0

this is my code please find the error and reply me. thanks

<?php 
session_start();
ob_start();

//print_r($_REQUEST);
//print_r($_SESSION);
error_reporting(0);
include("includes/conn.php");
header('Content-Language: en-us');
header('Content-Type: text/html; charset=utf-8');

if($_POST['opt']=='logout'){
    $_SESSION['username'] == "";
    session_unset();
    session_destroy();
    //require_once("login.php");
}

// echo $_FILES["logo"]['name'];
//if($opt=='Create')
include("includes/conn.php");
/*
    $opt_multiple = $_REQUEST['opt_multiple'];
    foreach($opt_multiple as $key => $value){
        $b.= $value . ",";
    }
    echo $a =  substr($b, 0, -1);
*/
function getFileExtensions($file_name){
    return substr(strrchr($file_name,'.'),1);
}

function delete_directory($dirname) {
        if($dirname!='' && $dirname!='/' && $dirname!='.' && $dirname!='..' && $dirname!='../../Storage' && $dirname!='../../Storage/'){
             if (is_dir($dirname))
                 $dir_handle = opendir($dirname);
             if (!$dir_handle)
                 return false;
             while($file = readdir($dir_handle)) {
                 if ($file != "." && $file != ".."){
                     if (!is_dir($dirname."/".$file)){
                        $fileExt = getFileExtensions($file);
                        if($fileExt!='php' && $fileExt!='js' && $fileExt!='css' && $fileExt!='jar' && $fileExt!='htaccess' && $fileExt!='' ){
                         unlink($dirname."/".$file);
                         }
                     }else{
                         delete_directory($dirname.'/'.$file);          
                     }
                 }
             }
             closedir($dir_handle);
             rmdir($dirname);
        } 
         return true;
}
function getFolder($path){
    $fol="";
    $iterator = new RecursiveIteratorIterator(
                    new RecursiveDirectoryIterator($path), 
                    RecursiveIteratorIterator::SELF_FIRST);

    foreach($iterator as $file) {
        if($file->isDir()) {
           $exp=explode("/",$file->getRealpath());
           $fol.=end($exp).",";
        }
    }
    return $fol;
}   

if($_FILES["logo"]['name']!=""){
    $img = $_FILES["logo"]['name'];
    $soruce = $_FILES["logo"]['tmp_name'];
    $target = "/image/logo/".$img;
    $homepageimage=post_img($_FILES['logo']['name'],$_FILES['logo']['tmp_name'],"image/logo");
    //move_uploaded_file($source,$target);
    //die();
}   
//session variables
 $uname = $_SESSION['username'];
 $userid = $_SESSION['userid'];
 $assign_admin = $_SESSION['assign_admin'];
 $access_rights = $_SESSION['access_rights'];
 $user_cc1 = $_SESSION['user_cc1'];
 $max_account = $_SESSION['max_account'];
 $permission_id=$_SESSION['permission_id'];

// max number
/*$select_user_to = mysql_query("select * from userdetails where user_to='".$_SESSION['username']."' and assign_admin='0'");
echo $my_num_user = mysql_num_rows($select_user_to);

$sql_max = mysql_query("select * from userdetails where username ='".$_SESSION['username']."'");
    $res_max = mysql_fetch_array($sql_max);
    echo $max_account = $res_max['max_account'];
            if($max_account <= $my_num_user){
                echo $msg = "error";
            }else{
                echo $msg="allowed";
            }
            die();*/

//ajax server functions
function SaveNote($fle_path,$note){
    //echo "update dirdetails set note='$note' where path='$fle_path'";                     
    if(mysql_query("update dirdetails set note='$note' where path='$fle_path'")){

        header("Location:index.php");
        die();
        //return $fle_path;
    }else{ 
        header("Location:index.php");
        die();
        //return $note;
    }
}
function AddNotes($fle_path,$txtid){
    $listarray = array();
    $listarray[0] = $txtid;
    $r1 = mysql_query("select note from dirdetails where path='$fle_path'");
    if($r=mysql_fetch_array($r1)){
        $listarray[1]=trim($r['note']);
    return $listarray;
    }else{
        $listarray[1]='empty';
        return $listarray;
    }
}
function user_pass($opt,$val){
    if($opt=='userPass'){
        $sql = "SELECT * FROM userdetails WHERE userid='".$val."'";
        $res = mysql_query($sql);
        $arr = mysql_fetch_array($res);
        $getVal[] = $val;
        $getVal[] = $arr['password'];
        return $getVal; 

    }
}

function UDC_Folderaccess($opt,$txtFolderAccess,$folderChk,$assignUserChk){
    /*
    print_r($txtFolderAccess);
    echo "<br><br>";
    print_r($folderChk);
    echo "<br><br>";  
    print_r($assignUserChk);    
        echo "<br><br>";
        */

    if($opt == 'folder_access'){
        if($txtFolderAccess == "Assign"){
            $folderChk = explode(",",$folderChk);
            $assignUserChk = explode(",",$assignUserChk);   
            for($d=0; $d<count($assignUserChk); $d++){               
                $selSql = "SELECT * FROM userdetails WHERE userid='".$assignUserChk[$d]."'";
                $resSql = mysql_query($selSql);
                $objSql = mysql_fetch_object($resSql);          
                $current_folder_access = explode(",",$objSql->user_cc1);    
                $mergeArray = array_merge($folderChk, $current_folder_access);  
                $uniqueArray = array_unique($mergeArray);   
                $uniqueVal = implode(",",$uniqueArray);

                    $sqlUpd = "UPDATE userdetails set user_cc1='$uniqueVal' WHERE userid='".$assignUserChk[$d]."'";
                    $resUpd = mysql_query($sqlUpd); 
                    if($resUpd){ $getResult = "success"; }else{ $getResult = "Failure"; }
                    $getRemoveArr = '';
                    $getRemoveobj = '';

