3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
4 * Copyright (C) 2002-2009 The Nucleus Group
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
10 * (see nucleus/documentation/index.html#license for more info)
13 * Media popup window for Nucleus
16 * - can be openen from an add-item form or bookmarklet popup
17 * - shows a list of recent files, allowing browsing, search and
19 * - close the popup by selecting a file in the list. The file gets
20 * passed through to the add-item form (linkto, popupimg or inline img)
22 * @license http://nucleuscms.org/license.txt GNU General Public License
23 * @copyright Copyright (C) 2002-2009 The Nucleus Group
25 * $NucleusJP: media.php,v 1.8.2.1 2007/09/07 07:36:44 kimitake Exp $
31 // defines how much media items will be shown per page. You can override this
\r
32 // in config.php if you like. (changing it in config.php instead of here will
\r
33 // allow your settings to be kept even after a Nucleus upgrade)
\r
34 $CONF['MediaPerPage'] = 10;
\r
36 // include all classes and config data
\r
37 require('../config.php');
\r
38 include($DIR_LIBS . 'MEDIA.php'); // media classes
\r
40 sendContentType('application/xhtml+xml', 'media');
\r
42 // user needs to be logged in to use this
\r
43 if (!$member->isLoggedIn()) {
\r
44 media_loginAndPassThrough();
\r
48 // check if member is on at least one teamlist
\r
49 $query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();
\r
50 $teams = mysql_query($query);
\r
51 if (mysql_num_rows($teams) == 0)
\r
52 media_doError(_ERROR_DISALLOWEDUPLOAD);
\r
55 $action = requestVar('action');
\r
57 $action = 'selectmedia';
\r
60 $aActionsNotToCheck = array('selectmedia', _MEDIA_FILTER_APPLY, _MEDIA_COLLECTION_SELECT);
\r
61 if (!in_array($action, $aActionsNotToCheck))
\r
63 if (!$manager->checkTicket())
\r
64 media_doError(_ERROR_BADTICKET);
\r
69 case 'chooseupload':
\r
70 case _MEDIA_UPLOAD_TO:
\r
71 case _MEDIA_UPLOAD_NEW:
\r
72 if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {
\r
73 media_doError(_ERROR_DISALLOWED);
\r
79 if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {
\r
80 media_doError(_ERROR_DISALLOWED);
\r
85 case _MEDIA_FILTER_APPLY:
\r
87 case _MEDIA_COLLECTION_SELECT:
\r
94 function media_select() {
\r
95 global $member, $CONF, $DIR_MEDIA, $manager;
\r
97 // show 10 files + navigation buttons
\r
98 // show msg when no files
\r
100 // files sorted according to last modification date
\r
102 // currently selected collection
\r
103 $currentCollection = requestVar('collection');
\r
104 if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection))
\r
105 $currentCollection = $member->getID();
\r
107 // avoid directory travarsal and accessing invalid directory
\r
108 if (!MEDIA::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED);
\r
112 // get collection list
\r
113 $collections = MEDIA::getCollectionList();
\r
115 if (sizeof($collections) > 1) {
\r
117 <form method="post" action="media.php"><div>
\r
118 <label for="media_collection"><?php echo htmlspecialchars(_MEDIA_COLLECTION_LABEL)?></label>
\r
119 <select name="collection" id="media_collection">
\r
120 <?php foreach ($collections as $dirname => $description) {
\r
121 echo '<option value="',htmlspecialchars($dirname),'"';
\r
122 if ($dirname == $currentCollection) {
\r
123 echo ' selected="selected"';
\r
125 echo '>',htmlspecialchars($description),'</option>';
\r
129 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo htmlspecialchars(_MEDIA_COLLECTION_TT)?>" />
\r
130 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_TO) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />
\r
131 <?php $manager->addTicketHidden() ?>
\r
135 <form method="post" action="media.php" style="float:right"><div>
\r
136 <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />
\r
137 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />
\r
138 <?php $manager->addTicketHidden() ?>
\r
140 <?php } // if sizeof
\r
