<?php
//#################################################################################################
// Helper functions for the media page
//#################################################################################################
// chillyCMS - Content Management System
// Copyright (C) 2008
// Stefanie Wiegand <hide@address.com> & Johannes Cox <hide@address.com>
//
// This program is licensed under the GPL 3.0 license. For more information see LICENSE.txt.
//#################################################################################################
// uploadform()
// newfolder_form()
// print_recursive($path,&$depth,$output)
// show_folders()
// print_images($path)
// upload_file($folder)
// create_folder($parent,$newfolder)
// delete_file($path)
// unzip_here($folder,$file)
//#################################################################################################
defined('DOIT') or die('Restricted access');
//Upload form//////////////////////////////////////////////////////////////////////////////////////
function uploadform() {
global $l_media,$l_gen,$folders,$showfolder,$mysession;
//Where to upload to?
if(isset($_POST["folder"])) {
$folder="../".cut_doubledots($_POST["folder"]);
$myfoldername = $folder;
} else {
$folder = false;
$myfoldername="../media";
}
if(isset($_POST["destination"])) {
$destination="../".cut_doubledots($_POST["destination"]);
$myfoldername=$destination;
} else {
$destination = false;
}
$uploadform = "\t<div class='files'>\n".
"\t\t<div class='uploadform'>\n".
"\t\t\t<h1>$l_media[lbl_upload]</h1>\n".
"\t\t\t<form enctype='multipart/form-data' action='../admin/media.site.php' method='post'>\n";
array_push($folders, "../media");
arsort($folders);
$uploadform .= "\t\t\t\t<span class=\"fileinputinfo\">$l_media[lbl_destination]:</span>\n";
if (in_array(1,$mysession->user->gids)) {
$uploadform .= "\t\t\t\t<select class='button floatmargin' name='destination' size='1'>\n";
//sort directories and show
while ($foldername = array_pop($folders)) {
//what's the option selected?
//-the folder we are in
if ($foldername==$folder) {
$uploadform .= "\t\t\t\t\t<option selected='selected'>$foldername</option>\n";
//-the one just uploaded
} else if ($foldername==$destination) {
$uploadform .= "\t\t\t\t\t<option selected='selected'>$foldername</option>\n";
//-the standard folder
} else if ($foldername=="../media") {
$uploadform .= "\t\t\t\t\t<option selected='selected'>$foldername</option>\n";
} else {
$uploadform .= "\t\t\t\t\t<option>$foldername</option>\n";
}
}
$uploadform .= "\t\t\t\t</select>\n";
} else {
$uploadform .= "\t\t\t\t<span>$myfoldername</span>\n";
}
$uploadform .= "\t\t\t\t<div class=\"fileinput\"><input class='button_left floatmargin' type='file' name='file'></input></div>\n".
"\t\t\t\t<input type='hidden' name='destination' value='$myfoldername'></input>\n".
"\t\t\t\t<input type='hidden' name='folder' value='$myfoldername'></input>\n".
"\t\t\t\t<input type='hidden' name='sentfile' value='sentfile'></input>\n".
"\t\t\t\t<input class='button' type='submit' value='$l_gen[lbl_go]'></input>\n".
"\t\t\t</form>\n".
"\t\t</div><br />\n";
return $uploadform;
}
//New folder///////////////////////////////////////////////////////////////////////////////////////
function newfolder_form() {
global $l_media,$l_gen,$showfolder,$mysession;
$newfolderform = "\t<div class='filelist'>\n";
if (in_array(1,$mysession->user->gids)) {
$newfolderform .= "\t\t<div class='makefolder'>\n".
"\t\t\t<h1>$l_media[lbl_newdir]</h1>\n".
"\t\t\t<form method='post' action='media.site.php'>\n".
"\t\t\t\t<p>$showfolder/<br />\n".
"\t\t\t\t\t<input class='textinput floatmargin' type='text' name='newfolder' maxlength='30'></input>\n".
"\t\t\t\t\t<input class='button floatright' type='submit' value='$l_gen[lbl_ok]'></input>\n".
"\t\t\t\t\t<input type='hidden' name='parent' value='$showfolder'></input>\n".
"\t\t\t\t</p>\n".
"\t\t\t</form>\n".
