$file_on_groups[] = $assignment_row['group_id'];
}
}
}
$n = 0;
foreach ($_POST['file'] as $file) {
$n++;
if (!empty($file['name'])) {
/**
* If the uploader is a client, set the "client" var to the current
* uploader username, since the "client" field is not posted.
*/
if ($current_level == 0) {
$file['assignments'] = 'c' . $global_user;
}
$this_upload = new PSend_Upload_File();
/**
* Unassigned files are kept as orphans and can be related
* to clients or groups later.
*/
/** Add to the database for each client / group selected */
$add_arguments = array('file' => $edit_file_info['url'], 'name' => $file['name'], 'description' => $file['description'], 'uploader' => $global_user, 'uploader_id' => $global_id, 'expiry_date' => $file['expiry_date']);
/** Set notifications to YES by default */
$send_notifications = true;
if (!empty($file['hidden'])) {
$add_arguments['hidden'] = $file['hidden'];
$send_notifications = false;
}
if ($current_level != 0) {
if (!empty($file['expires'])) {
$add_arguments['expires'] = '1';
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
// Settings
$targetDir = UPLOADED_FILES_FOLDER;
$cleanupTargetDir = true;
// Remove old files
$maxFileAge = 5 * 3600;
// Temp file age in seconds
@set_time_limit(UPLOAD_TIME_LIMIT);
// Uncomment this one to fake upload time
// usleep(5000);
// Get parameters
$chunk = isset($_REQUEST["chunk"]) ? intval($_REQUEST["chunk"]) : 0;
$chunks = isset($_REQUEST["chunks"]) ? intval($_REQUEST["chunks"]) : 0;
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
$this_file = new PSend_Upload_File();
// Rename the file
$fileName = $this_file->safe_rename($fileName);
// Make sure the fileName is unique but only if chunking is disabled
if ($chunks < 2 && file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName)) {
$ext = strrpos($fileName, '.');
$fileName_a = substr($fileName, 0, $ext);
$fileName_b = substr($fileName, $ext);
$count = 1;
while (file_exists($targetDir . DIRECTORY_SEPARATOR . $fileName_a . '_' . $count . $fileName_b)) {
$count++;
}
$fileName = $fileName_a . '_' . $count . $fileName_b;
}
$filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName;
// Create target dir
</script>
<form action="upload-process-form.php" name="save_files" id="save_files" method="post">
<?php
foreach ($uploaded_files as $add_uploaded_field) {
echo '<input type="hidden" name="finished_files[]" value="' . $add_uploaded_field . '" />
';
}
?>
<div class="container-fluid">
<?php
$i = 1;
foreach ($uploaded_files as $file) {
clearstatcache();
$this_upload = new PSend_Upload_File();
$file_original = $file;
$location = $work_folder . '/' . $file;
/**
* Check that the file is indeed present on the folder.
* If not, it is added to the failed files array.
*/
if (file_exists($location)) {
/** Generate a safe filename */
//$file = $this_upload->safe_rename($file);
/**
* Remove the extension from the file name and replace every
* underscore with a space to generate a valid upload name.
*/
$filename_no_ext = substr($file, 0, strrpos($file, '.'));
$file_title = str_replace('_', ' ', $filename_no_ext);
while ($row = mysql_fetch_array($sql)) {
$assigned[] = $row["file_id"];
}
/** We consider public file as assigned file */
foreach ($db_files_public as $file_id) {
$assigned[] = $file_id;
}
/** Read the temp folder and list every allowed file */
if ($handle = opendir($work_folder)) {
while (false !== ($filename = readdir($handle))) {
$filename_path = $work_folder . '/' . $filename;
if (!is_dir($filename_path)) {
if ($filename != "." && $filename != "..") {
/** Check types of files that are not on the database */
if (!array_key_exists($filename, $db_files)) {
$file_object = new PSend_Upload_File();
$new_filename = $file_object->safe_rename_on_disc($filename, $work_folder);
/** Check if the filetype is allowed */
if ($file_object->is_filetype_allowed($new_filename)) {
/** Add it to the array of available files */
$new_filename_path = $work_folder . '/' . $new_filename;
//$files_to_add[$new_filename] = $new_filename_path;
$files_to_add[] = array('path' => $new_filename_path, 'name' => $new_filename, 'reason' => 'not_on_db');
}
} else {
/**
* These following files EXIST on DB ($db_files)
* but not on the assigned table ($assigned)
*/
if (!in_array($db_files[$filename], $assigned)) {
$files_to_add[] = array('path' => $filename_path, 'name' => $filename, 'reason' => 'not_assigned');
$database->MySQLDB();
$logo_file_info = generate_logo_url();
?>
<div id="main">
<h2><?php
echo $page_title;
?>
</h2>
<?php
if ($_POST) {
/** Valid file extensions (images) */
$image_file_types = "/^\\.(jpg|jpeg|gif|png){1}\$/i";
if (is_uploaded_file($_FILES['select_logo']['tmp_name'])) {
$this_upload = new PSend_Upload_File();
$safe_filename = $this_upload->safe_rename($_FILES['select_logo']['name']);
/**
* Check the file type for allowed extensions.
*
* @todo Use the file upload class file type validation function.
*/
if (preg_match($image_file_types, strrchr($safe_filename, '.'))) {
/**
* Move the file to the destination defined on sys.vars.php. If ok, add the
* new file name to the database.
*/
if (move_uploaded_file($_FILES['select_logo']['tmp_name'], LOGO_FOLDER . $safe_filename)) {
$q = 'UPDATE tbl_options SET value="' . $safe_filename . '" WHERE name="logo_filename"';
$sql = $database->query($q, $database->connection);
$status = '1';
