function file_upload($name, $up_dir = null, $access = '', $filename = null)
{
if (empty($up_dir)) {
$up_dir = UPLOAD_DIR . "/" . date('Y') . date("m") . "/" . date("d");
}
$path = WEBPATH . $up_dir;
if (!file_exists($path)) {
mkdir($path, 0777, true);
}
$mime = $_FILES[$name]['type'];
$filetype = file_gettype($mime);
if ($filetype == 'bin') {
$filetype = file_ext($_FILES[$name]['name']);
}
if ($filetype == false) {
echo "File Type Error!";
return false;
} elseif (!empty($access)) {
$access_type = explode(',', $access);
if (!in_array($filetype, $access_type)) {
echo "File Type '{$filetype}' not allow upload!";
return false;
}
}
if ($filename == null) {
$filename = substr(time(), 6, -1) . rand(100000, 999999);
}
$filename .= "." . $filetype;
if (move_uploaded_file($_FILES[$name]['tmp_name'], $path . "/" . $filename)) {
return "{$up_dir}/{$filename}";
} else {
echo "Error! debug:\n";
print_r($_FILES[$name]);
return false;
}
}
function admin_attachment()
{
$this->_check_cms();
import_func('file');
import_func('js');
$model = createModel('Attachment');
$entity = createModel($this->app);
if (empty($_GET['aid'])) {
$res = $entity->getStatus();
$id = $res['Auto_increment'];
} else {
$id = (int) $_GET['aid'];
}
if (isset($_GET['del'])) {
$model->del((int) $_GET['del']);
}
if (isset($_FILES['media'])) {
if (empty($_POST['title'])) {
$_POST['title'] = $_FILES['media']['name'];
}
$_POST['url'] = file_upload('media');
if (!empty($_POST['url'])) {
$_POST['filetype'] = file_gettype($_FILES['media']['type']);
$_POST['filesize'] = $_FILES['media']['size'];
$_POST['user_id'] = $this->uid;
$_POST['app'] = $this->app;
$model->put($_POST);
}
}
$list = $model->gets(array('aid' => $id, 'app' => $this->app));
include "templates/admin_attachment.html";
}
Auth::login_require();
//$php->db->debug = true;
import_func('file');
import_func('content');
import_func('js');
$table = TABLE_PREFIX . '_' . $_GET['app'];
if (empty($_GET['aid'])) {
$res = $php->db->query("show table status from " . DBNAME . " where name='{$table}'")->fetch();
$id = $res['Auto_increment'];
} else {
$id = $_GET['aid'];
}
if (isset($_GET['del'])) {
$php->db->query('delete from chq_resource where id=' . $_GET['del']);
}
if (isset($_FILES['media'])) {
if (empty($_POST['title'])) {
$_POST['title'] = $_FILES['media']['name'];
}
$_POST['url'] = file_upload('media');
$_POST['filetype'] = file_gettype($_FILES['media']['type']);
$_POST['filesize'] = $_FILES['media']['size'];
if (!empty($_GET['catid'])) {
$_POST['catid'] = $_GET['catid'];
}
$php->db->insert($_POST, 'chq_resource');
}
$list = $php->db->query('select * from chq_resource where aid=' . $id)->fetchall();
$php->tpl->assign('list', $list);
$php->tpl->assign('aid', $id);
$php->tpl->display(ADMIN_SKIN . '/admin_upfile.html');
