<?php
set_time_limit(0);
include_once "include_db.php";
include_once "include_functions.php";
if (!$_SESSION["uname"]) {
header('Location: logout.php');
exit;
}
$CURRENT_USER = $_SESSION["uname"];
// check whether this user has access to this room
$GMU = new ManageUsers();
$GMU->userId = $_SESSION['empl_id'];
$rid = get_POST_var('rid');
if (!$GMU->has_AccessToRoom($rid)) {
echo "You are not authorised to access this page.";
exit;
}
// get file size and generate a random code
$MF = new ManageFiles();
$UFID = $MF->createUnique_FID(16);
$size = $_FILES['myfile']['size'];
$file_name = str_replace(' ', '_', $_FILES['myfile']['name']);
$file_type = $_FILES['myfile']['type'];
$errors = $_FILES['myfile']['error'];
//move the uploaded file to UPLOAD_PATH and insert into database
$result = 0;
if ($errors == UPLOAD_ERR_OK) {
$tmp_name = $tmp_names;
//$allowedExtensions = array("txt","csv","htm","html","xml","css","doc","xls","rtf","ppt","pdf","swf","flv","avi","wmv","mov","jpg","jpeg","gif","png");
$type = end(explode(".", strtolower($file_name)));
public function isFileRelatedToUser($fileId, $userId)
{
// get room id for this file
$roomId = executesql_returnArray("select tbl_ChatRooms.chatRoom from tbl_chatFiles, tbl_ChatRooms where tbl_ChatRooms.fileId = tbl_chatFiles.fileId and tbl_chatFiles.fileId='{$fileId}'");
if ($roomId) {
$MU = new ManageUsers();
$MU->userId = $userId;
return $MU->has_AccessToRoom($roomId);
} else {
$directMessage_UserRelated = executesql_returnArray("select tbl_DirectMessages.dmsgid from tbl_DirectMessages, tbl_chatFiles where tbl_chatFiles.fileId = tbl_DirectMessages.fileId and tbl_chatFiles.fileId='{$fileId}' and (tbl_DirectMessages.from_uid='{$userId}' OR tbl_DirectMessages.to_uid='{$userId}') ");
return $directMessage_UserRelated ? true : false;
}
}
