| [ Index ] |
PHP Cross Reference of Nucleus CMS 3.64 |
[Summary view] [Print] [Text view]
1 <?php 2 /* 3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) 4 * Copyright (C) 2002-2009 The Nucleus Group 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 2 9 * of the License, or (at your option) any later version. 10 * (see nucleus/documentation/index.html#license for more info) 11 */ 12 /** 13 * Media popup window for Nucleus 14 * 15 * Purpose: 16 * - can be openen from an add-item form or bookmarklet popup 17 * - shows a list of recent files, allowing browsing, search and 18 * upload of new files 19 * - close the popup by selecting a file in the list. The file gets 20 * passed through to the add-item form (linkto, popupimg or inline img) 21 * 22 * @license http://nucleuscms.org/license.txt GNU General Public License 23 * @copyright Copyright (C) 2002-2009 The Nucleus Group 24 * @version $Id: media.php 1491 2011-01-03 23:00:35Z ftruscot $ 25 * 26 */ 27 28 $CONF = array(); 29 30 // defines how much media items will be shown per page. You can override this 31 // in config.php if you like. (changing it in config.php instead of here will 32 // allow your settings to be kept even after a Nucleus upgrade) 33 $CONF['MediaPerPage'] = 10; 34 35 // include all classes and config data 36 $DIR_LIBS = ''; 37 require_once ('../config.php'); 38 //include($DIR_LIBS . 'MEDIA.php'); // media classes 39 include_libs('MEDIA.php',false,false); 40 41 sendContentType('application/xhtml+xml', 'media'); 42 43 // user needs to be logged in to use this 44 if (!$member->isLoggedIn()) { 45 media_loginAndPassThrough(); 46 exit; 47 } 48 49 // check if member is on at least one teamlist 50 $query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID(); 51 $teams = sql_query($query); 52 if (sql_num_rows($teams) == 0 && !$member->isAdmin()) 53 media_doError(_ERROR_DISALLOWEDUPLOAD); 54 55 // get action 56 $action = requestVar('action'); 57 if ($action == '') 58 $action = 'selectmedia'; 59 60 // check ticket 61 $aActionsNotToCheck = array('selectmedia', _MEDIA_FILTER_APPLY, _MEDIA_COLLECTION_SELECT); 62 if (!in_array($action, $aActionsNotToCheck)) 63 { 64 if (!$manager->checkTicket()) 65 media_doError(_ERROR_BADTICKET); 66 } 67 68 69 switch($action) { 70 case 'chooseupload': 71 case _MEDIA_UPLOAD_TO: 72 case _MEDIA_UPLOAD_NEW: 73 if (!$member->isAdmin() and $CONF['AllowUpload'] != true) { 74 media_doError(_ERROR_DISALLOWED); 75 } else { 76 media_choose(); 77 } 78 break; 79 case 'uploadfile': 80 if (!$member->isAdmin() and $CONF['AllowUpload'] != true) { 81 media_doError(_ERROR_DISALLOWED); 82 } else { 83 media_upload(); 84 } 85 break; 86 case _MEDIA_FILTER_APPLY: 87 case 'selectmedia': 88 case _MEDIA_COLLECTION_SELECT: 89 default: 90 media_select(); 91 break; 92 } 93 94 // select a file 95 function media_select() { 96 global $member, $CONF, $DIR_MEDIA, $manager; 97 98 // show 10 files + navigation buttons 99 // show msg when no files 100 // show upload form 101 // files sorted according to last modification date 102 103 // currently selected collection 104 $currentCollection = requestVar('collection'); 105 if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection)) 106 $currentCollection = $member->getID(); 107 108 // avoid directory travarsal and accessing invalid directory 109 if (!MEDIA::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED); 110 111 media_head(); 112 113 // get collection list 114 $collections = MEDIA::getCollectionList(); 115 116 if (sizeof($collections) > 1) { 117 ?> 118 <form method="post" action="media.php"><div> 119 <label for="media_collection"><?php echo htmlspecialchars(_MEDIA_COLLECTION_LABEL)?></label> 120 <select name="collection" id="media_collection"> 121 <?php foreach ($collections as $dirname => $description) { 122 echo '<option value="',htmlspecialchars($dirname),'"'; 123 if ($dirname == $currentCollection) { 124 echo ' selected="selected"'; 125 } 126 echo '>',htmlspecialchars($description),'</option>'; 127 } 128 ?> 129 </select> 130 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo htmlspecialchars(_MEDIA_COLLECTION_TT)?>" /> 131 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_TO) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" /> 132 <?php $manager->addTicketHidden() ?> 133 </div></form> 134 <?php } else { 135 ?> 136 <form method="post" action="media.php" style="float:right"><div> 137 <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" /> 138 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" /> 139 <?php $manager->addTicketHidden() ?