                /*--------------------------update folders-------------------------------*/
                for($u=0;$u<count($folderChk);$u++){
                    $mulUser = "select * from tbl_userfolders where username='$folderChk[$u]'";
                    $re_mulUser = mysql_query($mulUser);
                    $resMul = mysql_fetch_array($re_mulUser);
                    $mulArr = $resMul['folders'];
                }
                $sql = mysql_query("UPDATE userdetails SET user_cc1 = concat(user_cc1,',$mulArr') WHERE userid='".$assignUserChk[$d]."'");
                $selsql = mysql_query("SELECT * FROM userdetails WHERE userid='".$assignUserChk[$d]."'");
                $resSql = mysql_fetch_array($selsql);
                $arrSql = explode(",",$resSql['user_cc1']);
                $arrUniq = array_unique($arrSql);
                $arrImplode = implode(",",$arrUniq);
                /*---------------Unique Updation----------------*/
                $sql = mysql_query("UPDATE userdetails SET user_cc1 = '$arrImplode' WHERE userid='".$assignUserChk[$d]."'");
                /*--------------------------update folders end-------------------------------*/

            }   
        }else if($txtFolderAccess == "Unassign"){   

            $folderChk = explode(",",$folderChk);
            $assignUserChk = explode(",",$assignUserChk);   
            for($d=0; $d<count($assignUserChk); $d++){
                $selSql = "SELECT * FROM userdetails WHERE userid='".$assignUserChk[$d]."'";
                $resSql = mysql_query($selSql);
                $objSql = mysql_fetch_object($resSql);          
                $current_folder_access = explode(",",$objSql->user_cc1);    

                for($k=0; $k<count($current_folder_access); $k++){
                    if(!in_array($current_folder_access[$k],$folderChk)){
                        $getRemoveArr[] = $current_folder_access[$k];
                    }
                }
                $getRemoveobj = implode(",",$getRemoveArr);

                    $sqlUpd = "UPDATE userdetails set user_cc1='$getRemoveobj' WHERE userid='".$assignUserChk[$d]."'";
                    $resUpd = mysql_query($sqlUpd); 
                    if($resUpd){ $getResult = "success"; }else{ $getResult = "Failure"; }       
                    $getRemoveArr = '';
                    $getRemoveobj = '';             
            }           
        }       
        echo  $getResult;

    }
    return false;
}

//function UDC_User($opt,$v_name,$v_user,$v_email,$v_dir,$v_pass,$v_rights,$v_adminright)
function UDC_User($opt,$v_name,$v_user,$v_email,$v_usertype,$v_pass,$v_rights,$folder,$v_perm){                     
    if($opt=='Update'){
        if($folder=="")
            $folder.= $_SESSION['username'];
        else
            $folder.=','.$_SESSION['username'];
            $arrFol = explode(",",$folder);
            $arrCount = count($arrFol);
            $folderSet = "";
            for($f=0;$f<count($arrFol);$f++){
                $selFol = mysql_query("SELECT * FROM tbl_userfolders WHERE username='$arrFol[$f]'");
                $numFol = mysql_num_rows();
                $resFol = mysql_fetch_array($selFol);
                if($selFol!=0){
                $folderSet.= $resFol['folders'].",";
                }
            }
            $trimFolder = trim($folderSet,",");
        $result = mysql_query("update userdetails set name='$v_name',email='$v_email',password='$v_pass',user_cc1='$folder,$trimFolder', access_rights='$v_rights',permission_id='$v_perm' where username='$v_user'");
        $updtaccess=mysql_query("UPDATE tbl_useraccess SET useraccess='$folder' WHERE username='$v_user'");
        //if($result){ $}else{}
        /*
        if($_SESSION['user_cc1'] == ""){
            $sql = mysql_query("UPDATE userdetails SET user_cc1 = concat(user_cc1,'$folder') WHERE username='$v_user'");
        }elseif($_SESSION['user_cc1'] != ""){
            $sql = mysql_query("UPDATE userdetails SET user_cc1 = concat(user_cc1,',$folder') WHERE username='$v_user'");
        }
        */
    }elseif($opt=='Delete'){
        $sql = mysql_query("select * from userdetails where username='$v_user'");
        $result = mysql_fetch_array($sql);
        $ed_dirname  = $result['dirname'];
        $ed_username = $result['username'];
        $deldir = $ed_dirname . "/" . $ed_username;
        delete_directory($deldir);
        mysql_query("delete from userdetails where username='$v_user'");
        mysql_query("DELETE FROM tbl_auditdetails WHERE userName='$v_user'");

    }elseif($opt=='userDelete'){
        $sql = mysql_query("select * from userdetails where username='$v_user'");
        $result = mysql_fetch_array($sql);
        $ed_dirname  = $result['dirname'];
        $ed_username = $result['username'];
        $deldir = $ed_dirname . "/" . $ed_username;
        delete_directory($deldir);
        mysql_query("delete from userdetails where username='$v_user'");
        mysql_query("DELETE FROM tbl_auditdetails WHERE userName='$v_user'");
        mysql_query("DELETE FROM tbl_useraccess WHERE username='$v_user'");

    }else if($opt=='Create'){
     //Folder Access
    /*$opt_multiple = $_REQUEST['opt_multiple'];
    foreach($opt_multiple as $key => $value){
        $b.= $value . ",";
    }$a =  substr($b, 0, -1);
    */  
        //if($max_account !=    $my_num_user)
        //{
        /*----------------Create User------------------------*/
                $max_account = $fetch_admin['max_account'];
                $select_admin = mysql_query("select * from userdetails where username='$v_user'");
                $my_num_admin = mysql_num_rows($select_admin);
                $fetch_admin = mysql_fetch_array($select_admin);

                if($my_num_admin > 0){
                    $msg = "User are already exists";               
                    echo "<script language=javascript>alert('User already exists.')</script>";                
                }else{
                    $select_user_to = mysql_query("select * from userdetails where user_to='".$_SESSION['username']."' and assign_admin='0'");
                    $my_num_user = mysql_num_rows($select_user_to);

