-<?php\r
-/**\r
- * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) \r
- * Copyright (C) 2002-2004 The Nucleus Group\r
- *\r
- * This program is free software; you can redistribute it and/or\r
- * modify it under the terms of the GNU General Public License\r
- * as published by the Free Software Foundation; either version 2\r
- * of the License, or (at your option) any later version.\r
- * (see nucleus/documentation/index.html#license for more info)\r
- *\r
- * Media popup window for Nucleus\r
- *\r
- * Purpose:\r
- * - can be openen from an add-item form or bookmarklet popup\r
- * - shows a list of recent files, allowing browsing, search and \r
- * upload of new files\r
- * - close the popup by selecting a file in the list. The file gets\r
- * passed through to the add-item form (linkto, popupimg or inline img)\r
- */\r
- \r
-$CONF = array();\r
-\r
-// defines how much media items will be shown per page. You can override this\r
-// in config.php if you like. (changing it in config.php instead of here will\r
-// allow your settings to be kept even after a Nucleus upgrade)\r
-$CONF['MediaPerPage'] = 10;\r
-\r
-// include all classes and config data\r
-include('../config.php');\r
-include($DIR_LIBS . 'MEDIA.php'); // media classes\r
-\r
-sendContentType('application/xhtml+xml', 'media');\r
-\r
-// user needs to be logged in to use this\r
-if (!$member->isLoggedIn()) {\r
- media_loginAndPassThrough();\r
- exit;\r
-}\r
-\r
-// check if member is on at least one teamlist\r
-$query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();\r
-$teams = mysql_query($query);\r
-if (mysql_num_rows($teams) == 0)\r
- media_doError(_ERROR_DISALLOWEDUPLOAD);\r
- \r
-// basic action:\r
-$action = requestVar('action');\r
-switch($action) {\r
- case 'chooseupload':\r
- case _MEDIA_UPLOAD_TO:\r
- case _MEDIA_UPLOAD_NEW:\r
- media_choose();\r
- break;\r
- case 'uploadfile':\r
- media_upload();\r
- break;\r
- case _MEDIA_FILTER_APPLY:\r
- case 'selectmedia':\r
- case _MEDIA_COLLECTION_SELECT:\r
- default:\r
- media_select();\r
- break;\r
-}\r
-\r
-// select a file\r
-function media_select() {\r
- global $member, $CONF, $DIR_MEDIA;\r
- \r
- media_head();\r
- \r
- // show 10 files + navigation buttons \r
- // show msg when no files\r
- // show upload form\r
- // files sorted according to last modification date\r
-\r
- // currently selected collection\r
- $currentCollection = requestVar('collection');\r
- if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection))\r
- $currentCollection = $member->getID();\r
- \r
- \r
- // get collection list\r
- $collections = MEDIA::getCollectionList();\r
-\r
- if (sizeof($collections) > 1) {\r
- ?>\r
- <form method="post" action="media.php"><div>\r
- <label for="media_collection"><?php echo htmlspecialchars(_MEDIA_COLLECTION_LABEL)?></label>\r
- <select name="collection" id="media_collection">\r
- <?php foreach ($collections as $dirname => $description) {\r
- echo '<option value="',htmlspecialchars($dirname),'"';\r
- if ($dirname == $currentCollection) {\r
- echo ' selected="selected"';\r
- }\r
- echo '>',htmlspecialchars($description),'</option>';\r
- }\r
- ?>\r
- </select>\r
- <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo htmlspecialchars(_MEDIA_COLLECTION_TT)?>" />\r
- <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_TO) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />\r
- </div></form>\r
- <?php } else {\r
- ?>\r
- <form method="post" action="media.php" style="float:right"><div>\r
- <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />\r
