<?

include_once "./setting.php";
include_once $global["root"] . "/include/handle.php";
include_once $global["root"] . "/include/print_array.php";

include_once $global["root"] . "/lib/Site.php";

$Site = new Site;
$Site->init("mail");

include_once $global["lang"] . "/" . $_SESSION["config_lang"] . ".php";

extract($_POST);

// escape error.
if (trim($title) == "" or trim($comment) == "") goprev();
if (trim($directory_num) == "") goprev();

if ($_FLIES["userfile"]["size"] > 0) {
	// upload files
	$uploadDir = $global["data"] . "/doc/" . $_SESSION["config_id"];
	if (! is_dir($uploadDir)) {
		mkdir($uploadDir);
	}

	$storedFilename = mktime().mt_rand(0,20);
	if (! move_uploaded_file($_FILES["userfile"]["tmp_name"],
			$uploadDir . "/" . $storedFilename)) {

		goprev();
	} else {
		// remove old file.
		$oldfile = $uploadDir . "/" . $old_filename;

		if (file_exists($oldfile)) {
			if (!unlink($oldfile)) { // if removing file failed,
				$logfile = fopen($uploadDir . "/unlink.log", "a");
				fwrite($logfile, "** - unlink failed, fliename is '" . $oldfile . "'");
				fclose($logfile);
			}
		}

		$uploadOK = true;
	}
}

$Site->DB->transaction_start(true);

if ($uploadOK) {
	$SQL_UPDATE_DOC =
		"update doc_%s set
				realname = '%s', storedname = '%s', size = '%s',
				mime_type = '%s', author = '%s', date = '%s',
				comment = '%s', title = '%s' where no = '%s'";

	$sql = sprintf($SQL_UPDATE_DOC, $_SESSION["config_id"],
			addslashes($_FILES["userfile"]["name"]),
			$storedFilename, $_FILES["userfile"]["size"],
			addslashes($_FILES["userfile"]["type"]), addslashes($author),
			addslashes($author),
			mktime(), addslashes($comment), addslashes($title), $doc_num);
} else {
	$SQL_UPDATE_DOC =
		"update doc_%s set
				author = '%s',
				date = '%s', comment = '%s', title = '%s' where no = '%s'";

	$sql = sprintf($SQL_UPDATE_DOC, $_SESSION["config_id"],
	addslashes($author)
				mktime(), addslashes($comment), addslashes($title), $doc_num);
}

$Site->DB->query($sql);
$retval = $Site->DB->retval;
$Site->DB->close();

if (! $retval) {
	$Site->end1();

	goprev();
} else {
	$url = sprintf("Location: %s/mail?no=%s&pg=%s",
		$_SESSION["user_www_url"], $_SESSION["user_directory"],
		$_SESSION["user_page_number"]);

	$Site->end1();

	Header($url);
	exit;
}

/*
Description
-----------

	$directory_num
	$title
	$comment

	$_FILES["userfile"]["size"]
	$_FILES["userfile"]["type"]
	$_FILES["userfile"]["tmp_name"]
	$_FILES["userfile"]["error"]
	$_FILES["userfile"]["name"]

Author
------
 Spike^ekipS <spike@spikeekips.net>

Changelog
---------

Usage
-----

*/

?>
