this is my code please find the error and reply me. thanks
<?php
session_start();
ob_start();
//print_r($_REQUEST);
//print_r($_SESSION);
error_reporting(0);
include("includes/conn.php");
header('Content-Language: en-us');
header('Content-Type: text/html; charset=utf-8');
if($_POST['opt']=='logout'){
$_SESSION['username'] == "";
session_unset();
session_destroy();
//require_once("login.php");
}
// echo $_FILES["logo"]['name'];
//if($opt=='Create')
include("includes/conn.php");
/*
$opt_multiple = $_REQUEST['opt_multiple'];
foreach($opt_multiple as $key => $value){
$b.= $value . ",";
}
echo $a = substr($b, 0, -1);
*/
function getFileExtensions($file_name){
return substr(strrchr($file_name,'.'),1);
}
function delete_directory($dirname) {
if($dirname!='' && $dirname!='/' && $dirname!='.' && $dirname!='..' && $dirname!='../../Storage' && $dirname!='../../Storage/'){
if (is_dir($dirname))
$dir_handle = opendir($dirname);
if (!$dir_handle)
return false;
while($file = readdir($dir_handle)) {
if ($file != "." && $file != ".."){
if (!is_dir($dirname."/".$file)){
$fileExt = getFileExtensions($file);
if($fileExt!='php' && $fileExt!='js' && $fileExt!='css' && $fileExt!='jar' && $fileExt!='htaccess' && $fileExt!='' ){
unlink($dirname."/".$file);
}
}else{
delete_directory($dirname.'/'.$file);
}
}
}
closedir($dir_handle);
rmdir($dirname);
}
return true;
}
function getFolder($path){
$fol="";
$iterator = new RecursiveIteratorIterator(
new RecursiveDirectoryIterator($path),
RecursiveIteratorIterator::SELF_FIRST);
foreach($iterator as $file) {
if($file->isDir()) {
$exp=explode("/",$file->getRealpath());
$fol.=end($exp).",";
}
}
return $fol;
}
if($_FILES["logo"]['name']!=""){
$img = $_FILES["logo"]['name'];
$soruce = $_FILES["logo"]['tmp_name'];
$target = "/image/logo/".$img;
$homepageimage=post_img($_FILES['logo']['name'],$_FILES['logo']['tmp_name'],"image/logo");
//move_uploaded_file($source,$target);
//die();
}
//session variables
$uname = $_SESSION['username'];
$userid = $_SESSION['userid'];
$assign_admin = $_SESSION['assign_admin'];
$access_rights = $_SESSION['access_rights'];
$user_cc1 = $_SESSION['user_cc1'];
$max_account = $_SESSION['max_account'];
$permission_id=$_SESSION['permission_id'];
// max number
/*$select_user_to = mysql_query("select * from userdetails where user_to='".$_SESSION['username']."' and assign_admin='0'");
echo $my_num_user = mysql_num_rows($select_user_to);
$sql_max = mysql_query("select * from userdetails where username ='".$_SESSION['username']."'");
$res_max = mysql_fetch_array($sql_max);
echo $max_account = $res_max['max_account'];
if($max_account <= $my_num_user){
echo $msg = "error";
}else{
echo $msg="allowed";
}
die();*/
//ajax server functions
function SaveNote($fle_path,$note){
//echo "update dirdetails set note='$note' where path='$fle_path'";
if(mysql_query("update dirdetails set note='$note' where path='$fle_path'")){
header("Location:index.php");
die();
//return $fle_path;
}else{
header("Location:index.php");
die();
//return $note;
}
}
function AddNotes($fle_path,$txtid){
$listarray = array();
$listarray[0] = $txtid;
$r1 = mysql_query("select note from dirdetails where path='$fle_path'");
if($r=mysql_fetch_array($r1)){
$listarray[1]=trim($r['note']);
return $listarray;
}else{
$listarray[1]='empty';
return $listarray;
}
}
function user_pass($opt,$val){
if($opt=='userPass'){
$sql = "SELECT * FROM userdetails WHERE userid='".$val."'";
$res = mysql_query($sql);
$arr = mysql_fetch_array($res);
$getVal[] = $val;
$getVal[] = $arr['password'];
return $getVal;
}
}
function UDC_Folderaccess($opt,$txtFolderAccess,$folderChk,$assignUserChk){
/*
print_r($txtFolderAccess);
echo "<br><br>";
print_r($folderChk);
echo "<br><br>";
print_r($assignUserChk);
echo "<br><br>";
*/
if($opt == 'folder_access'){
if($txtFolderAccess == "Assign"){
$folderChk = explode(",",$folderChk);
$assignUserChk = explode(",",$assignUserChk);
for($d=0; $d<count($assignUserChk); $d++){
$selSql = "SELECT * FROM userdetails WHERE userid='".$assignUserChk[$d]."'";
$resSql = mysql_query($selSql);
$objSql = mysql_fetch_object($resSql);
$current_folder_access = explode(",",$objSql->user_cc1);
$mergeArray = array_merge($folderChk, $current_folder_access);
$uniqueArray = array_unique($mergeArray);
$uniqueVal = implode(",",$uniqueArray);
