$url_array = $form->getSubmitValues();
$url = Security::remove_XSS($url_array['url']);
$description = Security::remove_XSS($url_array['description']);
$active = intval($url_array['active']);
$url_id = $url_array['id'];
$url_to_go = 'access_urls.php';
if ($url_id != '') {
//we can't change the status of the url with id=1
if ($url_id == 1) {
$active = 1;
}
//checking url
if (substr($url, strlen($url) - 1, strlen($url)) == '/') {
UrlManager::update($url_id, $url, $description, $active);
} else {
UrlManager::update($url_id, $url . '/', $description, $active);
}
// URL Images
$url_images_dir = api_get_path(SYS_PATH) . 'custompages/url-images/';
$image_fields = array("url_image_1", "url_image_2", "url_image_3");
foreach ($image_fields as $image_field) {
if ($_FILES[$image_field]['error'] == 0) {
// Hardcoded: only PNG files allowed
if (end(explode('.', $_FILES[$image_field]['name'])) == 'png') {
if (file_exists($url_images_dir . $url_id . '_' . $image_field . '.png')) {
// if the file exists, we have to remove it before move_uploaded_file
unlink($url_images_dir . $url_id . '_' . $image_field . '.png');
}
move_uploaded_file($_FILES[$image_field]['tmp_name'], $url_images_dir . $url_id . '_' . $image_field . '.png');
}
// else fail silently
