source: admin/media.php @ 3268:282b26727770

Visit:

Revision 3268:282b26727770, 31.4 KB checked in by franck <carnet.franck.paul@…>, 9 years ago (diff)
Prevents downloading zipped folder outside media root folder, thanks wiswat for reporting this.

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12
13	/* HTML page
14	-------------------------------------------------------- */
15	require dirname(__FILE__).'/../inc/admin/prepend.php';
16
17	dcPage::check('media,media_admin');
18
19	$post_id = !empty($_REQUEST['post_id']) ? (integer) $_REQUEST['post_id'] : null;
20	if ($post_id) {
21	$post = $core->blog->getPosts(array('post_id'=>$post_id,'post_type'=>''));
22	if ($post->isEmpty()) {
23	$post_id = null;
24	}
25	$post_title = $post->post_title;
26	$post_type = $post->post_type;
27	unset($post);
28	}
29	$d = isset($_REQUEST['d']) ? $_REQUEST['d'] : null;
30	$plugin_id = isset($_REQUEST['plugin_id']) ? html::sanitizeURL($_REQUEST['plugin_id']) : '';
31	$dir = null;
32
33	// Attachement type if any
34	$link_type = !empty($_REQUEST['link_type']) ? $_REQUEST['link_type'] : null;
35
36	$page = !empty($_GET['page']) ? max(1,(integer) $_GET['page']) : 1;
37	$nb_per_page = ((integer) $core->auth->user_prefs->interface->media_by_page ? (integer) $core->auth->user_prefs->interface->media_by_page : 30);
38
39	# We are on home not comming from media manager
40	if ($d === null && isset($_SESSION['media_manager_dir'])) {
41	# We get session information
42	$d = $_SESSION['media_manager_dir'];
43	}
44
45	if (!isset($_GET['page']) && isset($_SESSION['media_manager_page'])) {
46	$page = $_SESSION['media_manager_page'];
47	}
48
49	# We set session information about directory, page and display mode
50	if ($d) {
51	$_SESSION['media_manager_dir'] = $d;
52	} else {
53	unset($_SESSION['media_manager_dir']);
54	}
55	if ($page != 1) {
56	$_SESSION['media_manager_page'] = $page;
57	} else {
58	unset($_SESSION['media_manager_page']);
59	}
60
61	# Get query if any
62	$q = isset($_REQUEST['q']) ? $_REQUEST['q'] : null;
63
64	# Sort combo
65	$sort_combo = array(
66	__('By names, in ascending order') => 'name-asc',
67	__('By names, in descending order') => 'name-desc',
68	__('By dates, in ascending order') => 'date-asc',
69	__('By dates, in descending order') => 'date-desc'
70	);
71
72	if (!empty($_GET['file_mode'])) {
73	$_SESSION['media_file_mode'] = $_GET['file_mode'];
74	}
75	$file_mode = !empty($_SESSION['media_file_mode']) ? $_SESSION['media_file_mode'] : 'grid';
76
77	if (!empty($_GET['file_sort']) && in_array($_GET['file_sort'],$sort_combo)) {
78	$_SESSION['media_file_sort'] = $_GET['file_sort'];
79	}
80	$file_sort = !empty($_SESSION['media_file_sort']) ? $_SESSION['media_file_sort'] : null;
81
82	$nb_per_page = !empty($_SESSION['nb_per_page']) ? (integer)$_SESSION['nb_per_page'] : $nb_per_page;
83	if (!empty($_GET['nb_per_page']) && (integer)$_GET['nb_per_page'] > 0) {
84	$nb_per_page = $_SESSION['nb_per_page'] = (integer)$_GET['nb_per_page'];
85	}
86
87	$popup = (integer) !empty($_REQUEST['popup']);
88	$select = !empty($_REQUEST['select']) ? (integer)$_REQUEST['select'] : 0; // 0 : none, 1 : single media, >1 : multiple medias
89
90	$page_url_params = new ArrayObject(array('popup' => $popup,'select' => $select,'post_id' => $post_id,'link_type' => $link_type));
91	if ($d) {
92	$page_url_params['d'] = $d;
93	}
94	if ($plugin_id != '') {
95	$page_url_params['plugin_id'] = $plugin_id;
96	}
97	if ($q) {
98	$page_url_params['q'] = $q;
99	}
100
101	$core->callBehavior('adminMediaURLParams',$page_url_params);
102	$page_url_params = (array) $page_url_params;
103
104	if ($popup) {
105	$open_f = array('dcPage','openPopup');
106	$close_f = array('dcPage','closePopup');
107	} else {
108	$open_f = array('dcPage','open');
109	$close_f = create_function('',"dcPage::helpBlock('core_media'); dcPage::close();");
110	}
111
112	$core_media_writable = false;
113	try {
114	$core->media = new dcMedia($core);
115	if ($file_sort) {
116	$core->media->setFileSort($file_sort);
117	}
118	$query = false;
