Beispiel #1
0
    redirect(HOST . DIR . '/admin/admin_files.php?showm=1');
} elseif (!empty($del_file)) {
    $Session->csrf_get_protect();
    $Uploads->Del_file($del_file, -1, ADMIN_NO_CHECK);
    redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . ($folder_member > 0 ? '&fm=' . $folder_member : ''));
} elseif (!empty($move_folder) && $to != -1) {
    $Session->csrf_get_protect();
    $user_id = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $move_folder . "'", __LINE__, __FILE__);
    $move_list_parent = array();
    $result = $Sql->query_while("SELECT id, id_parent, name\n\tFROM " . PREFIX . "upload_cat\n\tWHERE user_id = '" . $user_id . "'\n\tORDER BY id", __LINE__, __FILE__);
    while ($row = $Sql->fetch_assoc($result)) {
        $move_list_parent[$row['id']] = $row['id_parent'];
    }
    $Sql->query_close($result);
    $array_child_folder = array();
    $Uploads->Find_subfolder($move_list_parent, $move_folder, $array_child_folder);
    $array_child_folder[] = $move_folder;
    if (!in_array($to, $array_child_folder)) {
        $Uploads->Move_folder($move_folder, $to, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
    } else {
        redirect(HOST . DIR . '/admin/admin_files.php?movefd=' . $move_folder . '&f=0&error=folder_contains_folder');
    }
    redirect(HOST . DIR . '/admin/admin_files.php?f=' . $to);
} elseif (!empty($move_file) && $to != -1) {
    $Session->csrf_get_protect();
    $Uploads->Move_file($move_file, $to, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
    redirect(HOST . DIR . '/admin/admin_files.php?f=' . $to);
} elseif (!empty($move_folder) || !empty($move_file)) {
    $Template->set_filenames(array('admin_files_move' => 'admin/admin_files_move.tpl'));
    $sql_request = !empty($folder_member) ? "SELECT uc.user_id, m.login\n\t\tFROM " . DB_TABLE_UPLOAD_CAT . " uc\n\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = uc.user_id\n\t\tWHERE uc.user_id = '" . $folder_member . "'\n\t\tUNION\n\t\tSELECT u.user_id, m.login\n\t\tFROM " . DB_TABLE_UPLOAD . " u\n\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = u.user_id\n\t\tWHERE u.user_id = '" . $folder_member . "'" : "SELECT uc.user_id, m.login\n\t\tFROM " . DB_TABLE_UPLOAD_CAT . " uc\n\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = uc.user_id\n\t\tWHERE uc.id = '" . $folder . "'";
    $result = $Sql->query_while($sql_request, __LINE__, __FILE__);