source: admin/media.php @ 1455:a20ad8fa0be2

Visit:

Revision 1455:a20ad8fa0be2, 14.4 KB checked in by franck <carnet.franck.paul@…>, 12 years ago (diff)
post vs POST, hello validator

Rev	Line
[0]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
[1179]	6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
[0]	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12
	13	/* HTML page
	14	-------------------------------------------------------- */
	15	require dirname(__FILE__).'/../inc/admin/prepend.php';
	16
	17	dcPage::check('media,media_admin');
	18
	19	$post_id = !empty($_GET['post_id']) ? (integer) $_GET['post_id'] : null;
	20	if ($post_id) {
[408]	21	$post = $core->blog->getPosts(array('post_id'=>$post_id,'post_type'=>''));
[0]	22	if ($post->isEmpty()) {
	23	$post_id = null;
	24	}
	25	$post_title = $post->post_title;
	26	$post_type = $post->post_type;
	27	unset($post);
	28	}
	29	$d = isset($_REQUEST['d']) ? $_REQUEST['d'] : null;
	30	$dir = null;
	31
	32	$page = !empty($_GET['page']) ? $_GET['page'] : 1;
	33	$nb_per_page = 30;
	34
	35	# We are on home not comming from media manager
	36	if ($d === null && isset($_SESSION['media_manager_dir'])) {
	37	# We get session information
	38	$d = $_SESSION['media_manager_dir'];
	39	}
	40
	41	if (!isset($_GET['page']) && isset($_SESSION['media_manager_page'])) {
	42	$page = $_SESSION['media_manager_page'];
	43	}
	44
	45	# We set session information about directory and page
	46	if ($d) {
	47	$_SESSION['media_manager_dir'] = $d;
	48	} else {
	49	unset($_SESSION['media_manager_dir']);
	50	}
	51	if ($page != 1) {
	52	$_SESSION['media_manager_page'] = $page;
	53	} else {
	54	unset($_SESSION['media_manager_page']);
	55	}
	56
	57	# Sort combo
	58	$sort_combo = array(
	59	__('By names, in ascending order') => 'name-asc',
	60	__('By names, in descending order') => 'name-desc',
	61	__('By dates, in ascending order') => 'date-asc',
	62	__('By dates, in descending order') => 'date-desc'
[1161]	63	);
[0]	64
	65	if (!empty($_GET['file_sort']) && in_array($_GET['file_sort'],$sort_combo)) {
	66	$_SESSION['media_file_sort'] = $_GET['file_sort'];
	67	}
	68	$file_sort = !empty($_SESSION['media_file_sort']) ? $_SESSION['media_file_sort'] : null;
	69
	70	$popup = (integer) !empty($_GET['popup']);
	71
	72	$page_url = 'media.php?popup='.$popup.'&post_id='.$post_id;
	73
	74	if ($popup) {
	75	$open_f = array('dcPage','openPopup');
	76	$close_f = array('dcPage','closePopup');
	77	} else {
	78	$open_f = array('dcPage','open');
	79	$close_f = create_function('',"dcPage::helpBlock('core_media'); dcPage::close();");
	80	}
	81
	82	$core_media_writable = false;
	83	try {
	84	$core->media = new dcMedia($core);
	85	if ($file_sort) {
	86	$core->media->setFileSort($file_sort);
	87	}
	88	$core->media->chdir($d);
	89	$core->media->getDir();
	90	$core_media_writable = $core->media->writable();
	91	$dir =& $core->media->dir;
	92	if (!$core_media_writable) {
	93	throw new Exception('you do not have sufficient permissions to write to this folder: ');
	94	}
	95	} catch (Exception $e) {
	96	$core->error->add($e->getMessage());
	97	}
	98
	99	# Zip download
	100	if (!empty($_GET['zipdl']) && $core->auth->check('media_admin',$core->blog->id))
	101	{
	102	try
	103	{
	104	@set_time_limit(300);
	105	$fp = fopen('php://output','wb');
	106	$zip = new fileZip($fp);
	107	$zip->addExclusion('#(^\|/).(.*?)_(m\|s\|sq\|t).jpg$#');
	108	$zip->addDirectory($core->media->root.'/'.$d,'',true);
	109