                    $sql_max = mysql_query("select * from userdetails where username ='".$_SESSION['username']."'");
                    $res_max = mysql_fetch_array($sql_max);
                    $max_account = $res_max['max_account'];

                    if($max_account <= $my_num_user){
                         $msg = "error";
                    }else{
                        //$storagedir = "../../Storage/".$_SESSION['username']."/".$v_user;         
                        $storagedir = "../../Storage/".$_SESSION['username'];

                        if($folder==""){
                            $folder.= $_SESSION['username'];
                        }else{
                            $folder.=','.$_SESSION['username'];
                        }
                        $subFol="";
                        $exp=explode(",",$folder);
                        for($f=0;$f<count($exp)-1;$f++){
                            $v_path="../../Storage/".$_SESSION['username']."/".$exp[$f];
                            $subFol.=getFolder($v_path);
                        }

                        if($v_usertype!="User"){        
                            if(mkdir("../../Storage/".$_SESSION['username']."/".strtolower($v_user),0777)){
                                //  $storagedir = "../../Storage/".$v_adminright."/".$v_user;
                                    $sqluser = "insert into userdetails(name,username,password,email,dirname,user_to,user_cc1,user_cc2,assign_admin,access_rights,photo,max_account,total_disk, permission_id) values('".$v_name."','".strtolower($v_user)."','".$v_pass."','".$v_email."','".$storagedir."','".$_SESSION['username']."','$folder','','0','".$v_rights."','','','','".$v_perm."')"; 
                                    $rsuser = mysql_query($sqluser) or die(mysql_error());
                                    $sqlid = mysql_insert_id();
                                //  mysql_query("insert into userdetails (name,username,password,email,dirname,user_to,assign_admin,access_rights) values ('$v_name','$v_user','$v_pass','$v_email','$storagedir','$v_adminright',0,'$v_rights')") or die("mysql error".mysql_error()); 
                            }
                        }else{
                                $sqluser = "insert into userdetails(name,username,password,email,dirname,user_to,user_cc1,user_cc2,assign_admin,access_rights,photo,max_account,total_disk, permission_id) values('".$v_name."','".strtolower($v_user)."','".$v_pass."','".$v_email."','".$storagedir."','".$_SESSION['username']."','$subFol$folder','','0','".$v_rights."','','','','".$v_perm."')";  
                                $rsuser = mysql_query($sqluser) or die(mysql_error());
                                $sqlid = mysql_insert_id();
                                $userAcess="insert into tbl_useraccess (username,usertype,useraccess,date) values('".strtolower($v_user)."','User','$folder',now())";
                                $re_userAcess=mysql_query($userAcess);

                        }   
                    }                       
                }   
                /*----------------Create User End------------------------*/
        //}     
    }
    return false;
}

function Get_Dirname($uname_dir){
    $res_dir1=mysql_query("select dirname from userdetails where username='$uname_dir'");
    $res_dir=mysql_fetch_array($res_dir1);
    return $res_dir['dirname'];
}

function post_img($fileName,$tempFile,$targetFolder){   
    if ($fileName!=""){
        if(!(is_dir($targetFolder)))
        mkdir($targetFolder);
        $counter=0;
        $NewFileName=$fileName;
        if(file_exists($targetFolder."/".$NewFileName))
            {
                do
                { 
                    $counter=$counter+1;
                    $NewFileName=$counter."-".$fileName;
                }
                while(file_exists($targetFolder."/".$NewFileName));
            }
        copy($tempFile, $targetFolder."/".$NewFileName);    
        return $NewFileName;
    }
}


function UDC_admin($opt,$v_name,$v_user,$v_pass,$v_email,$v_logo,$v_admin,$v_maxno,$v_totaldisk){
    //$homepageimage=post_img($_FILES['logo']['name'],$_FILES['logo']['tmp_name'],"image/logo");
     $img = $_FILES["logo"]['name'];
    $soruce = $_FILES["logo"]['tmp_name'];
    $target = "/image/logo/".$img;
    $homepageimage=post_img($_FILES['logo']['name'],$_FILES['logo']['tmp_name'],"image/logo");


    if($opt=='Create'){     
        $select_admin = mysql_query("select * from userdetails where username='$v_user'");
        $my_num_admin = mysql_num_rows($select_admin);      
        if($my_num_admin > 0){
            $msg = "User are already exists";
            echo "<script language=javascript>alert('User are already exist.')</script>";
        }else{
            if(mkdir("../../Storage/".$v_user,0777)){
                $dir = "../../Storage/".$v_user;
                mysql_query("insert into userdetails(name,username,password,email,dirname,assign_admin,access_rights,photo,max_account,total_disk)
                          values('$v_name','$v_user','$v_pass','$v_email','$dir','$v_admin',3,'$v_logo','$v_maxno','$v_totaldisk')");
            }   
        }             
    }   
    return false;
}

function UDC_update($opt,$v_name,$v_user,$v_email,$v_maxno,$v_selectadmin,$v_totaldisk,$v_pass){
    if($opt=='Update'){
        mysql_query("update userdetails set name='$v_name',email='$v_email',max_account='$v_maxno',assign_admin='$v_selectadmin',total_disk='$v_totaldisk',password='$v_pass' where username='$v_user'");
    }else if($opt=='Delete'){
        $sql = mysql_query("select * from userdetails where username='$v_user'");
        $result = mysql_fetch_array($sql);
        $ed_dirname  = $result['dirname'];
        delete_directory($ed_dirname);
        mysql_query("delete from userdetails where username='$v_user'");
    }   
    return;
}

if(isset($_POST['update_all'])){
      $folder1 = $_POST['opt_multiple1'];
     // print_r($folder1);
      if(!isset($folder1)) 
      {
            //echo("<p>You didn't select any folders!</p>\n");
      } 
      else 
      {
           foreach($folder1 as $key => $value){
                //echo($aCountries[$i] . ",");
                $folder.=",".$value;
           }
      }
    // echo $folder;
    $uname1=$_SESSION['username'];
    //mysql_query("delete from userdetails where userid='122'");
    //echo "update userdetails set `user_cc1`=CONCAT(user_cc1,',$folder') where user_to ='$uname1'";
    $sqlfolder="update userdetails set user_cc1=CONCAT(user_cc1,'$folder') where user_to ='$uname1'";
    $rsfolder=mysql_query($sqlfolder) or die(mysql_error());
    //exit;
    //mysql_query("update userdetails set `user_cc1`=CONCAT(user_cc1,'$folder') where user_to ='$uname1'") or die(mysql_error());
}

