OSDN Git Service

sync with beta1 releasee package
[nucleus-jp/nucleus-jp-ancient.git] / utf8 / nucleus / plugins / skinfiles / index.php
index a102c35..13808a3 100644 (file)
 <?php
 
-/*                                       */
-/* Admin page for NP_SkinFiles           */
-/* ------------------------------------  */
-/* A simple skin files manager           */
-/*                                       */
-/* code by Jeff MacMichael               */
-/* http://gednet.com/                    */
-/*                                       */
-/* version 1.01                          */
+   /* ==========================================================================================
+       * Nucleus SkinFiles Plugin
+       *
+       * Copyright 2005 by Jeff MacMichael and Niels Leenheer
+       *
+       * @version $Id: index.php,v 1.3 2007-01-29 22:07:42 kimitake Exp $
+       * @version $NucleusJP: index.php,v 1.5.2.1 2005/08/25 07:04:13 kimitake Exp $
+       *
+       * ==========================================================================================
+       * This program is free software and open source software; you can redistribute
+       * it and/or modify it under the terms of the GNU General Public License as
+       * published by the Free Software Foundation; either version 2 of the License,
+       * or (at your option) any later version.
+       *
+       * This program is distributed in the hope that it will be useful, but WITHOUT
+       * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+       * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
+       * more details.
+       *
+       * You should have received a copy of the GNU General Public License along
+       * with this program; if not, write to the Free Software Foundation, Inc.,
+       * 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA  or visit
+       * http://www.gnu.org/licenses/gpl.html
+       * ==========================================================================================
+       */
+
        $strRel = '../../../'; 
        include($strRel . 'config.php');
-       
        include($DIR_LIBS . 'PLUGINADMIN.php');
 
-       if (preg_match("/MD$/", $nucleus['version'])) {
-               $isblogadmin = $member->isBlogAdmin(-1);
-       } else {
-               $isblogadmin = $member->isBlogAdmin($blogid);
-       }
-       if (!($member->isAdmin() || $isblogadmin)) {
-               $oPluginAdmin = new PluginAdmin('SkinFiles');
+       $language = ereg_replace( '[\\|/]', '', getLanguageName());
+       $langfile = $language.'.php';
+       if (file_exists($langfile))
+               include_once($langfile);
+       else
+               include_once('english.php');
+
+       /**
+         * Create admin area
+         */
+
+       $oPluginAdmin  = new PluginAdmin('SkinFiles');
+
+       if (!($member->isLoggedIn() && $member->isAdmin()))
+       {
                $oPluginAdmin->start();
-               echo "<p>"._ERROR_DISALLOWED."</p>";
+               echo '<p>' . _ERROR_DISALLOWED . '</p>';
                $oPluginAdmin->end();
                exit;
        }
 
-       // set to FALSE for normal operation, or TRUE if skins are stored
-       // under owner's member id i.e. /skins/1/grey/...   (MDNucleus)
-       $privateskins = FALSE;
-       if ($privateskins) { 
-               global $member;
-               $SKINSUBDIR = $member->getID().'/'; 
-               $latestskins = 'latest-skins/';
-       } else {
-               $SKINSUBDIR = '';
-       }
+
        
-       global $pluginsskinfiles, $CONF;
-       $pluginsskinfiles=$CONF['PluginURL']."skinfiles";
+       /**
+         * Setup main variables
+         */
 
-       if (isset($_GET['action'])) {$action = $_GET['action'];}
-       if (isset($_POST['action'])) {$action = $_POST['action'];}
+       $rootDirectory = sfRealPath($DIR_SKINS);                        
+       $rootUrl       = $CONF['SkinsURL'];
+       $pluginUrl         = $oPluginAdmin->plugin->getAdminURL();
+
+       $filetypes = array (
+               'text'  => array ('inc', 'txt', 'css', 'js', 'php'),
+               'html'  => array ('htm', 'html'),
+               'img'   => array ('png', 'gif', 'jpg', 'jpeg', 'bmp', 'ico', 'swf'),
+       );
+       
+       
+       /**
+         * Bypass admin area for downloads
+         */
+       
+       $action = requestVar('action');
 
        if ($action == 'download') { 
-               download();
-               return;
-               break;
+               _skinfiles_download();
+               exit;
        }
 
-       // create the admin area page
-       $oPluginAdmin = new PluginAdmin('SkinFiles');
-       $oPluginAdmin->start();
+
+       /**
+         * Build admin area
+         */
+
+       $oPluginAdmin->start("<style type='text/css'>
+       <!--
        
-       echo "<h2>Skin File Management</h2>";
+               div#content a {
+                       text-decoration: none;
+               }
+               div#content img {
+                       vertical-align: middle;
+                       margin-top: -3px;
+               }
+               p.message {
+                       font-weight: bold;
+               }
+               p.error {
+                       font-size: 100%;
+                       font-weight: bold;
+                       color: #880000;
+               }
+               pre {
+                       overflow: auto;
+                       height: 400px;
+               }
+               iframe {
+                       width: 100%;
+                       height: 400px;
+                       border: 1px solid gray;
+               }
+               div.dialogbox {
+                       border: 1px solid #ddd;
+                       background-color: #F6F6F6;
+                       margin: 18px 0 1.5em 0;
+               }
+               div.dialogbox h4 {
+                       background-color: #bbc;
+                       color: #000;
+                       margin: 0;
+                       padding: 5px;
+               }
+               div.dialogbox h4.light {
+                       background-color: #ddd;
+               }
+               div.dialogbox div {
+                       margin: 0;
+                       padding: 10px;
+               }
+               div.dialogbox button {
+                       margin: 10px 0 0 6px;
+                       float: right;
+               }
+               div.dialogbox p {
+                       margin: 0;
+               }
+               div.dialogbox p.buttons {
+                       text-align: right;
+                       overflow: auto;
+               }
+               div.dialogbox textarea {
+                       width: 100%;
+                       margin: 0;
+               }
+       
+       -->
+       </style>");
+       
+       echo "<h2>" . _SKINFILES_MANAGEMENT . "</h2>";
        
-       if (strstr('renfile delfile createdir rendir deldir deleteAllInDir'
-               .' editfile uploadfile createfile getLatestSkins', $action)) { 
-               call_user_func($action);
-       } else {
-               showdir();
+       $actions = array (
+               'renfile', 'renfile_process', 'delfile', 'delfile_process', 
+               'editfile', 'editfile_process', 'uploadfile', 'createfile', 'viewfile',
+               'rendir', 'rendir_process', 'deldir', 'deldir_process',
+               'emptydir', 'emptydir_process', 'createdir'
+       );
+       
+       if (in_array($action, $actions)) 
+       { 
+               if (!$manager->checkTicket())
+               {
+                       echo '<p class="error">Error: ' . _ERROR_BADTICKET . '</p>';
+                       sfShowDirectory();
+                       
+               } 
+               else 
+               {
+                       call_user_func('_skinfiles_' . $action);
+               }
+       } 
+       else 
+       {
+               sfShowDirectory();
        }
 
        $oPluginAdmin->end();
-       return;
-       break;
-               
-       function createfile() {
-               global $oPluginAdmin, $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles;
-               $parent = $_POST["dir"];
-               $filename = $_POST["filename"];
-               $fullpath = $DIR_SKINS.$SKINSUBDIR.$parent.'/'.$filename;
-               if (file_exists($fullpath)) {
-                       $msg = "Error: the file '$filename' already exists.";
-                       showdir($msg);
-               }
-               echo "<h3><b>Creating file \"/$parent/$filename\":</b></h3>";
-               $errrep = error_reporting(E_ERROR);
-               if (touch($fullpath)) { 
-                       $msg = 'The file was created successfully.';
-               } else {
-                       $msg = 'ERROR: The file was <i>not</i> created successfully.';
-               }
-               $oldumask = umask(0000);
-               chmod($fullpath, 0755);
-               umask($oldumask);
-               error_reporting($errrep);
-               showdir($msg);
-       }
-
-       function createdir() {
-               global $oPluginAdmin, $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles;
-               $parent = $_POST["dir"];
-               $newdir = $_POST["newdir"];
-               if (!$newdir) {
-                       echo 'You need to specify a directory name to create. <br /><br />';
-                       echo '> <a href="'.$_SERVER['HTTP_REFERER'].'">Go back</a><br />';              
-                       return;
-               }
-               $errrep = error_reporting(E_ERROR);
-               $oldumask = umask(0000);
-               if (mkdir ($DIR_SKINS.$SKINSUBDIR.$parent.'/'.$newdir, 0755)) {
-                       $msg = 'Directory created successfully.';
-               } else {
-                       $msg = 'There was an error creating the directory (check to see if the directory already exists).';
-               }
-               umask($oldumask);
-               error_reporting($errrep);
-               showdir($msg);
-       }
-       
-       function download() {
-               global $DIR_SKINS, $SKINSUBDIR;
-               $file = $_GET["rfp"];
-               $path = $DIR_SKINS.$SKINSUBDIR.$file;
-               $splitpath =  preg_split( "/\//", strrev($_GET["rfp"]), 2);
-               $file = strrev($splitpath[0]);
-               
-               // download code taken from Paul Alger's PHP_Easy_Download. 
-
-               // translate file name properly for Internet Explorer.
-               if (strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")){
-                       $file = preg_replace('/\./', '%2e', $file, substr_count($file, '.') - 1);
-               }
-               // make sure the file exists before sending headers
-               if(!$fdl=@fopen($path,'r')){
-                       die("Cannot Open File!");
-               } else {
-                       header("Cache-Control: ");// leave blank to avoid IE errors
-                       header("Pragma: ");// leave blank to avoid IE errors
-                       header("Content-type: application/octet-stream");
-                       header('Content-Disposition: attachment; filename="'.$file.'"');
-                       header("Content-length: ".(string)(filesize($path)));
-                       sleep(1);
-                       
-                       fpassthru($fdl);
-               }
-               return;
-               break;
+       exit;
+       
+       
+
+
+
+
+
+       /* Helper functions **************************************************************************************************************/
+
+       function sfExpandDirectory ($path) {
+          /* IN:  relative directory
+               * OUT: full path to directory
+               */
+
+               global $rootDirectory;
+               return sfRealPath($rootDirectory . $path);
        }
        
-       function uploadfile() {
-               global $HTTP_POST_FILES, $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles, $CONF;
-               $filename = $HTTP_POST_FILES['filename']['name'];
-               $filesize = $HTTP_POST_FILES['filename']['size'];
-               $filetempname = $HTTP_POST_FILES['filename']['tmp_name'];
-               $todir = $DIR_SKINS.$SKINSUBDIR.$_POST['dir'].'/';
+       function sfRealPath ($path) {
+          /* IN:  full path 
+               * OUT: canonicalized absolute pathname
+               */
+
+               $path = realpath($path);
+               $path = str_replace('\\', '/', $path);  
+               $path = substr($path, strlen($path) - 1) != '/' ? $path . '/' : $path;
+               return $path;
+       }
+
+       function sfFullUrl ($path) {
+          /* IN:  full path including filename
+               * OUT: url including filename
+               */
+
+               global $rootDirectory, $rootUrl;
                