142 $filter = requestVar('filter');
\r
143 $offset = intRequestVar('offset');
\r
144 $arr = MEDIA::getMediaListByCollection($currentCollection, $filter);
\r
147 <form method="post" action="media.php"><div>
\r
148 <label for="media_filter"><?php echo htmlspecialchars(_MEDIA_FILTER_LABEL)?></label>
\r
149 <input id="media_filter" type="text" name="filter" value="<?php echo htmlspecialchars($filter)?>" />
\r
150 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_FILTER_APPLY) ?>" />
\r
151 <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />
\r
152 <input type="hidden" name="offset" value="<?php echo intval($offset)?>" />
\r
158 <table width="100%">
\r
159 <caption><?php echo _MEDIA_COLLECTION_LABEL . htmlspecialchars($collections[$currentCollection])?></caption>
\r
161 <th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th>
\r
166 if (sizeof($arr)>0) {
\r
168 if (($offset + $CONF['MediaPerPage']) >= sizeof($arr))
\r
169 $offset = sizeof($arr) - $CONF['MediaPerPage'];
\r
171 if ($offset < 0) $offset = 0;
\r
173 $idxStart = $offset;
\r
174 $idxEnd = $offset + $CONF['MediaPerPage'];
\r
175 $idxNext = $idxEnd;
\r
176 $idxPrev = $idxStart - $CONF['MediaPerPage'];
\r
178 if ($idxPrev < 0) $idxPrev = 0;
\r
180 if ($idxEnd > sizeof($arr))
\r
181 $idxEnd = sizeof($arr);
\r
183 for($i=$idxStart;$i<$idxEnd;$i++) {
\r
185 $filename = $DIR_MEDIA . $currentCollection . '/' . $obj->filename;
\r
187 $old_level = error_reporting(0);
\r
188 $size = @GetImageSize($filename);
\r
189 error_reporting($old_level);
\r
191 $height = $size[1];
\r
192 $filetype = $size[2];
\r
195 echo "<td>". date("Y-m-d",$obj->timestamp) ."</td>";
\r
197 // strings for javascript
\r
198 $jsCurrentCollection = str_replace("'","\\'",$currentCollection);
\r
199 $jsFileName = str_replace("'","\\'",$obj->filename);
\r
201 if ($filetype != 0) {
\r
202 // image (gif/jpg/png/swf)
\r
203 echo "<td><a href=\"media.php\" onclick=\"chooseImage('", htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "',"
\r
204 . "'", htmlspecialchars($width), "','" , htmlspecialchars($height), "'"
\r
205 . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"
\r
206 . htmlspecialchars(shorten($obj->filename,25,'...'))
\r
208 echo ' (<a href="', htmlspecialchars($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',htmlspecialchars(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)';
\r
211 // no image (e.g. mpg)
\r
212 echo "<td><a href='media.php' onclick=\"chooseOther('" , htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'"
\r
213 . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"
\r
214 . htmlspecialchars(shorten($obj->filename,30,'...'))
\r
218 echo '<td>' , htmlspecialchars($width) , 'x' , htmlspecialchars($height) , '</td>';
\r
221 } // if (sizeof($arr)>0)
\r
227 echo "<a href='media.php?offset=$idxPrev&collection=".urlencode($currentCollection)."'>". _LISTS_PREV."</a> ";
\r
228 if ($idxEnd < sizeof($arr))
\r
229 echo "<a href='media.php?offset=$idxNext&collection=".urlencode($currentCollection)."'>". _LISTS_NEXT."</a> ";
\r
232 <input id="typeradio0" type="radio" name="typeradio" onclick="setType(0);" checked="checked" /><label for="typeradio0"><?php echo _MEDIA_INLINE?></label>
\r
233 <input id="typeradio1" type="radio" name="typeradio" onclick="setType(1);" /><label for="typeradio1"><?php echo _MEDIA_POPUP?></label>
\r
241 * Shows a screen where you can select the file to upload
\r
243 function media_choose() {
\r
244 global $CONF, $member, $manager;
\r
246 $currentCollection = requestVar('collection');
\r
248 $collections = MEDIA::getCollectionList();
\r
252 <h1><?php echo _UPLOAD_TITLE?></h1>
\r
254 <p><?php echo _UPLOAD_MSG?></p>
\r
256 <form method="post" enctype="multipart/form-data" action="media.php">
\r
258 <input type="hidden" name="action" value="uploadfile" />
\r
259 <?php $manager->addTicketHidden() ?>
\r
260 <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" />
\r