//------------------------- user folder updation function------------------------------------//
if(isset($_SESSION['username'])){
$fols="";
    if($_SESSION['username']!="admin"){
        $selUser=mysql_query("select * from tbl_useraccess where username='".$_SESSION['username']."'");
        $numUser=mysql_num_rows($selUser);
        if($numUser!=0){
            $resUser=mysql_fetch_array($selUser);
            $expl=explode(",",$resUser['useraccess']);
            for($x=0;$x<count($expl);$x++){
                if($expl[$x]!="admin" && $expl[$x]!=""){
                    $link = "../../Storage/admin/".$expl[$x];
                    $fols.=trim(getFolder($link),",").",$expl[$x]";
                }
            }
            $updt = mysql_query("update userdetails set user_cc1='admin,$fols' where username='".$_SESSION['username']."'");
        }else{
            $link = "../../Storage/admin/".$_SESSION['username'];
            $fols=trim(getFolder($link),",").",".$_SESSION['username'];
            $updt = mysql_query("update userdetails set user_cc1='admin,$fols' where username='".$_SESSION['username']."'");
        }
    }
}
//------------------------- user folder updation function end------------------------------------//

?>
<?php
if($_POST['opt']=='createzipfile') {
    require_once("createzip.php");
}
    include_once("ajax/ajaxagent/agent.php");
    $agent->init();
?>
<html>
<head>
<style type="text/css">
/* =========================================================================
For any free or commercial usage please keep this credits text intact.
Author : Femi Hasani [url]www.vision.to[/url] ,test idea and CSS code.
The original version of this stylesheet and the associated (x)html
is available at [url]http://www.vision.to/simple-css-one-level-dropdown-menu.php[/url]
A link to [url]www.vision.to[/url] would be apperciated but not mandatory.
=============================================================================== */
#navigation ul#nav {
    z-index: 5000;
    float:right;
    margin-right:5px;
    display:inline;
}
#navigation ul#nav li {
    list-style:none;
    float: left;
    text-align: center;
    line-height: 1em;/* width:175px;*/
}
#navigation ul#nav li a {
    display: block;
    color: #333;
    text-decoration: none;
    text-align: center;
}
#navigation ul#nav li a span {
/*padding: 0 15px 0 10px;*/
   /*   background: url(arrow.gif) no-repeat 100% 50%;  optional */
}
#navigation ul#nav li ul {
    margin:0px 0px 0px 20px;
    display: block;
    position: absolute;
    color:#333333;
    /* hidding submenus based on: [url]http://css-class.com/articles/ursidae/[/url]  */
    left: -999em;/* this makes it more accessible than display:none; */
    width: 162px;
    padding: 2px 1px 2px 2px;
    background:#E1EDFB;
}
#navigation ul#nav li:hover ul, #navigation ul#nav li.over ul /* This is for Internet Explorer 6  */ {
    display: block;
    left: 0;
    top: 100%;
    position: absolute;
    z-index: 4000;
    width: 146px;
}
#navigation ul#nav li ul li {
    width: 141px;
    height: auto;
    background: transparent;
    text-indent: 0;
    padding: 0;
}
#navigation ul#nav li:hover ul li a, #navigation ul#nav li.over ul li a {
    display: block;
    width: 140px;/*this is to adjust if used some background image for dropdown */
    background: #9BC1E8;
*width: 142px;
    padding: 10px 0px 10px 5px;
    text-decoration: none;
    margin: 0;
    color: #333;
    text-indent: 0;
    text-align: left;
    border: 0;
    white-space: nowrap;
}
#navigation ul#nav li ul li a {
    color: #333;
    background: #9BC1E8;
}
#navigation ul#nav li ul li a:hover {
    color: #333;
    background: #9BC1E8;
}
#navigation ul#nav li.active a, #navigation ul#nav li a:hover, #navigation ul#nav li:hover a, #navigation ul#nav li.over a {
    background:url(images/online_help.png) no-repeat;
}
</style>
<script>
function createdir1(){
    document.index.opt.value='create';
    document.index.submit();
}
function fileRename(){
    var field=document.getElementsByName('file[]');
        var c=0;
        for (i = 0; i < field.length; i++){
            if(field[i].checked == true){
                c++;
                var getRes = "Success";
            }
        }
    if(getRes=="Success"){
        if(c==1){
            document.index.opt.value='filerename';
            document.index.submit();
        }else{
            alert("Please select anyone of the folder.");
            return false;
        }
    }else{
        alert("Please select atleast one folder.");
        return false;
    }

    document.index.opt.value='filerename';
    document.index.submit();
}
function fun2(dname){
    document.index.opt.value='';
    document.index.dir.value=dname;
    document.index.submit();
}

function delfile(){
    var field=document.getElementsByName('file[]');
        var arrField = new Array();
        for (i = 0; i < field.length; i++){
            if(field[i].checked == true){
                arrField[i]= field[i].value+"JozZenVaL";
                //arrField+="JozZenVaL";
                var getRes = "Success";
            }
        }
    if(getRes=="Success"){
        if(confirm("Do you want to delete?")){
        document.index.opt.value='delete';
        document.index.submit();
        }
    }else{
        alert("Please select atleast one file.");
        return false;
    }
}



