Exemple #1
0
     if (!($permissions['ecdownloadpermissions'] & $vbulletin->bf_ugp['ecdownloadpermissions']['caneditallfiles']) and (!($permissions['ecdownloadpermissions'] & $vbulletin->bf_ugp['ecdownloadpermissions']['caneditownfiles']) or $file['uploaderid'] != $vbulletin->userinfo['userid'])) {
         print_no_permission();
     }
     if ($file['id'] == 0) {
         eval(print_standard_redirect('ecdownloads_msg_invalid_file', true, true));
     }
     if ($_GET['act'] == 'update') {
         $currentuser = $db->query_first("SELECT uploaderid\n\t\t\t\t\t\t\t\t\t   FROM " . TABLE_PREFIX . "dl_files\n\t\t\t\t\t\t\t\t\t   WHERE id = " . $file['id']);
         $temp = $db->query_first("SELECT username, userid \n\t\t\t\t\t\t\t\t\t   FROM " . TABLE_PREFIX . "user\n\t\t\t\t\t\t\t\t\t   WHERE username = "******"UPDATE " . TABLE_PREFIX . "dl_files \n\t\t\t\t\t\t\tSET `uploader`=" . $db->sql_prepare($temp['username']) . ", uploaderid = " . $temp['userid'] . "\n\t\t\t\t\t\t\tWHERE id = " . $file['id']);
             $dl->modify_filecount_user($temp['userid']);
             $dl->modify_filecount_user($currentuser['uploaderid']);
             $dl->update_counters();
         }
         $db->free_result($temp);
         $vbulletin->url = './downloads.php?do=file&id=' . $file['id'];
         eval(print_standard_redirect('ecdownloads_uploader_updated', true, true));
     }
     eval('$dmain_jr .= "' . fetch_template('downloadsbuddy_assign_user') . '";');
     // eval('$dpanel .= "' . fetch_template('downloads_panel_top') . '";');
     eval('$dmain .= "' . fetch_template('downloads_wrapper_top') . '";');
 } else {
     if ($_GET['do'] == 'add' or $_GET['do'] == 'edit') {
         $textareacols = fetch_textarea_width();
         if ($_GET['do'] == 'add') {
             $navbits['downloads.php?do=add'] = $vbphrase['ecdownloads_addit_file'];
Exemple #2
0
     $modqueue = $permissions['downloads2permissions'] & $vbulletin->bf_ugp['downloads2permissions']['canavoidmodqueue'] ? 0 : 1;
     $db->query_write("\r\n\t\t\t\t\tINSERT INTO " . TABLE_PREFIX . "dl2_files\r\n\t\t\t\t\t\t(`title`, `description`, `author`, `_author`, `uploader`, `uploaderid`, `url`, `extension`, `dateadded`, `category`, `size`, `pin`, `modqueue`, `link`)\r\n\t\t\t\t\tVALUES\r\n\t\t\t\t\t\t(\r\n\t\t\t\t\t\t\t'" . $db->escape_string($vbulletin->GPC['title']) . "',\r\n\t\t\t\t\t\t\t'" . $db->escape_string($vbulletin->GPC['message']) . "',\r\n\t\t\t\t\t\t\t'" . $db->escape_string($vbulletin->GPC['author']) . "',\r\n\t\t\t\t\t\t\t'" . $db->escape_string($_author) . "',\r\n\t\t\t\t\t\t\t'" . $db->escape_string($vbulletin->userinfo['username']) . "',\r\n\t\t\t\t\t\t\t" . $vbulletin->userinfo['userid'] . ",\r\n\t\t\t\t\t\t\t'" . $db->escape_string($newfilename) . "',\r\n\t\t\t\t\t\t\t'" . $db->escape_string($ext) . "',\r\n\t\t\t\t\t\t\t" . TIMENOW . ",\r\n\t\t\t\t\t\t\t" . $vbulletin->GPC['category'] . ",\r\n\t\t\t\t\t\t\t" . $size . ",\r\n\t\t\t\t\t\t\t" . $vbulletin->GPC['pin'] . ",\r\n\t\t\t\t\t\t\t" . $modqueue . ",\r\n\t\t\t\t\t\t\t" . $link . "\r\n\t\t\t\t\t\t)\r\n\t\t\t\t");
 } else {
     if ($_GET['do'] == 'edit') {
         $modqueue = $file['modqueue'];
         if ($temp['username'] != '') {
             $updatequery = ", `uploader` = '" . $db->escape_string($temp['username']) . "', `uploaderid` = " . $temp['userid'];
         }
         $db->query_write("\r\n\t\t\t\t\tUPDATE " . TABLE_PREFIX . "dl2_files SET\r\n\t\t\t\t\t\t`title` = '" . $db->escape_string($vbulletin->GPC['title']) . "',\r\n\t\t\t\t\t\t`description` = '" . $db->escape_string($vbulletin->GPC['message']) . "',\r\n\t\t\t\t\t\t`author` = '" . $db->escape_string($vbulletin->GPC['author']) . "',\r\n\t\t\t\t\t\t`_author` = '" . $db->escape_string($_author) . "',\r\n\t\t\t\t\t\t`url` = '" . $db->escape_string($newfilename) . "',\r\n\t\t\t\t\t\t`extension` = '" . $db->escape_string($ext) . "',\r\n\t\t\t\t\t\t`category` = " . $vbulletin->GPC['category'] . ",\r\n\t\t\t\t\t\t`size` = " . $size . ",\r\n\t\t\t\t\t\t`pin` = " . $vbulletin->GPC['pin'] . ",\r\n\t\t\t\t\t\t`modqueue` = " . $modqueue . ",\r\n\t\t\t\t\t\t`link` = " . $link . ",\r\n\t\t\t\t\t\t`lastedit` = " . TIMENOW . ",\r\n\t\t\t\t\t\t`lasteditor` = '" . $db->escape_string($vbulletin->userinfo['username']) . "',\r\n\t\t\t\t\t\t`lasteditorid` = " . $vbulletin->userinfo['userid'] . $updatequery . "\r\n\t\t\t\t\tWHERE id = {$file['id']}\r\n\t\t\t\t");
     }
 }
 if ($_GET['do'] == 'add') {
     $id = $db->insert_id();
     $db->query_write("UPDATE " . TABLE_PREFIX . "dl2_main SET `files` = `files` + 1");
     $dl->modify_filecount($vbulletin->GPC['category'], 1);
     $dl->modify_filecount_user($vbulletin->userinfo['userid']);
     $dl->update_counters();
     $vbulletin->url = 'downloads.php?' . $vbulletin->session->vars['sessionurl'] . "do=file&id={$id}";
     // hook for post-upload checks
     ($hook = vBulletinHook::fetch_hook('dl2_post_upload_add')) ? eval($hook) : false;
     eval(print_standard_redirect('dl2_msg_file_added', true, true));
 } else {
     if ($_GET['do'] == 'edit') {
         if ($upload) {
             // New upload was successfull, so remove the old file
             @unlink($dl->url . $file['url']);
         }
         if ($file['category'] != $vbulletin->GPC['category']) {
             $dl->modify_filecount($vbulletin->GPC['category'], 1);
             $dl->modify_filecount_delete($file['category'], -1);
         }