} } } elseif ($_GET['action'] == 'edit') { if (!mysql_num_rows($q = mysql_query("SELECT * FROM `amsn_files` ORDER BY `filename`, `url`"))) { echo "<p>There are no files yet</p>\n"; return; } if (isset($_POST['id']) && ereg('^[1-9][0-9]*$', $_POST['id']) && !mysql_num_rows($q = @mysql_query("SELECT * FROM `amsn_files` WHERE id = '" . (int) $_POST['id'] . "' LIMIT 1"))) { echo "<p>The selected item don't exists</p>\n"; return; } if ($_GET['action'] == 'edit' && isset($_POST['id'])) { if (isset($_POST['id'], $_POST['type'])) { $_POST = clean4sql($_POST); if ($_POST['type'] === 'upload') { $result = treatUploadForm(); } else { if (isset($_POST['upload_file']) && $_POST['upload_file'] == 'yes') { $result = treatURLUploadForm(); } else { $result = treatURLForm(); } } if (!array_key_exists('error', $result)) { echo "<p>{$result['success']}</p>\n"; return; } else { echo "<p>{$result['error']}</p>\n"; } } $row = mysql_fetch_assoc($q);
if (!user_level()) { noperms(); exit; } if (!isset($_GET['field'])) { ?> <b style="text-align: center;display:block">No parent information defined</b> <?php } else { if (isset($_GET['file_id']) && $_GET['file_id'] === 'new') { if (!isset($_POST['type']) || strcmp($_POST['type'], 'upload') && strcmp($_POST['type'], 'url')) { renderUploadForm(''); renderURLForm(''); } else { if ($_POST['type'] === 'upload') { $result = treatUploadForm(''); } else { if (isset($_POST['upload_file']) && $_POST['upload_file'] == 'yes') { $result = treatURLUploadForm(''); } else { $result = treatURLForm(''); } } if (!array_key_exists('error', $result)) { ?> <script language="javascript"><!-- applyFile(<?php echo $result['id']; ?> ,"<?php echo $result['name'];