$sqlUpd = "UPDATE userdetails set user_cc1='$uniqueVal' WHERE userid='".$assignUserChk[$d]."'";
$resUpd = mysql_query($sqlUpd);
if($resUpd){ $getResult = "success"; }else{ $getResult = "Failure"; }
$getRemoveArr = '';
$getRemoveobj = '';
/*--------------------------update folders-------------------------------*/
for($u=0;$u<count($folderChk);$u++){
$mulUser = "select * from tbl_userfolders where username='$folderChk[$u]'";
$re_mulUser = mysql_query($mulUser);
$resMul = mysql_fetch_array($re_mulUser);
$mulArr = $resMul['folders'];
}
$sql = mysql_query("UPDATE userdetails SET user_cc1 = concat(user_cc1,',$mulArr') WHERE userid='".$assignUserChk[$d]."'");
$selsql = mysql_query("SELECT * FROM userdetails WHERE userid='".$assignUserChk[$d]."'");
$resSql = mysql_fetch_array($selsql);
$arrSql = explode(",",$resSql['user_cc1']);
$arrUniq = array_unique($arrSql);
$arrImplode = implode(",",$arrUniq);
/*---------------Unique Updation----------------*/
$sql = mysql_query("UPDATE userdetails SET user_cc1 = '$arrImplode' WHERE userid='".$assignUserChk[$d]."'");
/*--------------------------update folders end-------------------------------*/
}
}else if($txtFolderAccess == "Unassign"){
$folderChk = explode(",",$folderChk);
$assignUserChk = explode(",",$assignUserChk);
for($d=0; $d<count($assignUserChk); $d++){
$selSql = "SELECT * FROM userdetails WHERE userid='".$assignUserChk[$d]."'";
$resSql = mysql_query($selSql);
$objSql = mysql_fetch_object($resSql);
$current_folder_access = explode(",",$objSql->user_cc1);
for($k=0; $k<count($current_folder_access); $k++){
if(!in_array($current_folder_access[$k],$folderChk)){
$getRemoveArr[] = $current_folder_access[$k];
}
}
$getRemoveobj = implode(",",$getRemoveArr);
$sqlUpd = "UPDATE userdetails set user_cc1='$getRemoveobj' WHERE userid='".$assignUserChk[$d]."'";
$resUpd = mysql_query($sqlUpd);
if($resUpd){ $getResult = "success"; }else{ $getResult = "Failure"; }
$getRemoveArr = '';
$getRemoveobj = '';
}
}
echo $getResult;
}
return false;
}
//function UDC_User($opt,$v_name,$v_user,$v_email,$v_dir,$v_pass,$v_rights,$v_adminright)
function UDC_User($opt,$v_name,$v_user,$v_email,$v_usertype,$v_pass,$v_rights,$folder,$v_perm){
if($opt=='Update'){
if($folder=="")
$folder.= $_SESSION['username'];
else
$folder.=','.$_SESSION['username'];
$arrFol = explode(",",$folder);
$arrCount = count($arrFol);
$folderSet = "";
for($f=0;$f<count($arrFol);$f++){
$selFol = mysql_query("SELECT * FROM tbl_userfolders WHERE username='$arrFol[$f]'");
$numFol = mysql_num_rows();
$resFol = mysql_fetch_array($selFol);
if($selFol!=0){
$folderSet.= $resFol['folders'].",";
}
}
$trimFolder = trim($folderSet,",");
$result = mysql_query("update userdetails set name='$v_name',email='$v_email',password='$v_pass',user_cc1='$folder,$trimFolder', access_rights='$v_rights',permission_id='$v_perm' where username='$v_user'");
$updtaccess=mysql_query("UPDATE tbl_useraccess SET useraccess='$folder' WHERE username='$v_user'");
//if($result){ $}else{}
/*
if($_SESSION['user_cc1'] == ""){
$sql = mysql_query("UPDATE userdetails SET user_cc1 = concat(user_cc1,'$folder') WHERE username='$v_user'");
}elseif($_SESSION['user_cc1'] != ""){
$sql = mysql_query("UPDATE userdetails SET user_cc1 = concat(user_cc1,',$folder') WHERE username='$v_user'");
}
*/
}elseif($opt=='Delete'){
$sql = mysql_query("select * from userdetails where username='$v_user'");
$result = mysql_fetch_array($sql);
$ed_dirname = $result['dirname'];
$ed_username = $result['username'];
$deldir = $ed_dirname . "/" . $ed_username;
delete_directory($deldir);
mysql_query("delete from userdetails where username='$v_user'");
mysql_query("DELETE FROM tbl_auditdetails WHERE userName='$v_user'");
}elseif($opt=='userDelete'){
$sql = mysql_query("select * from userdetails where username='$v_user'");
$result = mysql_fetch_array($sql);
$ed_dirname = $result['dirname'];
$ed_username = $result['username'];
$deldir = $ed_dirname . "/" . $ed_username;
delete_directory($deldir);
mysql_query("delete from userdetails where username='$v_user'");
mysql_query("DELETE FROM tbl_auditdetails WHERE userName='$v_user'");
mysql_query("DELETE FROM tbl_useraccess WHERE username='$v_user'");
}else if($opt=='Create'){
//Folder Access
/*$opt_multiple = $_REQUEST['opt_multiple'];
foreach($opt_multiple as $key => $value){
