Файловый менеджер

Файловый менеджер - Редактировать - /home/umudio/public_html/OLD/uploaddoc.php

Назад
<?php if (isset($_POST["addpublication"])) { unset($temp); if(isset($_POST['addpublication'])){ $_POST['addpublication']=trim($_POST['addpublication']); if($_POST['addpublication']=="Add Publication") $temp=$_POST['addpublication']; } if(!isset($temp)){echo "Sorry! Wrong Data!"; exit();} $input_name="uploader"; $path="docs/temp"; $final="docs"; $photo=""; $newfilename=1; $handle=@opendir($final); if(!empty($handle)){ while(false!==($file=readdir($handle))){ if(is_file($final . "/" . $file)){ $newfilename++; } } } //closedir($handle); //global $_FILES; if(isset($_FILES)){ if(is_uploaded_file($_FILES[$input_name]["tmp_name"])){ $file_name=$_FILES[$input_name]["name"]; //$ext=(substr($file_name,(strlen($file_name)-3))); $ext_wit_dot = strrchr($file_name,"."); $ext=substr($ext_wit_dot,1); $new=$path . "/g" . $newfilename . "." . $ext; if ($ext=="doc" \|\| $ext=="pdf"){ move_uploaded_file($_FILES[$input_name]["tmp_name"],$path . "/" . $file_name); rename ($path . "/" . $file_name, $new); copy ($new, $final . "/g" . $newfilename . "." . $ext); unlink ($new); $doc="docs/g" . $newfilename . "." . $ext; if($_POST['titler']!='' && $doc!=""){ unset($temp); if(isset($_POST['titler'])){ $_POST['titler']=trim($_POST['titler']); if(preg_match('/^[a-zA-Z0-9^$.+\[\]{,}]/u',$_POST['titler'])) $temp=$_POST['titler']; } if(!isset($temp)){echo "Sorry! Wrong Data!"; exit();} $titler=$temp; $new_string=urlencode ($titler); $new_string=ereg_replace("%0D", "<br>", $new_string); $new_string=ereg_replace("%22", """, $new_string); $new_string=ereg_replace("%27", "&#39", $new_string); $titler=urldecode ($new_string); $dater=date('Y-m-d'); $archived="No"; $sql=sprintf("insert into publications (titler, specs, archived, dater) VALUES ('%s', '$doc', '$archived', '$dater')", mysql_real_escape_string($titler)); if (mysql_query($sql)){ $bb="<p>Record Successfully added</p>"; } else { $bb="<p>Unable to create your record: " . mysql_error() . "</p>"; } } } } } } if(isset($_POST['editpublication'])){ unset($temp); if(isset($_POST['editpublication'])){ $_POST['editpublication']=trim($_POST['editpublication']); if($_POST['editpublication']=="Edit Publication Profile") $temp=$_POST['editpublication']; } if(!isset($temp)){echo "Sorry! Wrong Data!"; exit();} unset($temp); if(isset($_POST['titler'])){ $_POST['titler']=trim($_POST['titler']); if(preg_match('/^[a-zA-Z0-9^$.+\[\]{,}]/u',$_POST['titler'])) $temp=$_POST['titler']; } if(!isset($temp)){echo "Sorry! Wrong Data!"; exit();} $titler=$temp; $new_string=urlencode ($titler); $new_string=ereg_replace("%0D", "<br>", $new_string); $new_string=ereg_replace("%22", """, $new_string); $new_string=ereg_replace("%27", "&#39", $new_string); $titler=urldecode ($new_string); unset($temp); if(isset($_POST['sn'])){ $_POST['sn']=trim($_POST['sn']); if(preg_match('/^[0-9]/u',$_POST['sn'])){ settype($_POST['sn'], 'int'); $temp=(int)$_POST['sn']; } } if(!isset($temp)){echo "Sorry! Wrong Data!"; exit();} $id=$temp; $sql=sprintf("update publications set titler='%s' where sn = %s", mysql_real_escape_string($titler), mysql_real_escape_string($id)); if (mysql_query($sql)){ $bb="<p>Record Successfully Edited</p>"; } else { $bb="<p>Unable to edit your record: " . mysql_error() . "</p>"; } } ?>

| ver. 1.4 | Github | . | PHP 5.6.40 | Генерация страницы: 0 | proxy | phpinfo | Настройка