263 <input name="uploadfile" type="file" size="40" />
\r
264 <?php if (sizeof($collections) > 1) {
\r
266 <br /><br /><label for="upload_collection">Collection:</label>
\r
267 <br /><select name="collection" id="upload_collection">
\r
268 <?php foreach ($collections as $dirname => $description) {
\r
269 echo '<option value="',htmlspecialchars($dirname),'"';
\r
270 if ($dirname == $currentCollection) {
\r
271 echo ' selected="selected"';
\r
273 echo '>',htmlspecialchars($description),'</option>';
\r
279 <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection'))?>" />
\r
280 <?php } // if sizeof
\r
283 <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" />
\r
293 * accepts a file for upload
\r
295 function media_upload() {
\r
296 global $DIR_MEDIA, $member, $CONF;
\r
298 $uploadInfo = postFileInfo('uploadfile');
\r
300 $filename = $uploadInfo['name'];
\r
301 $filetype = $uploadInfo['type'];
\r
302 $filesize = $uploadInfo['size'];
\r
303 $filetempname = $uploadInfo['tmp_name'];
\r
304 $fileerror = intval($uploadInfo['error']);
\r
306 switch ($fileerror)
\r
308 case 0: // = UPLOAD_ERR_OK
\r
310 case 1: // = UPLOAD_ERR_INI_SIZE
\r
311 case 2: // = UPLOAD_ERR_FORM_SIZE
\r
312 media_doError(_ERROR_FILE_TOO_BIG);
\r
313 case 3: // = UPLOAD_ERR_PARTIAL
\r
314 case 4: // = UPLOAD_ERR_NO_FILE
\r
315 case 6: // = UPLOAD_ERR_NO_TMP_DIR
\r
316 case 7: // = UPLOAD_ERR_CANT_WRITE
\r
318 // include error code for debugging
\r
319 // (see http://www.php.net/manual/en/features.file-upload.errors.php)
\r
320 media_doError(_ERROR_BADREQUEST . ' (' . $fileerror . ')');
\r
323 if ($filesize > $CONF['MaxUploadSize'])
\r
324 media_doError(_ERROR_FILE_TOO_BIG);
\r
326 // check file type against allowed types
\r
328 $allowedtypes = explode (',', $CONF['AllowedTypes']);
\r
329 foreach ( $allowedtypes as $type )
\r
330 if (eregi("\." .$type. "$",$filename)) $ok = 1;
\r
331 if (!$ok) media_doError(_ERROR_BADFILETYPE);
\r
333 if (!is_uploaded_file($filetempname))
\r
334 media_doError(_ERROR_BADREQUEST);
\r
336 // prefix filename with current date (YYYY-MM-DD-)
\r
337 // this to avoid nameclashes
\r
338 if ($CONF['MediaPrefix'])
\r
339 $filename = strftime("%Y%m%d-", time()) . $filename;
\r
341 $collection = requestVar('collection');
\r
342 $res = MEDIA::addMediaObject($collection, $filetempname, $filename);
\r
345 media_doError($res);
\r
347 // shows updated list afterwards
\r
351 function media_loginAndPassThrough() {
\r
354 <h1><?php echo _LOGIN_PLEASE?></h1>
\r
356 <form method="post" action="media.php">
\r
358 <input name="action" value="login" type="hidden" />
\r
359 <input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" />
\r
360 <?php echo _LOGINFORM_NAME?>: <input name="login" />
\r
361 <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" />
\r
362 <br /><input type="submit" value="<?php echo _LOGIN?>" />
\r
365 <p><a href="media.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p>
\r
366 <?php media_foot();
\r
370 function media_doError($msg) {
\r
373 <h1><?php echo _ERROR?></h1>
\r
374 <p><?php echo $msg?></p>
\r
375 <p><a href="media.php" onclick="history.back()"><?php echo _BACK?></a></p>
\r
376 <?php media_foot();
\r
381 function media_head() {
\r
383 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
\r
384 <html <?php echo _HTML_XML_NAME_SPACE_AND_LANG_CODE; ?>>
\r
386 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />
\r
387 <title>Nucleus Media</title>
\r
388 <link rel="stylesheet" type="text/css" href="styles/popups.css" />
\r
389 <script type="text/javascript">
\r
391 function setType(val) { type = val; }
\r
393 function chooseImage(collection, filename, width, height) {
\r
394 window.opener.focus();
\r
395 window.opener.includeImage(collection,
\r
397 type == 0 ? 'inline' : 'popup',
\r
404 function chooseOther(collection, filename) {
\r
405 window.opener.focus();
\r
406 window.opener.includeOtherMedia(collection, filename);
\r
415 function media_foot() {
\r