$b.= $value . ",";
}$a = substr($b, 0, -1);
*/
//if($max_account != $my_num_user)
//{
/*----------------Create User------------------------*/
$max_account = $fetch_admin['max_account'];
$select_admin = mysql_query("select * from userdetails where username='$v_user'");
$my_num_admin = mysql_num_rows($select_admin);
$fetch_admin = mysql_fetch_array($select_admin);
if($my_num_admin > 0){
$msg = "User are already exists";
echo "<script language=javascript>alert('User already exists.')</script>";
}else{
$select_user_to = mysql_query("select * from userdetails where user_to='".$_SESSION['username']."' and assign_admin='0'");
$my_num_user = mysql_num_rows($select_user_to);
$sql_max = mysql_query("select * from userdetails where username ='".$_SESSION['username']."'");
$res_max = mysql_fetch_array($sql_max);
$max_account = $res_max['max_account'];
if($max_account <= $my_num_user){
$msg = "error";
}else{
//$storagedir = "../../Storage/".$_SESSION['username']."/".$v_user;
$storagedir = "../../Storage/".$_SESSION['username'];
if($folder==""){
$folder.= $_SESSION['username'];
}else{
$folder.=','.$_SESSION['username'];
}
$subFol="";
$exp=explode(",",$folder);
for($f=0;$f<count($exp)-1;$f++){
$v_path="../../Storage/".$_SESSION['username']."/".$exp[$f];
$subFol.=getFolder($v_path);
}
if($v_usertype!="User"){
if(mkdir("../../Storage/".$_SESSION['username']."/".strtolower($v_user),0777)){
// $storagedir = "../../Storage/".$v_adminright."/".$v_user;
$sqluser = "insert into userdetails(name,username,password,email,dirname,user_to,user_cc1,user_cc2,assign_admin,access_rights,photo,max_account,total_disk, permission_id) values('".$v_name."','".strtolower($v_user)."','".$v_pass."','".$v_email."','".$storagedir."','".$_SESSION['username']."','$folder','','0','".$v_rights."','','','','".$v_perm."')";
$rsuser = mysql_query($sqluser) or die(mysql_error());
$sqlid = mysql_insert_id();
// mysql_query("insert into userdetails (name,username,password,email,dirname,user_to,assign_admin,access_rights) values ('$v_name','$v_user','$v_pass','$v_email','$storagedir','$v_adminright',0,'$v_rights')") or die("mysql error".mysql_error());
}
}else{
$sqluser = "insert into userdetails(name,username,password,email,dirname,user_to,user_cc1,user_cc2,assign_admin,access_rights,photo,max_account,total_disk, permission_id) values('".$v_name."','".strtolower($v_user)."','".$v_pass."','".$v_email."','".$storagedir."','".$_SESSION['username']."','$subFol$folder','','0','".$v_rights."','','','','".$v_perm."')";
$rsuser = mysql_query($sqluser) or die(mysql_error());
$sqlid = mysql_insert_id();
$userAcess="insert into tbl_useraccess (username,usertype,useraccess,date) values('".strtolower($v_user)."','User','$folder',now())";
$re_userAcess=mysql_query($userAcess);
}
}
}
/*----------------Create User End------------------------*/
//}
}
return false;
}
function Get_Dirname($uname_dir){
$res_dir1=mysql_query("select dirname from userdetails where username='$uname_dir'");
$res_dir=mysql_fetch_array($res_dir1);
return $res_dir['dirname'];
}
function post_img($fileName,$tempFile,$targetFolder){
if ($fileName!=""){
if(!(is_dir($targetFolder)))
mkdir($targetFolder);
$counter=0;
$NewFileName=$fileName;
if(file_exists($targetFolder."/".$NewFileName))
{
do
{
$counter=$counter+1;
$NewFileName=$counter."-".$fileName;
}
while(file_exists($targetFolder."/".$NewFileName));
}
copy($tempFile, $targetFolder."/".$NewFileName);
return $NewFileName;
}
}
function UDC_admin($opt,$v_name,$v_user,$v_pass,$v_email,$v_logo,$v_admin,$v_maxno,$v_totaldisk){
//$homepageimage=post_img($_FILES['logo']['name'],$_FILES['logo']['tmp_name'],"image/logo");
$img = $_FILES["logo"]['name'];
$soruce = $_FILES["logo"]['tmp_name'];
$target = "/image/logo/".$img;
$homepageimage=post_img($_FILES['logo']['name'],$_FILES['logo']['tmp_name'],"image/logo");
if($opt=='Create'){
$select_admin = mysql_query("select * from userdetails where username='$v_user'");
$my_num_admin = mysql_num_rows($select_admin);
if($my_num_admin > 0){
$msg = "User are already exists";
echo "<script language=javascript>alert('User are already exist.')</script>";
}else{
if(mkdir("../../Storage/".$v_user,0777)){
$dir = "../../Storage/".$v_user;
mysql_query("insert into userdetails(name,username,password,email,dirname,assign_admin,access_rights,photo,max_account,total_disk)