- <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />\r
- </div></form> \r
- <?php } // if sizeof\r
- \r
- $filter = requestVar('filter'); \r
- $offset = intRequestVar('offset'); \r
- $arr = MEDIA::getMediaListByCollection($currentCollection, $filter);\r
-\r
- ?>\r
- <form method="post" action="media.php"><div>\r
- <label for="media_filter"><?php echo htmlspecialchars(_MEDIA_FILTER_LABEL)?></label>\r
- <input id="media_filter" type="text" name="filter" value="<?php echo htmlspecialchars($filter)?>" />\r
- <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_FILTER_APPLY) ?>" />\r
- <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" /> \r
- <input type="hidden" name="offset" value="<?php echo intval($offset)?>" /> \r
- </div></form> \r
- \r
- <?php\r
- \r
- ?> \r
- <table width="100%">\r
- <caption><?php echo _MEDIA_COLLECTION_LABEL . htmlspecialchars($collections[$currentCollection])?></caption>\r
- <tr>\r
- <th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th>\r
- </tr>\r
- \r
- <?php \r
- \r
- if (sizeof($arr)>0) {\r
- \r
- if (($offset + $CONF['MediaPerPage']) >= sizeof($arr))\r
- $offset = sizeof($arr) - $CONF['MediaPerPage'];\r
-\r
- if ($offset < 0) $offset = 0;\r
- \r
- $idxStart = $offset;\r
- $idxEnd = $offset + $CONF['MediaPerPage'];\r
- $idxNext = $idxEnd;\r
- $idxPrev = $idxStart - $CONF['MediaPerPage'];\r
-\r
- if ($idxPrev < 0) $idxPrev = 0;\r
-\r
- if ($idxEnd > sizeof($arr))\r
- $idxEnd = sizeof($arr);\r
-\r
- for($i=$idxStart;$i<$idxEnd;$i++) {\r
- $obj = $arr[$i];\r
- $filename = $DIR_MEDIA . $currentCollection . '/' . $obj->filename;\r
-\r
- $old_level = error_reporting(0);\r
- $size = @GetImageSize($filename); \r
- error_reporting($old_level);\r
- $width = $size[0];\r
- $height = $size[1];\r
- $filetype = $size[2];\r
- \r
- echo "<tr>";\r
- echo "<td>". date("Y-m-d",$obj->timestamp) ."</td>";\r
-\r
- if ($filetype != 0) {\r
- // image (gif/jpg/png/swf)\r
- echo "<td><a href='media.php' onclick='chooseImage(\"$currentCollection\",\"$obj->filename\","\r
- . "\"$width\",\"$height\""\r
- . ")' title='" . htmlspecialchars($obj->filename). "'>"\r
- . htmlspecialchars(shorten($obj->filename,25,'...'))\r
- ."</a>";\r
- echo ' (<a href="', htmlspecialchars($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',htmlspecialchars(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)';\r
- echo "</td>";\r
- } else {\r
- // no image (e.g. mpg)\r
- echo "<td><a href='media.php' onclick='chooseOther(\"$currentCollection\",\"$obj->filename\""\r
- . ")' title='" . htmlspecialchars($obj->filename). "'>"\r
- . htmlspecialchars(shorten($obj->filename,30,'...'))\r
- ."</a></td>";\r
-\r
- }\r
- echo '<td>' , $width , 'x' , $height , '</td>';\r
- echo '</tr>';\r
- }\r
- } // if (sizeof($arr)>0)\r
- ?>\r
- \r
- </table>\r
- <?php \r
- if ($idxStart > 0)\r
- echo "<a href='media.php?offset=$idxPrev&collection=".urlencode($currentCollection)."'>". _LISTS_PREV."</a> ";\r
- if ($idxEnd < sizeof($arr))\r
- echo "<a href='media.php?offset=$idxNext&collection=".urlencode($currentCollection)."'>". _LISTS_NEXT."</a> ";\r
- \r
- ?>\r
- <input id="typeradio0" type="radio" name="typeradio" onclick="setType(0);" checked="checked" /><label for="typeradio0"><?php echo _MEDIA_INLINE?></label>\r
- <input id="typeradio1" type="radio" name="typeradio" onclick="setType(1);" /><label for="typeradio1"><?php echo _MEDIA_POPUP?></label>\r
- <?php \r
- media_foot();\r
- \r
- \r
-}\r
-\r
-/**\r
- * Shows a screen where you can select the file to upload\r
- */\r
-function media_choose() {\r
- global $CONF, $member;\r
