Beispiel #1
0
    $Uploads->Del_file($del_file, -1, ADMIN_NO_CHECK);
    redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . ($folder_member > 0 ? '&fm=' . $folder_member : ''));
} elseif (!empty($move_folder) && $to != -1) {
    $Session->csrf_get_protect();
    $user_id = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $move_folder . "'", __LINE__, __FILE__);
    $move_list_parent = array();
    $result = $Sql->query_while("SELECT id, id_parent, name\n\tFROM " . PREFIX . "upload_cat\n\tWHERE user_id = '" . $user_id . "'\n\tORDER BY id", __LINE__, __FILE__);
    while ($row = $Sql->fetch_assoc($result)) {
        $move_list_parent[$row['id']] = $row['id_parent'];
    }
    $Sql->query_close($result);
    $array_child_folder = array();
    $Uploads->Find_subfolder($move_list_parent, $move_folder, $array_child_folder);
    $array_child_folder[] = $move_folder;
    if (!in_array($to, $array_child_folder)) {
        $Uploads->Move_folder($move_folder, $to, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
    } else {
        redirect(HOST . DIR . '/admin/admin_files.php?movefd=' . $move_folder . '&f=0&error=folder_contains_folder');
    }
    redirect(HOST . DIR . '/admin/admin_files.php?f=' . $to);
} elseif (!empty($move_file) && $to != -1) {
    $Session->csrf_get_protect();
    $Uploads->Move_file($move_file, $to, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
    redirect(HOST . DIR . '/admin/admin_files.php?f=' . $to);
} elseif (!empty($move_folder) || !empty($move_file)) {
    $Template->set_filenames(array('admin_files_move' => 'admin/admin_files_move.tpl'));
    $sql_request = !empty($folder_member) ? "SELECT uc.user_id, m.login\n\t\tFROM " . DB_TABLE_UPLOAD_CAT . " uc\n\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = uc.user_id\n\t\tWHERE uc.user_id = '" . $folder_member . "'\n\t\tUNION\n\t\tSELECT u.user_id, m.login\n\t\tFROM " . DB_TABLE_UPLOAD . " u\n\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = u.user_id\n\t\tWHERE u.user_id = '" . $folder_member . "'" : "SELECT uc.user_id, m.login\n\t\tFROM " . DB_TABLE_UPLOAD_CAT . " uc\n\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = uc.user_id\n\t\tWHERE uc.id = '" . $folder . "'";
    $result = $Sql->query_while($sql_request, __LINE__, __FILE__);
    $folder_info = $Sql->fetch_assoc($result);
    if ($show_member) {
        $url = $Uploads->get_admin_url($folder, '/<a href="admin_files.php?showm=1">' . $LANG['member_s'] . '</a>');
Beispiel #2
0
    } catch (RowNotFoundException $e) {
    }
    $move_list_parent = array();
    if ($user_id) {
        $result = PersistenceContext::get_querier()->select("SELECT id, id_parent, name\n\t\tFROM " . PREFIX . "upload_cat\n\t\tWHERE user_id = :user_id\n\t\tORDER BY id", array('user_id' => $user_id));
        while ($row = $result->fetch()) {
            $move_list_parent[$row['id']] = $row['id_parent'];
        }
        $result->dispose();
    }
    $array_child_folder = array();
    Uploads::Find_subfolder($move_list_parent, $move_folder, $array_child_folder);
    $array_child_folder[] = $move_folder;
    if (!in_array($to, $array_child_folder)) {
        //Dossier de destination non sous-dossier du dossier source.
        Uploads::Move_folder($move_folder, $to, AppContext::get_current_user()->get_id(), Uploads::ADMIN_NO_CHECK);
    } else {
        AppContext::get_response()->redirect('/admin/admin_files.php?movefd=' . $move_folder . '&f=0&error=folder_contains_folder');
    }
    AppContext::get_response()->redirect('/admin/admin_files.php?f=' . $to);
} elseif (!empty($move_file) && $to != -1) {
    AppContext::get_session()->csrf_get_protect();
    //Protection csrf
    Uploads::Move_file($move_file, $to, AppContext::get_current_user()->get_id(), Uploads::ADMIN_NO_CHECK);
    AppContext::get_response()->redirect('/admin/admin_files.php?f=' . $to);
} elseif (!empty($move_folder) || !empty($move_file)) {
    $template = new FileTemplate('admin/admin_files_move.tpl');
    if (!empty($folder_member)) {
        $result = PersistenceContext::get_querier()->select("SELECT uc.user_id, m.display_name\n\t\t\tFROM " . DB_TABLE_UPLOAD_CAT . " uc\n\t\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = uc.user_id\n\t\t\tWHERE uc.user_id = :user_id\n\t\t\tUNION\n\t\t\tSELECT u.user_id, m.display_name\n\t\t\tFROM " . DB_TABLE_UPLOAD . " u\n\t\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = u.user_id\n\t\t\tWHERE u.user_id = :user_id", array('user_id' => $folder_member));
    } else {
        $result = PersistenceContext::get_querier()->select("SELECT uc.user_id, m.display_name\n\t\t\tFROM " . DB_TABLE_UPLOAD_CAT . " uc\n\t\t\tLEFT JOIN " . DB_TABLE_MEMBER . " m ON m.user_id = uc.user_id\n\t\t\tWHERE uc.id = :id", array('id' => $folder));