1 | <?php |
---|
2 | # -- BEGIN LICENSE BLOCK --------------------------------------- |
---|
3 | # |
---|
4 | # This file is part of Dotclear 2. |
---|
5 | # |
---|
6 | # Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear |
---|
7 | # Licensed under the GPL version 2.0 license. |
---|
8 | # See LICENSE file or |
---|
9 | # http://www.gnu.org/licenses/old-licenses/gpl-2.0.html |
---|
10 | # |
---|
11 | # -- END LICENSE BLOCK ----------------------------------------- |
---|
12 | |
---|
13 | /* Upload backend |
---|
14 | -------------------------------------------------------- */ |
---|
15 | if (!empty($_POST['swfupload'])) |
---|
16 | { |
---|
17 | header('content-type: text/plain'); |
---|
18 | try |
---|
19 | { |
---|
20 | if (empty($_POST['sess_id']) || empty($_POST['sess_uid'])) { |
---|
21 | throw new Exception('No credentials.'); |
---|
22 | } |
---|
23 | define('DC_AUTH_SESS_ID',$_POST['sess_id']); |
---|
24 | define('DC_AUTH_SESS_UID',$_POST['sess_uid']); |
---|
25 | |
---|
26 | require dirname(__FILE__).'/../inc/admin/prepend.php'; |
---|
27 | |
---|
28 | if (!$core->auth->check('media,media_admin',$core->blog->id)) { |
---|
29 | throw new Exception('Permission denied.'); |
---|
30 | } |
---|
31 | |
---|
32 | $d = isset($_POST['d']) ? $_POST['d'] : null; |
---|
33 | $core->media = new dcMedia($core); |
---|
34 | $core->media->chdir($d); |
---|
35 | $core->media->getDir(); |
---|
36 | $dir =& $core->media->dir; |
---|
37 | |
---|
38 | if (empty($_FILES['Filedata'])) { |
---|
39 | throw new Exception('No file to upload.'); |
---|
40 | } |
---|
41 | |
---|
42 | files::uploadStatus($_FILES['Filedata']); |
---|
43 | $core->media->uploadFile($_FILES['Filedata']['tmp_name'],$_FILES['Filedata']['name']); |
---|
44 | |
---|
45 | echo 'ok'; |
---|
46 | } |
---|
47 | catch (Exception $e) { |
---|
48 | echo __('Error:').' '.__($e->getMessage()); |
---|
49 | } |
---|
50 | exit; |
---|
51 | } |
---|
52 | |
---|
53 | |
---|
54 | /* HTML page |
---|
55 | -------------------------------------------------------- */ |
---|
56 | require dirname(__FILE__).'/../inc/admin/prepend.php'; |
---|
57 | |
---|
58 | dcPage::check('media,media_admin'); |
---|
59 | |
---|
60 | $post_id = !empty($_GET['post_id']) ? (integer) $_GET['post_id'] : null; |
---|
61 | if ($post_id) { |
---|
62 | $post = $core->blog->getPosts(array('post_id'=>$post_id,'post_type'=>'')); |
---|
63 | if ($post->isEmpty()) { |
---|
64 | $post_id = null; |
---|
65 | } |
---|
66 | $post_title = $post->post_title; |
---|
67 | $post_type = $post->post_type; |
---|
68 | unset($post); |
---|
69 | } |
---|
70 | $d = isset($_REQUEST['d']) ? $_REQUEST['d'] : null; |
---|
71 | $dir = null; |
---|
72 | |
---|
73 | $page = !empty($_GET['page']) ? $_GET['page'] : 1; |
---|
74 | $nb_per_page = 30; |
---|
75 | |
---|
76 | # We are on home not comming from media manager |
---|
77 | if ($d === null && isset($_SESSION['media_manager_dir'])) { |
---|
78 | # We get session information |
---|
79 | $d = $_SESSION['media_manager_dir']; |
---|
80 | } |
---|
81 | |
---|
82 | if (!isset($_GET['page']) && isset($_SESSION['media_manager_page'])) { |
---|
83 | $page = $_SESSION['media_manager_page']; |
---|
84 | } |
---|
85 | |
---|
