コード例 #1
0
function upload_find_subcats(&$array, $id_cat, $user_id)
{
    global $Sql;
    $result = $Sql->query_while("SELECT id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id_parent = '" . $id_cat . "' AND user_id = '" . $user_id . "'", __LINE__, __FILE__);
    while ($row = $Sql->fetch_assoc($result)) {
        $array[] = $row['id'];
        upload_find_subcats($array, $row['id'], $user_id);
    }
    $Sql->query_close($result);
}
コード例 #2
0
ファイル: upload.php プロジェクト: AroundPBT/PHPBoost
    } else {
        $error = Uploads::Del_file($del_file, AppContext::get_current_user()->get_id());
        if (!empty($error)) {
            $error_controller = PHPBoostErrors::unexisting_page();
            DispatchManager::redirect($error_controller);
        }
    }
    AppContext::get_response()->redirect(HOST . DIR . url('/user/upload.php?f=' . $folder . '&' . $popup_noamp, '', '&'));
} elseif (!empty($move_folder) && $to != -1) {
    AppContext::get_session()->csrf_get_protect();
    //Protection csrf
    $folder_owner = PersistenceContext::get_querier()->get_column_value(DB_TABLE_UPLOAD_CAT, 'user_id', 'WHERE id = :id', array('id' => $move_folder));
    if ($folder_owner == AppContext::get_current_user()->get_id()) {
        include 'upload_functions.php';
        $sub_cats = array();
        upload_find_subcats($sub_cats, $move_folder, AppContext::get_current_user()->get_id());
        $sub_cats[] = $move_folder;
        //Si on ne déplace pas le dossier dans un de ses fils ou dans lui même
        if (!in_array($to, $sub_cats)) {
            if (AppContext::get_current_user()->get_id() || $to == 0) {
                PersistenceContext::get_querier()->update(DB_TABLE_UPLOAD_CAT, array('id_parent' => $to), 'WHERE id = :id', array('id' => $move_folder));
                AppContext::get_response()->redirect(HOST . DIR . url('/user/upload.php?f=' . $to . '&' . $popup_noamp, '', '&'));
            }
        } else {
            AppContext::get_response()->redirect(HOST . DIR . url('/userr/upload.php?movefd=' . $move_folder . '&f=0&error=folder_contains_folder&' . $popup_noamp, '', '&'));
        }
    } else {
        $error_controller = PHPBoostErrors::unexisting_page();
        DispatchManager::redirect($error_controller);
    }
} elseif (!empty($move_file) && $to != -1) {
コード例 #3
0
function upload_find_subcats(&$array, $id_cat, $user_id)
{
    $result = PersistenceContext::get_querier()->select("SELECT id\n\t\tFROM " . DB_TABLE_UPLOAD_CAT . "\n\t\tWHERE id_parent = :id_parent AND user_id = :user_id", array('id_parent' => $id_cat, 'user_id' => $user_id));
    while ($row = $result->fetch()) {
        $array[] = $row['id'];
        //On rappelle la fonction pour la catégorie fille
        upload_find_subcats($array, $row['id'], $user_id);
    }
    $result->dispose();
}
コード例 #4
0
ファイル: upload.php プロジェクト: janus57/PHPBoost_v3c
    if ($User->check_level(ADMIN_LEVEL)) {
        $Uploads->Del_file($del_file, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
    } else {
        $error = $Uploads->Del_file($del_file, $User->get_attribute('user_id'));
        if (!empty($error)) {
            $Errorh->handler('e_auth', E_USER_REDIRECT);
        }
    }
    redirect(HOST . DIR . url('/member/upload.php?f=' . $folder . '&' . $popup_noamp, '', '&'));
} elseif (!empty($move_folder) && $to != -1) {
    $Session->csrf_get_protect();
    $folder_owner = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $move_folder . "'", __LINE__, __FILE__);
    if ($folder_owner == $User->get_attribute('user_id')) {
        include 'upload_functions.php';
        $sub_cats = array();
        upload_find_subcats($sub_cats, $move_folder, $User->get_attribute('user_id'));
        $sub_cats[] = $move_folder;
        if (!in_array($to, $sub_cats)) {
            $new_folder_owner = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $to . "'", __LINE__, __FILE__);
            if ($new_folder_owner == $User->get_attribute('user_id') || $to == 0) {
                $Sql->query_inject("UPDATE " . DB_TABLE_UPLOAD_CAT . " SET id_parent = '" . $to . "' WHERE id = '" . $move_folder . "'", __LINE__, __FILE__);
                redirect(HOST . DIR . url('/member/upload.php?f=' . $to . '&' . $popup_noamp, '', '&'));
            }
        } else {
            redirect(HOST . DIR . url('/member/upload.php?movefd=' . $move_folder . '&f=0&error=folder_contains_folder&' . $popup_noamp, '', '&'));
        }
    } else {
        $Errorh->handler('e_auth', E_USER_REDIRECT);
    }
} elseif (!empty($move_file) && $to != -1) {
    $Session->csrf_get_protect();