<?php
/*
* Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2007 The Nucleus Group
+ * Copyright (C) 2002-2009 The Nucleus Group
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* passed through to the add-item form (linkto, popupimg or inline img)
*
* @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2007 The Nucleus Group
- * @version $Id: media.php,v 1.8 2007-03-20 19:32:19 kmorimatsu Exp $
- * $NucleusJP: media.php,v 1.7 2007/02/04 06:28:45 kimitake Exp $
+ * @copyright Copyright (C) 2002-2009 The Nucleus Group
+ * @version $Id$
+ * $NucleusJP: media.php,v 1.8.2.1 2007/09/07 07:36:44 kimitake Exp $
*
*/
// check if member is on at least one teamlist
$query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();
-$teams = mysql_query($query);
-if (mysql_num_rows($teams) == 0)
+$teams = sql_query($query);
+if (sql_num_rows($teams) == 0 && !$member->isAdmin())
media_doError(_ERROR_DISALLOWEDUPLOAD);
// get action
case 'chooseupload':
case _MEDIA_UPLOAD_TO:
case _MEDIA_UPLOAD_NEW:
- media_choose();
+ if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {
+ media_doError(_ERROR_DISALLOWED);
+ } else {
+ media_choose();
+ }
break;
case 'uploadfile':
- media_upload();
+ if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {
+ media_doError(_ERROR_DISALLOWED);
+ } else {
+ media_upload();
+ }
break;
case _MEDIA_FILTER_APPLY:
case 'selectmedia':
function media_select() {
global $member, $CONF, $DIR_MEDIA, $manager;
- media_head();
-
// show 10 files + navigation buttons
// show msg when no files
// show upload form
if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection))
$currentCollection = $member->getID();
+ // avoid directory travarsal and accessing invalid directory
+ if (!MEDIA::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED);
+
+ media_head();
// get collection list
$collections = MEDIA::getCollectionList();
$filesize = $uploadInfo['size'];
$filetempname = $uploadInfo['tmp_name'];
$fileerror = intval($uploadInfo['error']);
-
+
switch ($fileerror)
{
case 0: // = UPLOAD_ERR_OK
<div>
<input name="action" value="login" type="hidden" />
<input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" />
- <?php echo _LOGINFORM_NAME?>: <input name="login" />
- <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" />
+ <?php echo _LOGINFORM_NAME?> <input name="login" />
+ <br /><?php echo _LOGINFORM_PWD?> <input name="password" type="password" />
<br /><input type="submit" value="<?php echo _LOGIN?>" />
</div>
</form>
function media_head() {
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
- <html xmlns="http://www.w3.org/1999/xhtml">
+ <html <?php echo _HTML_XML_NAME_SPACE_AND_LANG_CODE; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />
<title>Nucleus Media</title>