# ################################################## if (!defined('EXPONENT')) { exit(''); } $resource = null; $iloc = null; if (isset($_POST['id'])) { $resource = $db->selectObject('resourceitem', 'id=' . intval($_POST['id'])); if ($resource) { $loc = unserialize($resource->location_data); $iloc = exponent_core_makeLocation($loc->mod, $loc->src, $resource->id); } } if ($resource == null && exponent_permissions_check('post', $loc) || $resource != null && exponent_permissions_check('edit', $loc) || $iloc != null && exponent_permissions_check('edit', $iloc)) { $resource = resourceitem::update($_POST, $resource); $resource->location_data = serialize($loc); if (!isset($resource->id)) { $resource->rank = intval($_POST['rank']); $db->increment('resourceitem', 'rank', 1, "location_data='" . serialize($loc) . "' AND rank >= " . $resource->rank); } if (!isset($resource->file_id)) { $directory = 'files/resourcesmodule/' . $loc->src; $file = file::update('file', $directory, null, time() . '_' . $_FILES['file']['name']); if (is_object($file)) { $resource->file_id = $db->insertObject($file, 'file'); $id = $db->insertObject($resource, 'resourceitem'); // Assign new perms on loc $iloc = exponent_core_makeLocation($loc->mod, $loc->src, $id); exponent_permissions_grant($user, 'edit', $iloc); exponent_permissions_grant($user, 'delete', $iloc);