-\r
- $currentCollection = requestVar('collection');\r
- \r
- $collections = MEDIA::getCollectionList();\r
-\r
- media_head();\r
- ?>\r
- <h1><?php echo _UPLOAD_TITLE?></h1>\r
- \r
- <p><?php echo _UPLOAD_MSG?></p>\r
- \r
- <form method="post" enctype="multipart/form-data" action="media.php">\r
- <div>\r
- <input type="hidden" name="action" value="uploadfile" />\r
- <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" />\r
- File:\r
- <br />\r
- <input name="uploadfile" type="file" size="40" />\r
- <?php if (sizeof($collections) > 1) {\r
- ?>\r
- <br /><br /><label for="upload_collection">Collection:</label>\r
- <br /><select name="collection" id="upload_collection">\r
- <?php foreach ($collections as $dirname => $description) {\r
- echo '<option value="',htmlspecialchars($dirname),'"';\r
- if ($dirname == $currentCollection) {\r
- echo ' selected="selected"';\r
- }\r
- echo '>',htmlspecialchars($description),'</option>';\r
- }\r
- ?>\r
- </select>\r
- <?php } else {\r
- ?>\r
- <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection'))?>" /> \r
- <?php } // if sizeof\r
- ?> \r
- <br /><br />\r
- <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" />\r
- </div>\r
- </form>\r
- \r
- <?php \r
- media_foot();\r
-}\r
-\r
-\r
-/**\r
- * accepts a file for upload\r
- */\r
-function media_upload() {\r
- global $DIR_MEDIA, $member, $CONF;\r
-\r
- $uploadInfo = postFileInfo('uploadfile');\r
- \r
- $filename = $uploadInfo['name'];\r
- $filetype = $uploadInfo['type'];\r
- $filesize = $uploadInfo['size'];\r
- $filetempname = $uploadInfo['tmp_name'];\r
- \r
- if ($filesize > $CONF['MaxUploadSize'])\r
- media_doError(_ERROR_FILE_TOO_BIG);\r
- \r
- // check file type against allowed types\r
- $ok = 0;\r
- $allowedtypes = explode (',', $CONF['AllowedTypes']);\r
- foreach ( $allowedtypes as $type ) \r
- if (eregi("\." .$type. "$",$filename)) $ok = 1; \r
- if (!$ok) media_doError(_ERROR_BADFILETYPE);\r
- \r
- if (!is_uploaded_file($filetempname)) \r
- media_doError(_ERROR_BADREQUEST);\r
-\r
- // prefix filename with current date (YYYY-MM-DD-)\r
- // this to avoid nameclashes\r
- if ($CONF['MediaPrefix'])\r
- $filename = strftime("%Y%m%d-", time()) . $filename;\r
-\r
- $collection = requestVar('collection');\r
- $res = MEDIA::addMediaObject($collection, $filetempname, $filename);\r
-\r
- if ($res != '') \r
- media_doError($res);\r
- \r
- // shows updated list afterwards\r
- media_select();\r
-}\r
-\r
-function media_loginAndPassThrough() {\r
- media_head();\r
- ?>\r
- <h1><?php echo _LOGIN_PLEASE?></h1>\r
- \r
- <form method="post" action="media.php">\r
- <div>\r
- <input name="action" value="login" type="hidden" />\r
- <input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" /> \r
- <?php echo _LOGINFORM_NAME?>: <input name="login" />\r
- <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" />\r
- <br /><input type="submit" value="<?php echo _LOGIN?>" />\r
- </div>\r
- </form>\r
- <p><a href="media.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p>\r
- <?php media_foot();\r
- exit;\r
-}\r
-\r
-function media_doError($msg) {\r
- media_head();\r
- ?>\r
- <h1><?php echo _ERROR?></h1>\r
- <p><?php echo $msg?></p>\r
- <p><a href="media.php" onclick="history.back()"><?php echo _BACK?></a></p>\r
- <?php media_foot();\r
- exit;\r
-}\r
-\r
-\r
-function media_head() {\r
-?>\r
- <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">\r
- <html xmlns="http://www.w3.org/1999/xhtml">\r
- <head>\r
- <meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />\r
- <title>Nucleus Media</title>\r