-               if ($filesize > $CONF['MaxUploadSize']) {
-                       showdir(_ERROR_FILE_TOO_BIG);
-                       return;
-               }
+               $path = str_replace($rootDirectory, '', $path);
+               $path = rawurlencode($path);
+               $path = str_replace('%2F', '/', $path);
+               return $rootUrl . $path;
+       }
+
+       function sfValidPath ($path) {
+          /* IN:  full path excluding or including filename
+               * OUT: boolean, true if full path is or is within rootDirectory
+               */
 
-               // check file type against allowed types
-               $ok = 0;
-               $allowedtypes = explode (',', "css,html,htm,xml,inc,txt,".$CONF['AllowedTypes']);
-               foreach ( $allowedtypes as $type ) 
-                       if (eregi("\." .$type. "$",$filename)) $ok = 1;    
-               if (!$ok) {
-                       showdir(_ERROR_BADFILETYPE);
-                       return;
+               global $rootDirectory;
+               return substr($path, 0, strlen($rootDirectory)) == $rootDirectory;
+       }
+       
+       function sfRelativePath ($path) {
+          /* IN:  full path including or excluding filename
+               * OUT: relative path from rootDirectory
+               */
+
+               global $rootDirectory;
+               return str_replace($rootDirectory, '', $path);
+       }
+       
+       function sfIsFileType ($type, $file) {
+
+               global $filetypes;
+               return isset($filetypes[$type]) && in_array(strtolower(substr(strrchr($file, "."), 1)), $filetypes[$type]);
+       }
+
+       function sfAllowEditing ($file) {
+               return sfIsFileType('html', $file) || sfIsFileType('text', $file);
+       }
+       
+       function sfAllowViewing ($file) {
+               return sfIsFileType('html', $file) || sfIsFileType('text', $file) || sfIsFileType('img', $file);
+       }
+
+
+       function sfDisplayPath ($relative) {
+       
+               global $pluginUrl;
+               
+               $result  = '<a href="' . htmlspecialchars($pluginUrl) . '" title="Go back to &laquo;skins&raquo;">';
+               $result .= '<img src="' . htmlspecialchars($pluginUrl . 'home.gif') . '" alt="" /> skins</a> / ';
+
+               $parts = explode('/', $relative);
+               $part = '';
+               
+               while (list(,$v) = each ($parts)) {
+                       if ($v != '') {
+                               $part .= $v . '/';
+                               
+                               $result .= '<a href="' . htmlspecialchars($pluginUrl . '?dir=' . rawurlencode($part)) . '" ';
+                               $result .= 'title="Go back to &laquo;' . htmlspecialchars($v) . '&raquo;">';
+                               $result .= '<img src="' . htmlspecialchars($pluginUrl . 'dir.gif') . '" alt="" /> ';
+                               $result .= htmlspecialchars($v) . '</a> / ';
+                       }
                }
-               if (!is_uploaded_file($filetempname)) {
-                       showdir(_ERROR_BADREQUEST);
-                       return;
+               
+               return $result;
+       }
+
+       function sfIcon ($file) {
+       
+               global $pluginUrl;
+       
+               $ext = strtolower(substr(strrchr($file, "."), 1));
+               
+               switch ($ext) {
+                       case 'htm':
+                       case 'html':
+                               return $pluginUrl . 'html.gif';
+                               break;
+
+                       case 'txt':
+                       case 'js':
+                       case 'css':
+                       case 'inc':
+                               return $pluginUrl . 'text.gif';
+                               break;
+
+                       case 'gif':
+                       case 'png':
+                       case 'jpg':
+                       case 'jpeg':
+                       case 'bmp':
+                       case 'xbmp':
+                       case 'ico':
+                               return $pluginUrl . 'image.gif';
+                               break;
+
+                       case 'php':
+                       case 'php3':
+                       case 'php4':
+                               return $pluginUrl . 'php.gif';
+                               break;
+                               
+                       default:
+                               return $pluginUrl . 'generic.gif';
+                               break;
                }
-               if (file_exists($todir.$filename)) {
-                       showdir(_ERROR_UPLOADDUPLICATE);
-                       return;
+       }
+
+       function sfIllegalFilename($name) {
+               return preg_match('#[\n\r\\\/\:\*\?\"\<\>\|]#', $name);
+       }
+
+       function sfDirectoryIsEmpty($dir) {
+               
+               $count = 0;
+               
+               if ($dh = opendir($dir)) 
+               {
+                       while (($file = readdir($dh)) !== false) 
+                               $count++;
+                       
+                       closedir($dh);
                }
+               
+               // $count must be smaller or equal than 2, because '.' 
+               // and '..' are always returned by readdir().
+               return $count <= 2;
+       }
 
-               // move file to directory
-               if (is_uploaded_file($filetempname)) {
-                       $errrep = error_reporting(E_ERROR);
-                       if (!@move_uploaded_file($filetempname, $todir . $filename)) {
-                               showdir(_ERROR_UPLOADMOVE);
-                               return;
-                       }
-                       error_reporting($errrep);
+
+
+
+
+
+
+
+
+       /* Show directory ****************************************************************************************************************/
+
+       function sfShowDirectory($default = '') {
+
+               global $pluginUrl, $rootDirectory, $CONF, $manager;
+               
+               $directory = $default != '' ? 
+                       $default : 
+                       sfExpandDirectory(trim(requestVar('dir')));
+               
+               if (!sfValidPath($directory) || !is_dir($directory)) {
+                       $directory = $rootDirectory;
                }
-               // chmod uploaded file
-               $oldumask = umask(0000);
-               @chmod($todir . $filename, 0755); 
-               umask($oldumask);               
 
-               showdir("File uploaded successfully.");
-       }
+               $relative  = sfRelativePath ($directory);
+               
+               echo '<p class="location">' . _SKINFILES_CURRENT_LOCATION . sfDisplayPath($relative) . '</p>';                  
 
