if (!empty($Upload->error)) {
redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . '&erroru=' . $Upload->error . '#errorh');
} else {
$check_user_folder = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $folder . "'", __LINE__, __FILE__);
$user_id = $check_user_folder <= 0 ? -1 : $User->get_attribute('user_id');
$user_id = max($user_id, $folder_member);
$Sql->query_inject("INSERT INTO " . DB_TABLE_UPLOAD . " (idcat, name, path, user_id, size, type, timestamp) VALUES ('" . $folder . "', '" . addslashes($_FILES['upload_file']['name']) . "', '" . addslashes($Upload->filename['upload_file']) . "', '" . $user_id . "', '" . numeric(number_round($_FILES['upload_file']['size'] / 1024, 1), 'float') . "', '" . $Upload->extension['upload_file'] . "', '" . time() . "')", __LINE__, __FILE__);
}
} else {
$error = 'e_upload_failed_unwritable';
}
$error = !empty($error) ? '&error=' . $error . '#errorh' : '';
redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . ($folder_member > 0 ? '&fm=' . $folder_member : '') . $error);
} elseif (!empty($del_folder)) {
$Session->csrf_get_protect();
$Uploads->Del_folder($del_folder);
if (!empty($folder_member)) {
redirect(HOST . DIR . '/admin/admin_files.php?fm=' . $folder_member);
} else {
redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder);
}
} elseif (!empty($empty_folder)) {
$Session->csrf_get_protect();
$Uploads->Empty_folder_member($empty_folder);
redirect(HOST . DIR . '/admin/admin_files.php?showm=1');
} elseif (!empty($del_file)) {
$Session->csrf_get_protect();
$Uploads->Del_file($del_file, -1, ADMIN_NO_CHECK);
redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . ($folder_member > 0 ? '&fm=' . $folder_member : ''));
} elseif (!empty($move_folder) && $to != -1) {
$Session->csrf_get_protect();
} else {
$error = 'e_upload_failed_unwritable';
}
}
$anchor = !empty($error) ? '&error=' . $error . '&' . $popup_noamp . '#message_helper' : '&' . $popup_noamp . (!empty($id_file) ? '#fi1' . $id_file : '');
AppContext::get_response()->redirect(HOST . DIR . url('/user/upload.php?f=' . $folder . $anchor, '', '&'));
} elseif (!empty($del_folder)) {
AppContext::get_session()->csrf_get_protect();
//Protection csrf
if (AppContext::get_current_user()->check_level(User::ADMIN_LEVEL)) {
Uploads::Del_folder($del_folder);
} else {
$check_user_id = PersistenceContext::get_querier()->get_column_value(DB_TABLE_UPLOAD_CAT, 'user_id', 'WHERE id = :id', array('id' => $del_folder));
//Suppression du dossier et de tout le contenu
if ($check_user_id == AppContext::get_current_user()->get_id()) {
Uploads::Del_folder($del_folder);
} else {
$error_controller = PHPBoostErrors::unexisting_page();
DispatchManager::redirect($error_controller);
}
}
AppContext::get_response()->redirect(HOST . DIR . url('/user/upload.php?f=' . $folder . '&' . $popup_noamp, '', '&'));
} elseif (!empty($del_file)) {
AppContext::get_session()->csrf_get_protect();
//Protection csrf
if (AppContext::get_current_user()->check_level(User::ADMIN_LEVEL)) {
Uploads::Del_file($del_file, AppContext::get_current_user()->get_id(), Uploads::ADMIN_NO_CHECK);
} else {
$error = Uploads::Del_file($del_file, AppContext::get_current_user()->get_id());
if (!empty($error)) {
$error_controller = PHPBoostErrors::unexisting_page();
