Aug 13 2010, 10:07 AM
This is the current file:
AddMember.php:
AddMember.php:
PHP Code:
<?php
if(checkLogin(MEMBER_NAME, MEMBER_PASS) AND checkRank(MEMBER_RANK, $pid)) {
if($submit) {
echo "<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>";
if($fileurl == "" AND $downloadfile != "" AND is_numeric($type1) AND $name1 != "") {
$dlfilepath = basename($_FILES['downloadfile']['name']);
$dlextensions = getDownloadCatInfo("extension", $type1);
$totalextensions = substr_count($dlextensions, ",");
$passtest = 0;
if($totalextensions > 0) {
$dl_extensions = str_replace(" ", "", $dlextensions);
$dl_extensions = explode(",", $dl_extensions);
foreach($dl_extensions as $ext) {
$countext = strlen($ext);
$startpos = 0-$countext;
$testfile = substr($dlfilepath, $startpos);
if($testfile == $ext) { $passtest++; }
}
}
else {
$countext = strlen($dlextensions);
$startpos = 0-$countext;
$testfile = substr($dlfilepath, $startpos);
if($textfile == $ext) { $passtest++; }
}
if($passtest == 0) {
$diemessage = "The download could not be added. The file must be of type: $dlextensions";
die("<script language=\"Javascript\"> alert(\"$diemessage\"); window.location.href = 'console.php?pid=$pid'; </script>");
}
$failed = 0;
if(@move_uploaded_file($_FILES['downloadfile']['tmp_name'], "downloads/".$dlfilepath)) {
echo "<tr><td class='main'>File Uploaded Successfully!</td></tr>";
$failed = 0;
}
else {
echo "<tr><td class='main'>File Upload Failed!</td></tr>";
$failed = 1;
}
if($failed == 1) {
echo "<tr><td class='main'>File Upload Failed: The file was unable to be uploaded!</td></tr>";
}
else {
$filenamepath = "downloads/$dlfilepath";
$outsidelink = 0;
}
}
elseif($fileurl != "") {
$filenamepath = $fileurl;
$outsidelink = 1;
$failed = 0;
}
if(!is_numeric($type1) OR $name1 == "") { $failed = 1; }
if($failed == 0) {
foreach($_POST AS $key => $value) { ${$key} = addslashes(textFilter($value)); }
$time = time();
$query = "INSERT INTO {$dbprefix}downloads (name, description, type, poster, filename, outsidelink, adderip, dateadded) VALUES ('$name1', '$desc', '$type1', '$memid', '$filenamepath', '$outsidelink', '$ip', '$time')";
$result = mysql_query($query)
or die(mysql_error());
echo "
</table>
<script language=\"Javascript\">
alert(\"Success!\");
window.location.href = 'console.php';
</script>
";
}
else {
echo "
<tr><td class='main'>The download was not added to the database.</td></tr>
</table>
";
}
}
elseif(!$submit) {
$maxuploadsize = ini_get('upload_max_filesize')."B";
$downloadcats = getDownloads();
foreach($downloadcats as $download) {
$options .= "<option value='$download[1]'>$download[0]</option>";
}
$dispconsolename = getConsoleInfoByID("displayname", $pid);
echo "
<form action='console.php?pid=$pid' method='post' enctype='multipart/form-data'>
<table align='center' border='1' cellspacing='0' cellpadding='3' width='500' bordercolor='$bgcolor'>
<tr>
<td bordercolor='$bordercolor' background='themes/$theme/$bgimage' class='titles' align='center'><b>$dispconsolename</b></td>
</tr>
<tr>
<td bordercolor='$bordercolor' style='border-top-width: 0px' class='main'>
<blockquote>
<b>NOTE:</b> If both the Upload File and File URL are used, the File URL will be added to the database. It will overwrite any file with the same name.
<b>MAX UPLOAD SIZE: $maxuploadsize</b>
<center>
<table align='center' border='0' cellspacing='0' cellpadding='0' width='450'>
<tr>
<td class='main' width='150'><b>Upload File:</b></td>
<td class='main' width='300'><input type='file' name='downloadfile' class='form'></td>
</tr>
<tr><td align='center' class='main'>
<i>OR</i>
</td></tr>
<tr>
<td class='main' width='150'><b>File URL:</b></td>
<td class='main' width='300'><input type='text' name='fileurl' class='form'></td>
</tr>
<tr>
<td class='main' width='150'><b>Name:</b></td>
<td class='main' width='300'><input type='text' name='name1' class='form'></td>
</tr>
<tr>
<td class='main' width='150'><b>Type:</b></td>
<td class='main' width='300'><select name='type1' class='form'>$options</select></td>
</tr>
<tr>
<td class='main' width='150' valign='top'><b>Description:</b></td>
<td class='main' width='300'><textarea name='desc' rows='4' cols='40' class='form'></textarea></td>
</tr>
<tr>
<td colspan='2' class='main' align='center'>
<input type='submit' name='submit' value='Add Download'></td>
</tr>
</table>
</center>
</blockquote>
</td>
</tr>
</table>
</form>
";
}
}
else {
echo "
<table align='center' border='0' cellspacing='0' cellpadding='0' width='400'>
<tr>
<td class='main' align='center'>Your rank is not high enough to view this page</td>
</tr>
</table>
";
}
?>
му ηαмє ιѕ ¢αяℓσѕ