values('$v_name','$v_user','$v_pass','$v_email','$dir','$v_admin',3,'$v_logo','$v_maxno','$v_totaldisk')");
}
}
}
return false;
}
function UDC_update($opt,$v_name,$v_user,$v_email,$v_maxno,$v_selectadmin,$v_totaldisk,$v_pass){
if($opt=='Update'){
mysql_query("update userdetails set name='$v_name',email='$v_email',max_account='$v_maxno',assign_admin='$v_selectadmin',total_disk='$v_totaldisk',password='$v_pass' where username='$v_user'");
}else if($opt=='Delete'){
$sql = mysql_query("select * from userdetails where username='$v_user'");
$result = mysql_fetch_array($sql);
$ed_dirname = $result['dirname'];
delete_directory($ed_dirname);
mysql_query("delete from userdetails where username='$v_user'");
}
return;
}
if(isset($_POST['update_all'])){
$folder1 = $_POST['opt_multiple1'];
// print_r($folder1);
if(!isset($folder1))
{
//echo("<p>You didn't select any folders!</p>\n");
}
else
{
foreach($folder1 as $key => $value){
//echo($aCountries[$i] . ",");
$folder.=",".$value;
}
}
// echo $folder;
$uname1=$_SESSION['username'];
//mysql_query("delete from userdetails where userid='122'");
//echo "update userdetails set `user_cc1`=CONCAT(user_cc1,',$folder') where user_to ='$uname1'";
$sqlfolder="update userdetails set user_cc1=CONCAT(user_cc1,'$folder') where user_to ='$uname1'";
$rsfolder=mysql_query($sqlfolder) or die(mysql_error());
//exit;
//mysql_query("update userdetails set `user_cc1`=CONCAT(user_cc1,'$folder') where user_to ='$uname1'") or die(mysql_error());
}
//------------------------- user folder updation function------------------------------------//
if(isset($_SESSION['username'])){
$fols="";
if($_SESSION['username']!="admin"){
$selUser=mysql_query("select * from tbl_useraccess where username='".$_SESSION['username']."'");
$numUser=mysql_num_rows($selUser);
if($numUser!=0){
$resUser=mysql_fetch_array($selUser);
$expl=explode(",",$resUser['useraccess']);
for($x=0;$x<count($expl);$x++){
if($expl[$x]!="admin" && $expl[$x]!=""){
$link = "../../Storage/admin/".$expl[$x];
$fols.=trim(getFolder($link),",").",$expl[$x]";
}
}
$updt = mysql_query("update userdetails set user_cc1='admin,$fols' where username='".$_SESSION['username']."'");
}else{
$link = "../../Storage/admin/".$_SESSION['username'];
$fols=trim(getFolder($link),",").",".$_SESSION['username'];
$updt = mysql_query("update userdetails set user_cc1='admin,$fols' where username='".$_SESSION['username']."'");
}
}
}
//------------------------- user folder updation function end------------------------------------//
?>
<?php
if($_POST['opt']=='createzipfile') {
require_once("createzip.php");
}
include_once("ajax/ajaxagent/agent.php");
$agent->init();
?>
<html>
<head>
<style type="text/css">
/* =========================================================================
For any free or commercial usage please keep this credits text intact.
Author : Femi Hasani [url]www.vision.to[/url] ,test idea and CSS code.
The original version of this stylesheet and the associated (x)html
is available at [url]http://www.vision.to/simple-css-one-level-dropdown-menu.php[/url]
A link to [url]www.vision.to[/url] would be apperciated but not mandatory.
=============================================================================== */
#navigation ul#nav {
z-index: 5000;
float:right;
margin-right:5px;
display:inline;
}
#navigation ul#nav li {
list-style:none;
float: left;
text-align: center;
line-height: 1em;/* width:175px;*/
}
#navigation ul#nav li a {
display: block;
color: #333;
text-decoration: none;
text-align: center;
}
#navigation ul#nav li a span {
/*padding: 0 15px 0 10px;*/
/* background: url(arrow.gif) no-repeat 100% 50%; optional */
}
#navigation ul#nav li ul {
margin:0px 0px 0px 20px;
display: block;
position: absolute;
color:#333333;
/* hidding submenus based on: [url]http://css-class.com/articles/ursidae/[/url] */
left: -999em;/* this makes it more accessible than display:none; */
width: 162px;
padding: 2px 1px 2px 2px;
background:#E1EDFB;
}
#navigation ul#nav li:hover ul, #navigation ul#nav li.over ul /* This is for Internet Explorer 6 */ {
display: block;
left: 0;
top: 100%;
position: absolute;
z-index: 4000;
width: 146px;
}
#navigation ul#nav li ul li {
width: 141px;
height: auto;
background: transparent;
text-indent: 0;
padding: 0;