> 140 </div></form> 141 <?php } // if sizeof 142 143 $filter = requestVar('filter'); 144 $offset = intRequestVar('offset'); 145 $arr = MEDIA::getMediaListByCollection($currentCollection, $filter); 146 147 ?> 148 <form method="post" action="media.php"><div> 149 <label for="media_filter"><?php echo htmlspecialchars(_MEDIA_FILTER_LABEL)?></label> 150 <input id="media_filter" type="text" name="filter" value="<?php echo htmlspecialchars($filter)?>" /> 151 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_FILTER_APPLY) ?>" /> 152 <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" /> 153 <input type="hidden" name="offset" value="<?php echo intval($offset)?>" /> 154 </div></form> 155 156 <?php 157 158 ?> 159 <table width="100%"> 160 <caption><?php echo _MEDIA_COLLECTION_LABEL . htmlspecialchars($collections[$currentCollection])?></caption> 161 <tr> 162 <th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th> 163 </tr> 164 165 <?php 166 167 if (sizeof($arr)>0) { 168 169 if (($offset + $CONF['MediaPerPage']) >= sizeof($arr)) 170 $offset = sizeof($arr) - $CONF['MediaPerPage']; 171 172 if ($offset < 0) $offset = 0; 173 174 $idxStart = $offset; 175 $idxEnd = $offset + $CONF['MediaPerPage']; 176 $idxNext = $idxEnd; 177 $idxPrev = $idxStart - $CONF['MediaPerPage']; 178 179 if ($idxPrev < 0) $idxPrev = 0; 180 181 if ($idxEnd > sizeof($arr)) 182 $idxEnd = sizeof($arr); 183 184 for($i=$idxStart;$i<$idxEnd;$i++) { 185 $obj = $arr[$i]; 186 $filename = $DIR_MEDIA . $currentCollection . '/' . $obj->filename; 187 188 $old_level = error_reporting(0); 189 $size = @GetImageSize($filename); 190 error_reporting($old_level); 191 $width = $size[0]; 192 $height = $size[1]; 193 $filetype = $size[2]; 194 195 echo "<tr>"; 196 echo "<td>". date("Y-m-d",$obj->timestamp) ."</td>"; 197 198 // strings for javascript 199 $jsCurrentCollection = str_replace("'","\\'",$currentCollection); 200 $jsFileName = str_replace("'","\\'",$obj->filename); 201 202 if ($filetype != 0) { 203 // image (gif/jpg/png/swf) 204 echo "<td><a href=\"media.php\" onclick=\"chooseImage('", htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'," 205 . "'", htmlspecialchars($width), "','" , htmlspecialchars($height), "'" 206 . ")\" title=\"" . htmlspecialchars($obj->filename). "\">" 207 . htmlspecialchars(shorten($obj->filename,25,'...')) 208 ."</a>"; 209 echo ' (<a href="', htmlspecialchars($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',htmlspecialchars(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)'; 210 echo "</td>"; 211 } else { 212 // no image (e.g. mpg) 213 echo "<td><a href='media.php' onclick=\"chooseOther('" , htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'" 214 . ")\" title=\"" . htmlspecialchars($obj->filename). "\">" 215 . htmlspecialchars(shorten($obj->filename,30,'...')) 216 ."</a></td>"; 217 218 } 219 echo '<td>' , htmlspecialchars($width) , 'x' , htmlspecialchars($height) , '</td>'; 220 echo '</tr>'; 221 } 222 } // if (sizeof($arr)>0) 223 ?> 224 225 </table> 226 <?php 227 if ($idxStart > 0) 228 echo "<a href='media.php?offset=$idxPrev&collection=".urlencode($currentCollection)."'>". _LISTS_PREV."</a> "; 229 if ($idxEnd < sizeof($arr)) 230 echo "<a href='media.php?offset=$idxNext&collection=".urlencode($currentCollection)."'>". _LISTS_NEXT."</a> "; 231 232 ?> 233 <input id="typeradio0" type="radio" name="typeradio" onclick="setType(0);" checked="checked" /><label for="typeradio0"><?php echo _MEDIA_INLINE?></label> 234 <input id="typeradio1" type="radio" name="typeradio" onclick="setType(1);" /><label for="typeradio1"><?php echo _MEDIA_POPUP?></label> 235 <?php 236 media_foot(); 237 238 239 } 240 241 /** 242 * Shows a screen where you can select the file to upload 243 */ 244 function media_choose() { 245 global $CONF, $member, $manager; 246 247 $currentCollection = requestVar('collection'); 248 249 $collections = MEDIA::getCollectionList(); 250 251 media_head(); 252 ?> 253 <h1><?php echo _UPLOAD_TITLE?></h1> 254 255 <p><?php echo _UPLOAD_MSG?></p> 256 257 <form method="post" enctype="multipart/form-data" action="media.php"> 258 <div> 259 <input type="hidden" name="action" value="uploadfile" /> 260 <?php $manager->addTicketHidden() ?> 261 <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" /> 262 File: 263 <br /> 264 <input name="uploadfile" type="file" size="40" /> 265 <?php if (sizeof($collections) > 1) { 266 ?