function cpyfile(){
    var field=document.getElementsByName('file[]');
        var arrField = new Array();
        for (i = 0; i < field.length; i++){
            if(field[i].checked == true){
                arrField[i]= field[i].value+"JozZenVaL";
                //arrField+="JozZenVaL";
                var getRes = "Success";
            }
        }
    if(getRes=="Success"){
        document.index.opt.value='copy';
        document.index.submit();
    }else{
        alert("Please select atleast one file.");
        return false;
    }
}
function movefle(){
    var field=document.getElementsByName('file[]');
        var arrField = new Array();
        for (i = 0; i < field.length; i++){
            if(field[i].checked == true){
                arrField[i]= field[i].value+"JozZenVaL";
                //arrField+="JozZenVaL";
                var getRes = "Success";
            }
        }
    if(getRes=="Success"){
        document.index.opt.value='move';
        document.index.submit();
    }else{
        alert("Please select atleast one file.");
        return false;
    }
}
function ShowHideDisp(id){
    if(document.getElementById(id).style.display=="none")
    document.getElementById(id).style.display = "";
    else
    document.getElementById(id).style.display = "none";
}
function chgDir(dname){
    //alert(dname);
    document.index.opt.value='';
    document.index.dir.value=dname;
    document.index.submit();
}
function lout(){
    document.index.opt.value='logout';
    document.index.submit();
}
function fleupload(){
    document.index.opt.value='upload';
    document.index.submit();
}
function createuser(){
    document.index.opt.value='createuser';
    document.index.submit();
}
function manageuser(){
    document.index.opt.value='manageuser';
    document.index.submit();
}
function folderaccess(){
    document.index.opt.value='folderaccess';
    document.index.submit();
}
function createadmin(){
    document.index.opt.value='createadmin';
    document.index.submit();
}

function createzipfile(){
    var field=document.getElementsByName('file[]');
        var arrField = new Array();
        for (i = 0; i < field.length; i++){
            if(field[i].checked == true){
                arrField+= field[i].value;
                arrField+="JozZenVaL";
                var getRes = "Success";
            }
        }
        if(getRes=="Success"){
            document.index.opt.value='createzipfile';   
            document.index.submit();
            /*xmlHttp=GetXmlHttpObject()
            if (xmlHttp==null)
            {
            alert ("Browser does not support HTTP Request")
            return
            }
            var url="chkFilesize.php"
            url=url+"?id="+arrField
            url=url+"&sid="+Math.random()
            xmlHttp.onreadystatechange=fileSize
            xmlHttp.open("GET",url,true)
            xmlHttp.send(null)*/
        }else{
            alert("Please select atleast one file.");
            return false;
        }
}

    function fileSize() 
    { 
        if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete")
        { 
            if(xmlHttp.responseText==0){
                alert("You can't download empty folder.")
                return false;
            }else{
                document.index.opt.value='createzipfile';   
                document.index.submit();
            }
        } 
    }

function fileReport(){
    var field=document.getElementsByName('file[]');
        var arrField = new Array();
        for (i = 0; i < field.length; i++){
            if(field[i].checked == true){
                arrField+= field[i].value+"JozZenVaL";
                //arrField+="JozZenVaL";
                var getRes = "Success";
            }
        }
    if(getRes=="Success"){
        //document.index.opt.value='filreport'; 
        //document.index.submit();
        //alert(arrField);
        document.location="getfilesReport.php?id="+arrField;
    }else{
        alert("Please select atleast one file.");
        return false;
    }
}

function addNotes(path,txt)
{
    var txtVal=document.getElementById(txt).value;
    xmlHttp=GetXmlHttpObject()
    if (xmlHttp==null)
    {
    alert ("Browser does not support HTTP Request")
    return
    }
    var url="addNotes.php"
    url=url+"?path="+path+"&txt="+txtVal
    url=url+"&sid="+Math.random()
    xmlHttp.onreadystatechange=resNotes
    xmlHttp.open("GET",url,true)
    xmlHttp.send(null)
}

function resNotes() 
{ 
    if (xmlHttp.readyState==4 || xmlHttp.readyState=="complete")
    { 
        //alert(xmlHttp.responseText);
        return true;
    } 
}

    function GetXmlHttpObject()
    {
        var xmlHttp=null;
        try
        {
        // Firefox, Opera 8.0+, Safari
        xmlHttp=new XMLHttpRequest();
        }
        catch (e)
        {
        //Internet Explorer
            try
            {
            xmlHttp=new ActiveXObject("Msxml2.XMLHTTP");
            }
            catch (e)
            {
            xmlHttp=new ActiveXObject("Microsoft.XMLHTTP");
            }
        }
    return xmlHttp;
    }

function ShowUser() {
    document.getElementById("usermanagement").style.display = "block";
    document.getElementById("filemanagement").style.display = "none";
    document.getElementById("adminmanagement").style.display = "none";
    document.index.opt.value='manageuser';
    document.index.submit();
}

function ShowAdmin(){
    document.getElementById("adminmanagement").style.display = "block";
    document.getElementById("filemanagement").style.display = "none";
    document.getElementById("usermanagement").style.display = "none";

