session_start();
ob_start();
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Expires: Sat, 26 Jul 1997 05:00:00 GMT");
/**
* Global information on the current account to use accross the system.
*/
$global_user = get_current_user_username();
$global_level = get_current_user_level();
/**
* Get the user information from the database
*/
if ($global_level != 0) {
$global_account = get_user_by_username($global_user);
} else {
$global_account = get_client_by_username($global_user);
}
/**
* Automatic log out if account is deactivated while session is on.
*/
if ($global_account['active'] == '0') {
/** Prevent an infinite loop */
if (!isset($_SESSION['logout'])) {
$_SESSION['logout'] = '1';
} else {
unset($_SESSION['logout']);
header("location:" . BASE_URI . 'process.php?do=logout');
exit;
}
}
/**
if (!isset($ld)) {
$ld = 'cftp_admin';
}
require_once ROOT_DIR . '/includes/classes/i18n.php';
I18n::LoadDomain(ROOT_DIR . "/templates/" . TEMPLATE_USE . "/lang/{$lang}.mo", $ld);
$this_template = BASE_URI . 'templates/' . TEMPLATE_USE . '/';
include_once ROOT_DIR . '/templates/session_check.php';
/**
* URI to the default template CSS file.
*/
$this_template_css = BASE_URI . 'templates/' . TEMPLATE_USE . '/main.css';
$database->MySQLDB();
/**
* Get all the client's information
*/
$client_info = get_client_by_username($this_user);
/**
* Get the list of different groups the client belongs to.
*/
$sql_groups = $database->query("SELECT DISTINCT group_id FROM tbl_members WHERE client_id='" . $client_info['id'] . "'");
$count_groups = mysql_num_rows($sql_groups);
if ($count_groups > 0) {
while ($row_groups = mysql_fetch_array($sql_groups)) {
$groups_ids[] = $row_groups["group_id"];
}
$found_groups = implode(',', $groups_ids);
}
/**
* Define the arrays so they can't be empty
*/
$found_all_files_array = array();
$statement = $dbh->prepare("SELECT DISTINCT url FROM " . TABLE_FILES);
$statement->execute();
$statement->setFetchMode(PDO::FETCH_ASSOC);
while ($row = $statement->fetch()) {
$urls_db_files[] = $row["url"];
}
/**
* A posted form will include information of the uploaded files
* (name, description and client).
*/
if (isset($_POST['submit'])) {
/**
* Get the ID of the current client that is uploading files.
*/
if ($current_level == 0) {
$client_my_info = get_client_by_username($global_user);
$client_my_id = $client_my_info["id"];
}
$n = 0;
foreach ($_POST['file'] as $file) {
$n++;
if (!empty($file['name'])) {
/**
* If the uploader is a client, set the "client" var to the current
* uploader username, since the "client" field is not posted.
*/
if ($current_level == 0) {
$file['assignments'] = 'c' . $global_user;
}
$this_upload = new PSend_Upload_File();
if (!in_array($file['file'], $urls_db_files)) {
