forked from avscms/avscms
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathupload.php
executable file
·84 lines (73 loc) · 2.65 KB
/
upload.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<?php
define('_VALID', true);
require 'include/config.php';
require 'include/function_global.php';
require 'include/function_smarty.php';
require 'classes/auth.class.php';
require 'classes/email.class.php';
if (isset($new_permisions['upload_video'])) {
if ($new_permisions['upload_video'] == 0) {
VRedirect::go($config['BASE_URL']. '/notfound/upload_permission');
}
}
$auth = new Auth();
$auth->check();
$auth->confirm();
$sql = "SELECT * FROM signup WHERE UID = " .intval($_SESSION['uid']). " LIMIT 1";
$rs = $conn->execute($sql);
if ( !$conn->Affected_Rows() == 1 ) {
VRedirect::go($config['BASE_URL']. '/notfound/user_missing');
}
$user = $rs->getrows();
$user = $user['0'];
$username = $user['username'];
$uid = intval($user['UID']);
$sql = "SELECT * FROM users_online WHERE UID = " .$uid. " AND online > " .(time()-300). " LIMIT 1";
$rs = $conn->execute($sql);
if ( $conn->Affected_Rows() == 1 )
$online = true;
else
$online = false;
$module = NULL;
$modules = array('default', 'video', 'photo');
$request = ( isset($_SERVER['REQUEST_URI']) ) ? $_SERVER['REQUEST_URI'] : NULL;
$request = ( isset($_SERVER['QUERY_STRING']) ) ? str_replace('?' .$_SERVER['QUERY_STRING'], '', $request) : $request;
$query = explode('/', $request);
if ( is_array($query) ) {
foreach ( $query as $key => $value ) {
if ( $value == 'upload' ) {
$module = ( isset($query[$key+1]) ) ? $query[$key+1] : 'default';
if ( !in_array($module, $modules) ) {
VRedirect::go($config['BASE_URL']. '/notfound/missing');
}
}
}
}
function getAnonymousUID()
{
global $conn;
$sql = "SELECT UID FROM signup WHERE username = 'anonymous' LIMIT 1";
$rs = $conn->execute($sql);
return intval($rs->fields['UID']);
}
if ( $module == 'default' ) {
$module_template = 'upload.tpl';
} else {
$module_template = 'upload_' .$module. '.tpl';
require $config['BASE_DIR']. '/modules/upload/' .$module. '.php';
}
$smarty->assign('self_title', $seo['upload_title']);
$smarty->assign('self_description', $seo['upload_desc']);
$smarty->assign('self_keywords', $seo['upload_keywords']);
$smarty->assign('errors',$errors);
$smarty->assign('messages',$messages);
$smarty->assign('menu', 'upload');
$smarty->assign('submenu', '');
$smarty->assign('user', $user);
$smarty->assign('online', $online);
$smarty->assign('username', $username);
$smarty->loadFilter('output', 'trimwhitespace');
$smarty->display('header.tpl');
$smarty->display($module_template);
$smarty->display('footer.tpl');
?>