<?php defined('ACCESS') OR die('No direct script access...');
/**
* Author - koder_alex
* ISQ - 669906617
* VK - https://vk.com/koder_alex
* It is forbidden to give, sell, modify.
*/
if((!isset($_SESSION['attachments' . $peer['id']]) && !is_array($_SESSION['attachments' . $peer['id']])) || $_SESSION['attachments' . $peer['id']]['hash'] != $hash)
redirect('/mail/?act=show&'.$_SESSION['attachments' . $peer['id']]['type'].'=' . $peer['id'], 'Ошибка доступа.', 'error');
$q = mysql_query("SELECT folder, name, tmp_name, extension FROM mail_files_vk WHERE `action` = 'prepare' AND `id_mail` = '0' AND `id_user` = '". $user['id'] ."' AND `id_kont` = '". $peer['id'] ."' LIMIT " . $config['max_uploads_file']);
$countFile = mysql_num_rows($q);
if($countFile >= $config['max_uploads_file'])
redirect('/mail/?act=show&'.$_SESSION['attachments' . $peer['id']]['type'].'=' . $peer['id'], 'Вы загрузили максимальное количество файлов на одно сообщение.', 'error');
if($_SERVER['REQUEST_METHOD'] == 'POST')
{
foreach($_FILES as $key => $item)
if(preg_match('/^file([0-9]+)$/i', $key))
if($item['tmp_name'])
{
$file = array(
'folder' => explode('/', $item['type']),
'name' => explode('.', $item['name'])
);
$file = array(
'folder' => array_shift($file['folder']),
'name' => array_shift($file['name']),
'extension' => array_pop($file['name']),
);
$file['tmp_name'] = md5_file($item['tmp_name']) . '.' . $file['extension'];
if(!is_dir(H . 'mail/files/' . $file['folder']))
mkdir(H . 'mail/files/' . $file['folder']);
if(!in_array($file['tmp_name'], array_diff(scandir(H . 'mail/files/' . $file['folder']), array('..', '.'))))
copy($item['tmp_name'], H . 'mail/files/' . $file['folder'] . '/' . $file['tmp_name']);
mysql_query("INSERT INTO `mail_files_vk` (`id_user`, `id_kont`, `time`, `name`, `tmp_name`, `extension`, `folder`, `type`, `size`) values('".$user['id']."', '".$peer['id']."', '".$time."', '".$file['name']."', '".$file['tmp_name']."', '".$file['extension']."', '".$file['folder']."', '".$item['type']."', '".$item['size']."')");
unset($file);
}
clearstatcache();
redirect('/mail/?act=show&'.$_SESSION['attachments' . $peer['id']]['type'].'=' . $peer['id']);
}
thead();
?><h4 class="slim_header">Загрузить файл</h4>
<div class="form_item upload_form">
<form action="/mail/?act=attachments&peer=<?= $peer['id'] ?>&hash=<?= $hash ?>" method="post" enctype="multipart/form-data">
<?
for ($i = 1; $i <= $config['max_uploads_file'] - $countFile; $i++)
{
?><div class="upload_row"><input type="file" class="upload_input" name="file<?= $i ?>"></div><?
}
?>
<div class="upload_row ibwrap">
<input type="submit" class="button" value="Загрузить файл"><a class="near_btn" href="/mail/?act=show&<?= $_SESSION['attachments' . $peer['id']]['type'] ?>=<?= $peer['id'] ?>">Назад</a>
</div>
</form>
</div>
<?php
if($countFile)
{
?>
<h4 class="slim_header">Прикрепленные объекты</h4>
<div class="attached_block"><div class="pi_medias">
<?
while ($post = mysql_fetch_assoc($q))
{
if($post['folder'] == 'reply')
{
?>
<div class="medias_row mr_x_wrap"><span class="medias_message_attach"> <?= des2num(count(explode(',', $post['name'])), array(' пересылаемое сообщение', ' пересылаемых сообщения', ' пересылаемых сообщений')) ?></span>
<div class="tu_cancel_wrap" onclick="return MessagesActions.reset(this, <?= $peer['id'] ?>, true);"><i class="tu_cancel"></i></div>
</div>
<?
}elseif($post['folder'] == 'image')
{
?>
<div class="medias_thumb thumb_item"><div class="thumb_img_wrap">
<img class="ph_img" src="/mail/file/<?= $post['folder'] ?>/<?= $post['tmp_name'] ?>/"></div>
<a class="media_action" href="/mail/?act=files&type=delete&object=<?= $post['folder'] ?>&hash=<?= $post['tmp_name'] ?>">Удалить</a></div>
<?
}
elseif($post['folder'] == 'audio')
{
?>
<div class="medias_row">
<span class="mr_label medias_link medias_audio">
<span class="medias_link_icon"><i class="i_icon i_audio"></i></span><span class="medias_link_label">Песня</span>
<span class="medias_audio_title"><?= $post['name'] ?>.<?= $post['extension'] ?></span></span>
<div class="media_action_row"><a class="media_action" href="/mail/?act=files&type=delete&object=<?= $post['folder'] ?>&hash=<?= $post['tmp_name'] ?>">Удалить</a></div>
</div>
<?
}elseif($post['folder'] == 'video')
{
?>
<div class="medias_row">
<span class="mr_label medias_link medias_audio">
<span class="medias_link_icon"><i class="i_icon i_doc"></i></span><span class="medias_link_label">Видео</span>
<span class="medias_audio_title"><?= $post['name'] ?>.<?= $post['extension'] ?></span></span>
<div class="media_action_row"><a class="media_action" href="/mail/?act=files&type=delete&object=<?= $post['folder'] ?>&hash=<?= $post['tmp_name'] ?>">Удалить</a></div>
</div>
<?
}
else
{
?>
<div class="medias_row"><span class="mr_label medias_link"> <span class="medias_link_icon"><i class="i_icon i_doc"></i></span><span class="medias_link_label">Файл</span><span class="medias_link_labeled medias_link_title"> <?= $post['name'] ?>.<?= $post['extension'] ?></span></span><div class="media_action_row"><a class="media_action" href="/mail/?act=files&type=delete&object=<?= $post['folder'] ?>&hash=<?= $post['tmp_name'] ?>">Удалить</a></div></div>
<?
}
}
?></div><a class="button wide_button" href="/mail/?act=show&<?= $_SESSION['attachments' . $peer['id']]['type'] ?>=<?= $peer['id'] ?>">Назад</a>
</div>
<?
}