86 | # We set session information about directory and page |
---|
87 | if ($d) { |
---|
88 | $_SESSION['media_manager_dir'] = $d; |
---|
89 | } else { |
---|
90 | unset($_SESSION['media_manager_dir']); |
---|
91 | } |
---|
92 | if ($page != 1) { |
---|
93 | $_SESSION['media_manager_page'] = $page; |
---|
94 | } else { |
---|
95 | unset($_SESSION['media_manager_page']); |
---|
96 | } |
---|
97 | |
---|
98 | # Sort combo |
---|
99 | $sort_combo = array( |
---|
100 | __('By names, in ascending order') => 'name-asc', |
---|
101 | __('By names, in descending order') => 'name-desc', |
---|
102 | __('By dates, in ascending order') => 'date-asc', |
---|
103 | __('By dates, in descending order') => 'date-desc' |
---|
104 | ); |
---|
105 | |
---|
106 | if (!empty($_GET['file_sort']) && in_array($_GET['file_sort'],$sort_combo)) { |
---|
107 | $_SESSION['media_file_sort'] = $_GET['file_sort']; |
---|
108 | } |
---|
109 | $file_sort = !empty($_SESSION['media_file_sort']) ? $_SESSION['media_file_sort'] : null; |
---|
110 | |
---|
111 | $popup = (integer) !empty($_GET['popup']); |
---|
112 | |
---|
113 | $page_url = 'media.php?popup='.$popup.'&post_id='.$post_id; |
---|
114 | |
---|
115 | if ($popup) { |
---|
116 | $open_f = array('dcPage','openPopup'); |
---|
117 | $close_f = array('dcPage','closePopup'); |
---|
118 | } else { |
---|
119 | $open_f = array('dcPage','open'); |
---|
120 | $close_f = create_function('',"dcPage::helpBlock('core_media'); dcPage::close();"); |
---|
121 | } |
---|
122 | |
---|
123 | $core_media_writable = false; |
---|
124 | try { |
---|
125 | $core->media = new dcMedia($core); |
---|
126 | if ($file_sort) { |
---|
127 | $core->media->setFileSort($file_sort); |
---|
128 | } |
---|
129 | $core->media->chdir($d); |
---|
130 | $core->media->getDir(); |
---|
131 | $core_media_writable = $core->media->writable(); |
---|
132 | $dir =& $core->media->dir; |
---|
133 | if (!$core_media_writable) { |
---|
134 | throw new Exception('you do not have sufficient permissions to write to this folder: '); |
---|
135 | } |
---|
136 | } catch (Exception $e) { |
---|
137 | $core->error->add($e->getMessage()); |
---|
138 | } |
---|
139 | |
---|
140 | # Zip download |
---|
141 | if (!empty($_GET['zipdl']) && $core->auth->check('media_admin',$core->blog->id)) |
---|
142 | { |
---|
143 | try |
---|
144 | { |
---|
145 | @set_time_limit(300); |
---|
146 | $fp = fopen('php://output','wb'); |
---|
147 | $zip = new fileZip($fp); |
---|
148 | $zip->addExclusion('#(^|/).(.*?)_(m|s|sq|t).jpg$#'); |
---|
149 | $zip->addDirectory($core->media->root.'/'.$d,'',true); |
---|
150 | |
---|
151 | header('Content-Disposition: attachment;filename='.($d ? $d : 'media').'.zip'); |
---|
152 | header('Content-Type: application/x-zip'); |
---|
153 | $zip->write(); |
---|
154 | unset($zip); |
---|
155 | exit; |
---|
156 | } |
---|
157 | catch (Exception $e) |
---|
158 | { |
---|
159 | $core->error->add($e->getMessage()); |
---|
160 | } |
---|
161 | } |
---|
162 | |
---|
163 | # New directory |
---|
164 | if ($dir && !empty($_POST['newdir'])) |
---|
165 | { |
---|
166 | try { |
---|
167 | $core->media->makeDir($_POST['newdir']); |
---|
168 | http::redirect($page_url.'&d='.rawurlencode($d).'&mkdok=1'); |
---|
169 | } catch (Exception $e) { |
