function upload($pdo)
{
$error = true;
if (validRequest()) {
if (isset($_GET['token'], $_SESSION['token']) && $_GET['token'] == $_SESSION['token']) {
if (isset($_FILES["file"]) && isset($_POST['title']) && !empty($_POST['title'])) {
$upload_dir = "files/";
$target_file = $upload_dir . basename($_FILES["file"]["name"]);
$fileType = pathinfo($target_file, PATHINFO_EXTENSION);
$file_name = rand(1, 9) . rand(1, 9) . rand(1, 9) . rand(1, 9) . rand(1, 9) . rand(1, 9);
$target_file = $upload_dir . $file_name . '.' . $fileType;
if ($_FILES["file"]["size"] <= 4000000) {
if (in_array($fileType, array('pdf', 'jpg', 'gif', 'png', 'bmp', 'doc', 'docx', 'ppt', 'mp3', 'mp4', 'xls', 'xlsx', 'zip', 'rar', 'gz', 'txt'))) {
if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) {
$file = array('name' => $target_file, 'size' => formatbytes($target_file, "KB"), 'type' => strtoupper($fileType));
$sql = "insert into cmsfiles(`uId`,`file`,`title`,`size`,`type`) value(:uId,:file,:title,:size,:type)";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':uId', $_SESSION['userId'], PDO::PARAM_INT);
$stmt->bindValue(':file', $file['name'], PDO::PARAM_STR);
$stmt->bindValue(':size', $file['size'], PDO::PARAM_STR);
$stmt->bindValue(':type', $file['type'], PDO::PARAM_STR);
$stmt->bindValue(':title', filter_var($_POST['title'], FILTER_SANITIZE_STRING), PDO::PARAM_STR);
$stmt->execute();
$stmt = $pdo->query("SELECT LAST_INSERT_ID()");
$last_id = $stmt->fetchColumn(0);
$error = false;
}
}
}
}
}
}
if ($error) {
_log('error_upload', 'Avoid incorrect information', 'user id=' . isset($_SESSION['userId']) ? $_SESSION['userId'] : 'null');
echo 'Error';
exit;
} else {
_log('info_upload', '1 file(s) successfully added to the cms file manager');
if (ajax()) {
echo json_encode(array("error" => "0", "title" => $_POST['title'], "size" => $file['size'], "type" => $file['type'], "name" => $file['name'], "id" => $last_id));
exit;
} else {
redirect(BASE_PATH . '/filemanage/', 1);
}
}
}
function upload($pdo)
{
$error = true;
if (validRequest()) {
if (isset($_GET['token'], $_SESSION['token']) && $_GET['token'] == $_SESSION['token']) {
if (isset($_FILES["file"]) && isset($_POST['title']) && !empty($_POST['title'])) {
$upload_dir = "assets/d/" . $_SESSION['username'] . "/";
$target_file = $upload_dir . basename($_FILES["file"]["name"]);
$fileType = pathinfo($target_file, PATHINFO_EXTENSION);
$file_name = rand(1, 9) . rand(1, 9) . rand(1, 9) . rand(1, 9) . rand(1, 9) . rand(1, 9);
$target_file = $upload_dir . $file_name . ".pdf";
if ($_FILES["file"]["size"] <= 4000000) {
if ($fileType == "pdf") {
if (move_uploaded_file($_FILES["file"]["tmp_name"], $target_file)) {
$file = array('name' => $_SESSION['username'] . '_' . $file_name, 'size' => formatbytes($target_file, "KB"));
$sql = "insert into `files`(`uId`,`file`,`title`,`size`,`quantity`) values(:uId,:file,:title,'" . $file['size'] . "',0)";
$stmt = $pdo->prepare($sql);
$stmt->bindValue(':uId', $_SESSION['userId'], PDO::PARAM_INT);
$stmt->bindValue(':file', $file['name'], PDO::PARAM_STR);
$stmt->bindValue(':title', filter_var($_POST['title'], FILTER_SANITIZE_STRING), PDO::PARAM_STR);
$stmt->execute();
$stmt = $pdo->query("SELECT LAST_INSERT_ID()");
$last_id = $stmt->fetchColumn(0);
$error = false;
}
}
}
}
}
}
if ($error) {
_log('error_upload', 'Avoid incorrect information', 'user id=' . isset($_SESSION['userId']) ? $_SESSION['userId'] : 'null');
echo 'Error';
} else {
_log('info_upload', '1 file(s) successfully added to the file manager');
if (ajax()) {
echo json_encode(array('error' => 0, 'title' => $_POST['title'], 'size' => $file['size'], "id" => $last_id));
exit;
} else {
redirect(BASE_PATH . '/filemanage/', 1);
}
}
}
#======================
$sql = "select count(*) from article";
$stmt = $pdo->query($sql);
$count = $stmt->fetchColumn(0);
##SET OUTPUT##
$paginate->init($count, $item_pre_page, $btn_pre_page, $page, array('template' => '<a href="{url}"><li class="tooltip" title="{info}">{number}</li></a>', 'info' => 'page {currentPage} of {totalPages}', 'currentItemTemplate' => '<a href="{url}"><li class="active tooltip" title="{info}">{number}</li></a>', 'url' => '/event/', 'urlParameters' => 'do=article&token=' . $_SESSION['token'], 'separator' => "\n"));