}
#navigation ul#nav li:hover ul li a, #navigation ul#nav li.over ul li a {
display: block;
width: 140px;/*this is to adjust if used some background image for dropdown */
background: #9BC1E8;
*width: 142px;
padding: 10px 0px 10px 5px;
text-decoration: none;
margin: 0;
color: #333;
text-indent: 0;
text-align: left;
border: 0;
white-space: nowrap;
}
#navigation ul#nav li ul li a {
color: #333;
background: #9BC1E8;
}
#navigation ul#nav li ul li a:hover {
color: #333;
background: #9BC1E8;
}
#navigation ul#nav li.active a, #navigation ul#nav li a:hover, #navigation ul#nav li:hover a, #navigation ul#nav li.over a {
background:url(images/online_help.png) no-repeat;
}
</style>
<script>
function createdir1(){
document.index.opt.value='create';
document.index.submit();
}
function fileRename(){
var field=document.getElementsByName('file[]');
var c=0;
for (i = 0; i < field.length; i++){
if(field[i].checked == true){
c++;
var getRes = "Success";
}
}
if(getRes=="Success"){
if(c==1){
document.index.opt.value='filerename';
document.index.submit();
}else{
alert("Please select anyone of the folder.");
return false;
}
}else{
alert("Please select atleast one folder.");
return false;
}
document.index.opt.value='filerename';
document.index.submit();
}
function fun2(dname){
document.index.opt.value='';
document.index.dir.value=dname;
document.index.submit();
}
function delfile(){
var field=document.getElementsByName('file[]');
var arrField = new Array();
for (i = 0; i < field.length; i++){
if(field[i].checked == true){
arrField[i]= field[i].value+"JozZenVaL";
//arrField+="JozZenVaL";
var getRes = "Success";
}
}
if(getRes=="Success"){
if(confirm("Do you want to delete?")){
document.index.opt.value='delete';
document.index.submit();
}
}else{
alert("Please select atleast one file.");
return false;
}
}
function cpyfile(){
var field=document.getElementsByName('file[]');
var arrField = new Array();
for (i = 0; i < field.length; i++){
if(field[i].checked == true){
arrField[i]= field[i].value+"JozZenVaL";
//arrField+="JozZenVaL";
var getRes = "Success";
}
}
if(getRes=="Success"){
document.index.opt.value='copy';
document.index.submit();
}else{
alert("Please select atleast one file.");
return false;
}
}
function movefle(){
var field=document.getElementsByName('file[]');
var arrField = new Array();
for (i = 0; i < field.length; i++){
if(field[i].checked == true){
arrField[i]= field[i].value+"JozZenVaL";
//arrField+="JozZenVaL";
var getRes = "Success";
}
}
if(getRes=="Success"){
document.index.opt.value='move';
document.index.submit();
}else{
alert("Please select atleast one file.");
return false;
}
}
function ShowHideDisp(id){
if(document.getElementById(id).style.display=="none")
document.getElementById(id).style.display = "";
else
document.getElementById(id).style.display = "none";
}
function chgDir(dname){
//alert(dname);
document.index.opt.value='';
document.index.dir.value=dname;
document.index.submit();
}
function lout(){
document.index.opt.value='logout';
document.index.submit();
}
function fleupload(){
document.index.opt.value='upload';
document.index.submit();
}
function createuser(){
document.index.opt.value='createuser';
document.index.submit();
}
function manageuser(){
document.index.opt.value='manageuser';
document.index.submit();
}
function folderaccess(){
document.index.opt.value='folderaccess';
document.index.submit();
}
function createadmin(){
document.index.opt.value='createadmin';
document.index.submit();
}
function createzipfile(){
var field=document.getElementsByName('file[]');
var arrField = new Array();
for (i = 0; i < field.length; i++){
if(field[i].checked == true){
arrField+= field[i].value;
arrField+="JozZenVaL";
var getRes = "Success";
}
}
if(getRes=="Success"){
document.index.opt.value='createzipfile';
document.index.submit();
/*xmlHttp=GetXmlHttpObject()
if (xmlHttp==null)
{
alert ("Browser does not support HTTP Request")
return
}
var url="chkFilesize.php"
url=url+"?id="+arrField
url=url+"&sid="+Math.random()
xmlHttp.onreadystatechange=fileSize
xmlHttp.open("GET",url,true)
xmlHttp.send(null)*/
}else{
alert("Please select atleast one file.");
return false;
}
}
function fileSize()
{
if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete")
{
if(xmlHttp.responseText==0){
alert("You can't download empty folder.")