- <link rel="stylesheet" type="text/css" href="styles/popups.css" />\r
- <script type="text/javascript">\r
- var type = 0;\r
- function setType(val) { type = val; }\r
- \r
- function chooseImage(collection, filename, width, height) {\r
- window.opener.focus(); \r
- window.opener.includeImage(collection,\r
- filename, \r
- type == 0 ? 'inline' : 'popup',\r
- width,\r
- height\r
- );\r
- window.close();\r
- }\r
- \r
- function chooseOther(collection, filename) {\r
- window.opener.focus(); \r
- window.opener.includeOtherMedia(collection, filename);\r
- window.close();\r
- \r
- }\r
- </script>\r
- </head>\r
- <body> \r
-<?php }\r
-\r
-function media_foot() {\r
-?>\r
- </body>\r
- </html> \r
-<?php } \r
-\r
-?>\r
+<?php
+/*
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
+ * Copyright (C) 2002-2010 The Nucleus Group
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ * (see nucleus/documentation/index.html#license for more info)
+ */
+/**
+ * Media popup window for Nucleus
+ *
+ * Purpose:
+ * - can be openen from an add-item form or bookmarklet popup
+ * - shows a list of recent files, allowing browsing, search and
+ * upload of new files
+ * - close the popup by selecting a file in the list. The file gets
+ * passed through to the add-item form (linkto, popupimg or inline img)
+ *
+ * @license http://nucleuscms.org/license.txt GNU General Public License
+ * @copyright Copyright (C) 2002-2010 The Nucleus Group
+ * @version $Id$
+ * $NucleusJP: media.php,v 1.8.2.1 2007/09/07 07:36:44 kimitake Exp $
+ *
+ */
+
+$CONF = array();
+
+// defines how much media items will be shown per page. You can override this
+// in config.php if you like. (changing it in config.php instead of here will
+// allow your settings to be kept even after a Nucleus upgrade)
+$CONF['MediaPerPage'] = 10;
+
+// include all classes and config data
+$DIR_LIBS = '';
+require_once('../config.php');
+//include($DIR_LIBS . 'MEDIA.php'); // media classes
+include_libs('MEDIA.php',false,false);
+
+sendContentType('application/xhtml+xml', 'media');
+
+// user needs to be logged in to use this
+if (!$member->isLoggedIn()) {
+ media_loginAndPassThrough();
+ exit;
+}
+
+// check if member is on at least one teamlist
+$query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();
+$teams = sql_query($query);
+if (sql_num_rows($teams) == 0 && !$member->isAdmin())
+ media_doError(_ERROR_DISALLOWEDUPLOAD);
+
+// get action
+$action = requestVar('action');
+if ($action == '')
+ $action = 'selectmedia';
+
+// check ticket
+$aActionsNotToCheck = array('selectmedia', _MEDIA_FILTER_APPLY, _MEDIA_COLLECTION_SELECT);
+if (!in_array($action, $aActionsNotToCheck))
+{
+ if (!$manager->checkTicket())
+ media_doError(_ERROR_BADTICKET);
+}
+
+
+switch($action) {
+ case 'chooseupload':
+ case _MEDIA_UPLOAD_TO:
+ case _MEDIA_UPLOAD_NEW:
+ if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {
+ media_doError(_ERROR_DISALLOWED);
+ } else {
+ media_choose();
+ }
+ break;
+ case 'uploadfile':
+ if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {
+ media_doError(_ERROR_DISALLOWED);
+ } else {
+ media_upload();
+ }
+ break;
+ case _MEDIA_FILTER_APPLY:
+ case 'selectmedia':
+ case _MEDIA_COLLECTION_SELECT:
+ default:
+ media_select();
+ break;
+}
+
+// select a file
+function media_select() {
+ global $member, $CONF, $DIR_MEDIA, $manager;
+
+ // show 10 files + navigation buttons
+ // show msg when no files
+ // show upload form
+ // files sorted according to last modification date
+
+ // currently selected collection
+ $currentCollection = requestVar('collection');