$pageLink = $paginate->displayLink();
#======================
#OUTPUT
echo implode("\n", $html);
echo "\n<br/>\n";
echo $pageLink;
}
}
$error = true;
if (validRequest()) {
if (isset($_SESSION['login']) && $_SESSION['permission'] == 'admin') {
if (isset($_GET['token']) && $_GET['token'] == $_SESSION['token']) {
$error = false;
$do = 'info';
if (isset($_GET['do']) && !empty($_GET['do'])) {
$do = trim(strtolower($_GET['do']));
}
switch ($do) {
case 'info':
echo info($pdo);
break;
case 'article':
article($pdo);
break;
case 'thesis':
$mail->AltBody = 'This is the body in plain text for non-HTML mail clients';
$mail->send();
#==================================
}
}
}
redirect(BACK_ADDRESS, 1);
});
$app->getDO('wait', ['auth_login' => true, 'get_token' => 'auth_token', validRequest() => true], function () use($pdo) {
if ($_SESSION['permission'] == 'admin' && isset($_GET['article']) && !empty($_GET['article']) && intval($_GET['article'])) {
$sql = "update article set status=0 where id=:art";
$stmt = $pdo->prepare($sql);
$stmt->bindvalue(':art', filter_var($_GET['article'], FILTER_SANITIZE_STRING), PDO::PARAM_INT);
$stmt->execute();
}
redirect(BACK_ADDRESS, 1);
});
$app->getDO('closed', ['auth_login' => true, 'get_token' => 'auth_token', validRequest() => true], function () use($pdo) {
if ($_SESSION['permission'] == 'admin' && isset($_GET['article']) && !empty($_GET['article']) && intval($_GET['article'])) {
$sql = "update article set status=2 where id=:art";
$stmt = $pdo->prepare($sql);
$stmt->bindvalue(':art', filter_var($_GET['article'], FILTER_SANITIZE_STRING), PDO::PARAM_INT);
$stmt->execute();
}
redirect(BACK_ADDRESS, 1);
});
$app->defaultRoute(['do' => 'view']);
app::$errorHandler = function () {
redirect(BASE_PATH . '/index.php', 1);
};
$app->run();
$Id: install-plugin.php 37157 2009-05-28 12:31:10Z andrew.hill $
*/
global $installing;
$installing = true;
require_once '../../init.php';
define('OA_UPGRADE_UPGRADE', 35);
define('OA_UPGRADE_INSTALL', 36);
// Load session data (required for login check)
require_once MAX_PATH . '/www/admin/lib-sessions.inc.php';
phpAds_SessionDataFetch();
// Hack! - Plugins pre 2.7.31 may require [pluginpaths][extensions] to be set
$GLOBALS['_MAX']['CONF']['pluginPaths']['extensions'] = $GLOBALS['_MAX']['CONF']['pluginPaths']['plugins'];
$GLOBALS['_MAX']['CONF']['pluginPaths']['packages'] = $GLOBALS['_MAX']['CONF']['pluginPaths']['extensions'] . 'etc/';
$aErrors = array();
$result = array('name' => '', 'status' => 'Invalid Request', 'errors' => &$aErrors);
if (validRequest($result)) {
if ($_REQUEST['status'] === '0') {
$result = installPlugin($_REQUEST['plugin']);
} else {
if ($_REQUEST['status'] === '1') {
$result = checkPlugin($_REQUEST['plugin']);
}
}
}
// Undo hack
unset($GLOBALS['_MAX']['CONF']['pluginPaths']['extensions']);
$oSettings = new OA_Admin_Settings();
$oSettings->writeConfigChange();
require_once MAX_PATH . '/lib/JSON/JSON.php';
$json = new Services_JSON();
$output = $json->encode($result);
if (isset($_SESSION['login']) && isset($_SESSION['permission']) && $_SESSION['permission'] == 'admin' && validRequest()) {
if (isset($_GET['token']) && $_GET['token'] == $_SESSION['token']) {
echo edit_source($pdo);
}
}
break;
case 'make_default':
if (isset($_SESSION['login']) && isset($_SESSION['permission']) && $_SESSION['permission'] == 'admin' && validRequest()) {
if (isset($_GET['token']) && $_GET['token'] == $_SESSION['token']) {
make_default($pdo);
}
}
break;
case 'delete':
if (isset($_SESSION['login']) && isset($_SESSION['permission']) && $_SESSION['permission'] == 'admin' && validRequest()) {
if (isset($_GET['token']) && $_GET['token'] == $_SESSION['token']) {
delete($pdo);
}
}
break;
case 'delete_source':
if (isset($_SESSION['login']) && isset($_SESSION['permission']) && $_SESSION['permission'] == 'admin' && validRequest()) {
if (isset($_GET['token']) && $_GET['token'] == $_SESSION['token']) {
delete_source($pdo);
}
}
break;
}
?>
</div>
</center>
