Exemplo n.º 1
0
    redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . ($folder_member > 0 ? '&fm=' . $folder_member : '') . $error);
} elseif (!empty($del_folder)) {
    $Session->csrf_get_protect();
    $Uploads->Del_folder($del_folder);
    if (!empty($folder_member)) {
        redirect(HOST . DIR . '/admin/admin_files.php?fm=' . $folder_member);
    } else {
        redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder);
    }
} elseif (!empty($empty_folder)) {
    $Session->csrf_get_protect();
    $Uploads->Empty_folder_member($empty_folder);
    redirect(HOST . DIR . '/admin/admin_files.php?showm=1');
} elseif (!empty($del_file)) {
    $Session->csrf_get_protect();
    $Uploads->Del_file($del_file, -1, ADMIN_NO_CHECK);
    redirect(HOST . DIR . '/admin/admin_files.php?f=' . $folder . ($folder_member > 0 ? '&fm=' . $folder_member : ''));
} elseif (!empty($move_folder) && $to != -1) {
    $Session->csrf_get_protect();
    $user_id = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $move_folder . "'", __LINE__, __FILE__);
    $move_list_parent = array();
    $result = $Sql->query_while("SELECT id, id_parent, name\n\tFROM " . PREFIX . "upload_cat\n\tWHERE user_id = '" . $user_id . "'\n\tORDER BY id", __LINE__, __FILE__);
    while ($row = $Sql->fetch_assoc($result)) {
        $move_list_parent[$row['id']] = $row['id_parent'];
    }
    $Sql->query_close($result);
    $array_child_folder = array();
    $Uploads->Find_subfolder($move_list_parent, $move_folder, $array_child_folder);
    $array_child_folder[] = $move_folder;
    if (!in_array($to, $array_child_folder)) {
        $Uploads->Move_folder($move_folder, $to, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
Exemplo n.º 2
0
    $Session->csrf_get_protect();
    if ($User->check_level(ADMIN_LEVEL)) {
        $Uploads->Del_folder($del_folder);
    } else {
        $check_user_id = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $del_folder . "'", __LINE__, __FILE__);
        if ($check_user_id == $User->get_attribute('user_id')) {
            $Uploads->Del_folder($del_folder);
        } else {
            $Errorh->handler('e_auth', E_USER_REDIRECT);
        }
    }
    redirect(HOST . DIR . url('/member/upload.php?f=' . $folder . '&' . $popup_noamp, '', '&'));
} elseif (!empty($del_file)) {
    $Session->csrf_get_protect();
    if ($User->check_level(ADMIN_LEVEL)) {
        $Uploads->Del_file($del_file, $User->get_attribute('user_id'), ADMIN_NO_CHECK);
    } else {
        $error = $Uploads->Del_file($del_file, $User->get_attribute('user_id'));
        if (!empty($error)) {
            $Errorh->handler('e_auth', E_USER_REDIRECT);
        }
    }
    redirect(HOST . DIR . url('/member/upload.php?f=' . $folder . '&' . $popup_noamp, '', '&'));
} elseif (!empty($move_folder) && $to != -1) {
    $Session->csrf_get_protect();
    $folder_owner = $Sql->query("SELECT user_id FROM " . DB_TABLE_UPLOAD_CAT . " WHERE id = '" . $move_folder . "'", __LINE__, __FILE__);
    if ($folder_owner == $User->get_attribute('user_id')) {
        include 'upload_functions.php';
        $sub_cats = array();
        upload_find_subcats($sub_cats, $move_folder, $User->get_attribute('user_id'));
        $sub_cats[] = $move_folder;
Exemplo n.º 3
0
        //Suppression du dossier et de tout le contenu
        if ($check_user_id == AppContext::get_current_user()->get_id()) {
            Uploads::Del_folder($del_folder);
        } else {
            $error_controller = PHPBoostErrors::unexisting_page();
            DispatchManager::redirect($error_controller);
        }
    }
    AppContext::get_response()->redirect(HOST . DIR . url('/user/upload.php?f=' . $folder . '&' . $popup_noamp, '', '&'));
} elseif (!empty($del_file)) {
    AppContext::get_session()->csrf_get_protect();
    //Protection csrf
    if (AppContext::get_current_user()->check_level(User::ADMIN_LEVEL)) {
        Uploads::Del_file($del_file, AppContext::get_current_user()->get_id(), Uploads::ADMIN_NO_CHECK);
    } else {
        $error = Uploads::Del_file($del_file, AppContext::get_current_user()->get_id());
        if (!empty($error)) {
            $error_controller = PHPBoostErrors::unexisting_page();
            DispatchManager::redirect($error_controller);
        }
    }
    AppContext::get_response()->redirect(HOST . DIR . url('/user/upload.php?f=' . $folder . '&' . $popup_noamp, '', '&'));
} elseif (!empty($move_folder) && $to != -1) {
    AppContext::get_session()->csrf_get_protect();
    //Protection csrf
    $folder_owner = PersistenceContext::get_querier()->get_column_value(DB_TABLE_UPLOAD_CAT, 'user_id', 'WHERE id = :id', array('id' => $move_folder));
    if ($folder_owner == AppContext::get_current_user()->get_id()) {
        include 'upload_functions.php';
        $sub_cats = array();
        upload_find_subcats($sub_cats, $move_folder, AppContext::get_current_user()->get_id());
        $sub_cats[] = $move_folder;
Exemplo n.º 4
0
    if (!empty($folder_member)) {
        AppContext::get_response()->redirect('/admin/admin_files.php?fm=' . $folder_member);
    } else {
        AppContext::get_response()->redirect('/admin/admin_files.php?f=' . $folder);
    }
} elseif (!empty($empty_folder)) {
    AppContext::get_session()->csrf_get_protect();
    //Protection csrf.
    //Suppression de tout les dossiers enfants.
    Uploads::Empty_folder_member($empty_folder);
    AppContext::get_response()->redirect('/admin/admin_files.php?showm=1');
} elseif (!empty($del_file)) {
    AppContext::get_session()->csrf_get_protect();
    //Protection csrf
    //Suppression d'un fichier.
    Uploads::Del_file($del_file, -1, Uploads::ADMIN_NO_CHECK);
    AppContext::get_response()->redirect('/admin/admin_files.php?f=' . $folder . ($folder_member > 0 ? '&fm=' . $folder_member : ''));
} elseif (!empty($move_folder) && $to != -1) {
    AppContext::get_session()->csrf_get_protect();
    //Protection csrf
    $user_id = 0;
    try {
        $user_id = PersistenceContext::get_querier()->get_column_value(DB_TABLE_UPLOAD_CAT, 'user_id', 'WHERE id=:id', array('id' => $move_folder));
    } catch (RowNotFoundException $e) {
    }
    $move_list_parent = array();
    if ($user_id) {
        $result = PersistenceContext::get_querier()->select("SELECT id, id_parent, name\n\t\tFROM " . PREFIX . "upload_cat\n\t\tWHERE user_id = :user_id\n\t\tORDER BY id", array('user_id' => $user_id));
        while ($row = $result->fetch()) {
            $move_list_parent[$row['id']] = $row['id_parent'];
        }