	110	header('Content-Disposition: attachment;filename='.($d ? $d : 'media').'.zip');
	111	header('Content-Type: application/x-zip');
	112	$zip->write();
	113	unset($zip);
	114	exit;
	115	}
	116	catch (Exception $e)
	117	{
	118	$core->error->add($e->getMessage());
	119	}
	120	}
	121
	122	# New directory
	123	if ($dir && !empty($_POST['newdir']))
	124	{
	125	try {
	126	$core->media->makeDir($_POST['newdir']);
	127	http::redirect($page_url.'&d='.rawurlencode($d).'&mkdok=1');
	128	} catch (Exception $e) {
	129	$core->error->add($e->getMessage());
	130	}
	131	}
	132
	133	# Adding a file
[1159]	134	if ($dir && !empty($_FILES['upfile'])) {
	135	// only one file per request : @see option singleFileUploads in admin/js/jsUpload/jquery.fileupload
[1161]	136	$upfile = array('name' => $_FILES['upfile']['name'][0],
	137	'type' => $_FILES['upfile']['type'][0],
	138	'tmp_name' => $_FILES['upfile']['tmp_name'][0],
	139	'error' => $_FILES['upfile']['error'][0],
	140	'size' => $_FILES['upfile']['size'][0]
	141	);
[1144]	142
[1161]	143	if (!empty($_SERVER['HTTP_X_REQUESTED_WITH'])) {
	144	header('Content-type: application/json');
	145	$message = array();
[1144]	146
[1161]	147	try {
	148	files::uploadStatus($upfile);
	149	$new_file_id = $core->media->uploadFile($upfile['tmp_name'], $upfile['name']);
[1144]	150
[1161]	151	$message['files'][] = array('name' => $upfile['name'],
	152	'size' => $upfile['size'],
	153	'html' => mediaItemLine($core->media->getFile($new_file_id), 1)
	154	);
	155	} catch (Exception $e) {
	156	$message['files'][] = array('name' => $upfile['name'],
[1162]	157	'size' => $upfile['size'],
[1161]	158	'error' => $e->getMessage()
	159	);
	160	}
	161	echo json_encode($message);
	162	exit();
	163	} else {
	164	try {
	165	files::uploadStatus($upfile);
[1159]	166
[1161]	167	$f_title = (isset($_POST['upfiletitle']) ? $_POST['upfiletitle'] : '');
	168	$f_private = (isset($_POST['upfilepriv']) ? $_POST['upfilepriv'] : false);
[1159]	169
[1161]	170	$core->media->uploadFile($upfile['tmp_name'], $upfile['name'], $f_title, $f_private);
	171	http::redirect($page_url.'&d='.rawurlencode($d).'&upok=1');
	172	} catch (Exception $e) {
	173	$core->error->add($e->getMessage());
	174	}
	175	}
[0]	176	}
	177
	178	# Removing item
	179	if ($dir && !empty($_POST['rmyes']) && !empty($_POST['remove']))
	180	{
	181	$_POST['remove'] = rawurldecode($_POST['remove']);
	182
	183	try {
	184	$core->media->removeItem($_POST['remove']);
	185	http::redirect($page_url.'&d='.rawurlencode($d).'&rmfok=1');
	186	} catch (Exception $e) {
	187	$core->error->add($e->getMessage());
	188	}
	189	}
	190
	191	# Rebuild directory
	192	if ($dir && $core->auth->isSuperAdmin() && !empty($_POST['rebuild']))
	193	{
	194	try {
	195	$core->media->rebuild($d);
	196	http::redirect($page_url.'&d='.rawurlencode($d).'&rebuildok=1');
	197	} catch (Exception $e) {
	198	$core->error->add($e->getMessage());
	199	}
	200	}
	201
	202	# DISPLAY confirm page for rmdir & rmfile
[947]	203	if ($dir && !empty($_GET['remove']) && empty($_GET['noconfirm']))
[0]	204	{
[1358]	205	call_user_func($open_f,__('Media manager'),'',
	206	dcPage::breadcrumb(
	207	array(
	208	html::escapeHTML($core->blog->name) => '',
	209	__('Media manager') => '',
	210	'<span class="page-title">'.__('confirm removal').'</span>' => ''
	211	),!$popup)
	212	);
[0]	213
	214	echo
	215	'<form action="'.html::escapeURL($page_url).'" method="post">'.
	216	'<p>'.sprintf(__('Are you sure you want to remove %s?'),
[1161]	217	html::escapeHTML($_GET['remove'])).'</p>'.