119	if ($q) {
120	$query = $core->media->searchMedia($q);
121	}
122	if (!$query) {
123	$try_d = $d;
124	// Reset current dir
125	$d = null;
126	// Change directory (may cause an exception if directory doesn't exist)
127	$core->media->chdir($try_d);
128	// Restore current dir variable
129	$d = $try_d;
130	$core->media->getDir();
131	} else {
132	$d = null;
133	$core->media->chdir($d);
134	}
135	$core_media_writable = $core->media->writable();
136	$dir =& $core->media->dir;
137	if (!$core_media_writable) {
138	// throw new Exception('you do not have sufficient permissions to write to this folder: ');
139	}
140	} catch (Exception $e) {
141	$core->error->add($e->getMessage());
142	}
143
144	# Zip download
145	if (!empty($_GET['zipdl']) && $core->auth->check('media_admin',$core->blog->id))
146	{
147	try
148	{
149	if (strpos(realpath($core->media->root.'/'.$d),realpath($core->media->root)) === 0) {
150	// Media folder or one of it's sub-folder(s)
151	@set_time_limit(300);
152	$fp = fopen('php://output','wb');
153	$zip = new fileZip($fp);
154	$zip->addExclusion('#(^\|/).(.*?)_(m\|s\|sq\|t).jpg$#');
155	$zip->addDirectory($core->media->root.'/'.$d,'',true);
156
157	header('Content-Disposition: attachment;filename='.date('Y-m-d').'-'.$core->blog->id.'-'.($d ? $d : 'media').'.zip');
158	header('Content-Type: application/x-zip');
159	$zip->write();
160	unset($zip);
161	exit;
162	} else {
163	$d = null;
164	$core->media->chdir($d);
165	throw new Exception(__('Not a valid directory'));
166	}
167	}
168	catch (Exception $e)
169	{
170	$core->error->add($e->getMessage());
171	}
172	}
173
174	# Cope with fav/unfav dir
175	$fav_dirs = null;
176	if (!empty($_GET['fav'])) {
177	if (!$q) { // Ignore search results
178	$fav_dir = rtrim($d,'/');
179	$core->auth->user_prefs->addWorkspace('interface');
180	$nb_last_dirs = (integer)($core->auth->user_prefs->interface->media_nb_last_dirs);
181	if ($nb_last_dirs > 0) {
182	$fav_dirs = $core->auth->user_prefs->interface->media_fav_dirs;
183	if (!is_array($fav_dirs)) {
184	$fav_dirs = array();
185	}
186	if (!in_array($fav_dir,$fav_dirs) && $_GET['fav'] == 'y') {
187	// Add directory in favorites
188	array_unshift($fav_dirs,$fav_dir);
189	} elseif (in_array($fav_dir,$fav_dirs) && $_GET['fav'] == 'n') {
190	// Remove directory from favorites
191	unset($fav_dirs[array_search($fav_dir,$fav_dirs)]);
192	}
193	// Store new list
194	$core->auth->user_prefs->interface->put('media_fav_dirs',$fav_dirs,'array');
195	$core->adminurl->redirect('admin.media',$page_url_params);
196	}
197	}
198	}
199
200	# Recent media dirs
201	$last_dirs = null;
202	if (!$q) { // Ignore search results
203	$recent_dir = rtrim($d,'/');
204	$core->auth->user_prefs->addWorkspace('interface');
205	$nb_last_dirs = (integer)($core->auth->user_prefs->interface->media_nb_last_dirs);
206	if ($nb_last_dirs > 0) {
207	$last_dirs = $core->auth->user_prefs->interface->media_last_dirs;
208	if (!is_array($last_dirs)) {
209	$last_dirs = array();
210	}
211	if (!in_array($recent_dir,$last_dirs)) {
212	// Add new dir at the top of the list
213	array_unshift($last_dirs,$recent_dir);
214	// Remove oldest dir(s)
215	while (count($last_dirs) > $nb_last_dirs) {
216	array_pop($last_dirs);
217	}
218	} else {
219	// Move current dir at the top of list
220	unset($last_dirs[array_search($recent_dir,$last_dirs)]);
221	array_unshift($last_dirs,$recent_dir);
222	}
223	// Store new list
224	$core->auth->user_prefs->interface->put('media_last_dirs',$last_dirs,'array');
225	}
226	}
227
228	# New directory
229	if ($dir && !empty($_POST['newdir']))
230	{
231	try {
232	$core->media->makeDir($_POST['newdir']);
233	dcPage::addSuccessNotice(sprintf(
234	__('Directory "%s" has been successfully created.'),
235	html::escapeHTML($_POST['newdir']))
236	);
237	$core->adminurl->redirect('admin.media',$page_url_params);
238	} catch (Exception $e) {
239	$core->error->add($e->getMessage());
240	}
241	}
242
243	# Adding a file
244	if ($dir && !empty($_FILES['upfile'])) {