> 267 <br /><br /><label for="upload_collection">Collection:</label> 268 <br /><select name="collection" id="upload_collection"> 269 <?php foreach ($collections as $dirname => $description) { 270 echo '<option value="',htmlspecialchars($dirname),'"'; 271 if ($dirname == $currentCollection) { 272 echo ' selected="selected"'; 273 } 274 echo '>',htmlspecialchars($description),'</option>'; 275 } 276 ?> 277 </select> 278 <?php } else { 279 ?> 280 <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection'))?>" /> 281 <?php } // if sizeof 282 ?> 283 <br /><br /> 284 <?php 285 $manager->notify( 286 'MediaUploadFormExtras', 287 array() 288 ); 289 ?> 290 <br /><br /> 291 <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" /> 292 </div> 293 </form> 294 295 <?php 296 media_foot(); 297 } 298 299 300 /** 301 * accepts a file for upload 302 */ 303 function media_upload() { 304 global $DIR_MEDIA, $member, $CONF; 305 306 $uploadInfo = postFileInfo('uploadfile'); 307 308 $filename = $uploadInfo['name']; 309 $filetype = $uploadInfo['type']; 310 $filesize = $uploadInfo['size']; 311 $filetempname = $uploadInfo['tmp_name']; 312 $fileerror = intval($uploadInfo['error']); 313 314 // clean filename of characters that may cause trouble in a filename using cleanFileName() function from globalfunctions.php 315 $filename = cleanFileName($filename); 316 if ($filename === false) 317 media_doError(_ERROR_BADFILETYPE); 318 319 switch ($fileerror) 320 { 321 case 0: // = UPLOAD_ERR_OK 322 break; 323 case 1: // = UPLOAD_ERR_INI_SIZE 324 case 2: // = UPLOAD_ERR_FORM_SIZE 325 media_doError(_ERROR_FILE_TOO_BIG); 326 case 3: // = UPLOAD_ERR_PARTIAL 327 case 4: // = UPLOAD_ERR_NO_FILE 328 case 6: // = UPLOAD_ERR_NO_TMP_DIR 329 case 7: // = UPLOAD_ERR_CANT_WRITE 330 default: 331 // include error code for debugging 332 // (see http://www.php.net/manual/en/features.file-upload.errors.php) 333 media_doError(_ERROR_BADREQUEST . ' (' . $fileerror . ')'); 334 } 335 336 if ($filesize > $CONF['MaxUploadSize']) 337 media_doError(_ERROR_FILE_TOO_BIG); 338 339 // check file type against allowed types 340 $ok = 0; 341 $allowedtypes = explode (',', $CONF['AllowedTypes']); 342 foreach ( $allowedtypes as $type ) 343 { 344 //if (eregi("\." .$type. "$",$filename)) $ok = 1; 345 if (preg_match("#\." .$type. "$#i",$filename)) $ok = 1; 346 } 347 if (!$ok) media_doError(_ERROR_BADFILETYPE); 348 349 if (!is_uploaded_file($filetempname)) 350 media_doError(_ERROR_BADREQUEST); 351 352 // prefix filename with current date (YYYY-MM-DD-) 353 // this to avoid nameclashes 354 if ($CONF['MediaPrefix']) 355 $filename = strftime("%Y%m%d-", time()) . $filename; 356 357 $collection = requestVar('collection'); 358 $res = MEDIA::addMediaObject($collection, $filetempname, $filename); 359 360 if ($res != '') 361 media_doError($res); 362 363 // shows updated list afterwards 364 media_select(); 365 } 366 367 function media_loginAndPassThrough() { 368 media_head(); 369 ?> 370 <h1><?php echo _LOGIN_PLEASE?></h1> 371 372 <form method="post" action="media.php"> 373 <div> 374 <input name="action" value="login" type="hidden" /> 375 <input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" /> 376 <?php echo _LOGINFORM_NAME?>: <input name="login" /> 377 <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" /> 378 <br /><input type="submit" value="<?php echo _LOGIN?>" /> 379 </div> 380 </form> 381 <p><a href="media.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p> 382 <?php media_foot(); 383 exit; 384 } 385 386 function media_doError($msg) { 387 media_head(); 388 ?> 389 <h1><?php echo _ERROR?></h1> 390 <p><?php echo $msg?></p> 391 <p><a href="media.php" onclick="history.back()"><?php echo _BACK?></a></p> 392 <?php media_foot(); 393 exit; 394 } 395 396 397 function media_head() { 398 ?> 399 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 400 <html xmlns="http://www.w3.org/1999/xhtml"> 401 <head> 402 <title>Nucleus Media</title> 403 <link rel="stylesheet" type="text/css" href="styles/popups.css" /> 404 <script type="text/javascript"> 405 var type = 0; 406 function setType(val) { type = val; } 407 408 function chooseImage(collection, filename, width, height) { 409 window.opener.focus(); 410 window.opener.includeImage(collection, 411 filename, 412 type == 0 ? 'inline' : 'popup', 413 width, 414 height 415 ); 416 window.close(); 417 } 418 419 function chooseOther(collection, filename) { 420 window.opener.focus(); 421 window.opener.includeOtherMedia(collection, filename); 422 window.close(); 423 424 } 425 </script> 426 </head> 427 <body> 428 <?php } 429 430 function media_foot() { 431 ?> 432 </body> 433 </html> 434 <?php } 435 436 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon May 2 16:14:08 2011 | Cross-referenced by PHPXref 0.7.1 |