[557]	218	'<p><input type="submit" value="'.__('Cancel').'" /> '.
	219	'   <input type="submit" name="rmyes" value="'.__('Yes').'" />'.
[0]	220	form::hidden('d',$d).
	221	$core->formNonce().
	222	form::hidden('remove',html::escapeHTML($_GET['remove'])).'</p>'.
	223	'</form>';
	224
	225	call_user_func($close_f);
	226	exit;
	227	}
	228
	229	/* DISPLAY Main page
	230	-------------------------------------------------------- */
[240]	231	$core->auth->user_prefs->addWorkspace('interface');
	232	$user_ui_enhanceduploader = $core->auth->user_prefs->interface->enhanceduploader;
	233
[1358]	234
	235	if (!isset($core->media)) {
	236	$breadcrumb = dcPage::breadcrumb(
	237	array(
	238	html::escapeHTML($core->blog->name) => '',
	239	'<span class="page-title">'.__('Media manager').'</span>' => ''
	240	),!$popup);
	241	} else {
	242	$breadcrumb_media = $core->media->breadCrumb(html::escapeURL($page_url).'&d=%s','<span class="page-title">%s</span>');
	243	if ($breadcrumb_media == '') {
	244	$breadcrumb = dcPage::breadcrumb(
	245	array(
	246	html::escapeHTML($core->blog->name) => '',
	247	'<span class="page-title">'.__('Media manager').'</span>' => ''
	248	),!$popup);
	249	} else {
	250	$breadcrumb = dcPage::breadcrumb(
	251	array(
	252	html::escapeHTML($core->blog->name) => '',
	253	__('Media manager') => html::escapeURL($page_url.'&d='),
	254	$breadcrumb_media => ''
	255	),!$popup);
	256	}
	257	}
	258
[0]	259	call_user_func($open_f,__('Media manager'),
	260	dcPage::jsLoad('js/_media.js').
[1358]	261	($core_media_writable ? dcPage::jsUpload(array('d='.$d)) : ''),
	262	$breadcrumb
[240]	263	);
[0]	264
	265	if (!empty($_GET['mkdok'])) {
[907]	266	dcPage::message(__('Directory has been successfully created.'));
[0]	267	}
	268
	269	if (!empty($_GET['upok'])) {
[907]	270	dcPage::message(__('Files have been successfully uploaded.'));
[0]	271	}
	272
	273	if (!empty($_GET['rmfok'])) {
[907]	274	dcPage::message(__('File has been successfully removed.'));
[0]	275	}
	276
	277	if (!empty($_GET['rmdok'])) {
[907]	278	dcPage::message(__('Directory has been successfully removed.'));
[0]	279	}
	280
	281	if (!empty($_GET['rebuildok'])) {
[907]	282	dcPage::message(__('Directory has been successfully rebuilt.'));
[0]	283	}
	284
	285	if (!empty($_GET['unzipok'])) {
[907]	286	dcPage::message(__('Zip file has been successfully extracted.'));
[0]	287	}
	288
	289	if (!$dir) {
	290	call_user_func($close_f);
	291	exit;
	292	}
	293
	294	if ($post_id) {
	295	echo '<p><strong>'.sprintf(__('Choose a file to attach to entry %s by clicking on %s.'),
[1161]	296	'<a href="'.$core->getPostAdminURL($post_type,$post_id).'">'.html::escapeHTML($post_title).'</a>',
	297	'<img src="images/plus.png" alt="'.__('Attach this file to entry').'" />').'</strong></p>';
[0]	298	}
	299	if ($popup) {
	300	echo '<p><strong>'.sprintf(__('Choose a file to insert into entry by clicking on %s.'),
[1161]	301	'<img src="images/plus.png" alt="'.__('Attach this file to entry').'" />').'</strong></p>';
[0]	302	}
	303
	304
	305	$items = array_values(array_merge($dir['dirs'],$dir['files']));
[1160]	306	echo '<div class="media-list">';
[0]	307	if (count($items) == 0)
	308	{
	309	echo '<p><strong>'.__('No file.').'</strong></p>';
	310	}
	311	else
	312	{
	313	$pager = new pager($page,count($items),$nb_per_page,10);
	314	$pager->html_prev = __($pager->html_prev);
	315	$pager->html_next = __($pager->html_next);
	316
	317	echo
	318	'<form action="media.php" method="get">'.
