get ("usergroup"); if (!$user_group) { $user_group = array (); $db->query("SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC"); while($row = $db->get_row()){ $user_group[$row['id']] = array (); foreach ($row as $key => $value) { $user_group[$row['id']][$key] = $value; } } $cache->set ("usergroup", $user_group); $db->free(); } include_once SYSTEM_DIR.'/modules/sitelogin.php'; $result = $db->super_query("SELECT * FROM " . PREFIX . "_forum_forums WHERE id = '$fid'"); $access_upload = $result['access_upload']; $access_upload = explode(":", $access_upload); if (!in_array($member_id['user_group'], $access_upload)){die("Hacking attempt!");} $access_mod = $result['access_mod']; $access_mod = explode(":", $access_mod); if (!in_array($member_id['user_group'], $access_mod)) { $db_file_author = " AND file_author = '{$member_id['name']}'"; } else { $db_file_author = ""; } $forum_config['tools_upload'] = explode (':', $forum_config['tools_upload']); if ($forum_config['tools_upload']) { if (in_array($member_id['user_group'], $forum_config['tools_upload'])) { $upload_file_access = TRUE; } else { $upload_file_access = FALSE; } } // TPL // echo << Uploads HTML; echo << function insertfile(selected_id) { attachment = "[attachment=" + selected_id + "]"; parent.doInsert(attachment, '', false); window.focus(); }; function insertaudio(onserver) { audio = "[audio=" + onserver + "]"; parent.doInsert(audio, '', false); window.focus(); }; function insertvideo(onserver) { video = "[video=" + onserver + "]"; parent.doInsert(video, '', false); window.focus(); }; HTML; $DIR = 0; $is_file = 0; $is_image = 0; $send_link = "?area=$area&fid=$fid&tid=$tid&pid=$pid"; $maxupload = mksize($forum_config['img_size']*1024); if ($do == "add") { $allowed_images = array("gif", "jpg", "png", "jpe", "jpeg"); $allowed_files = explode(',', $forum_config['upload_type']); $file_name = totranslit($_FILES['attachment']['name']); $file_explode = explode(".",$file_name); $file_type = strtolower(end($file_explode)); $attachment_size = $_FILES['attachment']['size']; if (in_array($file_type, $allowed_images) AND $forum_config['img_upload']){ if ($attachment_size < ($forum_config['img_size']*1024)){ $is_image = TRUE; $DIR = "images/"; }else{ $image_size_error = true; } } if (in_array($file_type, $allowed_files) AND $upload_file_access){ $is_file = TRUE; $DIR = "files/"; } if ($is_file OR $is_image){ $uploadfile = UPLOAD_DIR.$DIR.basename($file_name); if (move_uploaded_file($_FILES['attachment']['tmp_name'], $uploadfile)){ $file_name = totranslit($_FILES['attachment']['name']); $file_size = $_FILES['attachment']['size']; } if (file_exists(UPLOAD_DIR . $DIR . $file_name)){ if ($is_file){ $ftype = 'file'; $file_rename = time()."_".totranslit($file_name); }else{ $ftype = 'image'; $file_rename = time().".".$file_type; } rename(UPLOAD_DIR . $DIR . $file_name, UPLOAD_DIR . $DIR . $file_rename); if ($is_image) { include_once SYSTEM_DIR.'/classes/thumb.class.php'; $thumb = new thumbnail(UPLOAD_DIR.$DIR.$file_rename); if ($thumb->size_auto($forum_config['thumb_size'])) { $thumb->jpeg_quality($forum_config['jpeg_quality']); $thumb->save(UPLOAD_DIR."thumbs/".$file_rename); $ftype = 'thumb'; @chmod (UPLOAD_DIR."thumbs/".$file_rename, 0666); } } $db->query("INSERT INTO " . PREFIX . "_forum_files (file_type, forum_id, topic_id, post_id, file_name, onserver, file_author, file_date, file_size) values ('$ftype', '$fid', '$tid', '$pid', '$file_name', '$file_rename', '$member_id[name]' , '".time()."', '$file_size')"); @chmod (UPLOAD_DIR.$DIR.$file_rename, 0666); $upload_info = "Файл $file_name загружен."; } else { $upload_info = "Невозможно загрузить файл на сервер!"; } } else { if ($image_size_error) { $upload_info = "Слишком большое изображение!"; } else { $upload_info = "Не допустимый формат файла!"; } } } if ($do == "del" and $del) { foreach ($del as $file_id) { $file_id = intval($file_id); if ($file_id) $del_id[$file_id] = $file_id; } $del_list = implode(',', $del_id); $result = $db->query("SELECT * FROM " . PREFIX . "_forum_files WHERE file_id IN ({$del_list})".$db_file_author); while ($row = $db->get_row($result)) { if ($row['file_type'] == "file") { unlink(UPLOAD_DIR."files/".$row['onserver']); } elseif ($row['file_type'] == "thumb") { unlink(UPLOAD_DIR."thumbs/".$row['onserver']); unlink(UPLOAD_DIR."images/".$row['onserver']); } else { unlink(UPLOAD_DIR."images/".$row['onserver']); } $db->query("DELETE FROM " . PREFIX . "_forum_files WHERE file_id = '$row[file_id]' LIMIT 1"); } } echo "
"; echo "

"; echo ""; echo " "; echo ""; echo "
"; if (!$upload_info) $upload_info = "Максимальный размер для одного файла: $maxupload"; echo "

$upload_info

"; echo "

"; echo "
Загруженные файлы"; echo "
"; echo ""; $db->query("SELECT * FROM " . PREFIX . "_forum_files WHERE topic_id = '$tid' AND file_attach = '0'".$db_file_author." OR post_id = '$pid'".$db_file_author); while ($row = $db->get_row()) { $file_title = mksize($row['file_size'])." (Загрузил: {$row['file_author']})"; $on_server = $config['http_home_url'].'uploads/forum/files/'.$row['onserver']; $type = file_type($row['onserver']); if ($type == 'mp3') { $insert_ob = " [audio]"; } elseif(in_array($type, $allowed_video)) { $insert_ob = " [video]"; } else { $insert_ob = ""; } echo ""; $row_count++; } echo "
$row[file_name]{$insert_ob}  
"; if ($row_count){ echo "
"; } else { echo "
Ни одного файла не загружено."; } echo "
"; echo "
"; echo << HTML; ?>