".htmlspecialchars($file['name'])."") ); $title = trim($_POST["title"]); if ($title == "") { $title = substr($file["name"], 0, strrpos($file["name"], ".")); if (!$title) $title = $file["name"]; } $r = mysql_query("SELECT id FROM dox WHERE title=" . sqlesc($title)) or sqlesc(); if (mysql_num_rows($r) > 0) stderr( _("Error"), sprintf( _("A file with the title %s already exists!"), "".htmlspecialchars($title)."") ); $url = $_POST["url"]; if ($url != "") if (substr($url, 0, 7) != "http://" && substr($url, 0, 6) != "ftp://") stderr( _("Error"), sprintf( _("The URL %s does not seem to be valid."), "" . htmlspecialchars($url) . "") ); if (!move_uploaded_file($file["tmp_name"], "$DOXPATH/$file[name]")) stderr( _("Error"), _("Failed to move uploaded file. You should contact an administrator about this error.") ); setcookie("doxurl", $url, 0x7fffffff); $title = sqlesc($title); $filename = sqlesc($file["name"]); $uppedby = $CURUSER["id"]; $size = $file["size"]; $url = sqlesc($url); mysql_query("INSERT INTO dox (title, filename, added, uppedby, size, url) VALUES($title, $filename, NOW(), $uppedby, $size, $url)") or sqlerr(); header("Location: dox.php"); die; } if (get_user_class() >= UC_VIP) { $delete = $HTTP_GET_VARS["delete"]; if (is_valid_id($delete)) { $r = mysql_query("SELECT filename,uppedby FROM dox WHERE id=$delete") or sqlerr(__FILE__, __LINE__); if (mysql_num_rows($r) == 1) { $a = mysql_fetch_assoc($r); if (get_user_class() >= UC_MODERATOR || $a["uppedby"] == $CURUSER["id"]) { mysql_query("DELETE FROM dox WHERE id=$delete") or sqlerr(__FILE__, __LINE__); if (!unlink("$DOXPATH/$a[filename]")) stderr( _("Warning"), sprintf( _("Unable to unlink file: %s. You should contact an administrator about this error."), "".$a['filename']."") ); } } } } stdhead( _("Dox") ); print("

"._("Dox")."

\n"); $res = mysql_query("SELECT * FROM dox ORDER BY added DESC") or sqlerr(); if (mysql_num_rows($res) == 0) print("

"._('Sorry, nothing here pal :(')."

"); else { print("

\n"); print("" . "\n"); $mod = get_user_class() >= UC_MODERATOR; while ($arr = mysql_fetch_assoc($res)) { $r = mysql_query("SELECT username FROM users WHERE id=$arr[uppedby]") or sqlerr(); $a = mysql_fetch_assoc($r); $title = "\n"; $added = "\n"; $size = "\n"; $hits = "\n"; $uppedby = "\n"; print("$title$added$size$hits$uppedby\n"); } print("
"._('Title').""._('Date').""._('Time').""._('Size').""._('Hits').""._('Upped by')."
" . htmlspecialchars($arr["title"]) . "" . ($mod || $arr["uppedby"] == $CURUSER["id"] ? " [Delete]" : "") ."" . substr($arr["added"], 0, 10) . "" . substr($arr["added"], 10) . "" . mksize($arr['size']) . "" . number_format($arr['hits']) . "$a[username]

\n"); print("

"._('Files are automatically deleted after 14 days')."

\n"); } if (get_user_class() >= UC_UPLOADER) { $url = $HTTP_COOKIE_VARS["doxurl"]; $maxfilesize = ini_get("upload_max_filesize"); begin_main_frame(); begin_frame("Upload", true); print("
\n"); print("\n"); print("\n"); print("\n"); /* print("\n"); */ print("\n"); print("
"._('File')."
("._('Maximum file size').": ".$maxfilesize.")
"._('Title')."
("._('Optional, taken from file name if not specified.').")
Download URL
(Optional, specifies a primary FTP/HTTP download location. You can substitute ". "the file name part with an asterisk (*), e.g. http://www.URSITE.com/files/*)
\n"); print("
\n"); end_frame(); end_main_frame(); } stdfoot(); ?>