[1399]	319	'<p><label for="file_sort" class="classic">'.__('Sort files:').'</label> '.
	320	form::combo('file_sort',$sort_combo,$file_sort).
[0]	321	form::hidden(array('popup'),$popup).
	322	form::hidden(array('post_id'),$post_id).
[557]	323	'<input type="submit" value="'.__('Sort').'" /></p>'.
[0]	324	'</form>'.
	325
[1416]	326	'<p class="pagination">'.__('Page(s)').' : '.$pager->getLinks().'</p>';
[0]	327
	328	for ($i=$pager->index_start, $j=0; $i<=$pager->index_end; $i++, $j++)
	329	{
	330	echo mediaItemLine($items[$i],$j);
	331	}
	332
	333	echo
[1416]	334	'<p class="clear pagination">'.__('Page(s)').' : '.$pager->getLinks().'</p>';
[0]	335	}
[1162]	336	if (!isset($pager)) {
	337	echo
	338	'<p class="clear"></p>';
	339	}
[1160]	340	echo
[1161]	341	'</div>';
[1144]	342
[0]	343	if ($core_media_writable)
	344	{
[1161]	345	echo '<div class="two-cols">';
[0]	346
[1161]	347	if ($user_ui_enhanceduploader) {
	348	echo
	349	'<div class="col enhanced_uploader">';
	350	} else {
	351	echo
	352	'<div class="col">';
	353	}
[1159]	354
[1161]	355	echo
[1450]	356	'<div class="fieldset">'.
	357	'<h3>'.__('Add files').'</h3>'.
[1161]	358	'<p>'.__('Please take care to publish media that you own and that are not protected by copyright.').'</p>'.
[1455]	359	' <form id="fileupload" action="'.html::escapeURL($page_url).'" method="post" enctype="multipart/form-data" aria-disabled="false">'.
[1450]	360	'<p>'.form::hidden(array('MAX_FILE_SIZE'),DC_MAX_UPLOAD_SIZE).
	361	$core->formNonce().'</p>'.
	362	'<div class="fileupload-ctrl"><p class="queue-message"></p><ul class="files"></ul></div>';
[1159]	363
[1161]	364	echo
[1162]	365	'<div class="fileupload-buttonbar">';
	366
	367	echo
[1176]	368	'<p class="max-sier form-note info"> '.__('Maximum file size allowed:').' '.files::size(DC_MAX_UPLOAD_SIZE).'</p>'.
[1450]	369	'<p><label for="upfile">'.'<span class="add-label one-file">'.__('Choose file').'</span>'.'</label>'.
[1163]	370	'<button class="button add">'.__('Choose files').'</button>'.
[1450]	371	'<input type="file" id="upfile" name="upfile[]"'.($user_ui_enhanceduploader?' multiple="mutiple"':'').' data-url="'.html::escapeURL($page_url).'" /></p>';
[1159]	372
[1161]	373	echo
[1450]	374	'<p class="one-file"><label for="upfiletitle">'.__('Title:').'</label>'.form::field(array('upfiletitle','upfiletitle'),35,255).'</p>'.
[1452]	375	'<p class="one-file"><label for="upfilepriv" class="classic">'.__('Private').'</label> '.
[1450]	376	form::checkbox(array('upfilepriv','upfilepriv'),1).'</p>';
[1159]	377
[1161]	378	if (!$user_ui_enhanceduploader) {
	379	echo
	380	'<p class="one-file form-help info">'.__('To send several files at the same time, you can activate the enhanced uploader in').
	381	' <a href="preferences.php?tab=user-options">'.__('My preferences').'</a></p>';
	382	}
[1159]	383
[1161]	384	echo
[1450]	385	'<p><button class="button clean">'.__('Refresh').'</button>'.
[1183]	386	'<input class="button cancel one-file" type="reset" value="'.__('Clear all').'"/>'.
[1450]	387	'<input class="button start" type="submit" value="'.__('Upload').'"/></p>'.
[1161]	388	'</div>';
[1159]	389
[1161]	390	echo
[1450]	391	'<p>'.form::hidden(array('d'),$d).'</p>'.
[1161]	392	'</form>'.
[1452]	393	'</div></div>';
[1450]	394
[0]	395	echo
[536]	396	'<div class="col">'.
[0]	397	'<form class="clear" action="'.html::escapeURL($page_url).'" method="post">'.
	398	'<fieldset id="new-dir-f">'.