-       function rendir() {
-               global $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles;
-               if (isset($_POST['newname'])) {
-                       $splitpath =  preg_split( "/\//", strrev($_POST["oldname"]), 2);
-                       $newname = strrev($splitpath[1]) .'/'. $_POST["newname"];
-                       $newname = preg_replace("/^\//", "", $newname);
-                       $res = rename ( $DIR_SKINS.$SKINSUBDIR.$_POST["oldname"], 
-                               $DIR_SKINS.$SKINSUBDIR.$newname);
-                       if ($res) { 
-                               $msg = "Directory successfully renamed."; 
-                       } else {
-                               $msg = "Failed to rename directory - (check to see if another directory already exists with the new name).";
-                       }
-                       showdir($msg);
-               } else { 
-                       $oldname = preg_replace("/^\//", "", $_GET["oldname"]);
-                       echo '<h3><b>Rename directory "/'.$oldname.'":</b></h3>';
-                       $splitpath =  preg_split( "/\//", strrev($_GET["oldname"]), 2);
-                       $dir = strrev($splitpath[0]);
-                       $parent = strrev($splitpath[1]);
-                       echo '> <a href="'.$_SERVER['HTTP_REFERER'].'">Cancel rename</a><br />';                
-                       ?>
-                               <form method="post" action="<?php echo $pluginsskinfiles?>/">
-                                       <input type="hidden" name="action" value="rendir" />
-                                       <input type="hidden" name="dir" value="<?php echo "/$parent" ?>"/>
-                                       <input type="hidden" name="oldname" value="<?php echo $oldname?>"/>
-                                       <table><tr>
-                                               <td><?php echo 'Rename to'?></td>
-                                               <td><input name="newname" tabindex="90" value="<?php echo  htmlspecialchars($dir) ?>" maxlength="50" size="20" /></td>
-                                       </tr><tr>
-                                               <td><?php echo "Rename"?></td>
-                                               <td><input type="submit" tabindex="140" value="<?php echo "Rename this folder"?>" onclick="return checkSubmit();" /></td>
-                                       </tr></table>
-                               </form>
-                       <?PHP
-               }
-       }
-
-       function editfile () {
-               global $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles;
-               if (isset ($_POST['rfp']) && isset($_POST['content'])) {
-                       $file = $_POST['rfp'];
-                       $errrep = error_reporting(E_ERROR);
-                       $success = true;
-                       if ($fh = @fopen($DIR_SKINS.$SKINSUBDIR.$file, 'w')) { 
-                               if (fwrite ($fh, trim(stripslashes($_POST['content'])))) {
-                                       fclose($fh);
-                               } else {
-                                       $success = false;
+                       
+               $dirs = array();
+               $files = array();
+
+               if ($dh = @opendir($directory)) { 
+                       while (($file = readdir($dh)) !== false) { 
+                               if (!preg_match("/^\.{1,2}$/", $file)) {
+                                       $fstat = @stat($directory . $file);
+                               
+                                       if ($fstat['mode'] & 040000)
+                                               $dirs[$file] = $fstat;
+                                       else
+                                               $files[$file] = $fstat;
                                }
-                       } else {
-                               $success = false;
                        }
-                       error_reporting($errrep);
-                       if ($success) {
-                               $msg = 'File was edited successfully.';
+                       closedir($dh); 
+               }                       
+               
+               ksort($dirs);
+               ksort($files);
+               
+               echo '<table><thead><tr>';
+               echo '<th>' . _SKINFILES_NAME . '</th><th>' . _SKINFILES_SIZE . '</th><th>' . _SKINFILES_LAST_MODIFIED . '</th><th colspan="4">' . _SKINFILES_ACTIONS . '</th>';
+               echo '</tr></thead>';
+
+               while (list($name, $stat) = each($dirs)) {
+                       
+                       $dir = sfRelativePath($directory . $name . '/');
+                               
+                       echo '<tr onmouseover="focusRow(this);" onmouseout="blurRow(this);"><td>';
+                       
+                       if (is_readable ($directory . $name)) 
+                       {
+                               echo '<a href="' . htmlspecialchars($pluginUrl . '?dir=' . rawurlencode($dir)) . '">';
+                               echo '<img src="' . htmlspecialchars($pluginUrl . 'dir.gif') . '" alt="folder" /> ';
+                               echo htmlspecialchars($name).'</a>';                    
+                       }
+                       else
+                       {
+                               echo '<img src="' . htmlspecialchars($pluginUrl . 'dir.gif') . '" alt="folder" /> ';
+                               echo htmlspecialchars($name);                   
+                       }
+                                               
+                       echo '</td>';
+                               
+                       $renUrl = $manager->addTicketToUrl($pluginUrl . '?action=rendir&dir=' . rawurlencode($dir));
+                       $delUrl = $manager->addTicketToUrl($pluginUrl . '?action=deldir&dir=' . rawurlencode($dir));
+                               
+                       echo '<td>&ndash;</td>';
+                       echo '<td>' . date(_SKINFILES_DATE_FORMAT, $stat['mtime']);
+                       
+                       
+                       if (is_writable($directory . $name)) {
+                               echo '<td><a href="' . htmlspecialchars($renUrl) . '" title="' . _SKINFILES_RENAME . ' &laquo;' . htmlspecialchars($name) . '&raquo;">' . _SKINFILES_RENAME . '</a></td>';
                        } else {
-                               $msg = 'ERROR: File was <i>not</i> saved successfully.';
-                       }
-               }
-               if (isset ($_GET['rfp'])) { $file = $_GET['rfp']; }
-               if (isset ($_POST['rfp'])) { $file = $_POST['rfp']; }
-               $splitpath =  preg_split( "/\//", strrev($file), 2);
-               $parent = strrev($splitpath[1]);
-               echo '<h3>Editing file "/'.$file.'":</h3>';
-               if (isset($msg)) { echo "<p><b>$msg</b></p>"; }
-               echo "> <a href=\"$pluginsskinfiles/?dir=$parent\"> Cancel/Return to /$parent</a><br /><br />";
-               $fh = @fopen($DIR_SKINS.$SKINSUBDIR.$file, 'r');
-               while (!feof($fh)) { 
-                       $content .= fread($fh, 4096); 
-               }
-               fclose ($fh);                   
-               ?>
-                       <form method="post" action="<?php echo $pluginsskinfiles?>/">
-                               <input type="hidden" name="action" value="editfile" />
-                               <input type="hidden" name="rfp" value="<?php echo $file ?>"/>
-                               <input type="hidden" name="dir" value="<?php echo $parent ?>"/>
-                               <input type="submit" tabindex="140" value="<?php echo "Save changes"?>" onclick="return checkSubmit();" />
-                               <input type="reset" value="Reset Data" /><br />
-                               <textarea class="skinedit" tabindex="8" rows="20" cols="80" name="content"><?PHP echo htmlspecialchars($content) ?></textarea>
-                               <input type="submit" tabindex="140" value="<?php echo "Save changes"?>" onclick="return checkSubmit();" />
-                               <input type="reset" value="Reset Data" /><br />
-                       </form>
-               <?PHP
-       }
-
-
-       function renfile() {
-               global $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles;
-               if (isset($_POST['newname'])) {
-                       $splitpath =  preg_split( "/\//", strrev($_POST["oldname"]), 2);
-                       $newname = strrev($splitpath[1]) .'/'. $_POST["newname"];
-                       $newname = preg_replace("/^\//", "", $newname);
-                       $res = rename ( $DIR_SKINS.$SKINSUBDIR.$_POST["oldname"], 
-                               $DIR_SKINS.$SKINSUBDIR.$newname);
-                       if ($res) { 
-                               $msg = "File successfully renamed."; 
+                               echo '<td>&nbsp;</td>';
+                       }
+                       
+                       if (is_writable($directory . $name) && sfDirectoryIsEmpty($directory . $name)) {
+                               echo '<td><a href="' . htmlspecialchars($delUrl) . '" title="' . _SKINFILES_DELETE . ' &laquo;' . htmlspecialchars($name) . '&raquo;">' . _SKINFILES_DELETE . '</a></td>';
                        } else {
-                               $msg = "File could not be renamed - (check to see if another file already exists with the new name).";
-                       }
-                       showdir($msg);
-               } else { 
-                       echo '<h3><b>Rename file "/'.$_GET["rfp"].'":</b></h3>';
-                       $splitpath =  preg_split( "/\//", strrev($_GET["rfp"]), 2);
-                       $file = strrev($splitpath[0]);
-                       $parent = strrev($splitpath[1]);
-                       echo '> <a href="'.$_SERVER['HTTP_REFERER'].'">Cancel rename</a><br />';                
-                       ?>
-                               <form method="post" action="<?php echo $pluginsskinfiles?>/">
-                                       <input type="hidden" name="action" value="renfile" />
-                                       <input type="hidden" name="oldname" value="<?php echo $_GET["rfp"] ?>"/>
-                                       <input type="hidden" name="dir" value="<?php echo "/$parent" ?>"/>
-                                       <table><tr>
-                                               <td><?php echo 'Rename to'?></td>
-                                               <td><input name="newname" tabindex="90" value="<?php echo  htmlspecialchars($file) ?>" maxlength="50" size="20" /></td>
-                                       </tr><tr>
-                                               <td><?php echo "Rename"?></td>
-                                               <td><input type="submit" tabindex="140" value="<?php echo "Rename this file"?>" onclick="return checkSubmit();" /></td>
-                                       </tr></table>
-                               </form>
-                       <?PHP
-               }
-       }
-
-       function delfile() {
-               global $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles;
-               if (isset($_GET['sure'])) { 
-                       $file = $DIR_SKINS.$SKINSUBDIR.$_GET["rfp"];
-                       $errrep = error_reporting(E_ERROR);
-                       if (unlink ($file)) {
-                               $msg = 'File "'.$_GET["rfp"].'" has been deleted.';
+                               echo '<td>&nbsp;</td>';
+                       }
+                       
+                       echo '<td>&nbsp;</td><td>&nbsp;</td>';
+                       echo '</tr>';
+               }
+
+
+               while (list($name, $stat) = each($files)) {
+
+                       $file = sfRelativePath($directory . $name);
+
+                       $renUrl   = $manager->addTicketToUrl($pluginUrl . '?action=renfile&file='  . rawurlencode($file));
+                       $delUrl   = $manager->addTicketToUrl($pluginUrl . '?action=delfile&file='  . rawurlencode($file));
+                       $editUrl  = $manager->addTicketToUrl($pluginUrl . '?action=editfile&file=' . rawurlencode($file));
+                       $viewUrl  = $manager->addTicketToUrl($pluginUrl . '?action=viewfile&file=' . rawurlencode($file));
+                       $dlUrl    = $manager->addTicketToUrl($pluginUrl . '?action=download&file=' . rawurlencode($file));
+
+                       echo '<tr onmouseover="focusRow(this);" onmouseout="blurRow(this);"><td>';
+                       
+                       if (is_readable ($directory . $name) && sfAllowViewing($name)) 
+                       {
+                               echo '<a href="' . htmlspecialchars($viewUrl) . '">';
+                               echo '<img src="' . htmlspecialchars(sfIcon($name)) . '" alt="" /> ';
+                               echo htmlspecialchars($name).'</a>';
+                       }
+                       else
+                       {
+                               echo '<img src="' . htmlspecialchars(sfIcon($name)) . '" alt="" /> ';
+                               echo htmlspecialchars($name);
+                       }
+
+                       echo '</td><td>';
+                       echo ceil($stat['size'] / 1024) . ' kB';
+                       echo '</td><td>';
+                       echo date(_SKINFILES_DATE_FORMAT, $stat['mtime']);
+                       echo '</td><td>';
+                               
+                       if (is_writable($directory . $name)) {
+                               echo '<a href="' . htmlspecialchars($renUrl) . '" title="' . _SKINFILES_RENAME . ' &laquo;' . htmlspecialchars($name) . '&raquo;">' . _SKINFILES_RENAME . '</a>';
                        } else {
-                               $msg = 'ERROR: File "'.$_GET["rfp"].'" could not be deleted.';
-                       }
-                       error_reporting($errrep);
-                       showdir($msg);
-               } else {
-                       $file = $DIR_SKINS.$SKINSUBDIR.$_GET["rfp"];
-                       $splitpath =  preg_split( "/\//", strrev($_GET["rfp"]), 2);
-                       $parent = strrev($splitpath[1]);
-                       echo '<h3><b>Delete file "'.$_GET["rfp"].'": are you sure?</b></h3>';
-                       echo '<b>This action cannot be undone!</b><br /><br />';
-                       echo "> <a href=\"$pluginsskinfiles/?action=delfile&dir=$parent&sure=y&rfp=".$_GET["rfp"]."\">Yes, delete the file.</a><br />";         
-                       echo "> <a href=\"$pluginsskinfiles/?dir=".$parent.'">No, go back.</a><br />';          
-               }
-       }
-
-       function deldir() {
-               global $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles;
-               if (isset($_GET['sure'])) { 
-                       $dir = $DIR_SKINS.$SKINSUBDIR.$_GET["remdir"];
-                       $errrep = error_reporting(E_ERROR);
-                       if (rmdir ($dir)) {
-                               $msg = 'Directory "'.$_GET["remdir"].'" has been deleted.';
+                               echo '&nbsp;';
+                       }
+                               
+                       echo '</td><td>';
+
+                       if (is_writable($directory . $name)) {
+                               echo '<a href="' . htmlspecialchars($delUrl) . '" title="' . _SKINFILES_DELETE . ' &laquo;' . htmlspecialchars($name) . '&raquo;">' . _SKINFILES_DELETE . '</a>';
                        } else {
-                               $msg = 'ERROR: directory "'.$_GET["remdir"].'" could not be deleted - (check to see if it contains files).';
+                               echo '&nbsp;';
+                       }
+                               
+                       echo '</td><td>';
+                       
+                       if (is_writable($directory . $name) && sfAllowEditing($name))
+                               echo '<a href="'. htmlspecialchars($editUrl) . '" title="' . _SKINFILES_EDIT . ' &laquo;' . htmlspecialchars($name) . '&raquo;">' . _SKINFILES_EDIT . '</a>';
+                       else
+                               echo '&nbsp;';
+
+                       echo '</td><td>';
+                       
+                       if (is_readable ($directory . $name))
+                               echo '<a href="' . htmlspecialchars($dlUrl) . '" title="' . _SKINFILES_DOWNLOAD . ' &laquo;' . htmlspecialchars($name) . '&raquo;">' . _SKINFILES_DOWNLOAD . '</a>';
+                       else
+                               echo '&nbsp;';
+                               
+                       echo '</td></tr>';
+               }
+
+               if (!count($dirs) && !count($files)) {
+                       echo '<tr><td colspan="7">' . _SKINFILES_ERR_DIR_DOES_NOT_CONTAIN . '</td></tr>';
+               }
+
+               echo '</table>';
+
+               if ($relative != '') {
+               
+                       if (is_writable($directory)) {
+                               echo '<div class="dialogbox">';
+                               echo '<h4 class="light">' . _SKINFILES_CREATE_NEW_FILE . '</h4><div>';
+                               echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                               $manager->addTicketHidden();
+                               echo '<input type="hidden" name="action" value="createfile" />';
+                               echo '<input type="hidden" name="dir" value="' . htmlspecialchars($relative) . '" />';
+                               echo '<input type="text" name="name" size="40" value="untitled.txt" />';
+                               echo '<p class="buttons"><input type="submit" value="' . _SKINFILES_CREATE_FILE . '" /></p></form>';
+                               echo '</div></div>';
+       
+                               echo '<div class="dialogbox">';
+                               echo '<h4 class="light">' . _SKINFILES_UPLOAD_NEW_FILE . '</h4><div>';
+                               echo '<form method="post" enctype="multipart/form-data" action="' . htmlspecialchars($pluginUrl) . '">';
+                               $manager->addTicketHidden();
+                               echo '<input type="hidden" name="action" value="uploadfile" />';
+                               echo '<input type="hidden" name="dir" value="' . htmlspecialchars($relative) . '" />';
+                               echo '<input type="hidden" name="MAX_FILE_SIZE" value="' . $CONF['MaxUploadSize'] . '" />';
+                               echo '<input type="file" name="name" size="40" />';
+                               echo '<p class="buttons"><input type="submit" value="' . _SKINFILES_UPLOAD . '" /></p></form>';
+                               echo '</div></div>';
+                       }
+       
+                       if (count($files)) {
+                               echo '<div class="dialogbox">';
+                               echo '<h4 class="light">' . _SKINFILES_DEL_ALL_FILES . '</h4><div>';
+                               echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                               $manager->addTicketHidden();
+                               echo '<input type="hidden" name="action" value="emptydir" />';
+                               echo '<input type="hidden" name="dir" value="' . htmlspecialchars($relative) . '" />';
+                               echo _SKINFILES_DEL_ALL_FILES_MSG;
+                               echo '<p class="buttons"><input type="submit" value="' . _SKINFILES_DELETE_ALL . '" tabindex="140" onclick="return checkSubmit();" /></p>';
+                               echo '</form>';
+                               echo '</div></div>';
                        }
-                       error_reporting($errrep);
-                       showdir($msg);
-               } else {
-                       $dir = preg_replace("/^\//", "",$_GET['remdir']);
-                       $parent = $_GET['dir'];
-                       echo '<h3><b>Delete directory "/'.$dir.'": are you sure?</b></h3>';
-                       echo '<b>This action cannot be undone!</b><br /><br />';
-                       echo "> <a href=\"$pluginsskinfiles/?action=deldir&sure=y&remdir=$dir&dir=$parent\">Yes, delete the directory (it must be empty to do this).</a><br /><br />";          
-                       echo "> <a href=\"$pluginsskinfiles/?dir=".$parent.'">No, go back.</a><br />';          
+               }
+       
+               if (is_writable($directory)) {
+                       echo '<div class="dialogbox">';
+                       echo '<h4 class="light">' . _SKINFILES_CREATE_NEW_DIR . '</h4><div>';
+                       echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                       $manager->addTicketHidden();
+                       echo '<input type="hidden" name="action" value="createdir" />';
+                       echo '<input type="hidden" name="dir" value="' . htmlspecialchars($relative) . '" />';
+                       echo '<input type="text" name="name" value="untitled" tabindex="90" size="40" />';
+                       echo '<p class="buttons"><input type="submit" value="' . _SKINFILES_CREATE . '" tabindex="140" onclick="return checkSubmit();" /></p>';
+                       echo '</form>';
+                       echo '</div></div>';
                }
        }
+       
+       
+       
 