}
function ShowFile(){
    document.getElementById("filemanagement").style.display = "block";  
    document.getElementById("adminmanagement").style.display = "none";
    document.getElementById("usermanagement").style.display = "none";
    document.index.opt.value='';
    document.index.submit();
}

function userBlock(){
    document.getElementById("usermanagement").style.display = "block";
    document.getElementById("filemanagement").style.display = "none";
    document.getElementById("adminmanagement").style.display = "none";
}
</script>
<link href="css.css" rel="stylesheet" type="text/css">
<meta http-equiv="Cache-control" content="public">
<title>File Management</title>
</head>
<body >
<table width="100%" height="100%" border="0" cellspacing="0" cellpadding="0" style="max-width:100%; min-width:100%; margin:0px auto;">
  <tr>
    <td><table width="100%" height="100%" border="0" cellpadding="0" cellspacing="0" class="main" >
        <tr >
          <td  class="bg" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="5">
              <tr>
                <td width="50%" style="padding:25px 0 5px 5px;"><a href="index.php"><img src="image/cpilogo.jpg" width="264" height="67" border="0"></a></td>
                <td class="contentheading2"><?php if($_SESSION['username']!="") { ?>
                  Welcome &nbsp;&nbsp;<span><?php echo $_SESSION['acname'];?></span>
                  <?php }?></td>
                <td width="10%"  align="right" style="padding:0 10px 0 0"><?php if($_SESSION['username']!="") { ?>
                  <input type="button" name="logout"  class="logout" onClick="lout()" />
                  <?php } ?></td>
              </tr>
            </table></td>
        </tr>
        <tr class="content_bg" >
          <td width="80%" height="100%" valign="top"   ><table width="100%" border="0" cellspacing="0" cellpadding="0" >
              <?php if($_SESSION['username']!=""){ ?>
              <tr class="bg2">
                <?php //if (($_SESSION['assign_admin'] == "1") || ($_SESSION['assign_admin'] == "2")) { ?>
                <?php if ($_SESSION['assign_admin'] == "1"){ ?>
                <td width="86"><img src="image/acc_admin.gif" width="86" alt="admin" height="33" border="0" onClick="createadmin()" style="cursor:pointer;"></td>
                <?php } if($_SESSION['username']=="admin"){?>
                <td width="157" align="left" valign="middle" style="padding-top:5px; padding-right:7px; "><a href="#" onClick="document.location='index.php'" style="cursor:pointer; color:#000000;">
                  <!--<img src="image/file_management.png" width="144" alt="admin" height="29">-->
                  <span id="file_management_icon"></span> </a></td>
                <?php }//if (($_SESSION['assign_admin'] == "1") || ($_SESSION['assign_admin'] == "2")) { ?>
                <?php if ($_SESSION['assign_admin'] == "1") { ?>
                <td width="170" align="left" valign="middle" style="padding-top:5px; padding-right:7px;"><a href="#" onClick="ShowUser()" style="cursor:pointer; color:#000000;">
                  <!--<img src="image/user_management.png" width="157" alt="admin" height="29">-->
                  <span id="user_management_icon"></span> </a></td>
                <td width="626" align="left" valign="middle" style="padding-top:5px; padding-right:7px;"><a href="#" onClick="window.open('calendar.php',
'myWindow','width=500,height=250')" style="cursor:pointer; color:#000000; display:block; width:170px;">
                  <!--<img src="image/file_download.png" />-->
                  <span id="file_download_icon"></span> </a>
                  <?php } ?>                </td>
                <td width="355"><table border="0" cellspacing="0" cellpadding="0">
                <?php
        if(isset($_POST['dir'])){
               $_POST['dir'] = str_replace("//","/",$_POST['dir']);
               //$root_dir=Get_Dirname($_SESSION['username']);
               $root_dir=$_SESSION['dir'];
               $subcount=substr_count($_POST['dir'], $root_dir);
               if($subcount==0) $_POST['dir']=$root_dir.'/';
               $tmp='';
               $tmp1='';
               $dir_tmp=$_POST['dir'];
               $ary=explode("/",$dir_tmp);
               for($c=0;$c<count($ary)-2;$c++)
               $tmp.=$ary[$c].'/';
               for($c=0;$c<count($ary)-1;$c++)
               $tmp1.=$ary[$c].'/';
               if(count($ary)<3) $tmp=$dir_tmp;

          } else {
               $dir_tmp=$_SESSION['dir'];
               $tmp=$dir_tmp;
               $tmp1=$dir_tmp;
          }
    ?>
                    <tr>
                      <td><div style="margin-right:5px; float:left">
                          <?php 
          if($_POST['opt']!='create' && $_POST['opt']!='logout' && $_POST['opt']!='upload' && $_POST['opt']!='createuser' && $_POST['opt']!='delete' && $_POST['opt']!='copy' && $_POST['opt']!='move'){
    ?>
                          <input type="button" name="Up"  class="Back" onClick="chgDir('<?php echo $tmp;?>');" />
                          <?php } else { ?>
                          <input type="button" name="Up" class="Back" onClick="fun2('<?php echo $tmp1;?>');" />
                          <?php }    ?>
                        </div></td>
                      <td><div style="margin-right:5px; float:left"><?php if ($_SESSION['assign_admin'] == "1" || $_SESSION['assign_admin'] == "0") { ?>
                        <div id="navigation" style="float:left">
                          <ul id="nav">
                            <!-- main item 1 -->
                            <li class="item1"><a href="mailto:netops@allzonems.com?cc=patrick@allzonems.com" > <span id="online_help"></span> </a>
                              <!-- dropdown or flyout 1 -->
                              <?php /*?><ul>
<li><?php if ($_SESSION['assign_admin'] == "1"){?><a href="createzip.php?img=image&path=help/help.zip" title="Demo">User Guide</a><?php }else{?><a href="createzip.php?img=image&path=help/FileBox_UserManual_Version_1.pdf" title="Demo">User Guide</a><?php }?></li>

</ul><?php */?>
                            </li>
                            <!-- main item 2 -->
                          </ul>
                        </div>
                        <?php } ?>
                      </div></td>
                      <td valign="middle"><div style="margin-right:5px; float:left"><?php
                            if ($_SESSION['assign_admin'] == "1") { 
                                 $uname1=$_SESSION['username'];
                                 $sqlmax="SELECT COUNT(username) FROM userdetails where user_to='$uname1'";
                                 $rsmax=mysql_query($sqlmax);
                                if($rowmax=mysql_fetch_array($rsmax))
                                {
                                     $max_account1=$rowmax[0];
                                }