[536]	399	'<legend>'.__('New directory').'</legend>'.
[0]	400	$core->formNonce().
[1399]	401	'<p><label for="newdir">'.__('Directory Name:').'</label>'.
	402	form::field(array('newdir','newdir'),35,255).'</p>'.
[557]	403	'<p><input type="submit" value="'.__('Create').'" />'.
[0]	404	form::hidden(array('d'),html::escapeHTML($d)).'</p>'.
	405	'</fieldset>'.
	406	'</form></div>';
	407
	408	echo '</div>';
	409	}
	410
	411	# Empty remove form (for javascript actions)
	412	echo
	413	'<form id="media-remove-hide" action="'.html::escapeURL($page_url).'" method="post"><div class="clear">'.
	414	form::hidden('rmyes',1).form::hidden('d',html::escapeHTML($d)).
	415	form::hidden('remove','').
	416	$core->formNonce().
	417	'</div></form>';
	418
	419	# Get zip directory
	420	if ($core->auth->check('media_admin',$core->blog->id) &&
	421	!(count($items) == 0 \|\| (count($items) == 1 && $items[0]->parent)))
	422	{
	423	echo
	424	'<p class="zip-dl"><a href="'.html::escapeURL($page_url).'&zipdl=1">'.
	425	__('Download this directory as a zip file').'</a></p>';
	426	}
	427
	428	call_user_func($close_f);
	429
	430	/* ----------------------------------------------------- */
	431	function mediaItemLine($f,$i)
	432	{
	433	global $core, $page_url, $popup, $post_id;
	434
	435	$fname = $f->basename;
	436
	437	if ($f->d) {
	438	$link = html::escapeURL($page_url).'&d='.html::sanitizeURL($f->relname);
	439	if ($f->parent) {
	440	$fname = '..';
	441	}
	442	} else {
	443	$link =
	444	'media_item.php?id='.$f->media_id.'&popup='.$popup.'&post_id='.$post_id;
	445	}
	446
	447	$class = 'media-item media-col-'.($i%2);
	448
	449	$res =
	450	'<div class="'.$class.'"><a class="media-icon media-link" href="'.$link.'">'.
[1280]	451	'<img src="'.$f->media_icon.'" alt="" /></a>'.
[0]	452	'<ul>'.
	453	'<li><a class="media-link" href="'.$link.'">'.$fname.'</a></li>';
	454
	455	if (!$f->d) {
	456	$res .=
	457	'<li>'.$f->media_title.'</li>'.
	458	'<li>'.
	459	$f->media_dtstr.' - '.
	460	files::size($f->size).' - '.
	461	'<a href="'.$f->file_url.'">'.__('open').'</a>'.
	462	'</li>';
	463	}
	464
	465	$res .= '<li class="media-action"> ';
	466
	467	if ($post_id && !$f->d) {
	468	$res .= '<form action="post_media.php" method="post">'.
	469	'<input type="image" src="images/plus.png" alt="'.__('Attach this file to entry').'" '.
	470	'title="'.__('Attach this file to entry').'" /> '.
	471	form::hidden('media_id',$f->media_id).
	472	form::hidden('post_id',$post_id).
	473	form::hidden('attach',1).
	474	$core->formNonce().
	475	'</form>';
	476	}
	477
	478	if ($popup && !$f->d) {
	479	$res .= '<a href="'.$link.'"><img src="images/plus.png" alt="'.__('Insert this file into entry').'" '.
	480	'title="'.__('Insert this file into entry').'" /></a> ';
	481	}
	482
	483	if ($f->del) {
	484	$res .= '<a class="media-remove" '.
	485	'href="'.html::escapeURL($page_url).'&d='.
	486	rawurlencode($GLOBALS['d']).'&remove='.rawurlencode($f->basename).'">'.
[747]	487	'<img src="images/trash.png" alt="'.__('Delete').'" title="'.__('delete').'" /></a>';
[0]	488	}
	489
	490	$res .= '</li>';
	491
	492	if ($f->type == 'audio/mpeg3') {
	493	$res .= '<li>'.dcMedia::mp3player($f->file_url,'index.php?pf=player_mp3.swf').'</li>';
	494	}
	495
	496	$res .= '</ul></div>';
	497
	498	return $res;
	499	}
[1452]	500	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/media.php @ 1455:a20ad8fa0be2

Download in other formats:

Sites map