}
}
} elseif ($_GET['action'] == 'edit') {
if (!mysql_num_rows($q = mysql_query("SELECT * FROM `amsn_files` ORDER BY `filename`, `url`"))) {
echo "<p>There are no files yet</p>\n";
return;
}
if (isset($_POST['id']) && ereg('^[1-9][0-9]*$', $_POST['id']) && !mysql_num_rows($q = @mysql_query("SELECT * FROM `amsn_files` WHERE id = '" . (int) $_POST['id'] . "' LIMIT 1"))) {
echo "<p>The selected item don't exists</p>\n";
return;
}
if ($_GET['action'] == 'edit' && isset($_POST['id'])) {
if (isset($_POST['id'], $_POST['type'])) {
$_POST = clean4sql($_POST);
if ($_POST['type'] === 'upload') {
$result = treatUploadForm();
} else {
if (isset($_POST['upload_file']) && $_POST['upload_file'] == 'yes') {
$result = treatURLUploadForm();
} else {
$result = treatURLForm();
}
}
if (!array_key_exists('error', $result)) {
echo "<p>{$result['success']}</p>\n";
return;
} else {
echo "<p>{$result['error']}</p>\n";
}
}
$row = mysql_fetch_assoc($q);
if (!user_level()) {
noperms();
exit;
}
if (!isset($_GET['field'])) {
?>
<b style="text-align: center;display:block">No parent information defined</b>
<?php
} else {
if (isset($_GET['file_id']) && $_GET['file_id'] === 'new') {
if (!isset($_POST['type']) || strcmp($_POST['type'], 'upload') && strcmp($_POST['type'], 'url')) {
renderUploadForm('');
renderURLForm('');
} else {
if ($_POST['type'] === 'upload') {
$result = treatUploadForm('');
} else {
if (isset($_POST['upload_file']) && $_POST['upload_file'] == 'yes') {
$result = treatURLUploadForm('');
} else {
$result = treatURLForm('');
}
}
if (!array_key_exists('error', $result)) {
?>
<script language="javascript"><!--
applyFile(<?php
echo $result['id'];
?>
,"<?php
echo $result['name'];
