<?php require_once 'utils.php'; require_once 'dbo.php'; require_once 'xhtml.php'; global $LSP_URL; if (!SESSION_EMPTY()) { if (!POST('addcomment', false) || POST_EMPTY('text')) { if (POST_EMPTY('text') && POST('addcomment', false)) { display_error('Please type a message', array('Comment', get_file_url())); } else { display_warning('Do not submit offending, pornographic, racist or violent content.', array('Comment', get_file_url())); } echo '<div class="col-md-9">'; $form = new form($LSP_URL . '?comment=add&' . file_show_query_string(), 'Comment', 'fa-comment'); ?> <div class="form-group"> <label for="text">Add comment to "<?php echo get_file_name(GET('file')); ?> "</label> <textarea id="comment" name="text" class="form-control"></textarea> </div> <button type="submit" class="btn btn-primary" name="addcomment" value="Comment"><span class="fa fa-check"></span> Comment</button> <a href="<?php echo $LSP_URL . '?action=show&file=' . GET('file'); ?> " class="btn btn-warning"></span><span class="fa fa-close"></span> Cancel</a> <?php $form->close(); echo '</div>';
function show_file($file_id, $user, $success = null) { global $LSP_URL, $DATA_DIR; $dbh =& get_db(); $stmt = $dbh->prepare('SELECT licenses.name AS license, size, realname, filename, users.login, ' . 'categories.name AS category, subcategories.name AS subcategory,' . 'insert_date, update_date, description, downloads, files.id FROM files ' . 'INNER JOIN categories ON categories.id=files.category ' . 'INNER JOIN subcategories ON subcategories.id=files.subcategory ' . 'INNER JOIN users ON users.id=files.user_id ' . 'INNER JOIN licenses ON licenses.id=files.license_id ' . 'WHERE files.id=:file_id'); $stmt->bindParam(':file_id', $file_id); $found = false; if ($stmt->execute()) { while ($object = $stmt->fetch(PDO::FETCH_ASSOC)) { $title = array($object['category'], $object['subcategory'], get_file_url($file_id)); if ($success == null) { echo '<div class="col-md-9">'; create_title($title); } else { if ($success === true) { display_success("Updated successfully", $title); echo '<div class="col-md-9">'; } else { if ($success === false) { display_error("Update failed.", $title); echo '<div class="col-md-9">'; } else { display_success("{$success}", $title); } } } echo '<table class="table table-striped">'; show_basic_file_info($object, false); // Bump the download button under details block $url = htmlentities('download_file.php?file=' . $object['id'] . '&name=' . $object['filename']); echo '<tr><td><strong>Name:</strong> ' . $object['filename']; if (is_image($url)) { echo '<br><br><a href="' . $url . '"><img class="thumbnail" src="' . scale_image($DATA_DIR . $file_id, 300, parse_extension($url)) . '" alt=""></a>'; } echo '</td><td class="lsp-file-info">'; echo '<a href="' . $url . '" id="downloadbtn" class="lsp-dl-btn btn btn-primary">'; echo '<span class="fa fa-download lsp-download"></span> Download</a>'; echo '</td></tr>'; echo '<tr><td colspan="2"><div class="well"><strong>Description:</strong><p>'; echo $object['description'] != '' ? parse_links(newline_to_br($object['description'], true)) : 'No description available.'; echo '</p></div></td></tr>'; echo '<tr><td colspan="2">'; echo '<nav id="lspnav" class="navbar navbar-default"><ul class="nav navbar-nav">'; $can_edit = $object['login'] == $user || is_admin(get_user_id($user)); $can_rate = !SESSION_EMPTY(); $rate_self = $object['login'] == $user; global $LSP_URL; create_toolbar_item('Comment', "{$LSP_URL}?comment=add&file={$file_id}", 'fa-comment', $can_rate); create_toolbar_item('Edit', "{$LSP_URL}?content=update&file={$file_id}", 'fa-pencil', $can_edit); create_toolbar_item('Delete', "{$LSP_URL}?content=delete&file={$file_id}", 'fa-trash', $can_edit); $star_url = $LSP_URL . '?' . file_show_query_string() . '&rate='; create_toolbar_item(get_stars($file_id, $star_url, $rate_self ? false : $can_rate), '', null, $can_rate, $rate_self); echo '</ul></nav>'; echo '<strong>Comments:</strong>'; echo '</td></tr>'; get_comments($file_id); echo '</table></div>'; $found = true; break; } } if (!$found) { display_error('Invalid file: "' . sanitize($file_id) . '"'); } $stmt = null; $dbh = null; }