Update of /cvsroot/openfirst/downloads
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv2790
Modified Files:
index.php
Log Message:
Bug #18. Added checks to make sure the file is writable. Not thoroughly tested (meaning an error has not been induced to try it).
Index: index.php
===================================================================
RCS file: /cvsroot/openfirst/downloads/index.php,v
retrieving revision 1.7
retrieving revision 1.8
diff -C2 -d -r1.7 -r1.8
*** index.php 25 Dec 2003 19:13:46 -0000 1.7
--- index.php 22 Mar 2005 20:37:29 -0000 1.8
***************
*** 30,33 ****
--- 30,34 ----
$images = true; // To show images or not
+ $uploaddir="$fbasepath/downloads/files/";
define("cols",3); // To show the number of columns per page
define("rows",2); // To show the number of rows
***************
*** 59,63 ****
$query = ofirst_dbquery("SELECT * FROM ofirst_downloadcat ORDER BY Category");
if(ofirst_dbnum_rows($query)!=0){
! echo("<div>Please select a category from the list below.<br><br></div>");
echo("<table width=400><tr><th>Categories</th></tr>");
echo('<tr><td><a href="'.$_SERVER["PHP_SELF"].'">');
--- 60,64 ----
$query = ofirst_dbquery("SELECT * FROM ofirst_downloadcat ORDER BY Category");
if(ofirst_dbnum_rows($query)!=0){
! echo("<div>Please select a category from the list below.<br /><br /></div>");
echo("<table width=400><tr><th>Categories</th></tr>");
echo('<tr><td><a href="'.$_SERVER["PHP_SELF"].'">');
***************
*** 85,89 ****
$cat = ofirst_dbfetch_object($query);
echo("<h1>$cat->Category</h1>");
! echo("<div>$cat->Description<br><br></div>");
$category=$cat->Category;
}
--- 86,90 ----
$cat = ofirst_dbfetch_object($query);
echo("<h1>$cat->Category</h1>");
! echo("<div>$cat->Description<br /><br /></div>");
$category=$cat->Category;
}
***************
*** 95,99 ****
$numfiles=ofirst_dbnum_rows($query);
if ($numfiles!=0){
! echo("<br><br><table><tr><th colspan=".cols.">$cattitle</th></tr><tr><td colspan=".cols.">");
$file = ofirst_dbfetch_object($query);
--- 96,100 ----
$numfiles=ofirst_dbnum_rows($query);
if ($numfiles!=0){
! echo("<br /><br /><table><tr><th colspan=".cols.">$cattitle</th></tr><tr><td colspan=".cols.">");
$file = ofirst_dbfetch_object($query);
***************
*** 169,183 ****
if($admin){
! echo('<br><br><form action=admin/upload.php method=POST enctype="multipart/form-data">
! <table width=400><tr><th colspan=2>Add File</th></tr>');
! echo('<tr><td>
<label for=Title><b>Title</b></label></td><td><input name=Title id=Title></td></tr>
<tr><td><label for=newfile><b>File</b></label></td><td><input type=file name=newfile id=newfile>
! <input name=Category type=hidden value="'.$category.'"></td></tr>
<tr><td><label for=Description><b>Description</b></label></td><td><textarea name=Description id=Description></textarea></td></tr>
<tr><td> </td><td><input type=checkbox name=db id=db value="1"><label for=db>Store in database</label></td></tr>
<tr><td colspan=2 align=center><input type=submit value="Add File">
! </td></tr>');
! echo("</table></form>");
}
--- 170,189 ----
if($admin){
! if (!is_writable($uploaddir)) {
! echo '<div class="warning">The save directory "'.htmlencode($uploaddir).'" is not writable!<br />
! This must be fixed before any files can be uploaded!</div>';
! }
! ?><br /><br /><form action=admin/upload.php method=POST enctype="multipart/form-data">
! <table width=400><tr><th colspan=2>Add File</th></tr>
! <tr><td>
<label for=Title><b>Title</b></label></td><td><input name=Title id=Title></td></tr>
<tr><td><label for=newfile><b>File</b></label></td><td><input type=file name=newfile id=newfile>
! <input name=Category type=hidden value="<?php echo htmlentities($category); ?>"></td></tr>
<tr><td><label for=Description><b>Description</b></label></td><td><textarea name=Description id=Description></textarea></td></tr>
<tr><td> </td><td><input type=checkbox name=db id=db value="1"><label for=db>Store in database</label></td></tr>
<tr><td colspan=2 align=center><input type=submit value="Add File">
! </td></tr>
! </table></form>
! <?php
}
|