"\t\t</div>\n";
}
return $newfolderform;
}
//Recursively read the content of $path////////////////////////////////////////////////////////////
$currents=array();
function print_recursive($path,&$depth,&$output) {
global $showfolder,$folders,$currents,$mysession,$is_admin,$l_media,$l_gen,$groups;
$result = $files = array();
$path="../".cut_doubledots($path);
if ($path=="../" or $path=="") { $path="../media"; }
$handle = opendir($path);
if(isset($_POST["folder"])) {
$thisfolder = "../".cut_doubledots($_POST["folder"]);
} else {
$thisfolder = "";
}
if ($thisfolder=="../" or $thisfolder=="") { $thisfolder="../media"; }
array_push($currents,$thisfolder);
//xhtml conformity and readability: tab generated code
$tabs="\t\t\t\t";
for ($i=0;$i<$depth;$i++) { $tabs.="\t"; }
//does the directory exist and can it be accessed?
if ($handle) {
//is there any content?
while (false !== ($file = readdir($handle))) {
//file is not the folder itself or the parent folder
if ($file != "." && $file != "..") {
$name = $path."/".$file;
$printname=substr($name,strlen($path)+1);
$children=0;
//"file" is a folder
if (is_dir($name)) {
array_push($folders,$name);
//is the user allowed to see the folder? if not stop recursing into it
$foldername=explode("/",$name);
$myfolder=array_pop($foldername);
$gid = 0;
foreach ($groups as $group) {
if ($group["name"]==$myfolder) { $gid=intval($group["gid"]); }
}
//If the user is in that group show him the folder
if ($is_admin or $gid>2) {
//increment recursion depth
$depth++;
//only open new ul if folder contains children
$output .= "$tabs\t<ul>\n";
$children++;
//is it the chosen folder?
if($name==$showfolder) {
$myclass="curfolder";
} else {
$myclass="folder";
}
$output .= "$tabs\t<li>\n".
//show folder
"$tabs\t\t<form method='post' action='media.site.php'>\n".
"$tabs\t\t\t<input type='hidden' name='folder' value='$name' />\n".
"$tabs\t\t\t<span class='$myclass'></span>\n".
"$tabs\t\t\t<input type='submit' class='folderlink linkbutton'".
" value='$printname' />\n".
"$tabs\t\t</form>\n";
//delete link
if ($is_admin) {
$output .= "$tabs\t\t<form method='post' action='media.site.php'>\n".
"$tabs\t\t\t<input type='hidden' name='action' value='delete' />\n".
"$tabs\t\t\t<input type='hidden' name='file' value='$name' />\n".
"$tabs\t\t\t<input type='submit' value=\" \" class='delete' ".
js_confirm_link($file.$l_gen["pop_del"]).
"title='$l_gen[lbl_delete]' />\n".
"$tabs\t\t</form><br />\n";
}
array_push($currents, $name);
//read directory content
$ar = print_recursive($name,$depth,$output);
//only close ul tag if there were any children
if ($children>0) { $output .= "$tabs\t</li>\n"; }
$output .= "$tabs\t</ul>\n";
//Decrement recursion depth
$depth--;
}
} else {
//if it is wanted to show the files, insert them here
//echo "$tabs\t<li></li>\n";
}
}
}
asort($files);
foreach ($files as $out) {
$output .= $out;
}
}
//close directory and return the contents
closedir($handle);
return $result;
}
//Show folders/////////////////////////////////////////////////////////////////////////////////////
function show_folders() {
global $showfolder;
$showfolders = "\t\t<div class='folders'>\n".
"\t\t\t<ul>\n".
"\t\t\t\t<li>";
//Print link to media folder
if ($showfolder=="../media" or $showfolder=="") { $class="curfolder"; } else { $class="folder"; }
$showfolders .= "\t\t\t\t<form method='post' action='media.site.php'>\n".
"\t\t\t\t\t<input type='hidden' name='folder' value='../media' />\n".
"\t\t\t\t\t<span class='$class'></span>\n".
"\t\t\t\t\t<input type='submit' class='folderlink linkbutton'".
" value='media' />\n".
"\t\t\t\t</form>\n";
$depth=0;
$output = "";
print_recursive("../media",$depth,$output);
$showfolders .= $output.
"\t\t\t\t</li>\n".
"\t\t\t</ul>\n".
"\t\t</div>\n".
"\t</div>\n";
return $showfolders;
}
//Show image preview thumbnails////////////////////////////////////////////////////////////////////
function print_images($path) {
global $showfolder,$mysession,$is_admin,$backendstyle,$l_gen,$l_media,$settings,$page;
$myimages = "\t\t<h3 style='padding: 5px 0; width:100%; float:left;'>$showfolder</h3>\n".
