include_once "./fileup.ini.php";
// For GET
$start = isset($_GET['start']) ? intval($_GET['start']) : 0;
$lid = isset($_GET['lid']) ? intval($_GET['lid']) : NULL;
$sortname = isset($_GET['sortname']) ? urlencode(strip_tags($_GET['sortname'])) : "date";
$sortorder = isset($_GET['sortorder']) ? intval($_GET['sortorder']) : SORT_DESC;
$filename = isset($_GET['filename']) ? rawurldecode(strip_tags($_GET['filename'])) : NULL;
$command = isset($_GET['command']) ? urlencode(strip_tags($_GET['command'])) : NULL;
// For POST
$lid = isset($_POST['lid']) ? intval($_POST['lid']) : $lid;
$sortname = isset($_POST['sortname']) ? urlencode(strip_tags($_POST['sortname'])) : $sortname;
$sortorder = isset($_POST['sortorder']) ? intval($_POST['sortorder']) : $sortorder;
$filename = isset($_POST['filename']) ? rawurldecode(strip_tags($_POST['filename'])) : $filename;
$command = isset($_POST['command']) ? urlencode(strip_tags($_POST['command'])) : $command;
$dir_src = XOOPS_ROOT_PATH . UPLOADS;
fileUp::chk_uploadfolder($dir_src);
//
// For delete controll
//
if ($xoopsUser) {
if ($xoopsUser->isAdmin($xoopsModule->mid())) {
$xoopsTpl->assign('isadmin', true);
$delok = 1;
} elseif ($lid && ($command == "deleteok" || $command == "delete")) {
$sql = "SELECT `submitter` FROM " . $xoopsDB->prefix("mydownloads_downloads") . " WHERE lid={$lid}";
$result = $xoopsDB->query($sql);
list($submitter) = $xoopsDB->fetchRow($result);
$delok = $xoopsUser->uid() == $submitter ? 1 : 0;
}
} else {
$delok = 0;
