<?php
/*
* Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2007 The Nucleus Group
+ * Copyright (C) 2002-2009 The Nucleus Group
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* passed through to the add-item form (linkto, popupimg or inline img)
*
* @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2007 The Nucleus Group
+ * @copyright Copyright (C) 2002-2009 The Nucleus Group
* @version $Id: media.php,v 1.9 2008-02-08 09:31:22 kimitake Exp $
* $NucleusJP: media.php,v 1.8.2.1 2007/09/07 07:36:44 kimitake Exp $
*
*/
-$CONF = array();
-
-// defines how much media items will be shown per page. You can override this
-// in config.php if you like. (changing it in config.php instead of here will
-// allow your settings to be kept even after a Nucleus upgrade)
-$CONF['MediaPerPage'] = 10;
-
-// include all classes and config data
-require('../config.php');
-include($DIR_LIBS . 'MEDIA.php'); // media classes
-
-sendContentType('application/xhtml+xml', 'media');
-
-// user needs to be logged in to use this
-if (!$member->isLoggedIn()) {
- media_loginAndPassThrough();
- exit;
-}
-
-// check if member is on at least one teamlist
-$query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();
-$teams = mysql_query($query);
-if (mysql_num_rows($teams) == 0)
- media_doError(_ERROR_DISALLOWEDUPLOAD);
-
-// get action
-$action = requestVar('action');
-if ($action == '')
- $action = 'selectmedia';
-
-// check ticket
-$aActionsNotToCheck = array('selectmedia', _MEDIA_FILTER_APPLY, _MEDIA_COLLECTION_SELECT);
-if (!in_array($action, $aActionsNotToCheck))
-{
- if (!$manager->checkTicket())
- media_doError(_ERROR_BADTICKET);
-}
-
-
-switch($action) {
- case 'chooseupload':
- case _MEDIA_UPLOAD_TO:
- case _MEDIA_UPLOAD_NEW:
- media_choose();
- break;
- case 'uploadfile':
- media_upload();
- break;
- case _MEDIA_FILTER_APPLY:
- case 'selectmedia':
- case _MEDIA_COLLECTION_SELECT:
- default:
- media_select();
- break;
-}
-
-// select a file
-function media_select() {
- global $member, $CONF, $DIR_MEDIA, $manager;
-
- media_head();
-
- // show 10 files + navigation buttons
- // show msg when no files
- // show upload form
- // files sorted according to last modification date
-
- // currently selected collection
- $currentCollection = requestVar('collection');
- if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection))
- $currentCollection = $member->getID();
-
-
- // get collection list
- $collections = MEDIA::getCollectionList();
-
- if (sizeof($collections) > 1) {
- ?>
- <form method="post" action="media.php"><div>
- <label for="media_collection"><?php echo htmlspecialchars(_MEDIA_COLLECTION_LABEL)?></label>
- <select name="collection" id="media_collection">
- <?php foreach ($collections as $dirname => $description) {
- echo '<option value="',htmlspecialchars($dirname),'"';
- if ($dirname == $currentCollection) {
- echo ' selected="selected"';
- }
- echo '>',htmlspecialchars($description),'</option>';
- }
- ?>
- </select>
- <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo htmlspecialchars(_MEDIA_COLLECTION_TT)?>" />
- <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_TO) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />
- <?php $manager->addTicketHidden() ?>
- </div></form>
- <?php } else {
- ?>
- <form method="post" action="media.php" style="float:right"><div>
- <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />
