function create_file($uid, $t, $name, $directory, $fid, $description)
{
$sql = "INSERT INTO file (tid, description) VALUES ({$t}, '{$description}')";
$db_array = db_query($sql);
$fid = mysql_insert_id();
$time = time_db(time_this());
$ip = $_SERVER['REMOTE_ADDR'];
$sql = "INSERT INTO file_change (tid, uid, version, time, ip, description) VALUES ({$t}, {$uid}, 1, '{$time}', '{$ip}', '{$description}')";
$db_array = db_query($sql);
return $fid;
}
logout();
login_return();
} else {
//set session for login
session_start();
$_SESSION["user"]["uid"] = $db_array[0]['uid'];
$_SESSION["user"]["title"] = $db_array[0]['title'];
$_SESSION["user"]["name_first"] = $db_array[0]['name_first'];
$_SESSION["user"]["name_middle"] = $db_array[0]['name_middle'];
$_SESSION["user"]["name_last"] = $db_array[0]['name_last'];
$_SESSION["user"]["name_nickname"] = $db_array[0]['name_nickname'];
$_SESSION["user"]["email"] = $db_array[0]['email'];
$_SESSION["user"]["password"] = $db_array[0]['password'];
$_SESSION["user"]["type"] = $db_array[0]['type'];
//record user's ip and login time
$sql = 'UPDATE user SET lastlogin_ip="' . $_SERVER['REMOTE_ADDR'] . '", lastlogin_time="' . time_db(time_this()) . '" WHERE ' . $login_by . '="' . $id . '" and password="******"';
db_query($sql);
//if ticked "remember me" then set cookie for next auto-login
if (receive('remember')) {
cookie_set('id', $id);
cookie_set('password', $password);
}
//if login by cookie, back to original page
if (isset($_GET['cookie'])) {
//back to the page before redirect to here by HTTP_REFERER
if (isset($_SERVER['HTTP_REFERER'])) {
$url = $_SERVER['HTTP_REFERER'];
} elseif (isset($_SESSION["system"]["login_from"])) {
$url = $_SESSION["system"]["login_from"];
} else {
$url = $after_login_redirect;
}
if (isset($_GET['o'])) {
$o = $_GET['o'];
}
if (isset($o)) {
if ($o == 'delete') {
delete_project($p);
success('successfully delete the project');
}
if ($o == 'create') {
if (isset($_POST['name'])) {
$uid = $_SESSION["user"]["uid"];
$name = $_POST['name'];
$priority = $_POST['priority'];
$start = time_db($_POST['start']);
$end = time_db($_POST['end']);
$description = $_POST['description'];
$tid = create_task($p, $uid, $name, $priority, $start, $end, $description);
goto_url("task.php?t={$tid}");
} else {
error('empty task name');
}
}
}
if (fetch_project($p) == FALSE) {
} else {
//project name, start/end time, page title, page sub title
$db_array = fetch_project($p);
$db_array_task = fetch_project_task($p);
$db_array_task_history = fetch_project_task_history($p);
$project_name = $db_array[0]['name'];
