']);
} else {
if ($type == "gallery") {
$html = form_gallery($name, $value);
} else {
if ($type == "address") {
$html = form_address($name, $value);
} else {
$html = form_text($attr_string, $value);
}
}
}
}
}
}
}
}
}
}
}
if ($item['append_tip']) {
$html .= '<span class="text-muted"> ' . $item['append_tip'] . '</span>';
}
if ($item['extra_html']) {
$html .= ' ' . $item['extra_html'];
}
return $html;
}
function page_admin_catalog_images($catalog_id = "", $act = "", $id = "")
{
requires_admin();
use_template("admin");
global $tables;
$tables['catalog_images']['weight'] = 1;
$o = "";
if ($act == "edit") {
$o .= "<a href=admin/catalog/images/{$catalog_id}><<Назад</a><br>";
} else {
$catalog = db_object_get("catalog", $catalog_id);
$o .= "<a href=admin/catalog/edit/{$catalog->parent_id}/edit/{$catalog_id}><<Назад</a><br>";
}
if ($act == "del") {
$fname = db_object_get("catalog_images", $id)->image_file;
@unlink("img/upload/catalog/{$fname}");
}
if ($act == "edit") {
form_start("", "post", " enctype='multipart/form-data' ");
form_file("Файл", "file");
form_submit("Загрузить картинку", "submit");
form_end();
$upload = form();
$upload .= "<script>\r\n \$(function() {\r\n\t\t\t\t \$('input[name=submit]').remove();\r\n \$('input[name=file]').change( function() {\r\n\t\t\t\t\t \$('form').submit();\r\n\t });\r\n\t });\r\n\t\t </script>";
$o .= $upload;
if (form_file_uploaded("file")) {
$fname = $_FILES["file"]['name'];
$ext = strtolower(fileext($fname));
if (!($ext == "swf" || $ext == "jpg" || $ext == "gif" || $ext == "png" || $ext == "bmp" || $ext == "jpeg" || $ext == "pdf")) {
$o = "Данный тип файла не является картинкой";
return $o;
} else {
@unlink("img/upload/catalog/" . db_result(db_query("SELECT image_file FROM catalog_images WHERE id=%d", $id)));
$fname = $id . "." . fileext($fname);
form_file_uploaded_move("file", "img/upload/catalog/" . $fname);
db_query("UPDATE catalog_images SET image_file='{$fname}' WHERE id=%d", $id);
redir("admin/catalog/images/{$catalog_id}");
}
}
}
if ($act == "add") {
$_REQUEST['add'] = true;
}
global $table_edit_props;
$table_edit_props->add_redir = false;
$o .= table_edit("catalog_images", "admin/catalog/images/{$catalog_id}", $act, $id, "catalog_id", $catalog_id, "", "on_catalog_image");
if ($act == "add") {
$id = db_last_id();
redir("admin/catalog/images/{$catalog_id}/edit/" . $id);
die;
}
return $o;
}
<?php
require_once 'includes/header.inc.php';
require_once 'includes/uploads.inc.php';
function form_file()
{
form_dump(array('file' => array('file', 'file'), 'submit' => array('submit', 'Save post')), 'enctype="multipart/form-data"');
}
if (!isset($_POST['submit']) || empty($_POST['submit'])) {
echo 'Please select the file to upload:<br />';
} else {
if ($fname = file_save($_FILES['file'])) {
echo 'file saved under <file><a href="/forum/uploads/' . $fname . '"></file>' . $fname . "</a><br />\n<br />\n";
} else {
echo 'failed to save file';
}
echo '<br />' . "\n";
}
form_file();
echo '<br /><br />' . "\n";
require_once 'includes/footer.inc.php';
function form_files($setting = '')
{
return form_file($setting);
}
function form_register()
{
global $max_profile_image_size;
if (isset($_SESSION['stored_reg_info'])) {
$stored_reg_info = $_SESSION['stored_reg_info'];
}
if (isset($_SESSION['editing_profile'])) {
$editing_profile = $_SESSION['editing_profile'];
}
$username = "";
$email = "";
$firstname = "";
$lastname = "";
$magic = "";
$birthday = "";
$birthmonth = "";
$birthyear = "";
$webpage = "";
$description = "";
if (isset($stored_reg_info)) {
$username = $_SESSION['username'];
$email = $_SESSION['email'];
$firstname = $_SESSION['firstname'];
$lastname = $_SESSION['lastname'];
$magic = $_SESSION['magic'];
$birthday = $_SESSION['birthday'];
$birthmonth = $_SESSION['birthmonth'];
$birthyear = $_SESSION['birthyear'];
$webpage = $_SESSION['webpage'];
$description = $_SESSION['description'];
}
form_start_post_file();
echo '<tr><td>Brukernavn</td><td>';
form_textfield("username", $username);
echo ' (maks 16 tegn, kun tall og små bokstaver)</td></tr>';
echo '<tr><td>E-post</td><td>';
form_textfield("email", $email);
echo ' (må ligne på en ordentlig adresse)</td></tr>';
echo '<tr><td>Fornavn</td><td>';
form_textfield("firstname", $firstname);
echo ' (det venner kaller deg)</td></tr>';
echo '<tr><td>Etternavn</td><td>';
form_textfield("lastname", $lastname);
echo ' (det du het i militæret)</td></tr>';
echo '<tr><td>Passord</td><td>';
form_password("password1", "");
echo ' (minst 6 tegn)</td></tr>';
echo '<tr><td>Gjenta passord</td><td>';
form_password("password2", "");
echo ' (helst likt det i feltet over)</td></tr>';
//echo '<tr><td>Magisk nummer</td><td>'; form_textfield("magic", $magic); echo ' (gitt til deg av et medlem)</td></tr>';
echo '<tr><td>Fødselsdato</td><td>';
form_select_number("birthday", 0, 0, $birthday);
form_select_number("birthmonth", 0, 0, $birthmonth);
form_select_number("birthyear", 0, 0, $birthyear);
echo '</td></tr>';
echo '<tr><td>Webside</td><td>';
form_textfield("webpage", $webpage);
echo ' (gjerne en som fins)</td></tr>';
echo '<tr><td>Bilde</td><td>';
form_hidden("MAX_FILE_SIZE", $max_profile_image_size);
form_file("picturepath");
echo '<br/>(Maksimal størrelse er ' . $max_profile_image_size / 1000 . ' kilobytes. Bildet skaleres ned til maks 400 pikslers bredde og 600 pikslers høyde hvis det er større enn disse verdiene)</td></tr>';
echo '<tr><td colspan=2>Ymse visvas<br/>';
form_textarea("description", $description, 30, 10);
echo '<br/>(hvis det er noe mer vi bør vite om deg)<br/><br/></td></tr>';
echo '<tr><td colspan=2>';
form_submit("Button", "Send informasjon over usikret, avlyttet linje");
echo '</td></tr>';
echo '<tr><td colspan=2>';
form_submit("cancelreg", "Avbryt registrering");
echo '</td></tr>';
form_hidden("m_c", "module_register_user");
form_hidden("registration", "registration_going_on");
form_end();
}
<?php
echo form_open(false, true, isset($form_attrs) ? $form_attrs : array());
echo form_file('image');
if (!empty($with_public_flag)) {
echo form_public_flag($val);
}
echo form_button('form.upload');
echo form_close();