if (!empty($_COOKIE[$cookiepre . 'admin'])) { $tAdminInfo = authcode($_COOKIE[$cookiepre . 'admin'], "DECODE"); $tAdminInfo = explode("\n", $tAdminInfo); if (!empty($tAdminInfo)) { //check admin password $adminPasswd = $member->field("userpass", array("username" => $tAdminInfo['username'])); if (pb_strcomp($tAdminInfo['userpass'], $adminPasswd)) { $authed = true; } } } $targetPath = PHPB2B_ROOT . $attachment->attachment_dir . DS . "swfupload" . DS . gmdate("Y") . gmdate("m") . DS . gmdate("d") . DS; if (!is_dir($targetPath)) { pb_create_folder($targetPath); } $orignal_fileinfo = get_pathinfo($_FILES[$fileElementName]['name']); $new_file_name = gmdate("His") . pb_radom() . "." . $orignal_fileinfo['extension']; $targetFile = str_replace('//', '/', $targetPath) . $new_file_name; if ($authed && is_uploaded_file($_FILES[$fileElementName]['tmp_name'])) { move_uploaded_file($_FILES[$fileElementName]['tmp_name'], $targetFile); $return['url'] = $absolute_uri . $attachment_url . "swfupload/" . gmdate("Y") . gmdate("m") . "/" . gmdate("d") . "/" . $new_file_name; $return['name'] = $_FILES[$fileElementName]['name']; ajax_exit($return); } break; case "attachment": uses("attachment"); //check permission $fileElementName = 'fileToUpload'; $attachment = new Attachment($fileElementName); $authed = false;
function get_pagename() { // get PATH_INFO or parse REQUEST_URI $path_info = get_pathinfo(); if (isset($path_info[1]) && $path_info[0] == '/') { // e.g.) /FrontPage => FrontPage $pagename = substr($path_info, 1); } else { if (!empty($_SERVER['QUERY_STRING'])) { $goto = isset($_POST['goto'][0]) ? $_POST['goto'] : (isset($_GET['goto'][0]) ? $_GET['goto'] : ''); if (isset($goto[0])) { $pagename = $goto; } else { parse_str($_SERVER['QUERY_STRING'], $arr); $keys = array_keys($arr); if (!empty($arr['action'])) { if ($arr['action'] == 'edit') { if (!empty($arr['value'])) { $pagename = $arr['value']; } } else { if ($arr['action'] == 'login') { $pagename = 'UserPreferences'; } } unset($arr['action']); } foreach ($arr as $k => $v) { if (empty($v)) { $pagename = $k; } } } } } if (isset($pagename[0])) { $pagename = _stripslashes($pagename); if ($pagename[0] == '~' and $p = strpos($pagename, "/")) { $pagename = substr($pagename, 1, $p - 1) . "~" . substr($pagename, $p + 1); } } return $pagename; }