$url_array = $form->getSubmitValues(); $url = Security::remove_XSS($url_array['url']); $description = Security::remove_XSS($url_array['description']); $active = intval($url_array['active']); $url_id = $url_array['id']; $url_to_go = 'access_urls.php'; if ($url_id != '') { //we can't change the status of the url with id=1 if ($url_id == 1) { $active = 1; } //checking url if (substr($url, strlen($url) - 1, strlen($url)) == '/') { UrlManager::update($url_id, $url, $description, $active); } else { UrlManager::update($url_id, $url . '/', $description, $active); } // URL Images $url_images_dir = api_get_path(SYS_PATH) . 'custompages/url-images/'; $image_fields = array("url_image_1", "url_image_2", "url_image_3"); foreach ($image_fields as $image_field) { if ($_FILES[$image_field]['error'] == 0) { // Hardcoded: only PNG files allowed if (end(explode('.', $_FILES[$image_field]['name'])) == 'png') { if (file_exists($url_images_dir . $url_id . '_' . $image_field . '.png')) { // if the file exists, we have to remove it before move_uploaded_file unlink($url_images_dir . $url_id . '_' . $image_field . '.png'); } move_uploaded_file($_FILES[$image_field]['tmp_name'], $url_images_dir . $url_id . '_' . $image_field . '.png'); } // else fail silently