- <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />
- <?php $manager->addTicketHidden() ?>
- </div></form>
- <?php } // if sizeof
-
- $filter = requestVar('filter');
- $offset = intRequestVar('offset');
- $arr = MEDIA::getMediaListByCollection($currentCollection, $filter);
-
- ?>
- <form method="post" action="media.php"><div>
- <label for="media_filter"><?php echo htmlspecialchars(_MEDIA_FILTER_LABEL)?></label>
- <input id="media_filter" type="text" name="filter" value="<?php echo htmlspecialchars($filter)?>" />
- <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_FILTER_APPLY) ?>" />
- <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />
- <input type="hidden" name="offset" value="<?php echo intval($offset)?>" />
- </div></form>
-
- <?php
-
- ?>
- <table width="100%">
- <caption><?php echo _MEDIA_COLLECTION_LABEL . htmlspecialchars($collections[$currentCollection])?></caption>
- <tr>
- <th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th>
- </tr>
-
- <?php
-
- if (sizeof($arr)>0) {
-
- if (($offset + $CONF['MediaPerPage']) >= sizeof($arr))
- $offset = sizeof($arr) - $CONF['MediaPerPage'];
-
- if ($offset < 0) $offset = 0;
-
- $idxStart = $offset;
- $idxEnd = $offset + $CONF['MediaPerPage'];
- $idxNext = $idxEnd;
- $idxPrev = $idxStart - $CONF['MediaPerPage'];
-
- if ($idxPrev < 0) $idxPrev = 0;
-
- if ($idxEnd > sizeof($arr))
- $idxEnd = sizeof($arr);
-
- for($i=$idxStart;$i<$idxEnd;$i++) {
- $obj = $arr[$i];
- $filename = $DIR_MEDIA . $currentCollection . '/' . $obj->filename;
-
- $old_level = error_reporting(0);
- $size = @GetImageSize($filename);
- error_reporting($old_level);
- $width = $size[0];
- $height = $size[1];
- $filetype = $size[2];
-
- echo "<tr>";
- echo "<td>". date("Y-m-d",$obj->timestamp) ."</td>";
-
- // strings for javascript
- $jsCurrentCollection = str_replace("'","\\'",$currentCollection);
- $jsFileName = str_replace("'","\\'",$obj->filename);
-
- if ($filetype != 0) {
- // image (gif/jpg/png/swf)
- echo "<td><a href=\"media.php\" onclick=\"chooseImage('", htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "',"
- . "'", htmlspecialchars($width), "','" , htmlspecialchars($height), "'"
- . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"
- . htmlspecialchars(shorten($obj->filename,25,'...'))
- ."</a>";
- echo ' (<a href="', htmlspecialchars($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',htmlspecialchars(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)';
- echo "</td>";
- } else {
- // no image (e.g. mpg)
- echo "<td><a href='media.php' onclick=\"chooseOther('" , htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'"
- . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"
- . htmlspecialchars(shorten($obj->filename,30,'...'))
- ."</a></td>";
-
- }
- echo '<td>' , htmlspecialchars($width) , 'x' , htmlspecialchars($height) , '</td>';
- echo '</tr>';
- }
- } // if (sizeof($arr)>0)
- ?>
-
- </table>
- <?php
- if ($idxStart > 0)
- echo "<a href='media.php?offset=$idxPrev&collection=".urlencode($currentCollection)."'>". _LISTS_PREV."</a> ";
- if ($idxEnd < sizeof($arr))
- echo "<a href='media.php?offset=$idxNext&collection=".urlencode($currentCollection)."'>". _LISTS_NEXT."</a> ";
-
- ?>
- <input id="typeradio0" type="radio" name="typeradio" onclick="setType(0);" checked="checked" /><label for="typeradio0"><?php echo _MEDIA_INLINE?></label>