245	// only one file per request : @see option singleFileUploads in admin/js/jsUpload/jquery.fileupload
246	$upfile = array('name' => $_FILES['upfile']['name'][0],
247	'type' => $_FILES['upfile']['type'][0],
248	'tmp_name' => $_FILES['upfile']['tmp_name'][0],
249	'error' => $_FILES['upfile']['error'][0],
250	'size' => $_FILES['upfile']['size'][0]
251	);
252
253	if (!empty($_SERVER['HTTP_X_REQUESTED_WITH'])) {
254	header('Content-type: application/json');
255	$message = array();
256
257	try {
258	files::uploadStatus($upfile);
259	$new_file_id = $core->media->uploadFile($upfile['tmp_name'], $upfile['name']);
260
261	$message['files'][] = array(
262	'name' => $upfile['name'],
263	'size' => $upfile['size'],
264	'html' => mediaItemLine($core->media->getFile($new_file_id),1,$query)
265	);
266	} catch (Exception $e) {
267	$message['files'][] = array('name' => $upfile['name'],
268	'size' => $upfile['size'],
269	'error' => $e->getMessage()
270	);
271	}
272	echo json_encode($message);
273	exit();
274	} else {
275	try {
276	files::uploadStatus($upfile);
277
278	$f_title = (isset($_POST['upfiletitle']) ? $_POST['upfiletitle'] : '');
279	$f_private = (isset($_POST['upfilepriv']) ? $_POST['upfilepriv'] : false);
280
281	$core->media->uploadFile($upfile['tmp_name'],$upfile['name'],$f_title,$f_private);
282
283	dcPage::addSuccessNotice(__('Files have been successfully uploaded.'));
284	$core->adminurl->redirect('admin.media',$page_url_params);
285	} catch (Exception $e) {
286	$core->error->add($e->getMessage());
287	}
288	}
289	}
290
291	# Removing items
292	if ($dir && !empty($_POST['medias']) && !empty($_POST['delete_medias'])) {
293	try {
294	foreach ($_POST['medias'] as $media) {
295	$core->media->removeItem(rawurldecode($media));
296	}
297	dcPage::addSuccessNotice(
298	sprintf(__('Successfully delete one media.',
299	'Successfully delete %d medias.',
300	count($_POST['medias'])
301	),
302	count($_POST['medias'])
303	)
304	);
305	$core->adminurl->redirect('admin.media',$page_url_params);
306	} catch (Exception $e) {
307	$core->error->add($e->getMessage());
308	}
309	}
310
311	# Removing item from popup only
312	if ($dir && !empty($_POST['rmyes']) && !empty($_POST['remove']))
313	{
314	$_POST['remove'] = rawurldecode($_POST['remove']);
315
316	try {
317	if (is_dir(path::real($core->media->getPwd().'/'.path::clean($_POST['remove'])))) {
318	$msg = __('Directory has been successfully removed.');
319	} else {
320	$msg = __('File has been successfully removed.');
321	}
322	$core->media->removeItem($_POST['remove']);
323	dcPage::addSuccessNotice($msg);
324	$core->adminurl->redirect('admin.media',$page_url_params);
325	} catch (Exception $e) {
326	$core->error->add($e->getMessage());
327	}
328	}
329
330	# Rebuild directory
331	if ($dir && $core->auth->isSuperAdmin() && !empty($_POST['rebuild']))
332	{
333	try {
334	$core->media->rebuild($d);
335
336	dcPage::success(sprintf(
337	__('Directory "%s" has been successfully rebuilt.'),
338	html::escapeHTML($d))
339	);
340	$core->adminurl->redirect('admin.media',$page_url_params);
341	} catch (Exception $e) {
342	$core->error->add($e->getMessage());
343	}
344	}
345
346	# DISPLAY confirm page for rmdir & rmfile
347	if ($dir && !empty($_GET['remove']) && empty($_GET['noconfirm']))
348	{
349	call_user_func($open_f,__('Media manager'),'',
350	dcPage::breadcrumb(
351	array(
352	html::escapeHTML($core->blog->name) => '',
353	__('Media manager') => '',
354	__('confirm removal') => ''
355	),
356	array('home_link' => !$popup)
357	)
358	);
359
360	echo
361	'<form action="'.html::escapeURL($core->adminurl->get('admin.media')).'" method="post">'.
362	'<p>'.sprintf(__('Are you sure you want to remove %s?'),
363	html::escapeHTML($_GET['remove'])).'</p>'.
364	'<p><input type="submit" value="'.__('Cancel').'" /> '.
365	'   <input type="submit" name="rmyes" value="'.__('Yes').'" />'.
366	form::hidden('d',$d).
367	form::hidden('q',$q).
368	$core->adminurl->getHiddenFormFields('admin.media',$page_url_params).
369	$core->formNonce().
370	form::hidden('remove',html::escapeHTML($_GET['remove'])).'</p>'.
