<?php
/****************************************************************************************/
/* ACollab */
/****************************************************************************************/
/* Copyright (c) 2002-2005 Adaptive Technology Resource Centre / University of Toronto */
/* */
/* http://atutor.ca/acollab */
/* */
/* This program is free software. You may redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation; either version 2 of the License, */
/* or (at your option) any later version. */
/* */
/* This program is distributed in the hope that it will be useful, but */
/* WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */
/* See the GNU General Public License for more details. */
/* */
/* You may access the GNU General Public License at: */
/* http://www.opensource.org/licenses/gpl-license.php */
/* */
/* You may contact the Adaptive Technology Resource Centre at */
/* Robarts Library, University of Toronto */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5 */
/* Further contact information is available at http://www.utoronto.ca/atrc/ */
/****************************************************************************************/
/* Programmer: */
/* Joel Kronenberg - ATRC */
/****************************************************************************************/
// $Id: edit_file.php 382 2005-02-09 21:31:49Z shozubq $
define('AC_INCLUDE_PATH', '../include/');
require(AC_INCLUDE_PATH.'vitals.inc.php');
require(AC_INCLUDE_PATH.'lib/folders.inc.php');
authenticate(USER_CLIENT, USER_GROUP_ADMIN);
if (isset($_POST['cancel'])) {
Header('Location: index.php?fid='.$_POST['old_folder_id']);
exit;
}
$id = intval($_REQUEST['id']);
if (isset($_POST['submit'])) {
$_POST['title'] = trim($_POST['title']);
$_POST['description']= trim($_POST['description']);
$_POST['folder_id'] = intval($_POST['folder_id']);
if ($_POST['title'] == '') {
$error[] = E_DRAFT_EMPTY_TITLE;
}
if ($_POST['description'] == '') {
$error[] = E_DRAFT_EMPTY_DESC;
}
if (!isset($error)) {
$_POST['title'] = $addslashes($_POST['title']);
$_POST['description'] = $addslashes($_POST['description']);
$lib = '';
if ($_POST['folder_id'] == 0) {
/* just in case it was moved from a public folder to a private one. */
$lib = ', library_revision_id=0';
}
$sql = "UPDATE ".TABLE_PREFIX."files SET title='$_POST[title]', description='$_POST[description]', folder_id=$_POST[folder_id] $lib WHERE file_id=$id AND group_id=$_SESSION[group_id]";
mysql_query($sql, $db);
header('Location: index.php?f='.F_DRAFT_EDITED.SEP.'id='.$_POST['folder_id']);
exit;
}
}
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('edit_file');
$_SECTION[2][1] = 'drafting/edit_file.php';
require(AC_INCLUDE_PATH.'header.inc.php');
print_popup_help('help_edit_file');
if (isset($error)) {
print_errors($error);
unset($error);
}
$sql = "SELECT * FROM ".TABLE_PREFIX."files WHERE file_id=$id AND group_id=$_SESSION[group_id]";
$result = mysql_query($sql,$db);
if (!($row = mysql_fetch_assoc($result))) {
$errors[] = E_FILE_NOT_FOUND;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
} else if ($row['folder_id'] == 0 && $row['member_id'] != $_SESSION['member_id'] && !authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK)) {
/* if file's in a private folder that is not yours and you're not grp admin */
/* actually permission is denied, but for security we fake a "FNF" */
$errors[] = E_FILE_NOT_FOUND;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
} else if (!authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) && $row['locked']) {
$errors[] = E_FILE_LOCKED;
print_errors($errors);
require (AC_INCLUDE_PATH.'footer.inc.php');
exit;
}
if (isset($_POST['submit'])) {
$row['title'] = $_POST['title'];
$row['description'] = $_POST['description'];
$row['folder_id'] = $_POST['folder_id'];
}
?>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data" name="form" id="form">
<input type="hidden" name="id" value="<?php echo $id; ?>" />
<input type="hidden" name="folder_id" value="<?php echo $row['folder_id']; ?>" />
<table border="0" cellspacing="0" cellpadding="2" align="center" class="box2">
<tr>
<th colspan="5" class="box"><h3><?php echo _AC('edit_file'); ?></h3></th>
</tr>
<tr>
<td class="row1"> </td>
<td colspan="3" class="row1"><img src="images/clr.gif" height="1" width="1" alt="" /><br /><?php
echo _AC('denotes_required', '<img src="images/required.gif" height="14" width="14" alt="'._AC('required_field').'" />');
?><br /></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right"><label for="title"><b><?php echo _AC('title'); ?>:</b></label></td>
<td class="row1"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" /></td>
<td class="row1"><input type="text" name="title" class="input" size="40" maxlength="100" id="title" value="<?php echo htmlentities($row['title']); ?>" onfocus="this.className='input highlight'" onblur="this.className='input'" /></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right" valign="top"><label for="description"><b><?php echo _AC('description'); ?>:</b></label></td>
<td class="row1" valign="top"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" class="img" /></td>
<td class="row1"><textarea name="description" id="description" class="input" onfocus="this.className='input highlight'" onblur="this.className='input'" cols="40" rows="3"><?php echo $row['description']; ?></textarea></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right" valign="top"><label for="folder"><b><?php echo _AC('folder'); ?>:</b></label></td>
<td class="row1" valign="top"><img src="images/required.gif" class="img" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" /></td>
<td class="row1" valign="top">
<?php
$folders = get_folders();
if ($folders) {
echo '<select name="folder" size="5" id="folder" class="input" onfocus="this.className=\'input highlight\'" onblur="this.className=\'input\'">';
//cant upload to personal folder if personal folder disabled
if (has_private_folder($_SESSION['member_id'])) {
// can't upload a library file to a private folder
if (!isset($_GET['library'])) {
echo '<optgroup label="'._AC('private_folders').'"><option value="0"';
if ($fid == 0) {
echo ' selected="selected"';
}
echo '>'._AC('your_personal_folder').'</option></optgroup>';
}
}
echo '<optgroup label="'._AC('group_folders').'">';
foreach ($folders as $id => $folder) {
if ($id != 0) {
echo '<option value="'.$id.'"';
if ($id == $row['folder_id']) {
echo ' selected="selected"';
}
echo '>'.$folder['title'].'</option>';
}
}
echo '</optgroup></select>';
} else {
echo _AC('no_folders_found');
}
?>
</td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" colspan="3" align="right"><br /><input type="submit" name="submit" value=" <?php echo _AC('edit'); ?> " class="submitY" onfocus="this.className='submitY highlight'" onblur="this.className='submitY'" /> <input type="submit" name="cancel" value="<?php echo _AC('cancel'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /><br /><br /></td>
<td class="row1"> </td>
</tr>
</table>
</form>
<?php
require(AC_INCLUDE_PATH.'footer.inc.php');
?>