get ("usergroup");
if (!$user_group) {
$user_group = array ();
$db->query("SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC");
while($row = $db->get_row()){
$user_group[$row['id']] = array ();
foreach ($row as $key => $value)
{
$user_group[$row['id']][$key] = $value;
}
}
$cache->set ("usergroup", $user_group);
$db->free();
}
include_once SYSTEM_DIR.'/modules/sitelogin.php';
$result = $db->super_query("SELECT * FROM " . PREFIX . "_forum_forums WHERE id = '$fid'");
$access_upload = $result['access_upload'];
$access_upload = explode(":", $access_upload);
if (!in_array($member_id['user_group'], $access_upload)){die("Hacking attempt!");}
$access_mod = $result['access_mod'];
$access_mod = explode(":", $access_mod);
if (!in_array($member_id['user_group'], $access_mod))
{
$db_file_author = " AND file_author = '{$member_id['name']}'";
}
else
{
$db_file_author = "";
}
$forum_config['tools_upload'] = explode (':', $forum_config['tools_upload']);
if ($forum_config['tools_upload'])
{
if (in_array($member_id['user_group'], $forum_config['tools_upload']))
{
$upload_file_access = TRUE;
} else
{
$upload_file_access = FALSE;
}
}
// TPL //
echo <<
Uploads
HTML;
echo <<
function insertfile(selected_id)
{
attachment = "[attachment=" + selected_id + "]";
parent.doInsert(attachment, '', false); window.focus();
};
function insertaudio(onserver)
{
audio = "[audio=" + onserver + "]";
parent.doInsert(audio, '', false); window.focus();
};
function insertvideo(onserver)
{
video = "[video=" + onserver + "]";
parent.doInsert(video, '', false); window.focus();
};
HTML;
$DIR = 0;
$is_file = 0;
$is_image = 0;
$send_link = "?area=$area&fid=$fid&tid=$tid&pid=$pid";
$maxupload = mksize($forum_config['img_size']*1024);
if ($do == "add")
{
$allowed_images = array("gif", "jpg", "png", "jpe", "jpeg");
$allowed_files = explode(',', $forum_config['upload_type']);
$file_name = totranslit($_FILES['attachment']['name']);
$file_explode = explode(".",$file_name);
$file_type = strtolower(end($file_explode));
$attachment_size = $_FILES['attachment']['size'];
if (in_array($file_type, $allowed_images) AND $forum_config['img_upload']){
if ($attachment_size < ($forum_config['img_size']*1024)){
$is_image = TRUE;
$DIR = "images/";
}else{
$image_size_error = true;
}
}
if (in_array($file_type, $allowed_files) AND $upload_file_access){
$is_file = TRUE;
$DIR = "files/";
}
if ($is_file OR $is_image){
$uploadfile = UPLOAD_DIR.$DIR.basename($file_name);
if (move_uploaded_file($_FILES['attachment']['tmp_name'], $uploadfile)){
$file_name = totranslit($_FILES['attachment']['name']);
$file_size = $_FILES['attachment']['size'];
}
if (file_exists(UPLOAD_DIR . $DIR . $file_name)){
if ($is_file){
$ftype = 'file';
$file_rename = time()."_".totranslit($file_name);
}else{
$ftype = 'image';
$file_rename = time().".".$file_type;
}
rename(UPLOAD_DIR . $DIR . $file_name, UPLOAD_DIR . $DIR . $file_rename);
if ($is_image)
{
include_once SYSTEM_DIR.'/classes/thumb.class.php';
$thumb = new thumbnail(UPLOAD_DIR.$DIR.$file_rename);
if ($thumb->size_auto($forum_config['thumb_size']))
{
$thumb->jpeg_quality($forum_config['jpeg_quality']);
$thumb->save(UPLOAD_DIR."thumbs/".$file_rename);
$ftype = 'thumb';
@chmod (UPLOAD_DIR."thumbs/".$file_rename, 0666);
}
}
$db->query("INSERT INTO " . PREFIX . "_forum_files (file_type, forum_id, topic_id, post_id, file_name, onserver, file_author, file_date, file_size) values ('$ftype', '$fid', '$tid', '$pid', '$file_name', '$file_rename', '$member_id[name]' , '".time()."', '$file_size')");
@chmod (UPLOAD_DIR.$DIR.$file_rename, 0666);
$upload_info = "Файл $file_name загружен.";
}
else
{
$upload_info = "Невозможно загрузить файл на сервер!";
}
}
else
{
if ($image_size_error)
{
$upload_info = "Слишком большое изображение!";
}
else
{
$upload_info = "Не допустимый формат файла!";
}
}
}
if ($do == "del" and $del)
{
foreach ($del as $file_id)
{
$file_id = intval($file_id);
if ($file_id) $del_id[$file_id] = $file_id;
}
$del_list = implode(',', $del_id);
$result = $db->query("SELECT * FROM " . PREFIX . "_forum_files WHERE file_id IN ({$del_list})".$db_file_author);
while ($row = $db->get_row($result))
{
if ($row['file_type'] == "file")
{
unlink(UPLOAD_DIR."files/".$row['onserver']);
}
elseif ($row['file_type'] == "thumb")
{
unlink(UPLOAD_DIR."thumbs/".$row['onserver']);
unlink(UPLOAD_DIR."images/".$row['onserver']);
}
else
{
unlink(UPLOAD_DIR."images/".$row['onserver']);
}
$db->query("DELETE FROM " . PREFIX . "_forum_files WHERE file_id = '$row[file_id]' LIMIT 1");
}
}
echo "
";
echo "";
echo <<
HTML;
?>