- <input id="typeradio1" type="radio" name="typeradio" onclick="setType(1);" /><label for="typeradio1"><?php echo _MEDIA_POPUP?></label>
- <?php
- media_foot();
-
-
-}
-
-/**
- * Shows a screen where you can select the file to upload
- */
-function media_choose() {
- global $CONF, $member, $manager;
-
- $currentCollection = requestVar('collection');
-
- $collections = MEDIA::getCollectionList();
-
- media_head();
- ?>
- <h1><?php echo _UPLOAD_TITLE?></h1>
-
- <p><?php echo _UPLOAD_MSG?></p>
-
- <form method="post" enctype="multipart/form-data" action="media.php">
- <div>
- <input type="hidden" name="action" value="uploadfile" />
- <?php $manager->addTicketHidden() ?>
- <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" />
- File:
- <br />
- <input name="uploadfile" type="file" size="40" />
- <?php if (sizeof($collections) > 1) {
- ?>
- <br /><br /><label for="upload_collection">Collection:</label>
- <br /><select name="collection" id="upload_collection">
- <?php foreach ($collections as $dirname => $description) {
- echo '<option value="',htmlspecialchars($dirname),'"';
- if ($dirname == $currentCollection) {
- echo ' selected="selected"';
- }
- echo '>',htmlspecialchars($description),'</option>';
- }
- ?>
- </select>
- <?php } else {
- ?>
- <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection'))?>" />
- <?php } // if sizeof
- ?>
- <br /><br />
- <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" />
- </div>
- </form>
-
- <?php
- media_foot();
-}
-
-
-/**
- * accepts a file for upload
- */
-function media_upload() {
- global $DIR_MEDIA, $member, $CONF;
-
- $uploadInfo = postFileInfo('uploadfile');
-
- $filename = $uploadInfo['name'];
- $filetype = $uploadInfo['type'];
- $filesize = $uploadInfo['size'];
- $filetempname = $uploadInfo['tmp_name'];
- $fileerror = intval($uploadInfo['error']);
-
- switch ($fileerror)
- {
- case 0: // = UPLOAD_ERR_OK
- break;
- case 1: // = UPLOAD_ERR_INI_SIZE
- case 2: // = UPLOAD_ERR_FORM_SIZE
- media_doError(_ERROR_FILE_TOO_BIG);
- case 3: // = UPLOAD_ERR_PARTIAL
- case 4: // = UPLOAD_ERR_NO_FILE
- case 6: // = UPLOAD_ERR_NO_TMP_DIR
- case 7: // = UPLOAD_ERR_CANT_WRITE
- default:
- // include error code for debugging
- // (see http://www.php.net/manual/en/features.file-upload.errors.php)
- media_doError(_ERROR_BADREQUEST . ' (' . $fileerror . ')');
- }
-
- if ($filesize > $CONF['MaxUploadSize'])
- media_doError(_ERROR_FILE_TOO_BIG);
-
- // check file type against allowed types
- $ok = 0;
- $allowedtypes = explode (',', $CONF['AllowedTypes']);
- foreach ( $allowedtypes as $type )
- if (eregi("\." .$type. "$",$filename)) $ok = 1;
- if (!$ok) media_doError(_ERROR_BADFILETYPE);
-
- if (!is_uploaded_file($filetempname))
- media_doError(_ERROR_BADREQUEST);
-
- // prefix filename with current date (YYYY-MM-DD-)
- // this to avoid nameclashes
- if ($CONF['MediaPrefix'])
- $filename = strftime("%Y%m%d-", time()) . $filename;
-
- $collection = requestVar('collection');
- $res = MEDIA::addMediaObject($collection, $filetempname, $filename);
-
- if ($res != '')
- media_doError($res);
-
- // shows updated list afterwards
- media_select();
-}
-
-function media_loginAndPassThrough() {
- media_head();
- ?>
- <h1><?php echo _LOGIN_PLEASE?></h1>
-
- <form method="post" action="media.php">
- <div>
- <input name="action" value="login" type="hidden" />
- <input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" />