---|
170 | $core->error->add($e->getMessage()); |
---|
171 | } |
---|
172 | } |
---|
173 | |
---|
174 | # Adding a file |
---|
175 | if ($dir && !empty($_FILES['upfile'])) |
---|
176 | { |
---|
177 | try |
---|
178 | { |
---|
179 | files::uploadStatus($_FILES['upfile']); |
---|
180 | |
---|
181 | $f_title = (isset($_POST['upfiletitle']) ? $_POST['upfiletitle'] : ''); |
---|
182 | $f_private = (isset($_POST['upfilepriv']) ? $_POST['upfilepriv'] : false); |
---|
183 | |
---|
184 | $core->media->uploadFile($_FILES['upfile']['tmp_name'],$_FILES['upfile']['name'],$f_title,$f_private); |
---|
185 | http::redirect($page_url.'&d='.rawurlencode($d).'&upok=1'); |
---|
186 | } |
---|
187 | catch (Exception $e) |
---|
188 | { |
---|
189 | $core->error->add($e->getMessage()); |
---|
190 | } |
---|
191 | } |
---|
192 | |
---|
193 | |
---|
194 | # Removing item |
---|
195 | if ($dir && !empty($_POST['rmyes']) && !empty($_POST['remove'])) |
---|
196 | { |
---|
197 | $_POST['remove'] = rawurldecode($_POST['remove']); |
---|
198 | |
---|
199 | try { |
---|
200 | $core->media->removeItem($_POST['remove']); |
---|
201 | http::redirect($page_url.'&d='.rawurlencode($d).'&rmfok=1'); |
---|
202 | } catch (Exception $e) { |
---|
203 | $core->error->add($e->getMessage()); |
---|
204 | } |
---|
205 | } |
---|
206 | |
---|
207 | # Rebuild directory |
---|
208 | if ($dir && $core->auth->isSuperAdmin() && !empty($_POST['rebuild'])) |
---|
209 | { |
---|
210 | try { |
---|
211 | $core->media->rebuild($d); |
---|
212 | http::redirect($page_url.'&d='.rawurlencode($d).'&rebuildok=1'); |
---|
213 | } catch (Exception $e) { |
---|
214 | $core->error->add($e->getMessage()); |
---|
215 | } |
---|
216 | } |
---|
217 | |
---|
218 | |
---|
219 | # DISPLAY confirm page for rmdir & rmfile |
---|
220 | if ($dir && !empty($_GET['remove']) && empty($_GET['noconfirm'])) |
---|
221 | { |
---|
222 | call_user_func($open_f,__('Media manager')); |
---|
223 | |
---|
224 | echo '<h2>'.html::escapeHTML($core->blog->name).' › '.__('Media manager').' › <span class="page-title">'.__('confirm removal').'</span></h2>'; |
---|
225 | |
---|
226 | echo |
---|
227 | '<form action="'.html::escapeURL($page_url).'" method="post">'. |
---|
228 | '<p>'.sprintf(__('Are you sure you want to remove %s?'), |
---|
229 | html::escapeHTML($_GET['remove'])).'</p>'. |
---|
230 | '<p><input type="submit" value="'.__('Cancel').'" /> '. |
---|
231 | ' <input type="submit" name="rmyes" value="'.__('Yes').'" />'. |
---|
232 | form::hidden('d',$d). |
---|
233 | $core->formNonce(). |
---|
234 | form::hidden('remove',html::escapeHTML($_GET['remove'])).'</p>'. |
---|
235 | '</form>'; |
---|
236 | |
---|
237 | call_user_func($close_f); |
---|
238 | exit; |
---|
239 | } |
---|
240 | |
---|
241 | /* DISPLAY Main page |
---|
242 | -------------------------------------------------------- */ |
---|
243 | $core->auth->user_prefs->addWorkspace('interface'); |
---|
244 | $user_ui_enhanceduploader = $core->auth->user_prefs->interface->enhanceduploader; |
---|
245 | |
---|
246 | call_user_func($open_f,__('Media manager'), |
---|
247 | '<script type="text/javascript">'."\n". |
---|
248 | "//<![CDATA["."\n". |
---|
249 | dcPage::jsVar('dotclear.candyUpload_force_init',$user_ui_enhanceduploader)."\n". |
