Example #1
0
     if (!empty($_COOKIE[$cookiepre . 'admin'])) {
         $tAdminInfo = authcode($_COOKIE[$cookiepre . 'admin'], "DECODE");
         $tAdminInfo = explode("\n", $tAdminInfo);
         if (!empty($tAdminInfo)) {
             //check admin password
             $adminPasswd = $member->field("userpass", array("username" => $tAdminInfo['username']));
             if (pb_strcomp($tAdminInfo['userpass'], $adminPasswd)) {
                 $authed = true;
             }
         }
     }
     $targetPath = PHPB2B_ROOT . $attachment->attachment_dir . DS . "swfupload" . DS . gmdate("Y") . gmdate("m") . DS . gmdate("d") . DS;
     if (!is_dir($targetPath)) {
         pb_create_folder($targetPath);
     }
     $orignal_fileinfo = get_pathinfo($_FILES[$fileElementName]['name']);
     $new_file_name = gmdate("His") . pb_radom() . "." . $orignal_fileinfo['extension'];
     $targetFile = str_replace('//', '/', $targetPath) . $new_file_name;
     if ($authed && is_uploaded_file($_FILES[$fileElementName]['tmp_name'])) {
         move_uploaded_file($_FILES[$fileElementName]['tmp_name'], $targetFile);
         $return['url'] = $absolute_uri . $attachment_url . "swfupload/" . gmdate("Y") . gmdate("m") . "/" . gmdate("d") . "/" . $new_file_name;
         $return['name'] = $_FILES[$fileElementName]['name'];
         ajax_exit($return);
     }
     break;
 case "attachment":
     uses("attachment");
     //check permission
     $fileElementName = 'fileToUpload';
     $attachment = new Attachment($fileElementName);
     $authed = false;
Example #2
0
function get_pagename()
{
    // get PATH_INFO or parse REQUEST_URI
    $path_info = get_pathinfo();
    if (isset($path_info[1]) && $path_info[0] == '/') {
        // e.g.) /FrontPage => FrontPage
        $pagename = substr($path_info, 1);
    } else {
        if (!empty($_SERVER['QUERY_STRING'])) {
            $goto = isset($_POST['goto'][0]) ? $_POST['goto'] : (isset($_GET['goto'][0]) ? $_GET['goto'] : '');
            if (isset($goto[0])) {
                $pagename = $goto;
            } else {
                parse_str($_SERVER['QUERY_STRING'], $arr);
                $keys = array_keys($arr);
                if (!empty($arr['action'])) {
                    if ($arr['action'] == 'edit') {
                        if (!empty($arr['value'])) {
                            $pagename = $arr['value'];
                        }
                    } else {
                        if ($arr['action'] == 'login') {
                            $pagename = 'UserPreferences';
                        }
                    }
                    unset($arr['action']);
                }
                foreach ($arr as $k => $v) {
                    if (empty($v)) {
                        $pagename = $k;
                    }
                }
            }
        }
    }
    if (isset($pagename[0])) {
        $pagename = _stripslashes($pagename);
        if ($pagename[0] == '~' and $p = strpos($pagename, "/")) {
            $pagename = substr($pagename, 1, $p - 1) . "~" . substr($pagename, $p + 1);
        }
    }
    return $pagename;
}