- <?php echo _LOGINFORM_NAME?>: <input name="login" />
- <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" />
- <br /><input type="submit" value="<?php echo _LOGIN?>" />
- </div>
- </form>
- <p><a href="media.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p>
- <?php media_foot();
- exit;
-}
-
-function media_doError($msg) {
- media_head();
- ?>
- <h1><?php echo _ERROR?></h1>
- <p><?php echo $msg?></p>
- <p><a href="media.php" onclick="history.back()"><?php echo _BACK?></a></p>
- <?php media_foot();
- exit;
-}
-
-
-function media_head() {
-?>
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
- <head>
- <meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />
- <title>Nucleus Media</title>
- <link rel="stylesheet" type="text/css" href="styles/popups.css" />
- <script type="text/javascript">
- var type = 0;
- function setType(val) { type = val; }
-
- function chooseImage(collection, filename, width, height) {
- window.opener.focus();
- window.opener.includeImage(collection,
- filename,
- type == 0 ? 'inline' : 'popup',
- width,
- height
- );
- window.close();
- }
-
- function chooseOther(collection, filename) {
- window.opener.focus();
- window.opener.includeOtherMedia(collection, filename);
- window.close();
-
- }
- </script>
- </head>
- <body>
-<?php }
-
-function media_foot() {
-?>
- </body>
- </html>
-<?php }
-
-?>
+$CONF = array();\r
+\r
+// defines how much media items will be shown per page. You can override this\r
+// in config.php if you like. (changing it in config.php instead of here will\r
+// allow your settings to be kept even after a Nucleus upgrade)\r
+$CONF['MediaPerPage'] = 10;\r
+\r
+// include all classes and config data\r
+require('../config.php');\r
+include($DIR_LIBS . 'MEDIA.php'); // media classes\r
+\r
+sendContentType('application/xhtml+xml', 'media');\r
+\r
+// user needs to be logged in to use this\r
+if (!$member->isLoggedIn()) {\r
+ media_loginAndPassThrough();\r
+ exit;\r
+}\r
+\r
+// check if member is on at least one teamlist\r
+$query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();\r
+$teams = mysql_query($query);\r
+if (mysql_num_rows($teams) == 0)\r
+ media_doError(_ERROR_DISALLOWEDUPLOAD);\r
+\r
+// get action\r
+$action = requestVar('action');\r
+if ($action == '')\r
+ $action = 'selectmedia';\r
+\r
+// check ticket\r
+$aActionsNotToCheck = array('selectmedia', _MEDIA_FILTER_APPLY, _MEDIA_COLLECTION_SELECT);\r
+if (!in_array($action, $aActionsNotToCheck))\r
+{\r
+ if (!$manager->checkTicket())\r
+ media_doError(_ERROR_BADTICKET);\r
+}\r
+\r
+\r
+switch($action) {\r
+ case 'chooseupload':\r
+ case _MEDIA_UPLOAD_TO:\r
+ case _MEDIA_UPLOAD_NEW:\r
+ if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {\r
+ media_doError(_ERROR_DISALLOWED);\r
+ } else {\r
+ media_choose();\r
+ }\r
+ break;\r
+ case 'uploadfile':\r
+ if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {\r
+ media_doError(_ERROR_DISALLOWED);\r
+ } else {\r
+ media_upload();\r
+ }\r
+ break;\r
+ case _MEDIA_FILTER_APPLY:\r
+ case 'selectmedia':\r
+ case _MEDIA_COLLECTION_SELECT:\r
+ default:\r
+ media_select();\r
+ break;\r
+}\r
+\r
+// select a file\r
+function media_select() {\r
+ global $member, $CONF, $DIR_MEDIA, $manager;\r
+\r
+ // show 10 files + navigation buttons\r
+ // show msg when no files\r
+ // show upload form\r
+ // files sorted according to last modification date\r
+\r