371	'</form>';
372
373	call_user_func($close_f);
374	exit;
375	}
376
377	/* DISPLAY Main page
378	-------------------------------------------------------- */
379	$core->auth->user_prefs->addWorkspace('interface');
380	$user_ui_enhanceduploader = $core->auth->user_prefs->interface->enhanceduploader;
381
382	if (!isset($core->media)) {
383	$breadcrumb = dcPage::breadcrumb(
384	array(
385	html::escapeHTML($core->blog->name) => '',
386	__('Media manager') => ''
387	),
388	array('home_link' => !$popup)
389	);
390	} else {
391	$home_params = $page_url_params;
392	$home_params['d']='';
393	$home_params['q']='';
394	if ($query \|\| (!$query && $q)) {
395	$count = $query ? count($dir['files']) : 0;
396	$breadcrumb = dcPage::breadcrumb(
397	array(
398	html::escapeHTML($core->blog->name) => '',
399	__('Media manager') => $core->adminurl->get('admin.media',$home_params),
400	__('Search:').' '.$q.' ('.sprintf(__('%s file found','%s files found',$count),$count).')' => ''
401	),
402	array('home_link' => !$popup)
403	);
404	} else {
405	$temp_params = $page_url_params;
406	$temp_params['d']='%s';
407	$bc_template = $core->adminurl->get('admin.media',$temp_params,'&',true);
408	$breadcrumb_media = $core->media->breadCrumb($bc_template,'<span class="page-title">%s</span>');
409	if ($breadcrumb_media == '') {
410	$breadcrumb = dcPage::breadcrumb(
411	array(
412	html::escapeHTML($core->blog->name) => '',
413	__('Media manager') => $core->adminurl->get('admin.media',$home_params)
414	),
415	array('home_link' => !$popup)
416	);
417	} else {
418	$home_params = $page_url_params;
419	$home_params['d']='';
420
421	$breadcrumb = dcPage::breadcrumb(
422	array(
423	html::escapeHTML($core->blog->name) => '',
424	__('Media manager') => $core->adminurl->get('admin.media',$home_params),
425	$breadcrumb_media => ''
426	),
427	array(
428	'home_link' => !$popup,
429	'hl' => false
430	)
431	);
432	}
433	}
434	}
435
436	// Recent media folders
437	$last_folders = '';
438	$last_folders_item = '';
439	$fav_url = '';
440	$fav_img = '';
441	$fav_alt = '';
442	$nb_last_dirs = (integer)($core->auth->user_prefs->interface->media_nb_last_dirs);
443	if ($nb_last_dirs > 0) {
444	// Favorites directories
445	$fav_dirs = $core->auth->user_prefs->interface->media_fav_dirs;
446	if (!is_array($fav_dirs)) {
447	$fav_dirs = array();
448	}
449	foreach ($fav_dirs as $ld) {
450	// Add favorites dirs on top of combo
451	$ld_params = $page_url_params;
452	$ld_params['d'] = $ld;
453	$ld_params['q'] = ''; // Reset search
454	$last_folders_item .=
455	'<option value="'.urldecode($core->adminurl->get('admin.media',$ld_params)).'"'.
456	($ld == rtrim($d,'/') ? ' selected="selected"' : '').'>'.
457	'/'.$ld.'</option>'."\n";
458	if ($ld == rtrim($d,'/')) {
459	// Current directory is a favorite → button will un-fav
460	$ld_params['fav'] = 'n';
461	$fav_url = urldecode($core->adminurl->get('admin.media',$ld_params));
462	unset($ld_params['fav']);
463	$fav_img = 'images/fav-on.png';
464	$fav_alt = __('Remove this folder from your favorites');
465	}
466	}
467	if ($last_folders_item != '') {
468	// add a separator between favorite dirs and recent dirs
469	$last_folders_item .= '<option disabled>_________</option>';
470	}
471	// Recent directories
472	if (!is_array($last_dirs)) {
473	$last_dirs = $core->auth->user_prefs->interface->media_last_dirs;
474	}
475	if (is_array($last_dirs)) {
476	foreach ($last_dirs as $ld) {
477	if (!in_array($ld,$fav_dirs)) {
478	$ld_params = $page_url_params;
479	$ld_params['d'] = $ld;
480	$ld_params['q'] = ''; // Reset search
481	$last_folders_item .=
482	'<option value="'.urldecode($core->adminurl->get('admin.media',$ld_params)).'"'.
483	($ld == rtrim($d,'/') ? ' selected="selected"' : '').'>'.
484	'/'.$ld.'</option>'."\n";
485	if ($ld == rtrim($d,'/')) {
486	// Current directory is not a favorite → button will fav
487	$ld_params['fav'] = 'y';
488	$fav_url = urldecode($core->adminurl->get('admin.media',$ld_params));
489	unset($ld_params['fav']);
490	$fav_img = 'images/fav-off.png';
491	$fav_alt = __('Add this folder to your favorites');
492	}
493	}
494	}
495	}
496	if ($last_folders_item != '') {
497	$last_folders =
498	'<p class="media-recent hidden-if-no-js">'.
499	'<label class="classic" for="switchfolder">'.__('Goto recent folder:').'</label> '.
500	'<select name="switchfolder" id="switchfolder">'.
501	$last_folders_item.
502	'</select>'.
503	'<script type="text/javascript">var urlmenu = document.getElementById(\'switchfolder\');
504	urlmenu.onchange = function() { window.location = this.options[this.selectedIndex].value; };
505	</script>'.
506	' <a id="media-fav-dir" href="'.$fav_url.'" title="'.$fav_alt.'"><img src="'.$fav_img.'" alt="'.$fav_alt.'" /></a>'.
507	'</p>';
508	}
509	}
510
511	call_user_func($open_f,__('Media manager'),
512	dcPage::jsLoad('js/_media.js').