-       function deleteAllInDir() {
-               global $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles;
-               $parent = $DIR_SKINS.$SKINSUBDIR.preg_replace("/^\//", "",$_GET['dir']);
-               if ($dh = @opendir($parent)) { 
-                       while (($file = readdir($dh)) !== false) { 
-                               if(!preg_match("/^\.{1,2}/", $file)){
-                                       if (!is_dir($parent.$file)) {
-                                               $files[] = $file;
-                                       }
+       /* Rename directory **************************************************************************************************************/
+
+       function _skinfiles_rendir($preset = '') {
+
+               global $pluginUrl, $manager;
+               
+               $file      = trim(basename(requestVar('dir')));
+               $directory = trim(dirname(requestVar('dir')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (sfValidPath($directory . $file) && file_exists($directory . $file) && 
+                       is_dir($directory . $file) && is_writable($directory . $file)) 
+               {
+                       $relative = sfRelativePath ($directory);
+                       $editUrl  = $manager->addTicketToUrl($pluginUrl . '?action=rendir&dir=' . rawurlencode($relative . $file));
+
+                       echo '<p class="location">' . _SKINFILES_CURRENT_LOCATION . sfDisplayPath($relative);
+                       echo '<a href="' . htmlspecialchars($editUrl) . '" title="' . _SKINFILES_RENAME . ' &laquo;' . $file . '&raquo;">';
+                       echo '<img src="' . $pluginUrl . 'dir.gif' . '" alt="" /> ' . $file . '</a></p>';
+
+                       echo '<div class="dialogbox">';
+                       echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                       $manager->addTicketHidden();
+                       echo '<input type="hidden" name="action" value="rendir_process" />';
+                       echo '<input type="hidden" name="dir" value="' . htmlspecialchars($relative . $file) . '" />';
+
+                       echo '<h4>' . _SKINFILES_RENAME_DIR_MSG . ' &laquo;' . htmlspecialchars($file) . '&raquo; ' . _SKINFILES_RENAME_DIR_MSG2 . '</h4><div>';
+                       echo '<p><input type="text" name="name" size="40" value="' . htmlspecialchars($preset != '' ? $preset : $file) . '" /></p>';
+                       echo '<p class="buttons">';
+                       echo '<input type="hidden" name="sure" value="yes" />';
+                       echo '<input type="submit" value="' . _SKINFILES_RENAME . '" />';
+                       echo '<input type="button" name="sure" value="' . _SKINFILES_CANCEL . '" onclick="history.back();" />';
+                       echo '</p>';
+                       echo '</div></form></div>';
+               }
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_DIR_DOES_NOT_EXIST1 . " &laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DIR_DOES_NOT_EXIST2;
+                       echo _SKINFILES_ERR_DIR_DOES_NOT_EXIST3 . "</p>";
+               }
+       }
+       
+       function _skinfiles_rendir_process() {
+
+               global $pluginUrl, $manager;
+               
+               $file      = trim(basename(requestVar('dir')));
+               $directory = trim(dirname(requestVar('dir')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (requestVar('sure') == 'yes')
+               {
+                       if (sfValidPath($directory . $file) && file_exists($directory . $file) && 
+                               is_dir($directory . $file) && is_writable($directory . $file)) 
+                       {
+                               $name = requestVar('name');
+                               
+                               if ($name == '') {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_RENAME_DIR1 . "&laquo;" . htmlspecialchars($file) . "&raquo; ";
+                                       echo _SKINFILES_ERR_COULD_NOT_RENAME_DIR2 . "</p>";
+                                       _skinfiles_rendir($name);
+                                       return;
                                }
-                       }
-                       closedir($dh); 
-               } 
-               if (isset($_GET['sure'])) { 
-                       $errrep = error_reporting(E_ERROR);
-                       echo '<h3>Deletion results</h3><table>';
-                       echo "> <a href=\"$pluginsskinfiles/?dir=".$_GET["dir"]."\">Return to the /".$_GET["dir"]." directory.</a><br />";              
-                       foreach ($files as $file) {
-                               if (unlink ("$parent/$file")) { 
-                                       echo "<tr><td>File: $file was deleted.</td></tr>"; 
-                               } else {
-                                       echo "<tr><td>File: $file was <b>NOT</b> deleted.</td></tr>";
+                               
+                               if (sfIllegalFilename($name)) {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_RENAME_DIR3 . "&laquo;" . htmlspecialchars($file) . "&raquo; ";
+                                       echo _SKINFILES_ERR_COULD_NOT_RENAME_DIR4 . "</p>";
+                                       _skinfiles_rendir($name);
+                                       return;
+                               } 
+                               
+                               if ($name == $file) {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_RENAME_DIR5 . "&laquo;" . htmlspecialchars($file) . "&raquo; ";
+                                       echo _SKINFILES_ERR_COULD_NOT_RENAME_DIR6 . _SKINFILES_ERR_COULD_NOT_RENAME_DIR7 . "</p>";
+                                       _skinfiles_rendir($name);
+                                       return;
                                }
-                       }
-                       echo "</table>";
-                       error_reporting($errrep);
-                       echo "> <a href=\"$pluginsskinfiles/?dir=".$_GET["dir"]."\">Return to the /".$_GET["dir"]." directory.</a><br />";              
-               } else {
-                       echo '<h3><b>Delete all files in directory "/'.$_GET['dir'].'": are you sure?</b></h3>';
-                       echo '<b>This action cannot be undone!</b><br /><br />';
-                       echo "> <a href=\"$pluginsskinfiles/?action=deleteAllInDir&sure=y&dir=".$_GET["dir"]."\">Yes, delete <u>all files</u> in this directory.</a><br />";            
-                       echo "> <a href=\"$pluginsskinfiles/?dir=".$_GET['dir'].'">No, go back.</a><br /><br />';               
-                       echo '<b>Files list:</b><table>';
-                       foreach ($files as $file) {     echo "<tr><td>$file</td></tr>"; }
-                       echo '</table>';
-               }
-       }
-
-       // function for MDNucleus; won't work unless $privateskins is set to true
-       function getLatestSkins() {
-               global $DIR_SKINS, $pluginsskinfiles, $privateskins, $latestskins, $member;
-               $confirmed = $_POST['overwrite'];
-               if (!$confirmed) {
-                       showdir("Overwrite of default skin files not confirmed - no action taken.");
-                       return;
-               }
-               if ($dh = @opendir($DIR_SKINS.$latestskins)) { 
-                       while (($file = readdir($dh)) !== false) { 
-                               if(!preg_match("/^\.{1,2}/", $file))
-                                       if (is_dir($DIR_SKINS.$latestskins.$file)) $skins[] = $file;
-                       }
-                       closedir($dh); 
-               } 
-               if ($skins) {
-                       $msg = "Refreshed skin folders:";
-                       sort ($skins);
-                       foreach ($skins as $skin) {
-                               $memberskin = $DIR_SKINS.$member->getID().'/'.$skin;
-                               if (is_file($memberskin)) unlink($memberskin);
-                               if (!is_dir($memberskin)) {
-                                       $old_umask = umask(0);
-                                       mkdir($memberskin, 0755);
-                                       umask($old_umask);
+                               
+                               if (file_exists($directory . $name)) {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_RENAME_DIR8 . "&laquo;" . htmlspecialchars($file) . "&raquo; ";
+                                       echo _SKINFILES_ERR_COULD_NOT_RENAME_DIR9 . _SKINFILES_ERR_COULD_NOT_RENAME_DIR10 . "</p>";
+                                       _skinfiles_rendir($name);
+                                       return;
                                }
-                               exec("rsync -Wtr --delete ".$DIR_SKINS.$latestskins.$skin."/* ".$memberskin.'/');
-                               $msg .= "  $skin";
+                               
+                               if (!@rename($directory . $file, $directory . $name)) 
+                               {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_RENAME_DIR11 . "&laquo;" . htmlspecialchars($file) . "&raquo;</p>";
+                                       _skinfiles_rendir($name);
+                                       return;
+                               }
+       
+                               echo "<p class='message'>" . _SKINFILES_RENAMED_DIR1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_RENAMED_DIR2;
+                               echo _SKINFILES_RENAMED_DIR3 . "&laquo;" . htmlspecialchars($name) . "&raquo;" . _SKINFILES_RENAMED_DIR4 . "</p>";
+                               sfShowDirectory($directory);
+                       }               
+                       else
+                       {
+                               echo "<p class='error'>" . _SKINFILES_ERR_DIR_DOES_NOT_EXIST1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DIR_DOES_NOT_EXIST2;
+                               echo _SKINFILES_ERR_DIR_DOES_NOT_EXIST3 . "</p>";
                        }
-               } else {
-                       showdir("No default skin folders found.  No action taken.");
-                       return;
                }
-               showdir($msg);
+               else
+               {
+                       // User cancelled
+                       sfShowDirectory($directory);
+               }
        }
 
