+if (empty($User['admin']))
+ abort("geen beheersrechten", '401 unauthorised');
+
+if ($_FILES) {
+ $img = @$_FILES['upload'];
+ if (!$img or $img['error'] !== UPLOAD_ERR_OK)
+ abort('bestand niet goed ontvangen: '.$img['error'], '409 upload error');
+
+ $datadir = 'data/' . date('Y');
+ $target = $datadir.'/'.$img['name'];
+ move_uploaded_file($img['tmp_name'], $target);
+
+ switch (@$_GET['output']) {
+ case 'ckescript':
+ printf('<script>window.parent.CKEDITOR.tools.callFunction(%s)</script>',
+ "{$_GET['CKEditorFuncNum']}, '$target'"
+ );
+ break;
+ default:
+ abort($target);
+ }
+ exit;
+}
+