include_once "./fileup.ini.php"; // For GET $start = isset($_GET['start']) ? intval($_GET['start']) : 0; $lid = isset($_GET['lid']) ? intval($_GET['lid']) : NULL; $sortname = isset($_GET['sortname']) ? urlencode(strip_tags($_GET['sortname'])) : "date"; $sortorder = isset($_GET['sortorder']) ? intval($_GET['sortorder']) : SORT_DESC; $filename = isset($_GET['filename']) ? rawurldecode(strip_tags($_GET['filename'])) : NULL; $command = isset($_GET['command']) ? urlencode(strip_tags($_GET['command'])) : NULL; // For POST $lid = isset($_POST['lid']) ? intval($_POST['lid']) : $lid; $sortname = isset($_POST['sortname']) ? urlencode(strip_tags($_POST['sortname'])) : $sortname; $sortorder = isset($_POST['sortorder']) ? intval($_POST['sortorder']) : $sortorder; $filename = isset($_POST['filename']) ? rawurldecode(strip_tags($_POST['filename'])) : $filename; $command = isset($_POST['command']) ? urlencode(strip_tags($_POST['command'])) : $command; $dir_src = XOOPS_ROOT_PATH . UPLOADS; fileUp::chk_uploadfolder($dir_src); // // For delete controll // if ($xoopsUser) { if ($xoopsUser->isAdmin($xoopsModule->mid())) { $xoopsTpl->assign('isadmin', true); $delok = 1; } elseif ($lid && ($command == "deleteok" || $command == "delete")) { $sql = "SELECT `submitter` FROM " . $xoopsDB->prefix("mydownloads_downloads") . " WHERE lid={$lid}"; $result = $xoopsDB->query($sql); list($submitter) = $xoopsDB->fetchRow($result); $delok = $xoopsUser->uid() == $submitter ? 1 : 0; } } else { $delok = 0;