+ if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection))
+ $currentCollection = $member->getID();
+
+ // avoid directory travarsal and accessing invalid directory
+ if (!MEDIA::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED);
+
+ media_head();
+
+ // get collection list
+ $collections = MEDIA::getCollectionList();
+
+ if (sizeof($collections) > 1) {
+ ?>
+ <form method="post" action="media.php"><div>
+ <label for="media_collection"><?php echo htmlspecialchars(_MEDIA_COLLECTION_LABEL)?></label>
+ <select name="collection" id="media_collection">
+ <?php foreach ($collections as $dirname => $description) {
+ echo '<option value="',htmlspecialchars($dirname),'"';
+ if ($dirname == $currentCollection) {
+ echo ' selected="selected"';
+ }
+ echo '>',htmlspecialchars($description),'</option>';
+ }
+ ?>
+ </select>
+ <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo htmlspecialchars(_MEDIA_COLLECTION_TT)?>" />
+ <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_TO) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />
+ <?php $manager->addTicketHidden() ?>
+ </div></form>
+ <?php } else {
+ ?>
+ <form method="post" action="media.php" style="float:right"><div>
+ <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />
+ <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />
+ <?php $manager->addTicketHidden() ?>
+ </div></form>
+ <?php } // if sizeof
+
+ $filter = requestVar('filter');
+ $offset = intRequestVar('offset');
+ $arr = MEDIA::getMediaListByCollection($currentCollection, $filter);
+
+ ?>
+ <form method="post" action="media.php"><div>
+ <label for="media_filter"><?php echo htmlspecialchars(_MEDIA_FILTER_LABEL)?></label>
+ <input id="media_filter" type="text" name="filter" value="<?php echo htmlspecialchars($filter)?>" />
+ <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_FILTER_APPLY) ?>" />
+ <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />
+ <input type="hidden" name="offset" value="<?php echo intval($offset)?>" />
+ </div></form>
+
+ <?php
+
+ ?>
+ <table width="100%">
+ <caption><?php echo _MEDIA_COLLECTION_LABEL . htmlspecialchars($collections[$currentCollection])?></caption>
+ <tr>
+ <th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th>
+ </tr>
+
+ <?php
+
+ if (sizeof($arr)>0) {
+
+ if (($offset + $CONF['MediaPerPage']) >= sizeof($arr))
+ $offset = sizeof($arr) - $CONF['MediaPerPage'];
+
+ if ($offset < 0) $offset = 0;
+
+ $idxStart = $offset;
+ $idxEnd = $offset + $CONF['MediaPerPage'];
+ $idxNext = $idxEnd;
+ $idxPrev = $idxStart - $CONF['MediaPerPage'];
+
+ if ($idxPrev < 0) $idxPrev = 0;
+
+ if ($idxEnd > sizeof($arr))
+ $idxEnd = sizeof($arr);
+
+ for($i=$idxStart;$i<$idxEnd;$i++) {
+ $obj = $arr[$i];
+ $filename = $DIR_MEDIA . $currentCollection . '/' . $obj->filename;
+
+ $old_level = error_reporting(0);
+ $size = @GetImageSize($filename);
+ error_reporting($old_level);
+ $width = $size[0];
+ $height = $size[1];
+ $filetype = $size[2];
+
+ echo "<tr>";
+ echo "<td>". date("Y-m-d",$obj->timestamp) ."</td>";
+
+ // strings for javascript
+ $jsCurrentCollection = str_replace("'","\\'",$currentCollection);
+ $jsFileName = str_replace("'","\\'",$obj->filename);
+
+ if ($filetype != 0) {
+ // image (gif/jpg/png/swf)
+ echo "<td><a href=\"media.php\" onclick=\"chooseImage('", htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "',"
+ . "'", htmlspecialchars($width), "','" , htmlspecialchars($height), "'"
+ . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"
+ . htmlspecialchars(shorten($obj->filename,25,'...'))