513	($core_media_writable ? dcPage::jsUpload(array('d='.$d)) : ''),
514	$breadcrumb
515	);
516
517	if ($popup) {
518	// Display notices
519	echo dcPage::notices();
520	}
521
522	if (!$core_media_writable) {
523	dcPage::warning(__('You do not have sufficient permissions to write to this folder.'));
524	}
525
526	if (!empty($_GET['mkdok'])) {
527	dcPage::success(__('Directory has been successfully created.'));
528	}
529
530	if (!empty($_GET['upok'])) {
531	dcPage::success(__('Files have been successfully uploaded.'));
532	}
533
534	if (!empty($_GET['rmfok'])) {
535	dcPage::success(__('File has been successfully removed.'));
536	}
537
538	if (!empty($_GET['rmdok'])) {
539	dcPage::success(__('Directory has been successfully removed.'));
540	}
541
542	if (!empty($_GET['rebuildok'])) {
543	dcPage::success(__('Directory has been successfully rebuilt.'));
544	}
545
546	if (!empty($_GET['unzipok'])) {
547	dcPage::success(__('Zip file has been successfully extracted.'));
548	}
549
550	if (!$dir) {
551	call_user_func($close_f);
552	exit;
553	}
554
555	if ($select) {
556	// Select mode (popup or not)
557	echo '<div class="'.($popup ? 'form-note ' : '').'info"><p>';
558	if ($select == 1) {
559	echo sprintf(__('Select a file by clicking on %s'),'<img src="images/plus.png" alt="'.__('Select this file').'" />');
560	} else {
561	echo sprintf(__('Select files and click on <strong>%s</strong> button'),__('Choose selected medias'));
562	}
563	if ($core_media_writable) {
564	echo ' '.__('or').' '.sprintf('<a href="#fileupload">%s</a>',__('upload a new file'));
565	}
566	echo '</p></div>';
567	} else {
568	if ($post_id) {
569	echo '<div class="form-note info"><p>'.sprintf(__('Choose a file to attach to entry %s by clicking on %s'),
570	'<a href="'.$core->getPostAdminURL($post_type,$post_id).'">'.html::escapeHTML($post_title).'</a>',
571	'<img src="images/plus.png" alt="'.__('Attach this file to entry').'" />');
572	if ($core_media_writable) {
573	echo ' '.__('or').' '.sprintf('<a href="#fileupload">%s</a>',__('upload a new file'));
574	}
575	echo '</p></div>';
576	}
577	if ($popup) {
578	echo '<div class="info"><p>'.sprintf(__('Choose a file to insert into entry by clicking on %s'),
579	'<img src="images/plus.png" alt="'.__('Attach this file to entry').'" />');
580	if ($core_media_writable) {
581	echo ' '.__('or').' '.sprintf('<a href="#fileupload">%s</a>',__('upload a new file'));
582	}
583	echo '</p></div>';
584	}
585	}
586
587	// Remove hidden directories (unless DC_SHOW_HIDDEN_DIRS is set to true)
588	if (!defined('DC_SHOW_HIDDEN_DIRS') \|\| (DC_SHOW_HIDDEN_DIRS == false)) {
589	for ($i = count($dir['dirs']) - 1; $i >= 0; $i--) {
590	if ($dir['dirs'][$i]->d) {
591	if (strpos($dir['dirs'][$i]->relname,'.') !== false) {
592	unset($dir['dirs'][$i]);
593	}
594	}
595	}
596	}
597	$items = array_values(array_merge($dir['dirs'],$dir['files']));
598
599	$fmt_form_media = '<form action="'.$core->adminurl->get("admin.media").'" method="post" id="form-medias">'.
600	'<div class="files-group">%s</div>'.
601	'<p class="hidden">'.$core->formNonce().
602	form::hidden(array('d'),$d).
603	form::hidden(array('q'),$q).
604	form::hidden(array('popup'),$popup).
605	form::hidden(array('select'),$select).
606	form::hidden(array('plugin_id'),$plugin_id).
607	form::hidden(array('post_id'),$post_id).
608	form::hidden(array('link_type'),$link_type).
609	'</p>';
610
611	if (!$popup \|\| $select > 1) {
612	// Checkboxes and action
613	$fmt_form_media .=
614	'<div class="'.(!$popup ? 'medias-delete' : '').' '.($select > 1 ? 'medias-select' : '').'">'.
615	'<p class="checkboxes-helpers"></p>'.
616	'<p>';
617	if ($select > 1) {
618	$fmt_form_media .=
619	'<input type="submit" class="select" id="select_medias" name="select_medias" value="'.__('Choose selected medias').'"/> ';
620	}
621	if (!$popup) {
622	$fmt_form_media .=
623	'<input type="submit" class="delete" id="delete_medias" name="delete_medias" value="'.__('Remove selected medias').'"/>';
624	}
625	$fmt_form_media .=
626	'</p>'.
627	'</div>';
628	}
629	$fmt_form_media .=
630	'</form>';
631
632	echo '<div class="media-list">';
633	echo $last_folders;
634	echo // Search form
635	'<form action="'.$core->adminurl->get("admin.media").'" method="get" id="search-form">'.
636	'<p><label for="search" class="classic">'.__('Search:').'</label> '.
637	form::field('q',20,255,$q).' '.
638	'<input type="submit" value="'.__('OK').'" />'.' '.
639	'<span class="form-note">'.__('Will search into media filename (including path), title and description').'</span>'.
640	form::hidden(array('popup'),$popup).
641	form::hidden(array('select'),$select).
642	form::hidden(array('plugin_id'),$plugin_id).
643	form::hidden(array('post_id'),$post_id).
644	form::hidden(array('link_type'),$link_type).
