if (!Session::verifyToken($_POST['token'])) { $str = urlencode("Request could not be handled, token does not match"); header("Location: admin.php?agenda=yes&uploaded={$str}"); exit; } $title = $_POST['title']; $result = true; //if the uploads folder does not exist, create it if (!file_exists("./uploads")) { $result = mkdir("./uploads"); } //if the upload has been created in the past at some point if ($result === true) { Database::archiveAllAgendas(); //Create a new agenda with title of Test $id = Database::createAgenda($title); $dir = "./uploads/Agenda{$id}.pdf"; if (file_exists($dir)) { Database::removeAgendaWithID($id); $message = urlencode("Cannot upload, file already exists"); header("Location: admin.php?agenda=yes&uploaded={$message}"); exit; } //move the uploaded file to the uploads folder under the name of its id move_uploaded_file($_FILES['file']['tmp_name'], $dir); //change the permissions on the uploaded file in the uploads folder to RW-R--R-- chmod($dir, 0644); header("Location: admin.php?agenda=true&uploaded=yes"); exit; } else { $message = urlencode("Failed to create uploads folder");