---|
250 | "//]]>". |
---|
251 | "</script>". |
---|
252 | dcPage::jsLoad('js/_media.js'). |
---|
253 | (($user_ui_enhanceduploader && $core_media_writable) ? dcPage::jsCandyUpload(array('d='.$d)) : '') |
---|
254 | ); |
---|
255 | |
---|
256 | if (!empty($_GET['mkdok'])) { |
---|
257 | dcPage::message(__('Directory has been successfully created.')); |
---|
258 | } |
---|
259 | |
---|
260 | if (!empty($_GET['upok'])) { |
---|
261 | dcPage::message(__('Files have been successfully uploaded.')); |
---|
262 | } |
---|
263 | |
---|
264 | if (!empty($_GET['rmfok'])) { |
---|
265 | dcPage::message(__('File has been successfully removed.')); |
---|
266 | } |
---|
267 | |
---|
268 | if (!empty($_GET['rmdok'])) { |
---|
269 | dcPage::message(__('Directory has been successfully removed.')); |
---|
270 | } |
---|
271 | |
---|
272 | if (!empty($_GET['rebuildok'])) { |
---|
273 | dcPage::message(__('Directory has been successfully rebuilt.')); |
---|
274 | } |
---|
275 | |
---|
276 | if (!empty($_GET['unzipok'])) { |
---|
277 | dcPage::message(__('Zip file has been successfully extracted.')); |
---|
278 | } |
---|
279 | |
---|
280 | echo '<h2>'.html::escapeHTML($core->blog->name).' › '; |
---|
281 | if (!isset($core->media)) { |
---|
282 | echo '<span class="page-title">'.__('Media manager').'</span></h2>'; |
---|
283 | } else { |
---|
284 | $breadcrumb = $core->media->breadCrumb(html::escapeURL($page_url).'&d=%s','<span class="page-title">%s</span>'); |
---|
285 | if ($breadcrumb == '') { |
---|
286 | echo '<span class="page-title">'.__('Media manager').'</span></h2>'; |
---|
287 | } else { |
---|
288 | echo '<a href="'.html::escapeURL($page_url.'&d=').'">'.__('Media manager').'</a>'.' / '.$breadcrumb.'</h2>'; |
---|
289 | } |
---|
290 | } |
---|
291 | |
---|
292 | if (!$dir) { |
---|
293 | call_user_func($close_f); |
---|
294 | exit; |
---|
295 | } |
---|
296 | |
---|
297 | if ($post_id) { |
---|
298 | echo '<p><strong>'.sprintf(__('Choose a file to attach to entry %s by clicking on %s.'), |
---|
299 | '<a href="'.$core->getPostAdminURL($post_type,$post_id).'">'.html::escapeHTML($post_title).'</a>', |
---|
300 | '<img src="images/plus.png" alt="'.__('Attach this file to entry').'" />').'</strong></p>'; |
---|
301 | } |
---|
302 | if ($popup) { |
---|
303 | echo '<p><strong>'.sprintf(__('Choose a file to insert into entry by clicking on %s.'), |
---|
304 | '<img src="images/plus.png" alt="'.__('Attach this file to entry').'" />').'</strong></p>'; |
---|
305 | } |
---|
306 | |
---|
307 | |
---|
308 | $items = array_values(array_merge($dir['dirs'],$dir['files'])); |
---|
309 | if (count($items) == 0) |
---|
310 | { |
---|
311 | echo '<p><strong>'.__('No file.').'</strong></p>'; |
---|
312 | } |
---|
313 | else |
---|
314 | { |
---|
315 | $pager = new pager($page,count($items),$nb_per_page,10); |
---|
316 | $pager->html_prev = __($pager->html_prev); |
---|
317 | $pager->html_next = __($pager->html_next); |
---|
318 | |
---|
319 | echo |
---|
320 | '<form action="media.php" method="get">'. |
---|
321 | '<p><label for="file_sort" class="classic">'.__('Sort files:').' '. |
---|
322 | form::combo('file_sort',$sort_combo,$file_sort).'</label>'. |
---|