645	'</p>'.
646	'</form>';
647
648	if (count($items) == 0)
649	{
650	echo
651	'<p>'.__('No file.').'</p>'.
652	sprintf($fmt_form_media,'',' hide'); // need for jsUpload to append new media
653	}
654	else
655	{
656	$pager = new dcPager($page,count($items),$nb_per_page,10);
657
658	echo
659	'<form action="'.$core->adminurl->get("admin.media").'" method="get" id="filters-form">'.
660	'<span class="media-file-mode">'.
661	'<a href="'.$core->adminurl->get("admin.media",array_merge($page_url_params,array('file_mode' => 'grid'))).'" title="'.__('Grid display mode').'">'.
662	'<img src="images/grid-'.($file_mode == 'grid' ? 'on' : 'off').'.png" alt="'.__('Grid display mode').'" />'.
663	'</a>'.
664	'<a href="'.$core->adminurl->get("admin.media",array_merge($page_url_params,array('file_mode' => 'list'))).'" title="'.__('List display mode').'">'.
665	'<img src="images/list-'.($file_mode == 'list' ? 'on' : 'off').'.png" alt="'.__('List display mode').'" />'.
666	'</a>'.
667	'</span>'.
668	'<p class="three-boxes"><label for="file_sort" class="classic">'.__('Sort files:').'</label> '.
669	form::combo('file_sort',$sort_combo,$file_sort).'</p>'.
670	'<p class="three-boxes"><label for="nb_per_page" class="classic">'.__('Number of elements displayed per page:').'</label> '.
671	form::field('nb_per_page',5,3,(integer) $nb_per_page).' '.
672	'<input type="submit" value="'.__('OK').'" />'.
673	form::hidden(array('popup'),$popup).
674	form::hidden(array('select'),$select).
675	form::hidden(array('plugin_id'),$plugin_id).
676	form::hidden(array('post_id'),$post_id).
677	form::hidden(array('link_type'),$link_type).
678	form::hidden(array('q'),$q).
679	'</p>'.
680	'</form>'.
681	$pager->getLinks();
682
683	if ($file_mode == 'list') {
684	$table =
685	'<div class="table-outer">'.
686	'<table>'.
687	'<caption class="hidden">'.__('Media list').'</caption>'.
688	'<tr>'.
689	'<th colspan="2" class="first">'.__('Name').'</th>'.
690	'<th scope="col">'.__('Date').'</th>'.
691	'<th scope="col">'.__('Size').'</th>'.
692	'</tr>';
693
694	$dlist = '';
695	$flist = '';
696	for ($i=$pager->index_start, $j=0; $i<=$pager->index_end; $i++,$j++)
697	{
698	if ($items[$i]->d) {
699	$dlist .= mediaItemLine($items[$i],$j,$query,true);
700	} else {
701	$flist .= mediaItemLine($items[$i],$j,$query,true);
702	}
703	}
704	$table .= $dlist.$flist;
705
706	$table .=
707	'</table></div>';
708	echo sprintf($fmt_form_media,$table,'');
709	} else {
710	$dgroup = '';
711	$fgroup = '';
712	for ($i=$pager->index_start, $j=0; $i<=$pager->index_end; $i++,$j++)
713	{
714	if ($items[$i]->d) {
715	$dgroup .= mediaItemLine($items[$i],$j,$query);
716	} else {
717	$fgroup .= mediaItemLine($items[$i],$j,$query);
718	}
719	}
720	echo
721	($dgroup != '' ? '<div class="folders-group">'.$dgroup.'</div>' : '').
722	sprintf($fmt_form_media,$fgroup,'');
723	}
724
725	echo $pager->getLinks();
726	}
727	if (!isset($pager)) {
728	echo
729	'<p class="clear"></p>';
730	}
731	echo
732	'</div>';
733
734	$core_media_archivable = $core->auth->check('media_admin',$core->blog->id) &&
735	!(count($items) == 0 \|\| (count($items) == 1 && $items[0]->parent));
736
737	if ((!$query) && ($core_media_writable \|\| $core_media_archivable)) {
738	echo
739	'<div class="vertical-separator">'.
740	'<h3 class="out-of-screen-if-js">'.sprintf(__('In %s:'),($d == '' ? '“'.__('Media manager').'”' : '“'.$d.'”')).'</h3>';
741	}
742
743	if ((!$query) && ($core_media_writable \|\| $core_media_archivable)) {
744	echo
745	'<div class="two-boxes odd">';
746
747	# Create directory
748	if ($core_media_writable)
749	{
750	echo
751	'<form action="'.$core->adminurl->getBase('admin.media').'" method="post" class="fieldset">'.
752	'<div id="new-dir-f">'.
753	'<h4 class="pretty-title">'.__('Create new directory').'</h4>'.
754	$core->formNonce().
755	'<p><label for="newdir">'.__('Directory Name:').'</label>'.
756	form::field(array('newdir','newdir'),35,255).'</p>'.
757	'<p><input type="submit" value="'.__('Create').'" />'.
758	$core->adminurl->getHiddenFormFields('admin.media',$page_url_params).
759	'</p>'.
760	'</div>'.
761	'</form>';
762	}
763
764	# Get zip directory
765	if ($core_media_archivable && !$popup)
766	{
767	echo
768	'<div class="fieldset">'.
