Example #1
0
function DLM_uploadNewFile($newfile, $directory, $name = '')
{
    global $_DLM_CONF;
    $tmp = $newfile['tmp_name'];
    if (empty($name)) {
        $name = COM_applyFilter($newfile['name']);
        if (empty($name)) {
            return false;
        }
    }
    $newfilepath = $directory . DLM_encodeFileName($name);
    if (!is_uploaded_file($tmp)) {
        COM_errorLog("Downloads: upload error: Temporary file does not exist: '" . $tmp . "'");
        DLM_showErrorMessage('1003');
        return false;
    }
    if (file_exists($newfilepath)) {
        COM_errorLog("Downloads: warning: Added new filelisting for a file that already exists " . $newfilepath);
        return true;
        // not uploaded. this OK? or upload and overwrite force.
    }
    if (!move_uploaded_file($tmp, $newfilepath)) {
        COM_errorLog("Downloads: upload error: Could not move an uploaded file: " . $tmp . " to " . $name);
        DLM_showErrorMessage('1004');
        return false;
    }
    @chmod($newfilepath, intval((string) $_DLM_CONF['filepermissions'], 8));
    return true;
}
Example #2
0
        // Check if REG user is trying to vote twice.
        $result = DB_query("SELECT ratinguser FROM {$_TABLES['downloadvotes']} WHERE lid='" . addslashes($lid) . "'");
        while (list($ratinguserDB) = DB_fetchArray($result)) {
            if ($ratinguserDB == $uid) {
                echo DLM_showErrorMessage('voteonce');
                exit;
            }
        }
    }
    // Check if ANONYMOUS user is trying to vote more than once per day.
    if ($uid == 1) {
        $yesterday = time() - 86400 * $anonwaitdays;
        $result = DB_query("SELECT COUNT(*) FROM {$_TABLES['downloadvotes']} " . "WHERE lid = '" . addslashes($lid) . "' " . "AND ratinguser = 1 AND ratinghostname = '{$ip}' AND ratingtimestamp > {$yesterday}");
        list($anonvotecount) = DB_fetchArray($result);
        if ($anonvotecount >= 1) {
            echo DLM_showErrorMessage('voteonce');
            exit;
        }
    }
    //All is well.  Add to Line Item Rate to DB.
    $datetime = time();
    DB_query("INSERT INTO {$_TABLES['downloadvotes']} " . "(lid, ratinguser, rating, ratinghostname, ratingtimestamp) " . "VALUES ('" . addslashes($lid) . "', {$uid}, {$rating}, '{$ip}', {$datetime})");
    //All is well.  Calculate Score & Add to Summary (for quick retrieval & sorting) to DB.
    DLM_updaterating($lid);
    echo PLG_afterSaveSwitch('home', '', 'downloads', 113);
    exit;
}
$lid = COM_applyFilter($_GET['lid']);
$result = DB_query("SELECT title FROM {$_TABLES['downloads']} WHERE lid='" . addslashes($lid) . "'");
list($title) = DB_fetchArray($result);
$title = DLM_htmlspecialchars($title);