                         ?>
                        <table width="100%" border="0" cellspacing="0" cellpadding="0">
                          <tr>
                            <td align="right"><span id="maximum_user_ac"></span> </td>
                            <td align="left" style="color:#ea7222;font-weight:bold;"><?php echo "$max_account1";?></td>
                            <?php
            $select_user_to = mysql_query("select * from userdetails where user_to='".$_SESSION['username']."' and assign_admin='0'");
            $my_num_user = mysql_num_rows($select_user_to);
            $left_account=  $max_account1 - $my_num_user;
         ?>
                          </tr>
                        </table>
                        <?php } ?></div></td>
                    </tr>
                  </table></td>
              </tr>
              <?php
   } ?>
            </table>
            <table width="100%" border="0" cellspacing="0" cellpadding="0" class="menu">
              <tr>
                <td><table width="100%" border="0" cellspacing="0" cellpadding="0"   >
                    <tr>
                      <?php if($_SESSION['username']!="") { ?>
                      <?php   
//if(isset($_SESSION['username']) and $_POST['opt']!='logout')   {
    ?>
                      <td colspan="2"  class="bg3"><!--====================Header Starts==================-->
                        <div id="filemanagement">
                          <?php  $permission_id1 = explode(",",$permission_id); ?>









                          <table border="0" cellspacing="0" cellpadding="0" height="40" width="100%" vspace="10"  >
  <tr>
    <td width="80%" style="height: 30px; vertical-align: middle; line-height: 0px; padding-left:15px; padding-top:7px">
    <?php
   if(($assign_admin=='1') || ($assign_admin=='2'))
   {
   ?>
      <div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
        <input type="button" name="createdir"  onClick="createdir1()" class="Create" />
      </div>
      <?php
   }
    elseif(in_array("4",$permission_id1))
            { ?>
      <div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
        <input type="button" name="createdir2"  onClick="createdir1()" class="Create" />
      </div>
      <?php } ?>
      <div style="float:left; margin-top:5px;"><span width="382" align="left" valign="middle" style="padding-top:5px; padding-right:7px;"><a href="#" onClick="fileRename();" style="cursor:pointer; color:#000000;">
        <!--<img src="image/file_download.png" />-->
        <span id="rename_icon"></span> </a></span></div>
      <?php
   if(($assign_admin=='1') || ($assign_admin=='2'))
   { ?>
      <div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
        <input type="button" name="copyfile"   onclick="cpyfile()" class="Copyfile"/>
      </div>
      <?php
  } elseif(in_array("3",$permission_id1))
            { ?>
      <div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
        <input type="button" name="copyfile"   onclick="cpyfile()" class="Copyfile"/>
      </div>
      <?php } ?>
      <?php
   if(($assign_admin=='1') || ($assign_admin=='2'))
   { ?>
      <div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
        <input type="button" name="movefile"  onClick="movefle()" class="Movefile"/>
      </div>
      <?php
 }  elseif(in_array("2",$permission_id1))
            { ?>
      <div style="margin-right:12px; *margin-right:5px; float:left; height:27px">
        <input type="button" name="movefile"  onClick="movefle()" class="Movefile"/>
      </div>
      <?php } ?>
      <?php
   if(($assign_admin=='1') || ($assign_admin=='2'))
   { ?>
      <div style="margin-right:12px; *margin-right:5px; margin-top:5px; float:left; height:27px">
        <input type="button" name="deletefile" class="Delete" onClick="delfile()" />
      </div>
      <?php
  } elseif(in_array("1",$permission_id1))
            { ?>
      <div style="margin-right:12px; *margin-right:5px; float:left; margin-top:5px; height:27px">
        <input type="button" name="deletefile" class="Delete" onClick="delfile()" />
      </div>
      <?php } ?>
      <div style="float:left; margin-top:6px;"><span style="padding-top:5px; padding-right:7px;"><a href="#" onClick="fileReport();" style="cursor:pointer; color:#000000;">
        <!--<img src="image/file_download.png" />-->
        <span id="file_export_icon"></span> </a></span></div>    </td>
    <td width="20%" align="right" style="height: 30px; vertical-align: middle; line-height: 0px; padding-right:15px; *padding-right:35px">
    <table width="100%" border="0" cellspacing="0" cellpadding="0">
      <tr>
        <td align="right"><div style="margin-right:12px; width:91px; *margin-right:5px; float:left; height:27px">
        <?php  if(($access_rights == "1") || ($access_rights == "3") ) { ?>
        <input type="button" name="createzipfile" class="Download" onClick="createzipfile()" />
        <?php } ?>
      </div></td>
        <td align="right"> <div style="margin-right:12px; width:91px; *margin-right:5px; float:left; height:27px">
        <?php  if(($access_rights == "2") || ($access_rights == "3") ) { ?>
        <input type="button" name="uploadfile"   onclick="fleupload()" class="Uploadfile"/>
        <?php } ?>
    </div></td>
      </tr>
    </table>       </td>
    <!----end td-->
  </tr>
</table>