+ // currently selected collection\r
+ $currentCollection = requestVar('collection');\r
+ if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection))\r
+ $currentCollection = $member->getID();\r
+\r
+ // avoid directory travarsal and accessing invalid directory\r
+ if (!MEDIA::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED);\r
+\r
+ media_head();\r
+\r
+ // get collection list\r
+ $collections = MEDIA::getCollectionList();\r
+\r
+ if (sizeof($collections) > 1) {\r
+ ?>\r
+ <form method="post" action="media.php"><div>\r
+ <label for="media_collection"><?php echo htmlspecialchars(_MEDIA_COLLECTION_LABEL)?></label>\r
+ <select name="collection" id="media_collection">\r
+ <?php foreach ($collections as $dirname => $description) {\r
+ echo '<option value="',htmlspecialchars($dirname),'"';\r
+ if ($dirname == $currentCollection) {\r
+ echo ' selected="selected"';\r
+ }\r
+ echo '>',htmlspecialchars($description),'</option>';\r
+ }\r
+ ?>\r
+ </select>\r
+ <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo htmlspecialchars(_MEDIA_COLLECTION_TT)?>" />\r
+ <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_TO) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />\r
+ <?php $manager->addTicketHidden() ?>\r
+ </div></form>\r
+ <?php } else {\r
+ ?>\r
+ <form method="post" action="media.php" style="float:right"><div>\r
+ <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />\r
+ <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />\r
+ <?php $manager->addTicketHidden() ?>\r
+ </div></form>\r
+ <?php } // if sizeof\r
+\r
+ $filter = requestVar('filter');\r
+ $offset = intRequestVar('offset');\r
+ $arr = MEDIA::getMediaListByCollection($currentCollection, $filter);\r
+\r
+ ?>\r
+ <form method="post" action="media.php"><div>\r
+ <label for="media_filter"><?php echo htmlspecialchars(_MEDIA_FILTER_LABEL)?></label>\r
+ <input id="media_filter" type="text" name="filter" value="<?php echo htmlspecialchars($filter)?>" />\r
+ <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_FILTER_APPLY) ?>" />\r
+ <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />\r
+ <input type="hidden" name="offset" value="<?php echo intval($offset)?>" />\r
+ </div></form>\r
+\r
+ <?php\r
+\r
+ ?>\r
+ <table width="100%">\r
+ <caption><?php echo _MEDIA_COLLECTION_LABEL . htmlspecialchars($collections[$currentCollection])?></caption>\r
+ <tr>\r
+ <th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th>\r
+ </tr>\r
+\r
+ <?php\r
+\r
+ if (sizeof($arr)>0) {\r
+\r
+ if (($offset + $CONF['MediaPerPage']) >= sizeof($arr))\r
+ $offset = sizeof($arr) - $CONF['MediaPerPage'];\r
+\r
+ if ($offset < 0) $offset = 0;\r
+\r
+ $idxStart = $offset;\r
+ $idxEnd = $offset + $CONF['MediaPerPage'];\r
+ $idxNext = $idxEnd;\r
+ $idxPrev = $idxStart - $CONF['MediaPerPage'];\r
+\r
+ if ($idxPrev < 0) $idxPrev = 0;\r
+\r
+ if ($idxEnd > sizeof($arr))\r
+ $idxEnd = sizeof($arr);\r
+\r
+ for($i=$idxStart;$i<$idxEnd;$i++) {\r
+ $obj = $arr[$i];\r
+ $filename = $DIR_MEDIA . $currentCollection . '/' . $obj->filename;\r
+\r
+ $old_level = error_reporting(0);\r
+ $size = @GetImageSize($filename);\r
+ error_reporting($old_level);\r
+ $width = $size[0];\r
+ $height = $size[1];\r
+ $filetype = $size[2];\r
+\r
+ echo "<tr>";\r
+ echo "<td>". date("Y-m-d",$obj->timestamp) ."</td>";\r
+\r
+ // strings for javascript\r
+ $jsCurrentCollection = str_replace("'","\\'",$currentCollection);\r