-       function _isImageFile($file) {
-               return preg_match ("/\.(gif|png|jpg|jpeg|bmp|ico)$/i", $file);
-       }
 
-       function _isEditableFile($file) {
-               return preg_match ("/\.(inc|txt|htm|html|xml)$/i", $file);
+
+
+       /* Create directory **************************************************************************************************************/
+
+       function _skinfiles_createdir() {
+       
+               $directory = trim(requestVar('dir'));
+               $directory = sfExpandDirectory($directory);
+
+               if (sfValidPath($directory) && is_dir($directory) && is_writable($directory)) 
+               {
+                       $name = requestVar('name');
+                       
+                       if ($name == '') {
+                               echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_CREATE_DIR1 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+                       
+                       if (sfIllegalFilename($name)) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_CREATE_DIR2 . "&laquo;" . htmlspecialchars($name) . "&raquo; ";
+                               echo _SKINFILES_ERR_COULD_NOT_CREATE_DIR3 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       } 
+                       
+                       if (file_exists($directory . $name)) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_CREATE_DIR4 . "&laquo;" . htmlspecialchars($name) . "&raquo; ";
+                               echo _SKINFILES_ERR_COULD_NOT_CREATE_DIR5 . _SKINFILES_ERR_COULD_NOT_CREATE_DIR6 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+                       
+                       $mask = @umask(0000);
+
+                       if (!@mkdir($directory . $name, 0755)) 
+                       {
+                               echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_CREATE_DIR2 . "&laquo;" . htmlspecialchars($name) . "&raquo;</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+
+                       @umask($mask);
+                       
+                       echo "<p class='message'>" . _SKINFILES_ERR_COULD_NOT_CREATE_DIR7 . "&laquo;" . htmlspecialchars($name) . "&raquo; " . _SKINFILES_ERR_COULD_NOT_CREATE_DIR8 . "</p>";
+                       sfShowDirectory($directory);
+               }               
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_COULD_NOT_CREATE_DIR9 . "&laquo;" . htmlspecialchars(basename($directory)) . "&raquo; " .  _SKINFILES_ERR_COULD_NOT_CREATE_DIR10;
+                       echo _SKINFILES_ERR_COULD_NOT_CREATE_DIR11 . "</p>";
+               }
        }
+       
+       
+       
+
+       /* Delete directory **************************************************************************************************************/
+
+       function _skinfiles_deldir() {
+
+               global $pluginUrl, $manager;
+               
+               $file      = trim(basename(requestVar('dir')));
+               $directory = trim(dirname(requestVar('dir')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (sfValidPath($directory . $file) && file_exists($directory . $file) && 
+                       is_dir($directory . $file) && is_writable($directory . $file) &&
+                       sfDirectoryIsEmpty($directory . $file)) 
+               {
+                       $relative = sfRelativePath ($directory);
+                       $delUrl  = $manager->addTicketToUrl($pluginUrl . '?action=deldir&dir=' . rawurlencode($relative . $file));
 
-       function showdir($msg = '') {
-               global $DIR_SKINS, $SKINSUBDIR, $pluginsskinfiles, $CONF;
-               global $privateskins, $latestskins;
-               if (isset($_GET['dir'])) { 
-                       $newdir = preg_replace("/^\//", "",$_GET['dir']);
-                       $currdir = $DIR_SKINS.$SKINSUBDIR."$newdir/";
-                       $in_subdir = 1;
-               } elseif (isset($_POST['dir'])) { 
-                       $newdir = preg_replace("/^\//", "",$_POST['dir']);
-                       $currdir = $DIR_SKINS.$SKINSUBDIR."$newdir/";
-                       $in_subdir = 1;
-               } else {
-                       $newdir = '';
-                       $currdir = $DIR_SKINS.$SKINSUBDIR;
-                       $in_subdir = 0;
+                       echo '<p class="location">' . _SKINFILES_CURRENT_LOCATION . sfDisplayPath($relative);
+                       echo '<a href="' . htmlspecialchars($delUrl) . '" title="' . _SKINFILES_DELETE . ' &laquo;' . $file . '&raquo;">';
+                       echo '<img src="' . $pluginUrl . 'dir.gif' . '" alt="" /> ' . $file . '</a></p>';
+
+                       echo '<div class="dialogbox">';
+                       echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                       $manager->addTicketHidden();
+                       echo '<input type="hidden" name="action" value="deldir_process" />';
+                       echo '<input type="hidden" name="dir" value="' . htmlspecialchars($relative . $file) . '" />';
+
+                       echo '<h4>' . _SKINFILES_DELETE_DIR . ' &laquo;' . htmlspecialchars($file) . '&raquo; ' . _SKINFILES_DELETE_DIR2 . '</h4><div>';
+                       echo '<p class="buttons">';
+                       echo '<input type="hidden" name="sure" value="yes" />';
+                       echo '<input type="submit" value="' . _SKINFILES_DELETE . '" />';
+                       echo '<input type="button" name="sure" value="' . _SKINFILES_CANCEL . '" onclick="history.back();" />';
+                       echo '</p>';
+                       echo '</div></form></div>';
                }
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_DELETE_DIR1 . " &laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DELETE_DIR2;
+                       echo _SKINFILES_ERR_DELETE_DIR3 . "</p>";
+               }
+       }
+       
+       function _skinfiles_deldir_process() {
+
+               global $pluginUrl, $manager;
+               
+               $file      = trim(basename(requestVar('dir')));
+               $directory = trim(dirname(requestVar('dir')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (requestVar('sure') == 'yes')
+               {
+                       if (sfValidPath($directory . $file) && file_exists($directory . $file) && 
+                               is_dir($directory . $file) && is_writable($directory . $file) &&
+                               sfDirectoryIsEmpty($directory . $file)) 
+                       {
+                               if (!@rmdir($directory . $file)) 
+                               {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_DELETE_DIR4 . "&laquo;" . htmlspecialchars($file) . "&raquo;</p>";
+                                       sfShowDirectory($directory);
+                                       return;
+                               }
        
-               if ($privateskins && (!is_dir($DIR_SKINS.$SKINSUBDIR))) {
-                       $oldumask = umask(0);
-                       mkdir($DIR_SKINS.$SKINSUBDIR, 0755);
-                       umask($oldmask);
+                               echo "<p class='message'>" . _SKINFILES_ERR_DELETE_DIR5 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DELETE_DIR6 . "</p>";
+                               sfShowDirectory($directory);
+                       }               
+                       else
+                       {
+                               echo "<p class='error'>" . _SKINFILES_ERR_DELETE_DIR1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DELETE_DIR2;
+                               echo _SKINFILES_ERR_DELETE_DIR3 . "</p>";
+                       }
+               }
+               else
+               {
+                       // User cancelled
+                       sfShowDirectory($directory);
                }
+       }       
+       
+       
+       
+       
+       /* Empty directory ***************************************************************************************************************/
+
+       function _skinfiles_emptydir() {
 
-               if (!is_dir($currdir)) {
-                       echo 'The specified location is not a directory or doesn\'t exist.';
-                       return;
+               global $pluginUrl, $manager;
+               
+               $file      = trim(basename(requestVar('dir')));
+               $directory = trim(dirname(requestVar('dir')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (sfValidPath($directory . $file) && file_exists($directory . $file) && is_dir($directory . $file)) 
+               {
+                       $files = array();
+       
+                       if ($dh = @opendir($directory . $file)) 
+                       { 
+                               while (($name = readdir($dh)) !== false) {
+                                       if(!preg_match("/^\.{1,2}$/", $name) && 
+                                          !is_dir($directory . $file . '/' . $name) &&
+                                          is_writable($directory . $file . '/' . $name)) 
+                                                       $files[] = $name;
+                               }
+                               
+                               closedir($dh); 
+                               sort($files);
+                       }
+                       
+                       $relative = sfRelativePath ($directory);
+                       $emptyUrl  = $manager->addTicketToUrl($pluginUrl . '?action=emptydir&dir=' . rawurlencode($relative . $file));
+
+                       echo '<p class="location">' . _SKINFILES_CURRENT_LOCATION . sfDisplayPath($relative);
+                       echo '<a href="' . htmlspecialchars($emptyUrl) . '" title="Empty &laquo;' . $file . '&raquo;">';
+                       echo '<img src="' . $pluginUrl . 'dir.gif' . '" alt="" /> ' . $file . '</a></p>';
+
+                       echo '<div class="dialogbox">';
+                       echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                       $manager->addTicketHidden();
+                       echo '<input type="hidden" name="action" value="emptydir_process" />';
+                       echo '<input type="hidden" name="dir" value="' . htmlspecialchars($relative . $file) . '" />';
+
+                       echo '<h4>' . _SKINFILES_DELETE_FILE_MSG . ' &laquo;' . htmlspecialchars($file) . '&raquo;' . _SKINFILES_DELETE_FILE_MSG2 . '</h4><div>';
+                       
+                       if (count($files)) 
+                       {
+                               echo '<ul>';
+                               foreach ($files as $name) {     echo '<li>' . htmlspecialchars($name) . '</li>'; }
+                               echo '</ul>';
+       
+                               echo '<p class="buttons">';
+                               echo '<input type="hidden" name="sure" value="yes" />';
+                               echo '<input type="submit" value="' . _SKINFILES_DELETE . '" />';
+                               echo '<input type="button" name="sure" value="' . _SKINFILES_CANCEL . '" onclick="history.back();" />';
+                               echo '</p>';
+                       }
+                       else
+                       {
+                               echo '<p>' . _SKINFILES_ERR_DELETE_DIR7 . '</p>';
+                               echo '<p class="buttons">';
+                               echo '<input type="button" name="sure" value="' . _SKINFILES_CANCEL . '" onclick="history.back();" />';
+                               echo '</p>';
+                       }
+                       
+                       echo '</div></form></div>';
+                       
+               }
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_DELETE_DIR1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DELETE_DIR2;
+                       echo _SKINFILES_ERR_DELETE_DIR3 . "</p>";
                }
+       }
+
+       function _skinfiles_emptydir_process() {
+
+               global $pluginUrl, $manager;
                