323 | form::hidden(array('popup'),$popup). |
---|
324 | form::hidden(array('post_id'),$post_id). |
---|
325 | '<input type="submit" value="'.__('Sort').'" /></p>'. |
---|
326 | '</form>'. |
---|
327 | |
---|
328 | '<div class="media-list">'. |
---|
329 | '<p>'.__('Page(s)').' : '.$pager->getLinks().'</p>'; |
---|
330 | |
---|
331 | for ($i=$pager->index_start, $j=0; $i<=$pager->index_end; $i++, $j++) |
---|
332 | { |
---|
333 | echo mediaItemLine($items[$i],$j); |
---|
334 | } |
---|
335 | |
---|
336 | echo |
---|
337 | '<p class="clear">'.__('Page(s)').' : '.$pager->getLinks().'</p>'. |
---|
338 | '</div>'; |
---|
339 | } |
---|
340 | |
---|
341 | if ($core_media_writable) |
---|
342 | { |
---|
343 | echo '<div class="two-cols">'; |
---|
344 | |
---|
345 | echo |
---|
346 | '<div class="col">'. |
---|
347 | '<fieldset id="add-file-f"><legend>'.__('Add files').'</legend>'. |
---|
348 | '<p>'.__('Please take care to publish media that you own and that are not protected by copyright.').'</p>'. |
---|
349 | '<form id="media-upload" class="clear" action="'.html::escapeURL($page_url).'" method="post" enctype="multipart/form-data">'. |
---|
350 | '<div>'.form::hidden(array('MAX_FILE_SIZE'),DC_MAX_UPLOAD_SIZE). |
---|
351 | $core->formNonce().'</div>'. |
---|
352 | '<p><label for="upfile">'.__('Choose a file:'). |
---|
353 | ' ('.sprintf(__('Maximum size %s'),files::size(DC_MAX_UPLOAD_SIZE)).')'. |
---|
354 | '<input type="file" id="upfile" name="upfile" size="20" />'. |
---|
355 | '</label></p>'. |
---|
356 | '<p><label for="upfiletitle">'.__('Title:').form::field(array('upfiletitle','upfiletitle'),35,255).'</label></p>'. |
---|
357 | '<p><label for="upfilepriv" class="classic">'.form::checkbox(array('upfilepriv','upfilepriv'),1).' '. |
---|
358 | __('Private').'</label></p>'. |
---|
359 | '<p class="form-help info">'.__('To send several files at the same time, you can activate the enhanced uploader in'). |
---|
360 | '<a href="preferences.php?tab=user-options"> '.__('My preferences').'</a></p>'. |
---|
361 | '<p><input type="submit" value="'.__('Send').'" />'. |
---|
362 | form::hidden(array('d'),$d).'</p>'. |
---|
363 | '</fieldset>'. |
---|
364 | '</form>'. |
---|
365 | '</div>'; |
---|
366 | |
---|
367 | echo |
---|
368 | '<div class="col">'. |
---|
369 | '<form class="clear" action="'.html::escapeURL($page_url).'" method="post">'. |
---|
370 | '<fieldset id="new-dir-f">'. |
---|
371 | '<legend>'.__('New directory').'</legend>'. |
---|
372 | $core->formNonce(). |
---|
373 | '<p><label for="newdir">'.__('Directory Name:'). |
---|
374 | form::field(array('newdir','newdir'),35,255).'</label></p>'. |
---|
375 | '<p><input type="submit" value="'.__('Create').'" />'. |
---|
376 | form::hidden(array('d'),html::escapeHTML($d)).'</p>'. |
---|
377 | '</fieldset>'. |
---|
378 | '</form></div>'; |
---|
379 | |
---|
380 | echo '</div>'; |
---|
381 | } |
---|
382 | |
---|
383 | # Empty remove form (for javascript actions) |
---|
384 | echo |
---|
385 | '<form id="media-remove-hide" action="'.html::escapeURL($page_url).'" method="post"><div class="clear">'. |
---|
386 | form::hidden('rmyes',1).form::hidden('d',html::escapeHTML($d)). |
---|
387 | form::hidden('remove',''). |
---|
388 | $core->formNonce(). |