"\t\t<div class='preview'>\n";
$path=cut_doubledots($path)."/";
$fullpath=PATH."/".$path;
$fh = opendir($fullpath);
$verzeichnisinhalt = array();
while (true == ($file = readdir($fh))) {
$myfile=new File($fullpath.$file);
//Valid file formats
$allowed=array_map("strtolower",explode(",",$settings["allowed_ftypes"]));
if (in_array(strtolower($myfile->ext), $allowed)) {
$verzeichnisinhalt[] = $myfile;
}
}
//Check if the directory is a groupfolder
$thisfolder=explode("/",substr($path,0,-1));
$foldername=array_pop($thisfolder);
$sql="select u.uid from system_groups as g, system_users as u where g.name='$foldername' and g.moderator=u.uid limit 1";
$page->query($sql);
$uid = $page->db->getdata();
//The moderator's uid
$moduid=$uid["uid"];
$is_mod=false;
if ($moduid == $mysession->user->uid) { $is_mod=true; }
sort($verzeichnisinhalt);
$myimages .= "\t\t\t<div class='gallery'>\n";
//Generate thumbnails
for($i=0;$i<sizeof($verzeichnisinhalt);$i++) {
$myfile = $verzeichnisinhalt[$i];
$ext=strtolower($myfile->ext);
//make filename shorter if it is too long
if (strlen($myfile->name)>20) {
$filename = substr($myfile->name,0,20)."...";
} else {
$filename = $myfile->name;
}
$myimages .= "\t\t\t\t<div class='filepreview'>\n".
"\t\t\t\t\t<div class='imgpreview'>";
//Various Formats
if ($myfile->type=="audio" or $myfile->type=="video" or $myfile->type=="text" or $myfile->type=="document") {
$myimages .= "<img src='".URL."/style/images/transparent.png' alt='' title='$myfile->name.$myfile->ext'".
"class='mediaimages2 $myfile->type'></img>";
//Office
} elseif ($myfile->type=="office") {
if ($ext=="doc" or $ext=="dot" or $ext=="docx" or $ext=="dotx" or $ext=="dotm" or $ext=="docm"
or $ext=="odt" or $ext=="ott" or $ext=="odm") {
$type="worddoc";
} else {
$type="presentation";
}
$myimages .= "<img src='".URL."/style/images/transparent.png' alt='' title='$myfile->name.$myfile->ext'".
"class='mediaimages2 $type'></img>";
//ZIP
} elseif ($myfile->type=="compressed") {
$myimages .= "<a class='mediaimages2 ";
if ($ext == "zip") {
$myimages .= "$myfile->type'>";
$myimages .= "\t\t\t\t\t\t<form method='post' action='media.site.php'>".
"<input type='hidden' name='folder' value='".substr($path,0,-1)."' />".
"<input type='hidden' name='action' value='unzip' />".
"<input type='hidden' name='file' value='$path".$myfile->name.".".$myfile->ext."' />".
"<input type='submit' class='unzipbutton' value=\"\" ".
"title='$l_media[lbl_unzip] \"$myfile->name.$myfile->ext\"' />".
"</form>";
} else {
$myimages .= $myfile->type."2' title='$myfile->name.$myfile->ext'>";
}
$myimages .= "</a>";
//Real image
} elseif ($myfile->type=="picture") {
$myimages .= "\t\t\t\t\t<img src='".URL."/".$path.$myfile->name.".".$myfile->ext."'".
" class='mediaimages' alt='$myfile->name' title='$myfile->name.$myfile->ext'></img>";
//Unknown
} else {
$myimages .= "<img src='' alt='' title='$myfile->name.$myfile->ext'".
"class='mediaimages2 unknown'></img>";
}
$myimages .= "</div>\n";
//Delete link only for Admins or the Groupmoderator
//path of containing directory
$realpath=PATH."/".$path;
$myimages .= "\t\t\t\t\t<div class='medianame'>\n";
//only show delete link if the file is not (inside) a link
if (($is_admin or $is_mod) && !is_link($realpath)) {
$myimages .= "\t\t\t\t\t\t<form method='post' action='media.site.php'>".
"<input type='hidden' name='folder' value='$path' />".
"<input type='hidden' name='action' value='delete' />".
"<input type='hidden' name='file' value='$path".$myfile->name.".".$myfile->ext."' />".
"<input type='submit' class='delete floatright' value=\" \" ".
js_confirm_link($filename.$l_gen["pop_del"]).
"title='$l_gen[lbl_delete] \"$myfile->name.$myfile->ext\"' />".
"</form>";
}
$myimages .= "\t\t\t\t\t\t<center><p>$filename</p></center>\n".
"\t\t\t\t\t</div>\n".
"\t\t\t\t</div>\n";
}
$myimages .= "\t\t\t</div>\n".