return false;
}else{
document.index.opt.value='createzipfile';
document.index.submit();
}
}
}
function fileReport(){
var field=document.getElementsByName('file[]');
var arrField = new Array();
for (i = 0; i < field.length; i++){
if(field[i].checked == true){
arrField+= field[i].value+"JozZenVaL";
//arrField+="JozZenVaL";
var getRes = "Success";
}
}
if(getRes=="Success"){
//document.index.opt.value='filreport';
//document.index.submit();
//alert(arrField);
document.location="getfilesReport.php?id="+arrField;
}else{
alert("Please select atleast one file.");
return false;
}
}
function addNotes(path,txt)
{
var txtVal=document.getElementById(txt).value;
xmlHttp=GetXmlHttpObject()
if (xmlHttp==null)
{
alert ("Browser does not support HTTP Request")
return
}
var url="addNotes.php"
url=url+"?path="+path+"&txt="+txtVal
url=url+"&sid="+Math.random()
xmlHttp.onreadystatechange=resNotes
xmlHttp.open("GET",url,true)
xmlHttp.send(null)
}
function resNotes()
{
if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete")
{
//alert(xmlHttp.responseText);
return true;
}
}
function GetXmlHttpObject()
{
var xmlHttp=null;
try
{
// Firefox, Opera 8.0+, Safari
xmlHttp=new XMLHttpRequest();
}
catch (e)
{
//Internet Explorer
try
{
xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
}
catch (e)
{
xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
}
}
return xmlHttp;
}
function ShowUser() {
document.getElementById("usermanagement").style.display = "block";
document.getElementById("filemanagement").style.display = "none";
document.getElementById("adminmanagement").style.display = "none";
document.index.opt.value='manageuser';
document.index.submit();
}
function ShowAdmin(){
document.getElementById("adminmanagement").style.display = "block";
document.getElementById("filemanagement").style.display = "none";
document.getElementById("usermanagement").style.display = "none";
}
function ShowFile(){
document.getElementById("filemanagement").style.display = "block";
document.getElementById("adminmanagement").style.display = "none";
document.getElementById("usermanagement").style.display = "none";
document.index.opt.value='';
document.index.submit();
}
function userBlock(){
document.getElementById("usermanagement").style.display = "block";
document.getElementById("filemanagement").style.display = "none";
document.getElementById("adminmanagement").style.display = "none";
}
</script>
<link href="css.css" rel="stylesheet" type="text/css">
<meta http-equiv="Cache-control" content="public">
<title>File Management</title>
</head>
<body >
<table width="100%" height="100%" border="0" cellspacing="0" cellpadding="0" style="max-width:100%; min-width:100%; margin:0px auto;">
<tr>
<td><table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0" class="main" >
<tr >
<td class="bg" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="5">
<tr>
<td width="50%" style="padding:25px 0 5px 5px;"><a href="index.php"><img src="image/cpilogo.jpg" width="264" height="67" border="0"></a></td>
<td class="contentheading2"><?php if($_SESSION['username']!="") { ?>
Welcome <span><?php echo $_SESSION['acname'];?></span>
<?php }?></td>
<td width="10%" align="right" style="padding:0 10px 0 0"><?php if($_SESSION['username']!="") { ?>
<input type="button" name="logout" class="logout" onClick="lout()" />
<?php } ?></td>
</tr>
</table></td>
</tr>
<tr class="content_bg" >
<td width="80%" height="100%" valign="top" ><table width="100%" border="0" cellspacing="0" cellpadding="0" >
<?php if($_SESSION['username']!=""){ ?>
<tr class="bg2">
<?php //if (($_SESSION['assign_admin'] == "1") || ($_SESSION['assign_admin'] == "2")) { ?>
<?php if ($_SESSION['assign_admin'] == "1"){ ?>
<td width="86"><img src="image/acc_admin.gif" width="86" alt="admin" height="33" border="0" onClick="createadmin()" style="cursor:pointer;"></td>
<?php } if($_SESSION['username']=="admin"){?>
<td width="157" align="left" valign="middle" style="padding-top:5px; padding-right:7px; "><a href="#" onClick="document.location='index.php'" style="cursor:pointer; color:#000000;">
<!--<img src="image/file_management.png" width="144" alt="admin" height="29">-->
<span id="file_management_icon"></span> </a></td>
<?php }//if (($_SESSION['assign_admin'] == "1") || ($_SESSION['assign_admin'] == "2")) { ?>
<?php if ($_SESSION['assign_admin'] == "1") { ?>
<td width="170" align="left" valign="middle" style="padding-top:5px; padding-right:7px;"><a href="#" onClick="ShowUser()" style="cursor:pointer; color:#000000;">
<!--<img src="image/user_management.png" width="157" alt="admin" height="29">-->
<span id="user_management_icon"></span> </a></td>
<td width="626" align="left" valign="middle" style="padding-top:5px; padding-right:7px;"><a href="#" onClick="window.open('calendar.php',
'myWindow','width=500,height=250')" style="cursor:pointer; color:#000000; display:block; width:170px;">
<!--<img src="image/file_download.png" />-->
<span id="file_download_icon"></span> </a>
<?php } ?> </td>
<td width="355"><table border="0" cellspacing="0" cellpadding="0">
<?php
if(isset($_POST['dir'])){
$_POST['dir'] = str_replace("//","/",$_POST['dir']);
//$root_dir=Get_Dirname($_SESSION['username']);
