function upload_save_files()
{
global $db, $main_smarty, $dblang, $the_template, $linkres, $current_user;
$settings = get_upload_settings();
$upload_dir = mnmpath . $settings['directory'];
$count = 0;
$extensions = split('[ ,.]+', $settings['extensions']);
if (is_dir($upload_dir)) {
foreach ($_FILES["upload_files"]["error"] as $key => $err) {
if ($_FILES["upload_files"]["size"][$key] / 1024 > $settings['filesize']) {
$error = "Maximum file size ({$settings['filesize']} Kb) exceeded";
} elseif ($err == UPLOAD_ERR_OK) {
$tmp_name = $_FILES["upload_files"]["tmp_name"][$key];
$name = $_FILES["upload_files"]["name"][$key];
if ($ext = strrchr($name, '.')) {
$name = str_replace($ext, '', $name);
$ext = substr($ext, 1);
}
if ($ext && in_array(strtolower($ext), $extensions)) {
while (file_exists("{$upload_dir}/{$name}{$i}.{$ext}")) {
$i++;
}
$name .= $i;
if (@move_uploaded_file($tmp_name, "{$upload_dir}/{$name}.{$ext}")) {
$db->query("INSERT INTO " . table_prefix . "files \r\n\t\t\t\t\t\tSET file_size='orig',\r\n\t\t\t\t\t\t file_user_id={$current_user->user_id},\r\n\t\t\t\t\t\t file_link_id={$linkres->id},\r\n\t\t\t\t\t\t file_real_size='{$_FILES["upload_files"]["size"][$key]}',\r\n\t\t\t\t\t\t file_name='" . $db->escape("{$name}.{$ext}") . "'");
$count++;
$error = generate_thumbs("{$upload_dir}/{$name}.{$ext}", $linkres->id, $settings, $db->insert_id);
} else {
$error = "Error copying file to {$upload_dir}/{$name}";
}
} else {
$error = "Extension .{$ext} is not allowed";
}
}
}
} else {
$error = "Directory {$upload_dir} does not exists";
}
// Add external links here
if ($settings['external']) {
foreach ($_POST["upload_urls"] as $url) {
if ($count > $settings['maxnumber']) {
break;
}
if (strlen($url) > 10 && strpos($url, 'http') === 0) {
$db->query("INSERT INTO " . table_prefix . "files \r\n\t\t\t\t\tSET file_size='orig',\r\n\t\t\t\t\t file_user_id={$current_user->user_id},\r\n\t\t\t\t\t file_link_id={$linkres->id},\r\n\t\t\t\t\t file_name='" . $db->escape($url) . "'");
$count++;
$error = generate_thumbs($url, $linkres->id, $settings, $db->insert_id);
}
}
}
if ($error) {
print $error;
exit;
}
}
$resps = get_responsibles($dbh, $event['id']);
extract($event);
//Geez, I just learned about php extract http://stackoverflow.com/a/8286401/49359
?>
<div class = "csenote event" data-id = "<?php
echo $id;
?>
">
<div class = "csenote_bar">
<div class = "csenote_bar_left event_group event_bar_left">
<?php
echo generate_thumbs($resps);
?>
<span class = "event_task_title"><?php
echo htmlentities($task);
?>
</span>
</div>
<div class = "csenote_bar_right event_bar_right">
<?php
if ($_SESSION['permissions']['edit_events'] === '1') {
echo "<a href='#'' class='event_edit'>Edit</a>";
}
if ($_SESSION['permissions']['delete_events'] === '1') {
