function showfiles($f, $class = "fileslist", $wantdel = 1, $divtitle = '')
{
// f: array with data from "files" table (from fetchall)
global $dateparam, $scriptname, $action, $id, $uploaddirwww, $dbh;
$flnk = "";
for ($lnk = "", $c = 0; $c < count($f); $c++) {
$fname = $f[$c]['fname'];
$ftitle = $f[$c]['title'];
$fid = $f[$c]['id'];
$ftype = $f[$c]['type'];
$fdate = empty($f[$c]['date']) ? "" : date($dateparam, $f[$c]['date']);
$ftypestr = ftype2str($ftype, $dbh);
if (strlen($ftitle)) {
$t = "<br>Title:{$ftitle}";
} else {
$t = "";
}
$flnk .= "<div title='{$divtitle}' class='{$class}' >";
if ($wantdel) {
$flnk .= "<a title='Remove association. If file is orphaned (nothing links to it), it gets deleted.' " . "href='javascript:delconfirm2(\"[{$fid}] {$fname}\",\"{$scriptname}?action={$action}&id={$id}&delfid={$fid}\");'>" . "<img src='images/delete.png'></a> ";
}
$flnk .= "<a target=_blank title='Edit File {$fid}' href='{$scriptname}?action=editfile&id={$fid}'><img src='images/edit.png'></a>" . " <a target=_blank title='Download {$fname}' href='" . $uploaddirwww . $fname . "'><img src='images/down.png'></a>" . "<br>Type:<b>{$ftypestr}</b>" . "<br>Date:<b>{$fdate}</b>" . "<br>Title:{$ftitle}\n" . "</div>\n ";
}
return $flnk;
}
function upload($file_id, $folder = "", $ftype, $title, $date, $id, $assoctable = "", $colname = "", $uploader = "")
{
global $dbh, $uploadErrors;
if ($_FILES[$file_id]["error"] > 0) {
$result = $uploadErrors[$_FILES[$file_id]["error"]];
return array('', $result);
}
if (!$_FILES[$file_id]['name']) {
return array('', 'No file specified');
}
if (!$_FILES[$file_id]['size']) {
return array('', 'File is zero length');
}
if (!is_numeric($ftype)) {
return array('', "No type specified ({$ftype})");
}
if (!strlen($title)) {
return array('', 'No title specified');
}
if (!strlen($date)) {
return array('', 'No date specified');
}
if (!strlen($assoctable)) {
return array('', 'No table specified');
}
if (!strlen($colname)) {
return array('', 'No colname specified');
}
if (!strlen($folder)) {
return array('', 'No folder specified');
}
$ftypestr = ftype2str($ftype, $dbh);
$path_parts = pathinfo($_FILES[$file_id]["name"]);
$fileext = $path_parts['extension'];
$unique = substr(uniqid(), -4, 4);
$filefn = "{$ftypestr}-" . validfn($title) . "-{$unique}.{$fileext}";
$filefn = strtolower($filefn);
$uploadfile = $folder . $filefn;
$result = '';
//Move the file from the stored location to the new location
if (!move_uploaded_file($_FILES[$file_id]['tmp_name'], $uploadfile)) {
$result = "Cannot upload the file '" . $_FILES[$file_id]['name'] . "'";
if (!file_exists($folder)) {
$result .= " : Folder doesn't exist.";
} elseif (!is_writable($folder)) {
$result .= " : Folder not writable.";
} elseif (!is_writable($uploadfile)) {
$result .= " : File not writable.";
}
$filefn = '';
return array($filefn, $result);
}
//else file was written
//chmod($uploadfile,0777);//Make it universally writable.
//add file to files table
$datesec = ymd2sec($date);
$sql = "INSERT into files (type,title,date,fname,uploader,uploaddate) VALUES ({$ftype},'{$title}','{$datesec}','{$filefn}','{$uploader}','" . time() . "')";
db_exec($dbh, $sql);
$lastid = $dbh->lastInsertId();
//make association
$sql = "INSERT into {$assoctable} ({$colname},fileid) VALUES ({$id},{$lastid})";
db_exec($dbh, $sql);
return array($filefn, $result);
}
<div id="tab1" class="tab_content">
<table class=tbl1 border=0>
<?php
$d = strlen($date) ? date($dateparam, $date) : "";
//Associated files
//
$f = invid2files($id, $dbh);
//create file links
for ($lnk = "", $c = 0; $c < count($f); $c++) {
$fname = $f[$c]['fname'];
$ftitle = $f[$c]['title'];
$fid = $f[$c]['id'];
$ftype = $f[$c]['type'];
$ftypestr = ftype2str($ftype, $dbh);
$fdate = empty($f[$c]['date']) ? "" : date($dateparam, $f[$c]['date']);
if (strlen($ftitle)) {
$t = "<br>" . t("Title") . ":{$ftitle}";
} else {
$t = "";
}
$flnk .= "<div class='fileslist' >" . "<a title='Remove association. If file is orphaned (nothing links to it), it gets deleted.' " . " href='javascript:delconfirm2(\"[{$fid}] {$fname}\", \"{$scriptname}?action={$action}&id={$id}&delfid={$fid}\");'>" . "<img src='images/delete.png'></a> " . "<a target=_blank title='Edit File' href='{$scriptname}?action=editfile&id={$fid}'><img src='images/edit.png'></a>" . " <a target=_blank title='Download {$fname}' href='" . $uploaddirwww . $fname . "'><img src='images/down.png'></a>" . "<br>" . t("Type") . ":<b>{$ftypestr}</b>" . "<br>" . t("Date") . ":<b>{$fdate}</b>" . "<br>" . t("Title") . ":{$ftitle}\n" . "</div>\n ";
}
?>
<tr>
<td class="tdtop">
<table class="tbl2" width='100%'>
<tr><td colspan=2><h3><?php
te("Invoice Properties");
$id = $lastid;
exit;
echo "<br><b>No file uploaded.</b><br>";
}
} else {
$sql = "UPDATE locations set name='{$name}', floor='{$floor}' " . " WHERE id={$id}";
db_exec($dbh, $sql);
if (strlen($_FILES['file']['name']) > 2) {
//update file
$sql = "SELECT * from locations where id={$id}";
$sth = db_execute($dbh, $sql);
$rf = $sth->fetch(PDO::FETCH_ASSOC);
$oldfname = $rf['floorplanfn'];
$path_parts = pathinfo($_FILES['file']["name"]);
$fileext = $path_parts['extension'];
$ftypestr = ftype2str($_POST['type'], $dbh);
$unique = substr(uniqid(), -4, 4);
$filefn = strtolower("floorplan-" . validfn($name) . "-{$unique}.{$fileext}");
$uploadfile = $uploaddir . $filefn;
$result = '';
//Move the file from the stored location to the new location
if (!move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) {
$result = "Cannot upload the file '" . $_FILES['file']['name'] . "'";
if (!file_exists($uploaddir)) {
$result .= " : Folder doesn't exist.";
} elseif (!is_writable($uploaddir)) {
$result .= " : Folder not writable.";
} elseif (!is_writable($uploadfile)) {
$result .= " : File not writable.";
}
$filefn = '';