769	'<h4 class="pretty-title">'.sprintf(__('Backup content of %s'),($d == '' ? '“'.__('Media manager').'”' : '“'.$d.'”')).'</h4>'.
770	'<p><a class="button submit" href="'.$core->adminurl->get('admin.media',
771	array_merge($page_url_params,array('zipdl' => 1))).'">'.__('Download zip file').'</a></p>'.
772	'</div>';
773	}
774
775	echo
776	'</div>';
777	}
778
779	if (!$query && $core_media_writable)
780	{
781	echo
782	'<div class="two-boxes fieldset even">';
783	if ($user_ui_enhanceduploader) {
784	echo
785	'<div class="enhanced_uploader">';
786	} else {
787	echo
788	'<div>';
789	}
790
791	echo
792	'<h4>'.__('Add files').'</h4>'.
793	'<p>'.__('Please take care to publish media that you own and that are not protected by copyright.').'</p>'.
794	'<form id="fileupload" action="'.html::escapeURL($core->adminurl->get('admin.media',$page_url_params)).'" method="post" enctype="multipart/form-data" aria-disabled="false">'.
795	'<p>'.form::hidden(array('MAX_FILE_SIZE'),DC_MAX_UPLOAD_SIZE).
796	$core->formNonce().'</p>'.
797	'<div class="fileupload-ctrl"><p class="queue-message"></p><ul class="files"></ul></div>';
798
799	echo
800	'<div class="fileupload-buttonbar clear">';
801
802	echo
803	'<p><label for="upfile">'.'<span class="add-label one-file">'.__('Choose file').'</span>'.'</label>'.
804	'<button class="button choose_files">'.__('Choose files').'</button>'.
805	'<input type="file" id="upfile" name="upfile[]"'.($user_ui_enhanceduploader?' multiple="mutiple"':'').' data-url="'.html::escapeURL($core->adminurl->get('admin.media',$page_url_params)).'" /></p>';
806
807	echo
808	'<p class="max-sizer form-note"> '.__('Maximum file size allowed:').' '.files::size(DC_MAX_UPLOAD_SIZE).'</p>';
809
810	echo
811	'<p class="one-file"><label for="upfiletitle">'.__('Title:').'</label>'.form::field(array('upfiletitle','upfiletitle'),35,255).'</p>'.
812	'<p class="one-file"><label for="upfilepriv" class="classic">'.__('Private').'</label> '.
813	form::checkbox(array('upfilepriv','upfilepriv'),1).'</p>';
814
815	if (!$user_ui_enhanceduploader) {
816	echo
817	'<p class="one-file form-help info">'.__('To send several files at the same time, you can activate the enhanced uploader in').
818	' <a href="'.$core->adminurl->get("admin.user.preferences",array('tab' => 'user-options')).'">'.__('My preferences').'</a></p>';
819	}
820
821	echo
822	'<p class="clear"><button class="button clean">'.__('Refresh').'</button>'.
823	'<input class="button cancel one-file" type="reset" value="'.__('Clear all').'"/>'.
824	'<input class="button start" type="submit" value="'.__('Upload').'"/></p>'.
825	'</div>';
826
827	echo
828	'<p style="clear:both;">'.
829	form::hidden(array('d'),$d).
830	form::hidden(array('q'),$q).
831	form::hidden(array('popup'),$popup).
832	form::hidden(array('select'),$select).
833	form::hidden(array('plugin_id'),$plugin_id).
834	form::hidden(array('post_id'),$post_id).
835	form::hidden(array('link_type'),$link_type).
836	'</p>'.
837	'</form>'.
838	'</div>'.
839	'</div>';
840	}
841
842	# Empty remove form (for javascript actions)
843	echo
844	'<form id="media-remove-hide" action="'.html::escapeURL($core->adminurl->get('admin.media',$page_url_params)).'" method="post" class="hidden">'.
845	'<div>'.
846	form::hidden('rmyes',1).
847	form::hidden('d',html::escapeHTML($d)).
848	form::hidden(array('q'),$q).
849	form::hidden(array('popup'),$popup).
850	form::hidden(array('select'),$select).
851	form::hidden(array('plugin_id'),$plugin_id).
852	form::hidden(array('post_id'),$post_id).
853	form::hidden(array('link_type'),$link_type).
854	form::hidden('remove','').
855	$core->formNonce().
856	'</div>'.