-               if ($dh = @opendir($currdir)) { 
-                       while (($file = readdir($dh)) !== false) { 
-                               if(!preg_match("/^\.{1,2}/", $file)){
-                                       if (is_dir($currdir.$file)) {
-                                               $dirs[] = $file;
-                                       } else {
-                                               $files[] = $file;
+               $file      = trim(basename(requestVar('dir')));
+               $directory = trim(dirname(requestVar('dir')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (requestVar('sure') == 'yes')
+               {
+                       if (sfValidPath($directory . $file) && file_exists($directory . $file) && is_dir($directory . $file)) 
+                       {
+                               if ($dh = @opendir($directory . $file)) 
+                               { 
+                                       while (($name = readdir($dh)) !== false) 
+                                       {
+                                               if(!preg_match("/^\.{1,2}$/", $name) &&  !is_dir($directory . $file . '/' . $name) &&
+                                                  is_writable($directory . $file . '/' . $name)) 
+                                               {
+                                                       if (unlink ($directory .$file . '/' . $name)) 
+                                                               echo "<p class='message'>" . _SKINFILES_ERR_EMPTY_DIR1 . "&laquo;" . htmlspecialchars($name) . "&raquo; " . _SKINFILES_ERR_EMPTY_DIR2 . "</p>";
+                                                       else
+                                                               echo "<p class='error'>" . _SKINFILES_ERR_EMPTY_DIR3 . "&laquo;" . htmlspecialchars($name) . "&raquo; " . _SKINFILES_ERR_EMPTY_DIR4 . "</p>";
+                                               }
                                        }
+                                       
+                                       closedir($dh); 
+       
+                                       sfShowDirectory($directory . $file . '/');
                                }
                        }
-                       closedir($dh); 
-               } 
+                       else
+                       {
+                               echo "<p class='error'>" . _SKINFILES_ERR_EMPTY_DIR5 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_EMPTY_DIR6;
+                               echo _SKINFILES_ERR_EMPTY_DIR7 . "</p>";
+                       }
+               }
+               else
+               {
+                       // User cancelled
+                       sfShowDirectory($directory . $file . '/');
+               }
+       }
+
+
+
+
+       /* Download file *****************************************************************************************************************/
+
+       function _skinfiles_download() {
+
+               global $pluginUrl, $manager;
                
