Пример #1
0
function upload_files($files)
{
    global $CONFIG_uploads_mode;
    if (empty($files[name]) || !$CONFIG_uploads_mode) {
        $attachs_name = "";
        $upload_error = "";
    } else {
        global $CP, $lang, $CONFIG_uploads_size, $CONFIG_uploads_folder;
        if (eregi(".htm|.html|.shtm|.shtml|.js|.jse|.vb|.php|.php3|.php4|.php5|.asp|.aspx|.jsp|.sql", $files[name])) {
            $upload_error = "<font color=\"red\">{$lang['Upload_Type_Error']}</font><br /><br />";
            $attachs_name = "";
        } else {
            if (($files[size] > $CONFIG_uploads_size * 1024 || $files[size] == 0) && !checkprivilege_action($CP[login_id], g_upload_nonlimit)) {
                $upload_error = "<font color=red>{$lang['Upload_Limit']}</font><br /><br />";
                $attachs_name = "";
            } else {
                $attachs_name = truestr($files['name']);
                if ($attachs_name && move_uploaded_file($files['tmp_name'], "{$CONFIG_uploads_folder}/[" . $CP[login_id] . "]" . $attachs_name . "")) {
                    $upload_error = "";
                } else {
                    $upload_error = "<font color=red>There was a problem uploading your file.</font><br /><br />";
                    $attachs_name = "";
                }
            }
        }
    }
    return array('name' => $attachs_name, 'error' => $upload_error);
}
Пример #2
0
                 $display = "{$lang['No_aclv']}";
             }
         } else {
             $display = "CP can not delete this group";
         }
         redir("index.php?act=privilege&code=03", $display, 3);
     } else {
         $display = "{$lang['No_privilege']}";
         redir("index.php?act=privilege", $display, 3);
     }
 } else {
     if ($GET_code == 04 && $POST_g_1) {
         if (checkprivilege_action($CP[login_id], g_add_privilege)) {
             $POST_g_1 = checkstring($POST_g_1, 1);
             $POST_g_2 = truestr($POST_g_2);
             $POST_g_3 = truestr($POST_g_3);
             for ($i = 2; $i <= MAX_GROUP_PRIVILEGE; $i++) {
                 $g_name = "POST_g_" . $i . "";
                 ${$g_name} = mysql_res(${$g_name});
             }
             $sql->execute_query("INSERT INTO {$CONFIG_sql_cpdbname}.groups VALUES ('',\n\t\"{$POST_g_1}\",\n\t\"{$POST_g_2}\",\n\t\"{$POST_g_3}\",\n\t\"{$POST_g_4}\",\n\t\"{$POST_g_5}\",\n\t\"{$POST_g_6}\",\n\t\"{$POST_g_7}\",\n\t\"{$POST_g_8}\",\n\t\"{$POST_g_9}\",\n\t\"{$POST_g_10}\",\n\t\"{$POST_g_11}\",\n\t\"{$POST_g_12}\",\n\t\"{$POST_g_13}\",\n\t\"{$POST_g_14}\",\n\t\"{$POST_g_15}\",\n\t\"{$POST_g_16}\",\n\t\"{$POST_g_17}\",\n\t\"{$POST_g_18}\",\n\t\"{$POST_g_19}\",\n\t\"{$POST_g_20}\",\n\t\"{$POST_g_21}\",\n\t\"{$POST_g_22}\",\n\t\"{$POST_g_23}\",\n\t\"{$POST_g_24}\",\n\t\"{$POST_g_25}\",\n\t\"{$POST_g_26}\",\n\t\"{$POST_g_27}\",\n\t\"{$POST_g_28}\",\n\t\"{$POST_g_29}\",\n\t\"{$POST_g_30}\",\n\t\"{$POST_g_31}\",\n\t\"{$POST_g_32}\",\n\t\"{$POST_g_33}\",\n\t\"{$POST_g_34}\",\n\t\"{$POST_g_35}\",\n\t\"{$POST_g_36}\",\n\t\"{$POST_g_37}\",\n\t\"{$POST_g_38}\")", 'privilege_action.php');
             $sql->total_query++;
             $display = "{$lang['Success_addprivilege']}";
             redir("index.php?act=privilege&code=03", $display, 3);
         } else {
             $display = "{$lang['No_privilege']}";
             redir("index.php?act=privilege", $display, 3);
         }
     } else {
         redir("index.php?act=privilege", "{$lang['Error']}", 3);
     }