Exemplo n.º 1
0
			if(!isset($_REQUEST['pid'])){
				$pid = 1;
			}else{
				$pid = $_REQUEST['pid'];
			}
		//GRAB CID - TELLS US WHAT SECTION OF THE MODULE WE ARE WORKING WITH
			if(!isset($_REQUEST['cid'])){
				$cid = 0;
			}else{
				$cid = $_REQUEST['cid'];
			}
		//GRAB THEID IF THERE IS ANY
			$theid = $_REQUEST['theid'];
		//INCLUDE OUR INSTALLED MODULES
			$sql = "SELECT * FROM ".$cfg->db_prefix."_modules";
			$result = $db->DB_Q_C($sql);
			$count = mysql_affected_rows();
			if($count>0){
				while($row = mysql_fetch_array($result)){
					require 'class/'.$row['name'].'.php';
				}
			}
		//CREATE OUR USER
			$user = new class_adminuser($db, $cfg->cookie_name, $cfg);
		//CHECK TO SEE IF OUR USER IS LOGGED IN
			if($_REQUEST['cook']=="yes"){
				$user_logged=$user->checkUserLog($db, "YES");
			}else{
				$user_logged=$user->checkUserLog($db, "NO");
			}
		//CONSTRUCT OUR MENU SCRIPT FOR THIS USER
Exemplo n.º 2
0
//
$thumb = $_REQUEST['thumb'];
$thumb_size = $_REQUEST['thumb_size'];
//LOCATION - DEFAULT TO ../../files/, CANNOT BE ABOVE THE FILES DIRECTORY
$location = $_REQUEST['location'];
$thumb_location = $_REQUEST['location'] . "thumbs/";
//WHERE THE FILE IS GONNA BE PLACED
$target_path = "../{$location}";
$thumb_path = "../{$location}/thumbs/";
$oldfile = basename($_FILES['Filedata']['name']);
//GRAB THE EXTENSION
$pos = strpos($oldfile, ".", 0);
$ext = strtolower(trim(substr($oldfile, $pos + 1, strlen($oldfile)), " "));
//CHECK TO SEE IF THE FILE IS ALLOWED TO BE UPLOADED TO THIS DIREICTORY
$sql = "SELECT * FROM \n                " . $cfg->db_prefix . "_files \n            WHERE\n              extension = 'folder' AND\n              location = '{$location}'";
$results = $db->DB_Q_C($sql);
$row = mysql_fetch_array($results);
$allowed = $row['note'];
if ($allowed == "all" || $allowed == "images" && ($ext == "gif" || $ext == "jpg" || $ext == "jpeg" || $ext == "png" || $ext == "wbmp") || $allowed == "media" && ($ext == "swf" || $ext == "wmv" || $ext == "move") || $allowed == "documents" && ($ext == "ppt" || $ext == "pps" || $ext == "zip" || $ext == "doc" || $ext == "txt" || $ext == "pdf" || $ext == "rar")) {
    //CREATE THE SYSTEM NAME
    $sql = "SELECT id FROM " . $cfg->db_prefix . "_files ORDER BY id DESC";
    $results = $db->DB_Q_C($sql);
    $total_files = mysql_fetch_array($results);
    $total_files[0]++;
    $sys_name = "file_" . $total_files[0] . "." . $ext;
    //CONSTRUCT FINAL DEST PATH
    $target_path = $target_path . $sys_name;
    //
    if (move_uploaded_file($_FILES['Filedata']['tmp_name'], $target_path)) {
        //CREATE A UNIX TIMESTAMP
        $stamp = time();