"\t\t<div class='clr'></div>\n".
"\t\t</div>\n".
"\t</div>\n";
return $myimages;
}
//Datei hochladen//////////////////////////////////////////////////////////////////////////////////
function upload_file($folder) {
global $l_media,$l_gen,$settings,$mime_types;
$error=$_FILES["file"]["error"];
$errorvar=false;
if (empty($_FILES)) { $errorvar="upload_max_filesize"; }
if ($error==1) { $errorvar="post_max_size"; }
if (empty($_FILES) or $error>0) {
if ($errorvar) {
return array($l_media["msg_phpini_err"]." $errorvar","bad");
} else {
return array($l_media["msg_upload_err"],"bad");
}
}
$tempname = $_FILES["file"]["tmp_name"];
$name = $_FILES["file"]["name"];
$type = $_FILES["file"]["type"];
$size = $_FILES["file"]["size"];
$allowed=false;
//check Upload-Limit
if($size > $settings["filesize_limit"]) {
return array("$l_media[msg_filesize_err]".$settings["filesize_limit"]." B","bad");
}
//Copy to tmp
$tmppath=PATH."/tmp/";
if (!is_writable($tmppath)) { return array($l_media["msg_noacc_err"],"bad"); }
$handle = opendir($tmppath);
if (!($handle && @copy($tempname, $tmppath.$name))) {
return array($l_media["msg_upload_err"]." \"$name\"","bad");
}
$nf=new File($tmppath.$name);
//allowed filetype?
if (in_array(strtolower($nf->ext),array_map("strtolower",explode(",",$settings["allowed_ftypes"])))) {
foreach ($mime_types as $mytype) {
foreach ($mytype as $ext=>$mt) {
if ($mt==$type) {
$allowed=true;
break;
}
}
}
}
if (!$allowed) {
return array("$l_media[msg_wrongtype_err] ".$settings["allowed_ftypes"],"bad");
}
//Copy to destination
$folder=PATH."/".cut_doubledots($folder)."/";
if (!is_writable($folder)) { return array($l_media["msg_noacc_err"],"bad"); }
$handle = opendir($folder);
if (!($handle && @copy($tempname, $folder.$name))) {
return array($l_media["msg_upload_err"]." \"$name\"","bad");
}
//delete from tmp
@unlink($tmppath.$name);
return array("$l_media[msg_upload1_ok] \"$name\" $l_media[msg_upload2_ok]","good");
}
//Neuen Ordner anlegen/////////////////////////////////////////////////////////////////////////////
function create_folder($parent,$newfolder) {
global $l_media,$l_gen;
$printpath="/$parent/$newfolder";
$parent=PATH."/".$parent;
if (make_dir($parent,$newfolder)) {
$msg=array("$l_media[msg_pathcreated1_ok] \"$printpath\" $l_media[msg_pathcreated2_ok]","good");
} else {
if (is_dir($path)) {
$msg=array("$l_media[msg_mkdir_err], $l_media[msg_direxists_err]","bad");
} else {
$msg=array($l_media["msg_mkdir_err"],"bad");
}
}
return $msg;
}
//delete directories recursively///////////////////////////////////////////////////////////////////
function delete_file($path) {
global $l_media;
$printpath="/$path";
$path=PATH."/$path";
//is it a directory?
if (is_dir($path)) {
if (substr($path,0,strlen(PATH)+7)==PATH."/media/") {
if (delete_recursively($path)) {
return array("$l_media[msg_deldir1_ok] $printpath $l_media[msg_deldir2_ok]","good");
}
}
} else {
if (@unlink($path)) {
return array("$l_media[msg_delfile_ok] $printpath","good");
}
}
return array("$l_media[msg_del_err] $printpath","bad");
}
//Unzip file in given folder///////////////////////////////////////////////////////////////////////
function unzip_here($folder,$file) {
global $l_media,$l_core;
$folder=PATH."/".cut_doubledots($folder);
$file="/".cut_doubledots($file);
$file = explode("/",$file);
$file = array_pop($file);
$newfolder=substr($file,0,-4)."/";
if (!make_dir($folder,$newfolder)) {
return array($l_media["msg_unzip_err"],"bad");
}
$file=$folder."/".$file;
$folder=$folder."/".$newfolder;
$msg = array($l_core["msg_unzip_err"],"bad");
$zip=new ZipArchive;
if ($zip->open($file) === true) {
if ($zip->extractTo($folder) === true) {
$msg = array($l_core["msg_unzip_ok"],"good");
}
$zip->close();
}
return $msg;
}
?>