+ $jsFileName = str_replace("'","\\'",$obj->filename);\r
+\r
+ if ($filetype != 0) {\r
+ // image (gif/jpg/png/swf)\r
+ echo "<td><a href=\"media.php\" onclick=\"chooseImage('", htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "',"\r
+ . "'", htmlspecialchars($width), "','" , htmlspecialchars($height), "'"\r
+ . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"\r
+ . htmlspecialchars(shorten($obj->filename,25,'...'))\r
+ ."</a>";\r
+ echo ' (<a href="', htmlspecialchars($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',htmlspecialchars(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)';\r
+ echo "</td>";\r
+ } else {\r
+ // no image (e.g. mpg)\r
+ echo "<td><a href='media.php' onclick=\"chooseOther('" , htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'"\r
+ . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"\r
+ . htmlspecialchars(shorten($obj->filename,30,'...'))\r
+ ."</a></td>";\r
+\r
+ }\r
+ echo '<td>' , htmlspecialchars($width) , 'x' , htmlspecialchars($height) , '</td>';\r
+ echo '</tr>';\r
+ }\r
+ } // if (sizeof($arr)>0)\r
+ ?>\r
+\r
+ </table>\r
+ <?php\r
+ if ($idxStart > 0)\r
+ echo "<a href='media.php?offset=$idxPrev&collection=".urlencode($currentCollection)."'>". _LISTS_PREV."</a> ";\r
+ if ($idxEnd < sizeof($arr))\r
+ echo "<a href='media.php?offset=$idxNext&collection=".urlencode($currentCollection)."'>". _LISTS_NEXT."</a> ";\r
+\r
+ ?>\r
+ <input id="typeradio0" type="radio" name="typeradio" onclick="setType(0);" checked="checked" /><label for="typeradio0"><?php echo _MEDIA_INLINE?></label>\r
+ <input id="typeradio1" type="radio" name="typeradio" onclick="setType(1);" /><label for="typeradio1"><?php echo _MEDIA_POPUP?></label>\r
+ <?php\r
+ media_foot();\r
+\r
+\r
+}\r
+\r
+/**\r
+ * Shows a screen where you can select the file to upload\r
+ */\r
+function media_choose() {\r
+ global $CONF, $member, $manager;\r
+\r
+ $currentCollection = requestVar('collection');\r
+\r
+ $collections = MEDIA::getCollectionList();\r
+\r
+ media_head();\r
+ ?>\r
+ <h1><?php echo _UPLOAD_TITLE?></h1>\r
+\r
+ <p><?php echo _UPLOAD_MSG?></p>\r
+\r
+ <form method="post" enctype="multipart/form-data" action="media.php">\r
+ <div>\r
+ <input type="hidden" name="action" value="uploadfile" />\r
+ <?php $manager->addTicketHidden() ?>\r
+ <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" />\r
+ File:\r
+ <br />\r
+ <input name="uploadfile" type="file" size="40" />\r
+ <?php if (sizeof($collections) > 1) {\r
+ ?>\r
+ <br /><br /><label for="upload_collection">Collection:</label>\r
+ <br /><select name="collection" id="upload_collection">\r
+ <?php foreach ($collections as $dirname => $description) {\r
+ echo '<option value="',htmlspecialchars($dirname),'"';\r
+ if ($dirname == $currentCollection) {\r
+ echo ' selected="selected"';\r
+ }\r
+ echo '>',htmlspecialchars($description),'</option>';\r
+ }\r
+ ?>\r
+ </select>\r
+ <?php } else {\r
+ ?>\r
+ <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection'))?>" />\r
+ <?php } // if sizeof\r
+ ?>\r
+ <br /><br />\r
+ <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" />\r
+ </div>\r
+ </form>\r
+\r
+ <?php\r
+ media_foot();\r
+}\r
+\r
+\r
+/**\r
+ * accepts a file for upload\r
+ */\r
+function media_upload() {\r
+ global $DIR_MEDIA, $member, $CONF;\r
+\r
+ $uploadInfo = postFileInfo('uploadfile');\r
+\r
+ $filename = $uploadInfo['name'];\r