857	'</form>';
858
859	if ((!$query) && ($core_media_writable \|\| $core_media_archivable)) {
860	echo
861	'</div>';
862	}
863
864	if (!$popup) {
865	echo '<div class="info"><p>'.sprintf(__('Current settings for medias and images are defined in %s'),
866	'<a href="'.$core->adminurl->get("admin.blog.pref").'#medias-settings">'.__('Blog parameters').'</a>').'</p></div>';
867	}
868
869	call_user_func($close_f);
870
871	/* ----------------------------------------------------- */
872	function mediaItemLine($f,$i,$query,$table=false)
873	{
874	global $core, $page_url, $popup, $select, $post_id, $plugin_id, $page_url_params, $link_type;
875
876	$fname = $f->basename;
877	$file = $query ? $f->relname : $f->basename;
878
879	$class = $table ? '' : 'media-item media-col-'.($i%2);
880
881	if ($f->d) {
882	// Folder
883	$link = $core->adminurl->get('admin.media',array_merge($page_url_params,array('d' => html::sanitizeURL($f->relname) )));
884	if ($f->parent) {
885	$fname = '..';
886	$class .= ' media-folder-up';
887	} else {
888	$class .= ' media-folder';
889	}
890	} else {
891	// Item
892	$params = new ArrayObject(
893	array(
894	'id' => $f->media_id,
895	'plugin_id' => $plugin_id,
896	'popup' => $popup,
897	'select' => $select,
898	'post_id' => $post_id,
899	'link_type' => $link_type
900	)
901	);
902	$core->callBehavior('adminMediaURLParams',$params);
903	$params = (array) $params;
904	$link = $core->adminurl->get(
905	'admin.media.item', $params
906	);
907	}
908
909	$maxchars = 36;
910	if (strlen($fname) > $maxchars) {
911	$fname = substr($fname, 0, $maxchars-4).'...'.($f->d ? '' : files::getExtension($fname));
912	}
913
914	$act = '';
915	if (!$f->d) {
916	if ($select > 0) {
917	if ($select == 1) {
918	// Single media selection button
919	$act .= '<a href="'.$link.'"><img src="images/plus.png" alt="'.__('Select this file').'" '.
920	'title="'.__('Select this file').'" /></a> ';
921	} else {
922	// Multiple media selection checkbox
923	$act .= form::checkbox(array('medias[]', 'media_'.rawurlencode($file)),$file);
924	}
925	} else {
926	// Item
927	if ($post_id) {
928	// Media attachment button
929	$act .=
930	'<a class="attach-media" title="'.__('Attach this file to entry').'" href="'.
931	$core->adminurl->get("admin.post.media",
932	array('media_id' => $f->media_id, 'post_id' => $post_id,'attach' => 1,'link_type' => $link_type)).
933	'">'.
934	'<img src="images/plus.png" alt="'.__('Attach this file to entry').'"/>'.
935	'</a>';
936	}
937	if ($popup) {
938	// Media insertion button
939	$act .= '<a href="'.$link.'"><img src="images/plus.png" alt="'.__('Insert this file into entry').'" '.
940	'title="'.__('Insert this file into entry').'" /></a> ';
941	}
942	}
943	}
944	if ($f->del) {
945	// Deletion button or checkbox
946	if (!$popup && !$f->d) {
947	if ($select < 2) {
948	// Already set for multiple media selection
949	$act .= form::checkbox(array('medias[]', 'media_'.rawurlencode($file)),$file);
950	}
951	} else {
952	$act .= '<a class="media-remove" '.
953	'href="'.html::escapeURL($page_url).
954	'&plugin_id='.$plugin_id.
955	'&d='.rawurlencode($GLOBALS['d']).
956	'&q='.rawurlencode($GLOBALS['q']).
957	'&remove='.rawurlencode($file).'">'.
958	'<img src="images/trash.png" alt="'.__('Delete').'" title="'.__('delete').'" /></a>';
959	}
960	}
961
962	// Render markup
963	if (!$table) {
964	$res =
965	'<div class="'.$class.'"><p><a class="media-icon media-link" href="'.rawurldecode($link).'">'.
966	'<img src="'.$f->media_icon.'" alt="" />'.($query ? $file : $fname).'</a></p>';
967
968	$lst = '';
969	if (!$f->d) {
970	$lst .=
971	'<li>'.$f->media_title.'</li>'.
972	'<li>'.
973	$f->media_dtstr.' - '.
974	files::size($f->size).' - '.
975	'<a href="'.$f->file_url.'">'.__('open').'</a>'.
976	'</li>';
977	}
978	$lst .= ($act != '' ? '<li class="media-action"> '.$act.'</li>' : '');
979
980	// Show player if relevant
981	$file_type = explode('/',$f->type);
982	if ($file_type[0] == 'audio')
983	{
984	$lst .= '<li>'.dcMedia::audioPlayer($f->type,$f->file_url,$core->adminurl->get("admin.home",array('pf' => 'player_mp3.swf')),null,$core->blog->settings->system->media_flash_fallback,false).'</li>';
985	}
986
987	$res .= ($lst != '' ? '<ul>'.$lst.'</ul>' : '');
988	$res .= '</div>';
989	} else {
990	$res = '<tr class="'.$class.'">';
991	$res .= '<td class="media-action">'.$act.'</td>';
992	$res .= '<td class="maximal" scope="row"><a class="media-flag media-link" href="'.rawurldecode($link).'">'.
993	'<img src="'.$f->media_icon.'" alt="" />'.($query ? $file : $fname).'</a>'.
994	'<br />'.($f->d ? '' : $f->media_title).'</td>';
995	$res .= '<td class="nowrap count">'.($f->d ? '' : $f->media_dtstr).'</td>';
996	$res .= '<td class="nowrap count">'.($f->d ? '' : files::size($f->size).' - '.'<a href="'.$f->file_url.'">'.__('open').'</a>').'</td>';
997	$res .= '</tr>';
998	}
999
1000	return $res;
1001	}

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: admin/media.php @ 3268:282b26727770

Download in other formats:

Sites map