Prof. Dr. Ing. EUGEN LUPU

Uploading...
'; $param = stripslashes($_GET['p']); $menu = stripslashes($_GET['m']); $submenu = stripslashes($_GET['sm']); $table = stripslashes($_POST['table']); $noCourse = str_replace("'","\'",stripslashes($_POST['noCourse'])); $titleCourse = str_replace("'","\'",stripslashes($_POST['titleCourse'])); $descCourse = str_replace("'","\'",stripslashes($_POST['descCourse'])); $newCode = ""; $newNo = ""; $code = ""; if(isset($_POST['visibility'])) $hiddenVal = 0; else $hiddenVal = 1; if($table=="course") { $newCode = "CourseCode"; $newNo = "CourseNo"; } else if($table=="laboratory") { $newCode = "LabCode"; $newNo = "LabNo"; } $adm1n->dbconnect(); if($param=="") { do { $code = $adm1n->getRand(5); $result = $adm1n->qry("SELECT ".$newCode." from ".$table." where ".$newCode."=".$code); } while(mysql_num_rows($result)>0); $qry = "INSERT INTO ".$table." (".$newCode.", ".$newNo.", Name, SubmenuCode, Hidden, Description) VALUES (".$code.", '".$noCourse."', '".$titleCourse."', ".$submenu.",".$hiddenVal.", '".$descCourse."')"; $insertCourse = mysql_query($qry) or die ("Insert error: 1 ".mysql_error()); } else { $code = $param; $qry = "UPDATE ".$table." SET ".$newNo."='".$noCourse."', Name='".$titleCourse."', Description='".$descCourse."', Hidden=".$hiddenVal." WHERE ".$newCode."=".$code; $updateCourse = mysql_query($qry) or die ("Update error: 1 ".mysql_error()); } $adm1n->dbconnect(); if($_POST['linkuri'] != "") foreach($_POST['linkuri'] as $link) { $link_code=""; do { $link_code = $adm1n->getRand(5); $result = $adm1n->qry("SELECT LinkCode from links where LinkCode=".$link_code); } while(mysql_num_rows($result)>0); $qry = "INSERT INTO links (LinkCode, Name, Address, Position, ".$newCode.") VALUES (".$link_code.", '".$link."', '".$link."', 'bottom', ".$code." )"; $insertLinks = mysql_query($qry) or die ("Insert error: 2 ".mysql_error()); } $adm1n->dbconnect(); $dir_path=""; $res_dir = $adm1n->qry("select m.Name, s.SubmenuName, c.".$newNo." from menu_element as m inner join submenu_element as s inner join ".$table." as c on m.MenuCode=s.MenuCode and s.SubmenuCode=c.SubmenuCode where s.SubmenuCode=".$submenu." and m.MenuCode=".$menu." and ".$newCode."=".$code); $row_dir = mysql_fetch_array($res_dir); $menuName=str_replace(" ", "_", $row_dir['Name']); $menuSubname=str_replace(" ", "_", $row_dir['SubmenuName']); $courseNo=str_replace(" ", "_", $row_dir[$newNo]); $dir_path=$menuName."/".$menuSubname."/".$courseNo."/"; $dir_path = str_replace(" ", "_", $dir_path); if(!file_exists("upload/".$dir_path)) { if(!file_exists("upload/")) { mkdir("upload/"); chmod("upload/", 0777); } if(!file_exists("upload/".$menuName."/")) { mkdir("upload/".$menuName."/"); chmod("upload/".$menuName."/", 0777); } if(!file_exists("upload/".$menuName."/".$menuSubname."/")) { mkdir("upload/".$menuName."/".$menuSubname."/"); chmod("upload/".$menuName."/".$menuSubname."/", 0777); } if(!file_exists("upload/".$dir_path)) { mkdir("upload/".$dir_path); chmod("upload/".$dir_path, 0777); } } $adm1n->dbconnect(); if($_FILES['file_course']['name'] != "") { $filename = $_FILES['file_course']['name']; //display echo '- '.$filename.' - Uploading...'; $filename=str_replace(" ","_",$filename); $path = "upload/".$dir_path."$filename"; copy($_FILES['file_course']['tmp_name'], $path); chmod($path, 0777); //display echo ' - Done...
'; $file_code=""; do { $file_code = $adm1n->getRand(5); $result = $adm1n->qry("SELECT FileCode from files where FileCode=".$file_code); } while(mysql_num_rows($result)>0); $qry = "INSERT INTO files (FileCode, Name, Address, Position, ".$newCode.") VALUES (".$file_code.", '".$filename."', '".$path."', 'left', ".$code." )"; $insertCourseFile = mysql_query($qry) or die ("Insert error: 3 ".mysql_error()); } while(list($key,$value) = each($_FILES[upfile][name])) { if(!empty($value)) { $filename = $value; //display echo '- '.$filename.' - Uploading...'; $filename=str_replace(" ","_",$filename); $add = "upload/".$dir_path."$filename"; copy($_FILES[upfile][tmp_name][$key], $add); chmod($add, 0777); //display echo ' - Done...
'; $file_code=""; do { $file_code = $adm1n->getRand(5); $result = $adm1n->qry("SELECT FileCode from files where FileCode=".$file_code); } while(mysql_num_rows($result)>0); $qry = "INSERT INTO files (FileCode, Name, Address, Position, ".$newCode.") VALUES (".$file_code.", '".$filename."', '".$add."', 'bottom', ".$code." )"; $insertFiles = mysql_query($qry) or die ("Insert error: 4 ".mysql_error()); } } echo ""; ?>