+ ."</a>";
+ echo ' (<a href="', htmlspecialchars($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',htmlspecialchars(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)';
+ echo "</td>";
+ } else {
+ // no image (e.g. mpg)
+ echo "<td><a href='media.php' onclick=\"chooseOther('" , htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'"
+ . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"
+ . htmlspecialchars(shorten($obj->filename,30,'...'))
+ ."</a></td>";
+
+ }
+ echo '<td>' , htmlspecialchars($width) , 'x' , htmlspecialchars($height) , '</td>';
+ echo '</tr>';
+ }
+ } // if (sizeof($arr)>0)
+ ?>
+
+ </table>
+ <?php
+ if ($idxStart > 0)
+ echo "<a href='media.php?offset=$idxPrev&collection=".urlencode($currentCollection)."'>". _LISTS_PREV."</a> ";
+ if ($idxEnd < sizeof($arr))
+ echo "<a href='media.php?offset=$idxNext&collection=".urlencode($currentCollection)."'>". _LISTS_NEXT."</a> ";
+
+ ?>
+ <input id="typeradio0" type="radio" name="typeradio" onclick="setType(0);" checked="checked" /><label for="typeradio0"><?php echo _MEDIA_INLINE?></label>
+ <input id="typeradio1" type="radio" name="typeradio" onclick="setType(1);" /><label for="typeradio1"><?php echo _MEDIA_POPUP?></label>
+ <?php
+ media_foot();
+
+
+}
+
+/**
+ * Shows a screen where you can select the file to upload
+ */
+function media_choose() {
+ global $CONF, $member, $manager;
+
+ $currentCollection = requestVar('collection');
+
+ $collections = MEDIA::getCollectionList();
+
+ media_head();
+ ?>
+ <h1><?php echo _UPLOAD_TITLE?></h1>
+
+ <p><?php echo _UPLOAD_MSG?></p>
+
+ <form method="post" enctype="multipart/form-data" action="media.php">
+ <div>
+ <input type="hidden" name="action" value="uploadfile" />
+ <?php $manager->addTicketHidden() ?>
+ <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" />
+ File:
+ <br />
+ <input name="uploadfile" type="file" size="40" />
+ <?php if (sizeof($collections) > 1) {
+ ?>
+ <br /><br /><label for="upload_collection">Collection:</label>
+ <br /><select name="collection" id="upload_collection">
+ <?php foreach ($collections as $dirname => $description) {
+ echo '<option value="',htmlspecialchars($dirname),'"';
+ if ($dirname == $currentCollection) {
+ echo ' selected="selected"';
+ }
+ echo '>',htmlspecialchars($description),'</option>';
+ }
+ ?>
+ </select>
+ <?php } else {
+ ?>
+ <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection'))?>" />
+ <?php } // if sizeof
+ ?>
+ <br /><br />
+ <?php
+ $manager->notify(
+ 'MediaUploadFormExtras',
+ array()
+ );
+ ?>
+ <br /><br />
+ <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" />
+ </div>
+ </form>
+
+ <?php
+ media_foot();
+}
+
+
+/**
+ * accepts a file for upload
+ */
+function media_upload() {
+ global $DIR_MEDIA, $member, $CONF;
+
+ $uploadInfo = postFileInfo('uploadfile');
+
+ $filename = $uploadInfo['name'];
+ $filetype = $uploadInfo['type'];
+ $filesize = $uploadInfo['size'];
+ $filetempname = $uploadInfo['tmp_name'];
+ $fileerror = intval($uploadInfo['error']);
+
+ // clean filename of characters that may cause trouble in a filename using cleanFileName() function from globalfunctions.php
