Changeset 345 for trunk/upload.php

Timestamp:

Feb 2, 2004, 1:55:18 AM (20 years ago)

Author:

gweltas

Message:

Merge of the 1.3.1 release
Creation of an unique include file (common.php)
Creation of an unique define file (include/constants.php)
Modification of the installation procedure

File:

• trunk/upload.php (modified) (10 diffs)

trunk/upload.php

@@ -17 +17 @@
  *                                                                         *
  ***************************************************************************/
+
+//----------------------------------------------------------- include
+$phpwg_root_path = './';
+include_once( $phpwg_root_path.'common.php' );
 
 //------------------------------------------------------------------- functions
@@ -95 +99 @@
     @unlink( $temp_name );
   }
+  else
+  {
+        @chmod( $temp_name, 0644);
+  }
   return $result;
 }       
-//----------------------------------------------------------- personnal include
-include_once( './include/init.inc.php' );
+
 //-------------------------------------------------- access authorization check
 check_login_authorization();
@@ -110 +117 @@
   $page['cat_name']       = $result['name'];
   $page['cat_uploadable'] = $result['uploadable'];
-}
-else
-{
-  $access_forbidden = true;
-}
-if ( $access_forbidden == true
-     or $page['cat_site_id'] != 1
+if ( $page['cat_site_id'] != 1
      or !$conf['upload_available']
      or !$page['cat_uploadable'] )
@@ -125 +126 @@
   exit();
 }
+}
 //----------------------------------------------------- template initialization
-$vtp = new VTemplate;
+//
+// Start output of page
+//
+$title= $lang['upload_title'];
+include('include/page_header.php');
 $handle = $vtp->Open( './template/'.$user['template'].'/upload.vtp' );
 initialize_template();
@@ -165 +171 @@
     array_push( $error, $lang['upload_err_username'] );
   }
-
+  
+  $date_creation = '';
   if ( $_POST['date_creation'] != '' )
   {
@@ -190 +197 @@
   $xml_infos.= ' name="'.htmlspecialchars( $_POST['name'], ENT_QUOTES).'"';
   $xml_infos.= ' />';
+
+  if ( !preg_match( '/^[a-zA-Z0-9-_.]+$/', $_FILES['picture']['name'] ) )
+  {
+    // reload language file with administration labels
+    $isadmin = true;
+    include( './language/'.$user['language'].'.php' );
+    array_push( $error, $lang['update_wrong_dirname'] );
+  }
   
   if ( sizeof( $error ) == 0 )
@@ -196 +211 @@
                                $conf['upload_maxwidth'],
                                $conf['upload_maxheight']  );
-    $upload_type = $result['type'];
     for ( $j = 0; $j < sizeof( $result['error'] ); $j++ )
     {
@@ -238 +252 @@
                              $conf['upload_maxwidth_thumbnail'],
                              $conf['upload_maxheight_thumbnail']  );
-  $upload_type = $result['type'];
   for ( $j = 0; $j < sizeof( $result['error'] ); $j++ )
   {
@@ -348 +361 @@
     $vtp->setGlobalVar( $handle, 'user_mail_address',$user['mail_address'] );
     // name of the picture
+        if (isset($_POST['name']))
     $vtp->setVar( $handle, 'fields.name', $_POST['name'] );
     // author
+        if (isset($_POST['author']))
     $vtp->setVar( $handle, 'fields.author', $_POST['author'] );
     // date of creation
+        if (isset($_POST['date_creation']))
     $vtp->setVar( $handle, 'fields.date_creation', $_POST['date_creation'] );
     // comment
+        if (isset($_POST['comment']))
     $vtp->setVar( $handle, 'fields.comment', $_POST['comment'] );
 
@@ -374 +391 @@
 $code = $vtp->Display( $handle, 0 );
 echo $code;
+include('include/page_tail.php');
 ?>