$value) {
unset($file_keywords[$key]);
$key = intval($key);
if($value != "0_1") {
$file_keys .= (($file_keys) ? ":" : "").$key."_".intval($value);
$file_keywords[$key] = intval($value);
} else {
$file_error["keywords"][$key] = 1;
}
}
}
//starts upload of file
if(!is_uploaded_file($_FILES["file"]["tmp_name"])) {
$file_error["file"] = $BL['be_fprivup_err1'];
} else {
if($_FILES["file"]["size"] > $phpwcms["file_maxsize"]) {
$file_error["file"] = $BL['be_fprivup_err2']." ".number_format($phpwcms["file_maxsize"] / 1024, 2, ',', '.')." kB";
}
}
//Create new file in database and give hashed
if(!isset($file_error)) {
$fileExt = check_image_extension($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]);
$fileExt = $fileExt === false ? which_ext($_FILES["file"]["name"]) : $fileExt;
$fileName = clearfilename($_FILES["file"]["name"]);
$fileHash = md5( $fileName . microtime() );
$sql = "INSERT INTO ".DB_PREPEND."phpwcms_file (".
"f_pid, f_uid, f_kid, f_aktiv, f_public, f_name, f_created, f_size, f_type, f_ext, ".
"f_shortinfo, f_longinfo, f_keywords, f_hash, f_copyright, f_tags, f_granted, f_gallerystatus, f_sort) VALUES (".
$file_pid.", ".intval($_SESSION["wcs_user_id"]).", 1, ".$file_aktiv.", ".$file_public.", '".
$fileName."', '".time()."', '".intval($_FILES["file"]["size"])."', '".
aporeplace($_FILES["file"]["type"])."', '".$fileExt."', '".aporeplace($file_shortinfo)."', '".
aporeplace($file_longinfo)."', '".aporeplace($file_keys)."', '".aporeplace($fileHash)."', '".
aporeplace($file_copyright)."', '".aporeplace($file_tags)."', ".$file_granted.", ".
$file_gallerydownload.", ".$file_sort.")";
if($result = mysql_query($sql, $db) or die("error while insert file information")) {
$new_fileId = mysql_insert_id($db); //Festlegen der aktuellen File-ID
$wcs_newfilename = ($fileExt) ? $fileHash.'.'.$fileExt : $fileHash;
// changed for using hashed file names
$useruploadpath = PHPWCMS_ROOT.$phpwcms["file_path"];
$usernewfile = $useruploadpath.$wcs_newfilename;
if ($dir = @opendir($useruploadpath)) {
if(!@move_uploaded_file($_FILES["file"]["tmp_name"], $usernewfile)) {
$file_error["upload"] = $BL['be_fprivup_err3'].' (1)';
}
} else {
$oldumask = umask(0);
if(@mkdir($useruploadpath, 0777)) {;
if(!@move_uploaded_file($_FILES["file"]["tmp_name"], $usernewfile)) {
$file_error["upload"] = $BL['be_fprivup_err3'].' (2)';
}
} else {
$file_error["upload"] = $BL['be_fprivup_err4'];
}
umask($oldumask);
}
if(file_exists($usernewfile)) {
@chmod($usernewfile, 0666);
}
if(!isset($file_error["upload"])) {
// store tags
_dbSaveCategories($file_tags, 'file', $new_fileId, ',');
//after successful upload go back to clear post (form) var
headerRedirect(PHPWCMS_URL."phpwcms.php?do=files&f=0&uploaded=1");
} else {
echo $file_error["upload"]."
";
$file_error["upload"] = str_replace('{VAL}', $phpwcms["admin_email"], $BL['be_fprivup_err6']);
mysql_query("DELETE FROM ".DB_PREPEND."phpwcms_file WHERE f_id=".$new_fileId." AND f_uid=".$_SESSION["wcs_user_id"].";", $db);
}
}
}
if(!ini_get('safe_mode') && function_exists('set_time_limit')) set_time_limit(30);
}
//Ende Auswerten Formular
?>