$root_dir=$_SESSION['dir'];
$subcount=substr_count($_POST['dir'], $root_dir);
if($subcount==0) $_POST['dir']=$root_dir.'/';
$tmp='';
$tmp1='';
$dir_tmp=$_POST['dir'];
$ary=explode("/",$dir_tmp);
for($c=0;$c<count($ary)-2;$c++)
$tmp.=$ary[$c].'/';
for($c=0;$c<count($ary)-1;$c++)
$tmp1.=$ary[$c].'/';
if(count($ary)<3) $tmp=$dir_tmp;
} else {
$dir_tmp=$_SESSION['dir'];
$tmp=$dir_tmp;
$tmp1=$dir_tmp;
}
?>
<tr>
<td><div style="margin-right:5px; float:left">
<?php
if($_POST['opt']!='create' && $_POST['opt']!='logout' && $_POST['opt']!='upload' && $_POST['opt']!='createuser' && $_POST['opt']!='delete' && $_POST['opt']!='copy' && $_POST['opt']!='move'){
?>
<input type="button" name="Up" class="Back" onClick="chgDir('<?php echo $tmp;?>');" />
<?php } else { ?>
<input type="button" name="Up" class="Back" onClick="fun2('<?php echo $tmp1;?>');" />
<?php } ?>
</div></td>
<td><div style="margin-right:5px; float:left"><?php if ($_SESSION['assign_admin'] == "1" || $_SESSION['assign_admin'] == "0") { ?>
<div id="navigation" style="float:left">
<ul id="nav">
<!-- main item 1 -->
<li class="item1"><a href="mailto:netops@allzonems.com?cc=patrick@allzonems.com" > <span id="online_help"></span> </a>
<!-- dropdown or flyout 1 -->
<?php /*?><ul>
<li><?php if ($_SESSION['assign_admin'] == "1"){?><a href="createzip.php?img=image&path=help/help.zip" title="Demo">User Guide</a><?php }else{?><a href="createzip.php?img=image&path=help/FileBox_UserManual_Version_1.pdf" title="Demo">User Guide</a><?php }?></li>
</ul><?php */?>
</li>
<!-- main item 2 -->
</ul>
</div>
<?php } ?>
</div></td>
<td valign="middle"><div style="margin-right:5px; float:left"><?php
if ($_SESSION['assign_admin'] == "1") {
$uname1=$_SESSION['username'];
$sqlmax="SELECT COUNT(username) FROM userdetails where user_to='$uname1'";
$rsmax=mysql_query($sqlmax);
if($rowmax=mysql_fetch_array($rsmax))
{
$max_account1=$rowmax[0];
}
?>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="right"><span id="maximum_user_ac"></span> </td>
<td align="left" style="color:#ea7222;font-weight:bold;"><?php echo "$max_account1";?></td>
<?php
$select_user_to = mysql_query("select * from userdetails where user_to='".$_SESSION['username']."' and assign_admin='0'");
$my_num_user = mysql_num_rows($select_user_to);
$left_account= $max_account1 - $my_num_user;
?>
</tr>
</table>
<?php } ?></div></td>
</tr>
</table></td>
</tr>
<?php
} ?>
</table>
<table width="100%" border="0" cellspacing="0" cellpadding="0" class="menu">
<tr>
<td><table width="100%" border="0" cellspacing="0" cellpadding="0" >
<tr>
<?php if($_SESSION['username']!="") { ?>
<?php
//if(isset($_SESSION['username']) and $_POST['opt']!='logout') {
?>
<td colspan="2" class="bg3"><!--====================Header Starts==================-->
<div id="filemanagement">
<?php $permission_id1 = explode(",",$permission_id); ?>
<table border="0" cellspacing="0" cellpadding="0" height="40" width="100%" vspace="10" >
<tr>
<td width="80%" style="height: 30px; vertical-align: middle; line-height: 0px; padding-left:15px; padding-top:7px">
<?php
if(($assign_admin=='1') || ($assign_admin=='2'))
{
?>
<div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
<input type="button" name="createdir" onClick="createdir1()" class="Create" />
</div>
<?php
}
elseif(in_array("4",$permission_id1))
{ ?>
<div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
<input type="button" name="createdir2" onClick="createdir1()" class="Create" />
</div>
<?php } ?>
<div style="float:left; margin-top:5px;"><span width="382" align="left" valign="middle" style="padding-top:5px; padding-right:7px;"><a href="#" onClick="fileRename();" style="cursor:pointer; color:#000000;">
<!--<img src="image/file_download.png" />-->
<span id="rename_icon"></span> </a></span></div>
<?php
if(($assign_admin=='1') || ($assign_admin=='2'))
{ ?>
<div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
<input type="button" name="copyfile" onclick="cpyfile()" class="Copyfile"/>
</div>
<?php
} elseif(in_array("3",$permission_id1))
{ ?>
<div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
<input type="button" name="copyfile" onclick="cpyfile()" class="Copyfile"/>
</div>
<?php } ?>
<?php
if(($assign_admin=='1') || ($assign_admin=='2'))
{ ?>
<div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
<input type="button" name="movefile" onClick="movefle()" class="Movefile"/>
</div>
<?php
} elseif(in_array("2",$permission_id1))
{ ?>
<div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
<input type="button" name="movefile" onClick="movefle()" class="Movefile"/>
</div>
<?php } ?>
<?php
if(($assign_admin=='1') || ($assign_admin=='2'))
{ ?>
<div style="margin-right:12px; *margin-right:5px; margin-top:5px; float:left; height:27px">
<input type="button" name="deletefile" class="Delete" onClick="delfile()" />
</div>
<?php
} elseif(in_array("1",$permission_id1))
{ ?>
<div style="margin-right:12px; *margin-right:5px; float:left; margin-top:5px; height:27px">
<input type="button" name="deletefile" class="Delete" onClick="delfile()" />
</div>
<?php } ?>
<div style="float:left; margin-top:6px;"><span style="padding-top:5px; padding-right:7px;"><a href="#" onClick="fileReport();" style="cursor:pointer; color:#000000;">
