diff --git a/include/class.faq.php b/include/class.faq.php
index 78b1a799e021f46ed4f44ba159f98568328eb4cd..06be159044c337cb9c102c7864edf0445c8d08be 100644
--- a/include/class.faq.php
+++ b/include/class.faq.php
@@ -19,11 +19,11 @@ class FAQ {
var $id;
var $ht;
+
var $category;
+ var $attachments;
function FAQ($id) {
-
-
$this->id=0;
$this->ht = array();
$this->load($id);
@@ -44,6 +44,7 @@ class FAQ {
$this->ht = db_fetch_array($res);
$this->ht['id'] = $this->id = $this->ht['faq_id'];
$this->category = null;
+ $this->attachments = array();
return true;
}
@@ -158,6 +159,20 @@ class FAQ {
return false;
$this->updateTopics($vars['topics']);
+
+ //Delete removed attachments.
+ $keepers = $vars['files']?$vars['files']:array();
+ if(($attachments = $this->getAttachments())) {
+ foreach($attachments as $k=>$file) {
+ if($file['id'] && !in_array($file['id'], $keepers))
+ $this->deleteAttachment($file['id']);
+ }
+ }
+
+ //Upload new attachments IF any.
+ if($_FILES['attachments'] && ($files=Format::files($_FILES['attachments'])))
+ $this->uploadAttachments($files);
+
$this->reload();
return true;
@@ -261,10 +276,19 @@ class FAQ {
/* ------------------> Static methods <--------------------- */
function add($vars, &$errors) {
- if(($id=self::create($vars, $errors)) && ($faq=self::lookup($id)))
+ if(!($id=self::create($vars, $errors)))
+ return false;
+
+ if(($faq=self::lookup($id))) {
$faq->updateTopics($vars['topics']);
+
+ if($_FILES['attachments'] && ($files=Format::files($_FILES['attachments'])))
+ $faq->uploadAttachments($files);
- return$faq;
+ $faq->reload();
+ }
+
+ return $faq;
}
function create($vars, &$errors) {
diff --git a/include/staff/faq.inc.php b/include/staff/faq.inc.php
index 8882da2fa817cf1e5000d4700fab0cc2b9bb0a19..fb87156b97d5f33254efcce57b24b7cfef638c7d 100644
--- a/include/staff/faq.inc.php
+++ b/include/staff/faq.inc.php
@@ -23,6 +23,7 @@ if($faq){
$info=Format::htmlchars(($errors && $_POST)?$_POST:$info);
?>
<form action="faq.php?<?php echo $qstr; ?>" method="post" id="save" enctype="multipart/form-data">
+ <?php csrf_token(); ?>
<input type="hidden" name="do" value="<?php echo $action; ?>">
<input type="hidden" name="a" value="<?php echo Format::htmlchars($_REQUEST['a']); ?>">
<input type="hidden" name="id" value="<?php echo $info['id']; ?>">
@@ -90,7 +91,7 @@ $info=Format::htmlchars(($errors && $_POST)?$_POST:$info);
<div><b>Attachments</b> (optional) <font class="error"> <?php echo $errors['files']; ?></font></div>
<?php
if($faq && ($files=$faq->getAttachments())) {
- echo '<div id="faq_attachments"><span class="faded">Uncheck to delete the attachment on submit</span><br>';
+ echo '<div class="faq_attachments"><span class="faded">Uncheck to delete the attachment on submit</span><br>';
foreach($files as $file) {
$hash=$file['hash'].md5($file['id'].session_id().$file['hash']);
echo sprintf('<label><input type="checkbox" name="files[]" id="f%d" value="%d" checked="checked">
@@ -99,14 +100,12 @@ $info=Format::htmlchars(($errors && $_POST)?$_POST:$info);
}
echo '</div><br>';
}
- //TODO: add a setting on admin panel
- if(count($files)<5) {
?>
- <div>
- <input type="file" name="attachments[]" value=""/>
+ <div class="faded">Select files to upload.</div>
+ <div class="uploads"></div>
+ <div class="file_input">
+ <input type="file" class="multifile" name="attachments[]" size="30" value="" />
</div>
- <?}?>
- <div class="faded">You can upload up to 5 attachments.</div>
</td>
</tr>
<?php
diff --git a/scp/faq.php b/scp/faq.php
index f668be9f233fe5f2678bebceda1f6fda94dfdd13..6e3d422a1669d8b09c02735d3115879e0fb3edbd 100644
--- a/scp/faq.php
+++ b/scp/faq.php
@@ -40,19 +40,7 @@ if($_POST):
elseif($faq->update($_POST,$errors)) {
$msg='FAQ updated successfully';
$_REQUEST['a']=null; //Go back to view
- //Delete removed attachments.
- $keepers = $_POST['files']?$_POST['files']:array();
- if(($attachments = $faq->getAttachments())) {
- foreach($attachments as $k=>$file) {
- if($file['id'] && !in_array($file['id'], $keepers)) {
- $faq->deleteAttachment($file['id']);
- }
- }
- }
- //Upload NEW attachments IF ANY - TODO: validate attachment types??
- if($_FILES['attachments'] && ($files=Format::files($_FILES['attachments'])))
- $faq->uploadAttachments($files);
-
+ $faq->reload();
} elseif(!$errors['err'])
$errors['err'] = 'Unable to update FAQ. Try again!';
break;