$file) {
if(is_uploaded_file($file['tmp_name'])){
$filename = preg_replace('/[^a-zA-Z0-9\-\._]/','', $file['name']);
$filesize = ($file['size'] < 1000000) ? round($file['size'] / 1000)."k" : round($file['size'] / 1000000)."M";
$title = $_POST['titles'][$index];
$path = '/docs/files/news';
move_uploaded_file($file['tmp_name'], "..$path/$filename");
$qf=mysqli_query($conn, "INSERT INTO files VALUES(null, '$title', '$filename', '".$path."', NOW(), '$filesize')");
$append[$index] = mysqli_insert_id($conn);
}
}
}
$fullAppend = array_filter(array_merge($append,$currentAppend));
if($_POST['filesDel']){
foreach ($_POST['filesDel'] as $fileID) {
if (($index = array_search($fileID, $fullAppend)) !== false) {
unset($fullAppend[$index]);
$qtf=mysqli_query($conn, "SELECT * FROM files WHERE id=".$fileID);
$rtf=mysqli_fetch_array($qtf);
@unlink("..".$rtf['path']."/".$rtf['filename']);
$qtf=mysqli_query($conn, "DELETE FROM files WHERE id=".$fileID);
}
}
}
$q=mysqli_query($conn, "UPDATE news SET
title='".addslashes(trim($_POST['title']))."', text='".addslashes(trim($_POST['text']))."',
date='".trim(conv_date_en($_POST['date']))."', append='".implode(',',$fullAppend)."'
WHERE id=".trim($getQ[3]));
echo '
Notizia modificata correttamente!
';
}else{
if($getQ[3]){
$q=mysqli_query($conn, "SELECT * FROM news WHERE id = ".trim($getQ[3]));
$r=mysqli_fetch_array($q);
?>