-               echo "<h3>Current Directory: <b>/$newdir</b></h3>";
-               
-               if ($msg) {
-                       echo '<p><b>'.htmlspecialchars($msg).'</b></p>';
-               }
-               
-               if ($newdir != '') {
-                       echo "<u><a href=\"$pluginsskinfiles/\">> Return to / <</a></u><br />";
-                       if (strstr($newdir, '/')) {
-                               $splitpath =  preg_split( "/\//", strrev($newdir), 2);
-                               $updir = strrev($splitpath[1]);
-                               echo "<u><a href=\"$pluginsskinfiles/?dir=/$updir\">> Return to /$updir <</a></u><br /><br />";
-                       }
-               }
-               echo "<u><a href=\"$pluginsskinfiles/?dir=$newdir\">> Refresh <</a></u><br />";
-
-               echo "<table>";
-               if(is_array($dirs)){
-                       sort($dirs);
-                       foreach($dirs as $dir) {
-                               echo "<tr onmouseover='focusRow(this);' onmouseout='blurRow(this);'><td>";
-                               echo "&nbsp;&nbsp;<a href=\"$pluginsskinfiles/?dir=$newdir/$dir\">";
-                               echo "<img src=\"$pluginsskinfiles/dir.gif\"> $dir</a>&nbsp;</td>";
-                               echo "<td>&nbsp;<a href=\"$pluginsskinfiles/?action=rendir&oldname=$newdir/$dir\" title=\"Rename directory\">(ren)</a></td>";
-                               echo "<td>&nbsp;<a href=\"$pluginsskinfiles/?action=deldir&dir=$newdir&remdir=$newdir/$dir\" title=\"Delete directory\">(del)</a></td>";
-                               echo "</td><td></td><td></td><td></td><td>";
-                               echo "<td>".date('M d, Y  h:i:s a', filemtime($DIR_SKINS.$SKINSUBDIR.$newdir."/$dir"));
-                               echo "</td></tr>";
-                       }
-               }
-       
-               if(is_array($files)){
-                       sort($files);
-                       foreach($files as $file) {
-                               echo "<tr onmouseover='focusRow(this);' onmouseout='blurRow(this);'><td>";
-                               echo "&nbsp;&nbsp;";
-                               if (preg_match("/\.css$/i", $file)) {
-                                       echo "<img src=\"$pluginsskinfiles/css.gif\"> ";
-                               } elseif (preg_match("/\.php(3|4)?$/i", $file)) {
-                                       echo "<img src=\"$pluginsskinfiles/php.gif\"> ";
-                               } elseif (_isEditableFile($file)) {
-                                       echo "<img src=\"$pluginsskinfiles/text.gif\"> ";
-                               } elseif (_isImageFile($file)) {
-                                       echo "<img src=\"$pluginsskinfiles/image.gif\"> ";
-                               } else {
-                                       echo "<img src=\"$pluginsskinfiles/generic.png\"> ";
+               $file = basename(trim(requestVar('file')));
+
+               $directory = dirname(trim(requestVar('file')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (sfValidPath($directory) && file_exists($directory . $file) && 
+                       is_file($directory . $file) && is_readable($directory . $file)) 
+               {
+                       if (strstr(serverVar('HTTP_USER_AGENT'), "MSIE"))
+                               $name = preg_replace('/\./', '%2e', $file, substr_count($file, '.') - 1);
+                       else
+                               $name = $file;
+                               
+                       if ($fp = @fopen($directory . $file, 'r')) {
+                               header("Cache-Control: ");      // leave blank to avoid IE errors
+                               header("Pragma: ");                     // leave blank to avoid IE errors
+                               header("Content-type: application/octet-stream");
+                               header('Content-Disposition: attachment; filename="'.$name.'"');
+                               header("Content-length: ".(string)(filesize($directory . $file)));
+                               sleep(1);
+                               
+                               fpassthru($fp);
+                               fclose($fp);
+                       }
+                       else
+                       {
+                               echo _SKINFILES_ERR_DOWNLOAD_FILE1;
+                       }
+               }
+               else
+               {
+                       echo _SKINFILES_ERR_DOWNLOAD_FILE2;
+               }
+
+               exit;
+       }
+
+
+
+
+       /* View file *********************************************************************************************************************/
+
+       function _skinfiles_viewfile() {
+
+               global $pluginUrl, $manager;
+               
+               $file      = basename(trim(requestVar('file')));
+               $directory = dirname(trim(requestVar('file')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (sfValidPath($directory) && file_exists($directory . $file) && 
+                       is_file($directory . $file) && is_readable($directory . $file) && sfAllowViewing($file)) 
+               {
+                       $relative = sfRelativePath ($directory);
+                       $viewUrl  = $manager->addTicketToUrl($pluginUrl . '?action=viewfile&file=' . rawurlencode(sfRelativePath($directory . $file)));
+
+                       echo '<p class="location">' . _SKINFILES_CURRENT_LOCATION . sfDisplayPath($relative);
+                       echo '<a href="' . htmlspecialchars($viewUrl) . '" title="View &laquo;' . $file . '&raquo;">';
+                       echo '<img src="' . htmlspecialchars(sfIcon($file)) . '" alt="" /> ' . $file . '</a></p>';
+
+                       echo '<h4>' . _SKINFILES_VIEW_FILE . '&laquo;' . htmlspecialchars($file) . '&raquo;</h4>';
+
+                       if (sfIsFileType('html', $file))
+                       {
+                               echo '<iframe src="' . sfFullUrl($directory . $file) . '"></iframe>';
+                       }
+
+                       if (sfIsFileType('text', $file))
+                       {
+                               $content = implode('', file($directory . $file));
+
+                               echo '<pre>';
+                               echo htmlspecialchars($content);
+                               echo '</pre>';
+                       }
+
+                       if (sfIsFileType('img', $file))
+                       {
+                               $size = getimagesize($directory . $file, $info);
+                               
+                               switch ($size[2]) {
+                                       case IMAGETYPE_GIF:             $type = 'GIF document'; break;
+                                       case IMAGETYPE_JPEG:    $type = 'JPEG photograph'; break;
+                                       case IMAGETYPE_PNG:             $type = 'PNG document'; break;
+                                       case IMAGETYPE_SWF:             $type = 'Flash animation'; break;
+                                       case IMAGETYPE_PSD:             $type = 'Photoshop document'; break;
+                                       case IMAGETYPE_BMP:             $type = 'BMP document'; break;
+                                       case IMAGETYPE_TIFF_II: $type = 'TIFF document (Intel Byte Order)'; break;
+                                       case IMAGETYPE_TIFF_MM: $type = 'TIFF document (Motorola Byte Order)'; break;
+                                       case IMAGETYPE_JPC:             $type = 'JPEG2000 photograph'; break;
+                                       case IMAGETYPE_JP2:     $type = 'JPEG2000 photograph'; break;
+                                       case IMAGETYPE_JPX:     $type = 'JPEG2000 photograph'; break;
+                                       case IMAGETYPE_JB2:     $type = 'Slowview document'; break;
+                                       case IMAGETYPE_SWC:     $type = 'Flash animation (compressed)'; break;
+                                       case IMAGETYPE_IFF:     $type = 'IFF document'; break;
+                                       case IMAGETYPE_WBMP:    $type = 'WBMP document'; break;
+                                       case IMAGETYPE_XBM:     $type = 'XBM document'; break;
+                                       default:                                $type = 'Unknown document'; break;
+                               }
+
+                               if ($size[2] == IMAGETYPE_GIF || $size[2] == IMAGETYPE_JPEG ||
+                                       $size[2] == IMAGETYPE_PNG)
+                               {
+                                       echo '<p><img src="' . sfFullUrl($directory . $file) . '" alt="" /></p>';
                                }
-                               if ($newdir == '') {$thisdir = '';} else {$thisdir = "$newdir/";}
-                               echo "$file&nbsp;";
-                               echo "</td><td>";
-                               echo "&nbsp;<a href=\"$pluginsskinfiles/?action=renfile&rfp=$thisdir"."$file\" title=\"Rename file\">(ren)</a>";
-                               echo "</td><td>";
-                               echo "&nbsp;<a href=\"$pluginsskinfiles/?action=delfile&rfp=$thisdir"."$file\" title=\"Delete file\">(del)</a>";
-                               echo "</td><td>";
-                               if ((is_writable($DIR_SKINS.$SKINSUBDIR.$thisdir.$file)) && (!_isImageFile($file))) {
-                                       echo "&nbsp;<a href=\"$pluginsskinfiles/?action=editfile&rfp=$thisdir"."$file\" title=\"Edit file\">(edit)</a>";
+                               
+                               echo '<table>';
+                               echo '<tr><th colspan="2">' . _SKINFILES_VIEW_FILE_IMG_INFO . '</th></tr>';
+                               echo '<tr><td>' . _SKINFILES_VIEW_FILE_TYPE . '</td><td>' . htmlspecialchars($type) . '</td></tr>';
+                               echo '<tr><td>' . _SKINFILES_VIEW_FILE_WIDTH . '</td><td>' . htmlspecialchars($size[0]) . _SKINFILES_VIEW_FILE_PX . '</td></tr>';
+                               echo '<tr><td>' . _SKINFILES_VIEW_FILE_HEIGHT . '</td><td>' . htmlspecialchars($size[1]) . _SKINFILES_VIEW_FILE_PX . '</td></tr>';      
+                               
+                               if (isset($size['channels']) || isset($size['bits'])) 
+                               {
+                                       $channels = isset($size['channels']) ? $size['channels'] : 3;
+                                       $depth    = $size[2] == IMAGETYPE_GIF ? $size['bits'] : $size['bits'] * $channels;
+                                       echo '<tr><td>' . _SKINFILES_VIEW_FILE_CHANNELS . '</td><td>' . htmlspecialchars($channels) . '</td></tr>';
+                                       echo '<tr><td>' . _SKINFILES_VIEW_FILE_COLOR_DEPTH . '</td><td>' . htmlspecialchars($depth) . _SKINFILES_VIEW_FILE_BITS . '</td></tr>';
+                                       echo '<tr><td>' . _SKINFILES_VIEW_FILE_COLORS . '</td><td>' . htmlspecialchars(pow(2, $depth)) . _SKINFILES_VIEW_FILE_COLORS2 . '</td></tr>';
                                }
-                               echo "</td><td>";
-                               if (_isImageFile($file)) {
-                                       echo '&nbsp;<a href="'.$CONF['SkinsURL'].$SKINSUBDIR.$thisdir."$file\" title=\"View graphic\">(view)</a>";
+
+                               
+                               if (function_exists('exif_read_data') && ($size[2] == IMAGETYPE_JPEG || 
+                                       $size[2] == IMAGETYPE_TIFF_II || $size[2] == IMAGETYPE_TIFF_MM))
+                               {
+                                       $exif = exif_read_data($directory . $file, 'EXIF');
+                                       
+                                       if ($exif) 
+                                       {
+                                               echo '<tr><th colspan="2">Exif information</th></tr>';
+                                               
+                                               if (isset($exif['Make']) && isset($exif['Model']))
+                                                       echo '<tr><td>Camera:</td><td>' . htmlspecialchars($exif['Make'] . ' ' . $exif['Model']) . '</td></tr>';
+                                               
+                                               if (isset($exif['DateTime']))
+                                                       echo '<tr><td>Created on:</td><td>' . htmlspecialchars($exif['DateTime']) . '</td></tr>';
+                                               
+                                               if (isset($exif['XResolution']))
+                                                       echo '<tr><td>Horizontal resolution:</td><td>' . htmlspecialchars(_skinfiles_exif_prepare($exif['XResolution'])) . ' dpi</td></tr>';
+                                               
+                                               if (isset($exif['YResolution']))
+                                                       echo '<tr><td>Vertical resolution:</td><td>' . htmlspecialchars(_skinfiles_exif_prepare($exif['YResolution'])) . ' dpi</td></tr>';
+                                               
+                                               if (isset($exif['FocalLength']))
+                                                       echo '<tr><td>Focal length:</td><td>' . htmlspecialchars(_skinfiles_exif_prepare($exif['FocalLength'])) . ' mm</td></tr>';
+                                               
+                                               if (isset($exif['FNumber']))
+                                                       echo '<tr><td>F-number:</td><td>F/' . htmlspecialchars(_skinfiles_exif_prepare($exif['FNumber'])) . '</td></tr>';
+                                               
+                                               if (isset($exif['ExposureTime']))
+                                                       echo '<tr><td>Exposuretime:</td><td>' . htmlspecialchars(_skinfiles_exif_prepare($exif['ExposureTime'])) . ' sec</td></tr>';
+                                               
+                                               if (isset($exif['ISOSpeedRatings']))
+                                                       echo '<tr><td>ISO-speed:</td><td>' . htmlspecialchars(_skinfiles_exif_prepare($exif['ISOSpeedRatings'])) . '</td></tr>';
+                                       }
                                }
-                               echo "</td><td>";
-                               echo "&nbsp;<a href=\"$pluginsskinfiles/?action=download&rfp=$thisdir"."$file\" title=\"Download file\">(d/l)</a>";
-                               echo "</td><td>";
-                               echo number_format(filesize($DIR_SKINS.$SKINSUBDIR.$thisdir.$file)/1024, 2)." KB";
-                               echo "</td><td>";
-                               echo date('M d, Y  h:i:s a', filemtime($DIR_SKINS.$SKINSUBDIR.$thisdir.$file));
-                               echo "</td></tr>";
-                       }
-               }
-               echo "</table>";
-       
-               if(is_array($dirs) || is_array($files)) {
-                       if ($newdir != '') {
-                               echo "<u><a href=\"$pluginsskinfiles/\">> Return to / <</a></u><br />";
-                               if (strstr($newdir, '/')) {
-                                       $splitpath =  preg_split( "/\//", strrev($newdir), 2);
-                                       $updir = strrev($splitpath[1]);
-                                       echo "<u><a href=\"$pluginsskinfiles/?dir=/$updir\">> Return to /$updir <</a></u><br /><br />";
+
+                               echo '</table>';
+                       }
+               }
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_VIEW_FILE1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_VIEW_FILE2;
+                       echo _SKINFILES_ERR_VIEW_FILE3 . "</p>";
+               }
+       }
+
+       function _skinfiles_exif_prepare($value) {
+               if (preg_match('#([0-9]+)/([0-9]+)#', $value, $matches))
+                       if ($matches[1] < $matches[2])
+                               return '1/' . round($matches[2] / $matches[1]);
+                       else
+                               return round($matches[1] / $matches[2]);
+               else
+                       return $value;
+       }
+
+
+
+
+       /* Edit file *********************************************************************************************************************/
+
+       function _skinfiles_editfile() {
+
+               global $pluginUrl, $manager;
+               
+               $file      = basename(trim(requestVar('file')));
+               $directory = dirname(trim(requestVar('file')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (sfValidPath($directory) && file_exists($directory . $file) && 
+                       is_file($directory . $file) && is_writable($directory . $file) && sfAllowEditing($file)) 
+               {
+                       $relative = sfRelativePath ($directory);
+                       $editUrl  = $manager->addTicketToUrl($pluginUrl . '?action=editfile&file=' . rawurlencode(sfRelativePath($directory . $file)));
+
+                       echo '<p class="location">' . _SKINFILES_CURRENT_LOCATION . sfDisplayPath($relative);
+                       echo '<a href="' . htmlspecialchars($editUrl) . '" title="Edit &laquo;' . $file . '&raquo;">';
+                       echo '<img src="' . htmlspecialchars(sfIcon($file)) . '" alt="" /> ' . $file . '</a></p>';
+
+                       $content = implode('', file($directory . $file));
+
+                       echo '<div class="dialogbox">';
+                       echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                       $manager->addTicketHidden();
+                       echo '<input type="hidden" name="action" value="editfile_process" />';
+                       echo '<input type="hidden" name="file" value="' . htmlspecialchars(sfRelativePath($directory . $file)) . '" />';
+
+                       echo '<h4>' . _SKINFILES_EDIT_FILE_MSG . ' &laquo;' . htmlspecialchars($file) . '&raquo;</h4><div>';
+                       echo '<p><textarea class="skinedit" tabindex="8" rows="20" cols="80" name="content">';
+                       echo htmlspecialchars($content);
+                       echo '</textarea></p>';
+                       
+                       echo '<p class="buttons">';
+                       echo '<input type="hidden" name="sure" value="yes" /">';
+                       echo '<input type="submit" value="' .  _SKINFILES_SAVE_CHANGES . '" />';
+                       echo '<input type="button" name="sure" value="' . _SKINFILES_CANCEL . '" onclick="history.back();" />';
+                       echo '</p>';
+                       echo '</div></form></div>';
+               }
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_EDIT_FILE1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_EDIT_FILE2;
+                       echo _SKINFILES_ERR_EDIT_FILE3 . "</p>";
+               }
+       }
+
+       function _skinfiles_editfile_process() {
+
+               $file      = basename(trim(requestVar('file')));
+               $directory = dirname(trim(requestVar('file')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (requestVar('sure') == 'yes')
+               {
+                       if (sfValidPath($directory) && file_exists($directory . $file) && 
+                               is_file($directory . $file) && is_writable($directory . $file) && sfAllowEditing($file)) 
+                       {
+                               $content = postVar('content');
+                               $success = false;
+                               
+                               if ($fh = @fopen($directory . $file, 'wb')) { 
+                                       
+                                       if (@fwrite($fh, $content) !== false)
+                                               $success = true;
+                                               
+                                       @fclose($fh);
                                }
+                               
+                               if ($success)
+                                       echo "<p class='message'>" . _SKINFILES_ERR_EDIT_FILE4 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_EDIT_FILE5 . "</p>";
+                               else
+                                       echo "<p class='error'>" . _SKINFILES_ERR_EDIT_FILE6 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_EDIT_FILE7 . "</p>";
+                       
+                               _skinfiles_editfile();
                        }
-                       echo "<u><a href=\"$pluginsskinfiles/?dir=$newdir\">> Refresh <</a></u><br />";
-               }
-
-               if ($newdir != '') {
-                       echo "<h3>Create new file in <b>/$newdir</b></h3>";
-                               ?>
-                               <form method="POST" enctype="multipart/form-data" action="<?php echo $pluginsskinfiles ?>/">
-                                               <input type="hidden" name="action" value="createfile" />
-                                               <input type="hidden" name="dir" value="<?php echo $newdir ?>">
-                                               <input type="text" name="filename" size="40">
-                                               <input type="submit" value="<?php echo 'Create file' ?>" />
-                                       </form>
-                               <?PHP
-
-                               echo "<h3>Upload new file to <b>/$newdir</b></h3>";
-                               ?>
-                               <form method="POST" enctype="multipart/form-data" action="<?php echo $pluginsskinfiles ?>/">
-                                               <input type="hidden" name="action" value="uploadfile" />
-                                               <input type="hidden" name="dir" value="<?php echo $newdir ?>">
-                                               <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" />
-                                               <input type="file" name="filename" size="40">
-                                               <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" />
-                                       </form>
-                               <?PHP
+                       else
+                       {
+                               echo "<p class='error'>" . _SKINFILES_ERR_EDIT_FILE1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_EDIT_FILE2;
+                               echo _SKINFILES_ERR_EDIT_FILE3 . "</p>";
+                       }
+               }
+               else
+               {
+                       // User cancelled
+                       sfShowDirectory($directory);
+               }
+       }
+
+
+
+       /* Rename file *******************************************************************************************************************/
+
+       function _skinfiles_renfile($preset = '') {
+
+               global $pluginUrl, $manager;
+               
+               $file      = basename(trim(requestVar('file')));
+               $directory = dirname(trim(requestVar('file')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (sfValidPath($directory) && file_exists($directory . $file) && 
+                       is_file($directory . $file) && is_writable($directory . $file)) 
+               {
+                       $relative = sfRelativePath ($directory);
+                       $editUrl  = $manager->addTicketToUrl($pluginUrl . '?action=renfile&file=' . rawurlencode(sfRelativePath($directory . $file)));
+
+                       echo '<p class="location">' . _SKINFILES_CURRENT_LOCATION . sfDisplayPath($relative);
+                       echo '<a href="' . htmlspecialchars($editUrl) . '" title="' . _SKINFILES_RENAME . ' &laquo;' . $file . '&raquo;">';
+                       echo '<img src="' . htmlspecialchars(sfIcon($file)) . '" alt="" /> ' . $file . '</a></p>';
+
+                       echo '<div class="dialogbox">';
+                       echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                       $manager->addTicketHidden();
+                       echo '<input type="hidden" name="action" value="renfile_process" />';
+                       echo '<input type="hidden" name="file" value="' . htmlspecialchars(sfRelativePath($directory . $file)) . '" />';
+
+                       echo '<h4>' . _SKINFILES_RENAME_FILE_MSG . '&laquo;' . htmlspecialchars($file) . '&raquo; ' . _SKINFILES_RENAME_FILE_MSG2 . '</h4><div>';
+                       echo '<p><input type="text" name="name" size="40" value="' . htmlspecialchars($preset != '' ? $preset : $file) . '" /></p>';
+                       echo '<p class="buttons">';
+                       echo '<input type="hidden" name="sure" value="yes" /">';
+                       echo '<input type="submit" value="' . _SKINFILES_RENAME . '" />';
+                       echo '<input type="button" name="sure" value="' . _SKINFILES_CANCEL . '" onclick="history.back();" />';
+                       echo '</p>';
+                       echo '</div></form></div>';
+               }
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_RENAME_FILE1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_RENAME_FILE2;
+                       echo _SKINFILES_ERR_RENAME_FILE3 . "</p>";
+               }
+       }
        
