$qdir = $gpc->get('dir', none);
$ndir = $gpc->get('newdir', none);
if ($qdir == '#') {
if (!preg_match('/[^\\w\\d\\-\\.]/i', $qdir) || empty($ndir)) {
$error = $lang->phrase('admin_wysiwyg_folder_restrictions');
} else {
if ($filesystem->mkdir($leadon . $ndir, 0777)) {
$path = $leadon . $ndir;
}
}
}
if ($error === null) {
require "classes/class.upload.php";
$my_uploader = new uploader();
$my_uploader->max_filesize(ini_maxupload());
$my_uploader->file_types($supportedextentions);
$my_uploader->set_path($path);
if ($my_uploader->upload('file')) {
$my_uploader->save_file();
}
if ($my_uploader->upload_failed()) {
$error = $my_uploader->get_error();
}
$image_file = $path . $my_uploader->fileinfo('filename');
if (!file_exists($image_file)) {
$error = $lang->phrase('admin_cms_file_does_not_exist');
}
$image_file = str_replace(realpath($config['fpath']) . DIRECTORY_SEPARATOR, '', $image_file);
$image_file = str_replace(DIRECTORY_SEPARATOR, '/', $image_file);
}
}
exec_query_form();
echo foot();
} elseif ($job == 'query2') {
echo head();
$type = $gpc->get('type', int);
if ($type == 1) {
$filetypes = array('zip', 'sql');
$dir = 'temp/';
$inserterrors = array();
require "classes/class.upload.php";
if (empty($_FILES['upload']['name'])) {
$inserterrors[] = 'No file specified.';
}
$my_uploader = new uploader();
$my_uploader->max_filesize(ini_maxupload());
$my_uploader->file_types($filetypes);
$my_uploader->set_path($dir);
if ($my_uploader->upload('upload')) {
if ($my_uploader->save_file()) {
$file = $dir . $my_uploader->fileinfo('filename');
if (!file_exists($file)) {
$inserterrors[] = 'File (' . $file . ') does not exist.';
}
}
}
if ($my_uploader->upload_failed()) {
array_push($inserterrors, $my_uploader->get_error());
}
if (count($inserterrors) > 0) {
error('admin.php?action=db&job=query', $inserterrors);
} else {
removeOldImages('uploads/pics/', $my->id);
$db->query("UPDATE {$db->pre}user SET pic = '' WHERE id = '{$my->id}' LIMIT 1");
($code = $plugins->load('editprofile_pic3_end')) ? eval($code) : null;
ok($lang->phrase('editprofile_pic_success'), "editprofile.php?action=pic" . SID2URL_x);
} elseif ($_GET['action'] == "pic2") {
$pic = $gpc->get('pic', none);
if ($my->p['usepic'] == 0) {
errorLogin($lang->phrase('not_allowed'), "editprofile.php");
}
$error = array();
if (isset($_FILES) && is_array($_FILES['upload']) && !empty($_FILES['upload']['name'])) {
require "classes/class.upload.php";
$my_uploader = new uploader();
$my_uploader->max_filesize($config['avfilesize']);
$my_uploader->max_image_size($config['avwidth'], $config['avheight']);
$my_uploader->file_types(explode(',', $config['avfiletypes']));
$my_uploader->set_path('uploads/pics/');
$my_uploader->rename_file($my->id);
if ($my_uploader->upload('upload')) {
removeOldImages('uploads/pics/', $my->id);
if ($my_uploader->save_file()) {
$my->pic = 'uploads/pics/' . $my_uploader->fileinfo('filename');
}
}
if ($my_uploader->upload_failed()) {
$error[] = $my_uploader->get_error();
}
} elseif (!empty($pic) && preg_match(URL_REGEXP, $pic)) {
$my->pic = checkRemotePic($pic, $my->id);
switch ($my->pic) {
case REMOTE_INVALID_URL:
</table>
</form>
<?php
echo foot();
} elseif ($job == 'package_import2') {
echo head();
$del = $gpc->get('delete', int);
$versioncheck = $gpc->get('version', int);
$server = $gpc->get('server', none);
$inserterrors = array();
$sourcefile = '';
if (!empty($_FILES['upload']['name'])) {
require "classes/class.upload.php";
$dir = 'temp/';
$my_uploader = new uploader();
$my_uploader->file_types(array('zip'));
$my_uploader->set_path($dir);
$my_uploader->max_filesize(ini_maxupload());
if ($my_uploader->upload('upload')) {
if ($my_uploader->save_file()) {
$sourcefile = $dir . $my_uploader->fileinfo('filename');
}
}
if ($my_uploader->upload_failed()) {
array_push($inserterrors, $my_uploader->get_error());
}
} elseif (file_exists($server)) {
$ext = get_extension($server);
if ($ext == 'zip') {
$sourcefile = $server;
} else {
</form>
<?php
echo foot();
} elseif ($job == 'custombb_import2') {
$dir = $gpc->get('dir', int);
$server = $gpc->get('server', none);
$del = $gpc->get('delete', int);
$inserterrors = array();
if (!empty($_FILES['upload']['name'])) {
$filesize = ini_maxupload();
$dir = 'temp/';
$insertuploads = array();
require "classes/class.upload.php";
$my_uploader = new uploader();
$my_uploader->max_filesize(1024 * 250);
$my_uploader->file_types(array('bbc'));
$my_uploader->set_path($dir);
if ($my_uploader->upload('upload')) {
if ($my_uploader->save_file()) {
$file = $dir . $my_uploader->fileinfo('filename');
if (!file_exists($file)) {
$inserterrors[] = $lang->phrase('admin_bbc_file_not_existing');
}
}
}
if ($my_uploader->upload_failed()) {
array_push($inserterrors, $my_uploader->get_error());
}
} elseif (file_exists($server)) {
$ext = get_extension($server);
if ($ext == 'bbc') {