                          <?php
  // if($_SESSION['username']=='admin')
//   if (($assign_admin == '1') || ($assign_admin == '2'))
//   {
   ?>
                          <?php
 //  }
   ?>
                        </div>
                        <!--====================Header Starts End==================-->
                        <div id="adminmanagement" style="display:none;">
                          <input type="button" name="createadmin"  onClick="createadmin()" class="Createadmin" />
                        </div>
                        <div id="usermanagement" style="display:none; padding-left:40px;">
                          <input type="button" name="createuser"  onClick="createuser()" class="Createnew"  />
                          <input type="button" name="manageuser"  onClick="manageuser()" class="Manageusers"  />
                          <!--<input type="button" name="folderaccess"  onClick="folderaccess()" class="Folderaccess"  />-->
                          <?php 
          if(($_POST['opt']!='logout') && ($_POST['opt']!='upload') && ($_POST['opt']!='createuser') && ($_POST['opt']!='delete') && ($_POST['opt']!='copy') && ($_POST['opt']!='move')){
    ?>
                          <input type="button" name="Up"  class="Backnew" onClick="document.location='index.php'" />
                          <?php } else { ?>
                          <input type="button" name="Up" class="Backnew" onClick="manageuser();" />
                          <?php }    ?>
                        </div></td>
                      <!-- <td>
    <?php // if(($access_rights == "1") || ($access_rights == "3") ) { ?> 
     <input type="button" name="createzipfile" class="Download" onClick="createzipfile()" />
     <?php // } ?>    <input type="button" name="logout"  class="logout" onClick="lout()" />  </td>-->
                      <?php 
    //  }
    //  else
    //  {
    //  echo "<td width=\"100%\"></td><td width=\"28\"></td>";
    //  }
      ?>
                    </tr>
                    <?php } ?>
                    <?php if($_SESSION['username']!="") { ?>
                    <!-- <tr>
    <td class="contentheading">Welcome <?php /*?><?php echo $uname;?><?php */?>,</td>
    <td align="right" class="contentheading">
    <?php /*?><?php if ($_SESSION['assign_admin'] == "1") { ?>
    <a href="http://www.cpifilebox.com/manual/current.pdf"><img src="image/help.png" border="0" align="right"></a>
    <?php } ?><?php */?>
    </td>

    </tr>-->
                    <?php } ?>
                  </table></td>
              </tr>
            </table>
            <table width="100%"  border="0" cellpadding="0" cellspacing="0" >
              <tr >
                <td valign="top"  height="100%"  ><?php
        if(isset($_SESSION['username'])){
      ?>
                  <table width="95%"  cellpadding="0" cellspacing="0" border="0" align="center" style="margin:2px auto 0 auto; border:1px solid #6b97c5;">
                    <?php
            }else{
        ?>
                    <!--  <table width="90%"  cellpadding="0" cellspacing="0" border="0" align="center" style="margin:2px auto 0 auto; border:0px solid #6b97c5;">-->
                    <?php
            }
        ?>
                    <tr>
                      <?php
        if(isset($_SESSION['username'])){
            if($_POST['opt']==""){
      ?>
                      <td colspan="5" valign="top" style="background:#F4FCFF; height:300px; text-align:center; vertical-align:middle; font-weight:bold"><?php
            }else{
             ?>
                      <td colspan="5" valign="top" style="background:#F4FCFF;"><?php
            }
        }else{
    ?>
                      <td colspan="5" valign="top"><?php
        }
    ?>
                        <?php 
        if(isset($_SESSION['username'])){
                if($_POST['opt']=='create')
                    require_once("createdir.php");
                else if($_POST['opt']=='delete')
                    require_once("deletefile.php");
                else if($_POST['opt']=='copy')
                    require_once("copyfile.php");
                else if($_POST['opt']=='move')
                    require_once("movefile.php");
                else if($_POST['opt']=='logout')
                    require_once("login.php");
                else if($_POST['opt']=='upload')
                    require_once("uploadfile.php");
                elseif($_POST['opt'] == 'createadmin')
                    require_once("newadmin.php");
                else if($_POST['opt']=='createuser'){
                    //require_once("newuser.php");                  
                    require_once("create_user.php");                    
                }else if($_POST['opt']=='manageuser'){
                    require_once("manage_users.php");
                }else if($_POST['opt']=='folderaccess'){
                    require_once("folder_access.php");
                }else if($_POST['opt']=='filerename'){
                    require_once("filerename.php");
                }else if($_POST['opt']=="filreport"){
                    require_once("getfilesReport.php");
                }else{
                    //require_once("index1.php"); 
                    require_once("foldertree_table.php");
                }
            }else{
                    require_once("login.php");
            }
            ?>
                      </td>
                    </tr>
                    <?php if($msg!=""){ ?>
                    <tr>
                      <td colspan="6"><?php echo $msg; ?></td>
                    </tr>
                    <?php } ?>
                  </table></td>
              </tr>
            </table></td>
        </tr>
      </table></td>
  </tr>
  <tr>
    <td><table width="100%" border="0" cellspacing="0" cellpadding="5">
        <tr>
          <td><img src="image/copyright.png"></td>
          <td align="right"><a href="mailto:netops@allzonems.com?cc=patrick@allzonems.com">Contact Us</a></td>
        </tr>
      </table></td>
  </tr>
</table>
</body>
</html>
<?php if($_REQUEST['opt']=='createuser' || $_REQUEST['opt']=='manageuser' || $_REQUEST['opt']=='folderaccess'){ ?>
<script language="javascript">
    userBlock();
    </script>
<?php } ?>

Edited by Dani: Formatting fixed

3
Contributors
3
Replies
4
Views
5 Years
Discussion Span
Last Post by pritaeas
0

[06-Feb-2012 04:09:44] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 991
[06-Feb-2012 04:21:44] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 960
[06-Feb-2012 04:34:21] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 928
[06-Feb-2012 04:34:44] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 928
[06-Feb-2012 04:35:46] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 928
[06-Feb-2012 04:36:44] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 960
[06-Feb-2012 04:37:37] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 960
[06-Feb-2012 04:37:44] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 960
[06-Feb-2012 04:37:51] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 960
[06-Feb-2012 04:38:44] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 929
[06-Feb-2012 04:51:44] PHP Parse error: syntax error, unexpected $end in /home/jlnzone/public_html/fileboxNew/index.php on line 47
[06-Feb-2012 04:39:44] PHP Parse error: syntax error, unexpected $end in /home/allzonei/public_html/taxreturnsoutsource.com/fileboxNew/index.php on line 990
[06-Feb-2012 04:40:27] PHP Parse error: syntax error, unexpected $end in /home/allzonei/public_html/taxreturnsoutsource.com/fileboxNew/index.php on line 990

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.