+ $filename = cleanFileName($filename);
+ if ($filename === false)
+ media_doError(_ERROR_BADFILETYPE);
+
+ switch ($fileerror)
+ {
+ case 0: // = UPLOAD_ERR_OK
+ break;
+ case 1: // = UPLOAD_ERR_INI_SIZE
+ case 2: // = UPLOAD_ERR_FORM_SIZE
+ media_doError(_ERROR_FILE_TOO_BIG);
+ case 3: // = UPLOAD_ERR_PARTIAL
+ case 4: // = UPLOAD_ERR_NO_FILE
+ case 6: // = UPLOAD_ERR_NO_TMP_DIR
+ case 7: // = UPLOAD_ERR_CANT_WRITE
+ default:
+ // include error code for debugging
+ // (see http://www.php.net/manual/en/features.file-upload.errors.php)
+ media_doError(_ERROR_BADREQUEST . ' (' . $fileerror . ')');
+ }
+
+ if ($filesize > $CONF['MaxUploadSize'])
+ media_doError(_ERROR_FILE_TOO_BIG);
+
+ // check file type against allowed types
+ $ok = 0;
+ $allowedtypes = explode (',', $CONF['AllowedTypes']);
+ foreach ( $allowedtypes as $type )
+ {
+ //if (eregi("\." .$type. "$",$filename)) $ok = 1;
+ if (preg_match("#\." .$type. "$#i",$filename)) $ok = 1;
+ }
+ if (!$ok) media_doError(_ERROR_BADFILETYPE);
+
+ if (!is_uploaded_file($filetempname))
+ media_doError(_ERROR_BADREQUEST);
+
+ // prefix filename with current date (YYYY-MM-DD-)
+ // this to avoid nameclashes
+ if ($CONF['MediaPrefix'])
+ $filename = strftime("%Y%m%d-", time()) . $filename;
+
+ $collection = requestVar('collection');
+ $res = MEDIA::addMediaObject($collection, $filetempname, $filename);
+
+ if ($res != '')
+ media_doError($res);
+
+ // shows updated list afterwards
+ media_select();
+}
+
+function media_loginAndPassThrough() {
+ media_head();
+ ?>
+ <h1><?php echo _LOGIN_PLEASE?></h1>
+
+ <form method="post" action="media.php">
+ <div>
+ <input name="action" value="login" type="hidden" />
+ <input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" />
+ <?php echo _LOGINFORM_NAME?>: <input name="login" />
+ <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" />
+ <br /><input type="submit" value="<?php echo _LOGIN?>" />
+ </div>
+ </form>
+ <p><a href="media.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p>
+ <?php media_foot();
+ exit;
+}
+
+function media_doError($msg) {
+ media_head();
+ ?>
+ <h1><?php echo _ERROR?></h1>
+ <p><?php echo $msg?></p>
+ <p><a href="media.php" onclick='history.back(); return false;"><?php echo _BACK?></a></p>
+ <?php media_foot();
+ exit;
+}
+
+
+function media_head() {
+?>
+ <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+ <html <?php echo _HTML_XML_NAME_SPACE_AND_LANG_CODE; ?>>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />
+ <title>Nucleus Media</title>
+ <link rel="stylesheet" type="text/css" href="styles/popups.css" />
+ <script type="text/javascript">
+ var type = 0;
+ function setType(val) { type = val; }
+
+ function chooseImage(collection, filename, width, height) {
+ window.opener.focus();
+ window.opener.includeImage(collection,
+ filename,
+ type == 0 ? 'inline' : 'popup',
+ width,
+ height
+ );
+ window.close();
+ }
+
+ function chooseOther(collection, filename) {
+ window.opener.focus();
+ window.opener.includeOtherMedia(collection, filename);
+ window.close();
+
+ }
+ </script>
+ </head>
+ <body>
+<?php }
+
+function media_foot() {
+?>
+ </body>
+ </html>
+<?php }
+
+?>