$uploader = $row['uploader']; $name = $row['display_name']; $timestamp = $row['timestamp']; $date = date('d.m.Y H:i', $timestamp); $filename = $row['name']; $stringOfFiles .= getImageTags($filename) . '<a href="download.php?id=' . $row['fileId'] . '" target="_blank">' . $row['name'] . ' ' . getString("uploadedBy") . ' ' . $name . ' ' . $date . '</a>' . ' ' . '<a href="#" onClick= "shareFile(' . $row['fileId'] . ')">' . getString("shareFile") . '</a><br>'; } return $stringOfFiles; } $users = getQuery("SELECT * FROM user"); $userOptions = ''; while ($user = mysqli_fetch_assoc($users)) { $userOptions .= '<option value="' . $user['id'] . '"' . "" . '>' . $user['display_name'] . '</option>'; } if (isset($_POST['search'])) { echo fileSearch(); } ?> <form method="post" action=""> <div class="form-group"> <label for="filename" class="control-label col-sm-4"><?php echo getString('filename'); ?> :</label> <div class="col-sm-8"> <input type="filename" name="filename" id="filename" class="form-control" /> </div> <label for="startDate" class="control-label col-sm-4"><?php echo getString('startDate'); ?>
$res = false; if ($action == "add" || $action == "save") { $res = fileSave($system, $_REQUEST); } else { if ($action == "delete" && @$_REQUEST['ids']) { $res = fileDelete($system, $_REQUEST['ids'], @$_REQUEST['UGrpID']); } else { if ($action == "search") { $res = fileSearch($system, true, @$_REQUEST['recIDs'], @$_REQUEST['mediaType'], @$_REQUEST['UGrpID']); if (is_array($res)) { $res['recIDs'] = @$_REQUEST['recIDs']; } } else { if ($action == "viewer") { //find all files for given set of records $res = fileSearch($system, true, @$_REQUEST['recIDs']); if (@$_REQUEST['mode'] == "yox") { //generate html output for yoxviewer in frame ???? or on client side ???? exit; } else { if (is_array($res)) { $res['recIDs'] = @$_REQUEST['recIDs']; } } } else { $system->addError(HEURIST_INVALID_REQUEST, "Type of request not defined or not allowed"); } } } } if (is_bool($res) && !$res) {