+ $filetype = $uploadInfo['type'];\r
+ $filesize = $uploadInfo['size'];\r
+ $filetempname = $uploadInfo['tmp_name'];\r
+ $fileerror = intval($uploadInfo['error']);\r
+ \r
+ switch ($fileerror)\r
+ {\r
+ case 0: // = UPLOAD_ERR_OK\r
+ break;\r
+ case 1: // = UPLOAD_ERR_INI_SIZE\r
+ case 2: // = UPLOAD_ERR_FORM_SIZE\r
+ media_doError(_ERROR_FILE_TOO_BIG);\r
+ case 3: // = UPLOAD_ERR_PARTIAL\r
+ case 4: // = UPLOAD_ERR_NO_FILE\r
+ case 6: // = UPLOAD_ERR_NO_TMP_DIR\r
+ case 7: // = UPLOAD_ERR_CANT_WRITE\r
+ default:\r
+ // include error code for debugging\r
+ // (see http://www.php.net/manual/en/features.file-upload.errors.php)\r
+ media_doError(_ERROR_BADREQUEST . ' (' . $fileerror . ')');\r
+ }\r
+\r
+ if ($filesize > $CONF['MaxUploadSize'])\r
+ media_doError(_ERROR_FILE_TOO_BIG);\r
+\r
+ // check file type against allowed types\r
+ $ok = 0;\r
+ $allowedtypes = explode (',', $CONF['AllowedTypes']);\r
+ foreach ( $allowedtypes as $type )\r
+ if (eregi("\." .$type. "$",$filename)) $ok = 1;\r
+ if (!$ok) media_doError(_ERROR_BADFILETYPE);\r
+\r
+ if (!is_uploaded_file($filetempname))\r
+ media_doError(_ERROR_BADREQUEST);\r
+\r
+ // prefix filename with current date (YYYY-MM-DD-)\r
+ // this to avoid nameclashes\r
+ if ($CONF['MediaPrefix'])\r
+ $filename = strftime("%Y%m%d-", time()) . $filename;\r
+\r
+ $collection = requestVar('collection');\r
+ $res = MEDIA::addMediaObject($collection, $filetempname, $filename);\r
+\r
+ if ($res != '')\r
+ media_doError($res);\r
+\r
+ // shows updated list afterwards\r
+ media_select();\r
+}\r
+\r
+function media_loginAndPassThrough() {\r
+ media_head();\r
+ ?>\r
+ <h1><?php echo _LOGIN_PLEASE?></h1>\r
+\r
+ <form method="post" action="media.php">\r
+ <div>\r
+ <input name="action" value="login" type="hidden" />\r
+ <input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" />\r
+ <?php echo _LOGINFORM_NAME?>: <input name="login" />\r
+ <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" />\r
+ <br /><input type="submit" value="<?php echo _LOGIN?>" />\r
+ </div>\r
+ </form>\r
+ <p><a href="media.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p>\r
+ <?php media_foot();\r
+ exit;\r
+}\r
+\r
+function media_doError($msg) {\r
+ media_head();\r
+ ?>\r
+ <h1><?php echo _ERROR?></h1>\r
+ <p><?php echo $msg?></p>\r
+ <p><a href="media.php" onclick="history.back()"><?php echo _BACK?></a></p>\r
+ <?php media_foot();\r
+ exit;\r
+}\r
+\r
+\r
+function media_head() {\r
+?>\r
+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\r
+ <html xmlns="http://www.w3.org/1999/xhtml">\r
+ <head>\r
+ <meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />\r
+ <title>Nucleus Media</title>\r
+ <link rel="stylesheet" type="text/css" href="styles/popups.css" />\r
+ <script type="text/javascript">\r
+ var type = 0;\r
+ function setType(val) { type = val; }\r
+\r
+ function chooseImage(collection, filename, width, height) {\r
+ window.opener.focus();\r
+ window.opener.includeImage(collection,\r
+ filename,\r
+ type == 0 ? 'inline' : 'popup',\r
+ width,\r
+ height\r
+ );\r
+ window.close();\r
+ }\r
+\r
+ function chooseOther(collection, filename) {\r
+ window.opener.focus();\r
+ window.opener.includeOtherMedia(collection, filename);\r
+ window.close();\r
+\r
+ }\r
+ </script>\r
+ </head>\r
+ <body>\r
+<?php }\r
+\r
+function media_foot() {\r
+?>\r
+ </body>\r
+ </html>\r
+<?php }\r
+\r
+?>\r