---|
389 | '</div></form>'; |
---|
390 | |
---|
391 | # Get zip directory |
---|
392 | if ($core->auth->check('media_admin',$core->blog->id) && |
---|
393 | !(count($items) == 0 || (count($items) == 1 && $items[0]->parent))) |
---|
394 | { |
---|
395 | echo |
---|
396 | '<p class="zip-dl"><a href="'.html::escapeURL($page_url).'&zipdl=1">'. |
---|
397 | __('Download this directory as a zip file').'</a></p>'; |
---|
398 | } |
---|
399 | |
---|
400 | call_user_func($close_f); |
---|
401 | |
---|
402 | /* ----------------------------------------------------- */ |
---|
403 | function mediaItemLine($f,$i) |
---|
404 | { |
---|
405 | global $core, $page_url, $popup, $post_id; |
---|
406 | |
---|
407 | $fname = $f->basename; |
---|
408 | |
---|
409 | if ($f->d) { |
---|
410 | $link = html::escapeURL($page_url).'&d='.html::sanitizeURL($f->relname); |
---|
411 | if ($f->parent) { |
---|
412 | $fname = '..'; |
---|
413 | } |
---|
414 | } else { |
---|
415 | $link = |
---|
416 | 'media_item.php?id='.$f->media_id.'&popup='.$popup.'&post_id='.$post_id; |
---|
417 | } |
---|
418 | |
---|
419 | $class = 'media-item media-col-'.($i%2); |
---|
420 | |
---|
421 | $res = |
---|
422 | '<div class="'.$class.'"><a class="media-icon media-link" href="'.$link.'">'. |
---|
423 | '<img src="'.$f->media_icon.'" alt="" /></a>'. |
---|
424 | '<ul>'. |
---|
425 | '<li><a class="media-link" href="'.$link.'">'.$fname.'</a></li>'; |
---|
426 | |
---|
427 | if (!$f->d) { |
---|
428 | $res .= |
---|
429 | '<li>'.$f->media_title.'</li>'. |
---|
430 | '<li>'. |
---|
431 | $f->media_dtstr.' - '. |
---|
432 | files::size($f->size).' - '. |
---|
433 | '<a href="'.$f->file_url.'">'.__('open').'</a>'. |
---|
434 | '</li>'; |
---|
435 | } |
---|
436 | |
---|
437 | $res .= '<li class="media-action"> '; |
---|
438 | |
---|
439 | if ($post_id && !$f->d) { |
---|
440 | $res .= '<form action="post_media.php" method="post">'. |
---|
441 | '<input type="image" src="images/plus.png" alt="'.__('Attach this file to entry').'" '. |
---|
442 | 'title="'.__('Attach this file to entry').'" /> '. |
---|
443 | form::hidden('media_id',$f->media_id). |
---|
444 | form::hidden('post_id',$post_id). |
---|
445 | form::hidden('attach',1). |
---|
446 | $core->formNonce(). |
---|
447 | '</form>'; |
---|
448 | } |
---|
449 | |
---|
450 | if ($popup && !$f->d) { |
---|
451 | $res .= '<a href="'.$link.'"><img src="images/plus.png" alt="'.__('Insert this file into entry').'" '. |
---|
452 | 'title="'.__('Insert this file into entry').'" /></a> '; |
---|
453 | } |
---|
454 | |
---|
455 | if ($f->del) { |
---|
456 | $res .= '<a class="media-remove" '. |
---|
457 | 'href="'.html::escapeURL($page_url).'&d='. |
---|
458 | rawurlencode($GLOBALS['d']).'&remove='.rawurlencode($f->basename).'">'. |
---|
459 | '<img src="images/trash.png" alt="'.__('Delete').'" title="'.__('delete').'" /></a>'; |
---|
460 | } |
---|
461 | |
---|
462 | $res .= '</li>'; |
---|
463 | |
---|
464 | if ($f->type == 'audio/mpeg3') { |
---|
465 | $res .= '<li>'.dcMedia::mp3player($f->file_url,'index.php?pf=player_mp3.swf').'</li>'; |
---|
466 | } |
---|
467 | |
---|
468 | $res .= '</ul></div>'; |
---|
469 | |
---|
470 | return $res; |
---|
471 | } |
---|
472 | ?> |
---|