<!--<img src="image/file_download.png" />-->
<span id="file_export_icon"></span> </a></span></div> </td>
<td width="20%" align="right" style="height: 30px; vertical-align: middle; line-height: 0px; padding-right:15px; *padding-right:35px">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td align="right"><div style="margin-right:12px; width:91px; *margin-right:5px; float:left; height:27px">
<?php if(($access_rights == "1") || ($access_rights == "3") ) { ?>
<input type="button" name="createzipfile" class="Download" onClick="createzipfile()" />
<?php } ?>
</div></td>
<td align="right"> <div style="margin-right:12px; width:91px; *margin-right:5px; float:left; height:27px">
<?php if(($access_rights == "2") || ($access_rights == "3") ) { ?>
<input type="button" name="uploadfile" onclick="fleupload()" class="Uploadfile"/>
<?php } ?>
</div></td>
</tr>
</table> </td>
<!----end td-->
</tr>
</table>
<?php
// if($_SESSION['username']=='admin')
// if (($assign_admin == '1') || ($assign_admin == '2'))
// {
?>
<?php
// }
?>
</div>
<!--====================Header Starts End==================-->
<div id="adminmanagement" style="display:none;">
<input type="button" name="createadmin" onClick="createadmin()" class="Createadmin" />
</div>
<div id="usermanagement" style="display:none; padding-left:40px;">
<input type="button" name="createuser" onClick="createuser()" class="Createnew" />
<input type="button" name="manageuser" onClick="manageuser()" class="Manageusers" />
<!--<input type="button" name="folderaccess" onClick="folderaccess()" class="Folderaccess" />-->
<?php
if(($_POST['opt']!='logout') && ($_POST['opt']!='upload') && ($_POST['opt']!='createuser') && ($_POST['opt']!='delete') && ($_POST['opt']!='copy') && ($_POST['opt']!='move')){
?>
<input type="button" name="Up" class="Backnew" onClick="document.location='index.php'" />
<?php } else { ?>
<input type="button" name="Up" class="Backnew" onClick="manageuser();" />
<?php } ?>
</div></td>
<!-- <td>
<?php // if(($access_rights == "1") || ($access_rights == "3") ) { ?>
<input type="button" name="createzipfile" class="Download" onClick="createzipfile()" />
<?php // } ?> <input type="button" name="logout" class="logout" onClick="lout()" /> </td>-->
<?php
// }
// else
// {
// echo "<td width=\"100%\"></td><td width=\"28\"></td>";
// }
?>
</tr>
<?php } ?>
<?php if($_SESSION['username']!="") { ?>
<!-- <tr>
<td class="contentheading">Welcome <?php /*?><?php echo $uname;?><?php */?>,</td>
<td align="right" class="contentheading">
<?php /*?><?php if ($_SESSION['assign_admin'] == "1") { ?>
<a href="http://www.cpifilebox.com/manual/current.pdf"><img src="image/help.png" border="0" align="right"></a>
<?php } ?><?php */?>
</td>
</tr>-->
<?php } ?>
</table></td>
</tr>
</table>
<table width="100%" border="0" cellpadding="0" cellspacing="0" >
<tr >
<td valign="top" height="100%" ><?php
if(isset($_SESSION['username'])){
?>
<table width="95%" cellpadding="0" cellspacing="0" border="0" align="center" style="margin:2px auto 0 auto; border:1px solid #6b97c5;">
<?php
}else{
?>
<!-- <table width="90%" cellpadding="0" cellspacing="0" border="0" align="center" style="margin:2px auto 0 auto; border:0px solid #6b97c5;">-->
<?php
}
?>
<tr>
<?php
if(isset($_SESSION['username'])){
if($_POST['opt']==""){
?>
<td colspan="5" valign="top" style="background:#F4FCFF; height:300px; text-align:center; vertical-align:middle; font-weight:bold"><?php
}else{
?>
<td colspan="5" valign="top" style="background:#F4FCFF;"><?php
}
}else{
?>
<td colspan="5" valign="top"><?php
}
?>
<?php
if(isset($_SESSION['username'])){
if($_POST['opt']=='create')
require_once("createdir.php");
else if($_POST['opt']=='delete')
require_once("deletefile.php");
else if($_POST['opt']=='copy')
require_once("copyfile.php");
else if($_POST['opt']=='move')
require_once("movefile.php");
else if($_POST['opt']=='logout')
require_once("login.php");
else if($_POST['opt']=='upload')
require_once("uploadfile.php");
elseif($_POST['opt'] == 'createadmin')
require_once("newadmin.php");
else if($_POST['opt']=='createuser'){
//require_once("newuser.php");
require_once("create_user.php");
}else if($_POST['opt']=='manageuser'){
require_once("manage_users.php");
}else if($_POST['opt']=='folderaccess'){
require_once("folder_access.php");
}else if($_POST['opt']=='filerename'){
require_once("filerename.php");
}else if($_POST['opt']=="filreport"){
require_once("getfilesReport.php");
}else{
//require_once("index1.php");
require_once("foldertree_table.php");
}
}else{
require_once("login.php");
}
?>
</td>
</tr>
<?php if($msg!=""){ ?>
<tr>
<td colspan="6"><?php echo $msg; ?></td>
</tr>
<?php } ?>
</table></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
<tr>
<td><table width="100%" border="0" cellspacing="0" cellpadding="5">
<tr>
<td><img src="image/copyright.png"></td>
<td align="right"><a href="mailto:netops@allzonems.com?cc=patrick@allzonems.com">Contact Us</a></td>
</tr>
</table></td>
</tr>
</table>
</body>
</html>
<?php if($_REQUEST['opt']=='createuser' || $_REQUEST['opt']=='manageuser' || $_REQUEST['opt']=='folderaccess'){ ?>
<script language="javascript">
userBlock();
</script>
<?php } ?>
