File size: 5.33Kb
<?
foreach (array('start', 'compress', 'sess', 'settings', 'db_connect', 'ipua', 'fnc', 'user') as $inc) {
require_once "../../../sys/inc/$inc.php";
}
only_reg('/reg.php');
$num=1;
if(isset($_GET['id']) && $pdo->query(("SELECT COUNT(*) FROM `soo` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"),0)->fetchColumn()==1)
{
$soo = $pdo->query(("SELECT * FROM `soo` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
$id=intval($_GET['id']);
$dir=intval($_GET['dir']);
if($soo['private_fileadd']==0){
$fileadd = $pdo->query(("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user`='$user[id]' AND `mod` = '1' LIMIT 1"),0)->fetchColumn()==0 && $user['id']!=$soo['admid'];
}elseif($soo['private_fileadd']==1){
$fileadd = $pdo->query(("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user`='$user[id]' AND `mod` = '1' LIMIT 1"),0)->fetchColumn()==0 && $user['id']!=$soo['admid'];
}elseif($soo['private_fileadd']==2){
$fileadd = $pdo->query(("SELECT COUNT(*) FROM `soo_users` WHERE `id_soo` = '$soo[id]' AND `id_user`='$user[id]' AND `mod` = '1' LIMIT 1"),0)->fetchColumn()==0 && $user['id']!=$soo['admid'];
}
if($soo['private_fileadd']==$soo['private_fileadd'] && $fileadd)
{}else{
$set['title']='Файлы группы'; // заголовок страницы
include_once '../../../sys/inc/thead.php';
$soo = $pdo->query(("SELECT * FROM `soo` WHERE `id` = '".intval($_GET['id'])."' LIMIT 1"))->fetch(PDO::FETCH_ASSOC);
#Навигация
echo "<div class='card-header'>";
echo "<a href='/' data-toggle='tooltip' data-placement='right' title='" . lang('На главную') . "'><i class='fa fa-home fa-lg'></i></a> <i class='fa fa-angle-right fa-fw'></i> ";
echo "<a href='/modules/groups/group.php?id=$soo[id]'>$soo[name]</a> <i class='fa fa-angle-right fa-fw'></i> ";
echo lang('Файлы');
echo "</div>";
$file_id = $pdo->query("SELECT * FROM `soo_dir` WHERE `id` = '$dir' LIMIT 1")->fetch(PDO::FETCH_ASSOC);
////////////////////////////
if ($soo['id']==$soo['id'] && isset($_GET['act']) && $_GET['act']=='delete' && isset($_GET['ok'])){
$q2=$pdo->query("SELECT * FROM `soo_files` WHERE `dir` = '$dir'");
while ($post = $q2->fetch(PDO::FETCH_ASSOC)){
unlink(H.'/sys/groups/file/'.htmlspecialchars($post['id']).'.'.htmlspecialchars($post['ras']).'');
}
$pdo->query("DELETE FROM `soo_files` WHERE `dir` = '$dir'");
$pdo->query("DELETE FROM `soo_dir` WHERE `id` = '$dir'");
header('Location: /modules/groups/file/index.php?id='.htmlspecialchars($soo['id']).'');
}
if ($soo['id']==$soo['id'] && isset($_GET['act']) && $_GET['act']=='rename' && isset($_GET['ok']) && isset($_POST['name'])){
echo "<div class='list-group-item'>";
if ($_POST['name']==NULL)$err[]= "Введите название папки";
if(!isset($err)){
$pdo->query("UPDATE `soo_dir` SET `name`='".htmlspecialchars($_POST['name'])."' WHERE `id` = '".intval($_GET['dir'])."' LIMIT 1");
header('Location: /modules/groups/file/index.php?id='.htmlspecialchars($soo['id']).'');}
echo "</div>";
}
if ($soo['id']==$soo['id'] && isset($_GET['act']) && $_GET['act']=='new' && isset($_GET['ok']) && isset($_POST['name'])){
echo "<div class='list-group-item'>";
if ($_POST['name']==NULL)$err[]= "Введите название папки";
if(!isset($err)){
$pdo->query("INSERT INTO `soo_dir` (`name` , `dir` , `id_user`, `id_soo`) VALUES ('".htmlspecialchars($_POST['name'])."', '".intval($_GET['dir'])."', '$user[id]', '$soo[id]')");
header('Location: /modules/groups/file/index.php?id='.htmlspecialchars($soo['id']).'');}
echo "</div>";
}
err();
if ($soo['id']==$soo['id'] && isset($_GET['act']) && $_GET['act']=='new')
{
echo "<div class='list-group-item'>";
echo "<form action='?id=$soo[id]&dir=$dir&act=new&ok' method=\"post\">";
echo "Название папки:<br />\n";
echo "<input class='form-control' type='text' name='name' value='' />\n";
echo "<br /><input class='knopka' type='submit' value='Создать папку' /> \n";
echo "</form>";
echo "</div>";
}
$file_id = $pdo->query("SELECT * FROM `soo_dir` WHERE `id` = '$dir' LIMIT 1")->fetch(PDO::FETCH_ASSOC);
if ($soo['id']==$soo['id'] && isset($_GET['act']) && $_GET['act']=='rename')
{
echo "<div class='list-group-item'>";
echo "<form action='?id=$soo[id]&dir=$dir&act=rename&ok' method=\"post\">";
echo "Название папки:<br />\n";
echo "<input class=\"form-control\" type=\"text\" name=\"name\" value=\"".htmlspecialchars($file_id['name'], ENT_QUOTES, 'UTF-8')."\"/><br />\n";
echo "<input class=\"knopka\" type=\"submit\" value=\"Переименовать\" /><br />\n";
echo "</form>";
echo "</div>";
}
if ($soo['id']==$soo['id'] && isset($_GET['act']) && $_GET['act']=='delete')
{
echo "<div class='list-group-item'>";
echo "Удалить текущую папку <b>".htmlspecialchars($file_id['name'])."</b>?<br /><br />\n";
echo "<a class='knopka' href='?id=$soo[id]&dir=".intval($_GET['dir'])."&act=delete&ok'>Удалить</a>";
echo "</div>";
}
}
}
else
{
$set['title']='Ошибка 404'; // заголовок страницы
include_once '../../../sys/inc/thead.php';
err404();
}
include_once '../../../sys/inc/tfoot.php';
?>