-                       if (count($files)) {
-                               echo "<h3>Delete all files in <b>/$newdir</b></h3>";
-                                       ?>
-                                               <form method="get" action="<?php echo $pluginsskinfiles?>/">
-                                                       <input type="hidden" name="action" value="deleteAllInDir" />
-                                                       <input type="hidden" name="dir" value="<?php echo $newdir?>"/>
-                                                       <?php echo "Delete all Files? (will ask for confirmation)"?>
-                                                       <input type="submit" tabindex="140" value="<?php echo "Delete All"?>" onclick="return checkSubmit();" />
-                                               </form>
-                                       <?PHP
-                       }
-               }
-       
-               echo "<h3>Create a new directory in <b>/$newdir</b></h3>"; 
-                               ?>
-                                       <form method="post" action="<?php echo $pluginsskinfiles?>/">
-                                               <input type="hidden" name="action" value="createdir" />
-                                               <input type="hidden" name="dir" value="<?php echo $newdir?>"/>
-                                               <input name="newdir" tabindex="90" value="<?php echo 'newdir' ?>" size="40" />
-                                               <input type="submit" tabindex="140" value="<?php echo "Create"?>" onclick="return checkSubmit();" />
-                                       </form>
-                               <?PHP
-
-               // for MDNucleus, ignored if on Win32 platform (for the moment)
-               if (($newdir == '') && ($privateskins) && (!strtoupper(substr(PHP_OS, 0,3) == 'WIN'))) {
-                       if ($dh = @opendir($DIR_SKINS.$latestskins)) { 
-                               while (($file = readdir($dh)) !== false) { 
-                                       if(!preg_match("/^\.{1,2}/", $file))
-                                               if (is_dir($DIR_SKINS.$latestskins.$file)) $skins[] = $file;
+       function _skinfiles_renfile_process() {
+
+               global $pluginUrl, $manager;
+               
+               $file      = basename(trim(requestVar('file')));
+               $directory = dirname(trim(requestVar('file')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (requestVar('sure') == 'yes')
+               {
+                       if (sfValidPath($directory) && file_exists($directory . $file) && 
+                               is_file($directory . $file) && is_writable($directory . $file)) 
+                       {
+                               $name = requestVar('name');
+
+                               if ($name == '') {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_RENAME_FILE4 . "&laquo;" . htmlspecialchars($file) . "&raquo; ";
+                                       echo _SKINFILES_ERR_RENAME_FILE5 . "</p>";
+                                       _skinfiles_renfile($name);
+                                       return;
                                }
-                               closedir($dh); 
+                               
+                               if (sfIllegalFilename($name)) {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_RENAME_FILE6 . "&laquo;" . htmlspecialchars($file) . "&raquo; ";
+                                       echo _SKINFILES_ERR_RENAME_FILE7 . "</p>";
+                                       _skinfiles_renfile($name);
+                                       return;
+                               } 
+                               
+                               if ($name == $file) {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_RENAME_FILE8 . "&laquo;" . htmlspecialchars($file) . "&raquo; ";
+                                       echo _SKINFILES_ERR_RENAME_FILE9 . "</p>";
+                                       _skinfiles_renfile($name);
+                                       return;
+                               }
+                               
+                               if (file_exists($directory . $name)) {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_RENAME_FILE10 . "&laquo;" . htmlspecialchars($file) . "&raquo; ";
+                                       echo _SKINFILES_ERR_RENAME_FILE11;
+                                       echo _SKINFILES_ERR_RENAME_FILE12 . "</p>";
+                                       _skinfiles_renfile($name);
+                                       return;
+                               }
+
+                               if (!@rename($directory . $file, $directory . $name)) 
+                               {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_RENAME_FILE13 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_RENAME_FILE14 . "</p>";
+                                       _skinfiles_renfile($name);
+                                       return;
+                               }
+       
+                               echo "<p class='message'>" . _SKINFILES_ERR_RENAME_FILE15 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_RENAME_FILE16;
+                               echo _SKINFILES_ERR_RENAME_FILE17 . "&laquo;" . htmlspecialchars($name) . "&raquo;" . _SKINFILES_ERR_RENAME_FILE18 . "</p>";
+                               sfShowDirectory($directory);
+                       }               
+                       else
+                       {
+                               echo "<p class='error'>" . _SKINFILES_ERR_RENAME_FILE1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_RENAME_FILE2;
+                               echo _SKINFILES_ERR_RENAME_FILE3 . "</p>";
                        }
-                       if ($skins) {
-                               echo "<h3>Refresh default skin files to standard versions</h3>";
-                               ?>
-                                       <form method="post" action="<?php echo $pluginsskinfiles?>/">
-                                               <input type="hidden" name="action" value="getLatestSkins" />
-                                               <?php
-                                               sort ($skins);
-                                               if (count($skins) > 1) {
-                                                       $lastskin = array_pop($skins);
-                                                       array_push($skins, "</b>and<b> $lastskin");
-                                               }
-                                               echo "This will overwrite or create files in the following skin file directories: <b>";
-                                               echo implode(", ", $skins)."</b><br /><br />"; 
-                                               ?> 
-                                               Note that you may need to re-import skin definitions you wish to use (See Layout Import/Export).<br /><br />
-                                               <input type="checkbox" name="overwrite" value="1" id="cb_overwrite" />
-                                               <label for="cb_overwrite"><?php echo "Check this box to confirm overwrite of files<br />" ?></label>
-                                               <input type="submit" tabindex="140" value="<?php echo "Overwrite Default Skin Files"?>" onclick="return checkSubmit();" />
-                                       </form>
-                               <?PHP
+               }
+               else
+               {
+                       // User cancelled
+                       sfShowDirectory($directory);
+               }
+       }
+
+
+
+
+       /* Create file *******************************************************************************************************************/
+
+       function _skinfiles_createfile() {
+       
+               $directory = trim(requestVar('dir'));
+               $directory = sfExpandDirectory($directory);
+
+               if (sfValidPath($directory) && is_dir($directory) && is_writable($directory)) 
+               {
+                       $name = requestVar('name');
+                       
+                       if ($name == '') {
+                               echo "<p class='error'>" . _SKINFILES_ERR_CREATE_FILE1 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+                       
+                       if (sfIllegalFilename($name)) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_CREATE_FILE2 . "&laquo;" . htmlspecialchars($name) . "&raquo; ";
+                               echo _SKINFILES_ERR_CREATE_FILE3 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       } 
+                       
+                       if (file_exists($directory . $name)) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_CREATE_FILE4 . "&laquo;" . htmlspecialchars($name) . "&raquo; ";
+                               echo _SKINFILES_ERR_CREATE_FILE5;
+                               echo _SKINFILES_ERR_CREATE_FILE6 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+                       
+                       if (!@touch($directory . $name)) 
+                       {
+                               echo "<p class='error'>" . _SKINFILES_ERR_CREATE_FILE7 . "&laquo;" . htmlspecialchars($name) . "&raquo; " . _SKINFILES_ERR_CREATE_FILE8 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
                        }
+
+                       $mask = @umask(0000);
+                       @chmod($directory . $name, 0755);
+                       @umask($mask);
+                       
+                       echo "<p class='message'>" . _SKINFILES_ERR_CREATE_FILE9 . "&laquo;" . htmlspecialchars($name) . "&raquo; " . _SKINFILES_ERR_CREATE_FILE10 . "</p>";
+                       sfShowDirectory($directory);
+               }               
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_CREATE_FILE11 . "&laquo;" . htmlspecialchars(basename($directory)) . "&raquo; " . _SKINFILES_ERR_CREATE_FILE12;
+                       echo _SKINFILES_ERR_CREATE_FILE13 . "</p>";
                }
+       }
+
+
+
+
+       /* Delete file *******************************************************************************************************************/
+
+       function _skinfiles_delfile() {
+
+               global $pluginUrl, $manager;
+               
+               $file      = basename(trim(requestVar('file')));
+               $directory = dirname(trim(requestVar('file')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (sfValidPath($directory) && file_exists($directory . $file) && 
+                       is_file($directory . $file) && is_writable($directory . $file)) 
+               {
+                       $relative = sfRelativePath ($directory);
+                       $delUrl  = $manager->addTicketToUrl($pluginUrl . '?action=delfile&file=' . rawurlencode(sfRelativePath($directory . $file)));
+
+                       echo '<p class="location">' . _SKINFILES_CURRENT_LOCATION . sfDisplayPath($relative);
+                       echo '<a href="' . htmlspecialchars($delUrl) . '" title="' . _SKINFILES_DELETE . ' &laquo;' . $file . '&raquo;">';
+                       echo '<img src="' . htmlspecialchars(sfIcon($file)) . '" alt="" /> ' . $file . '</a></p>';
+
+                       echo '<div class="dialogbox">';
+                       echo '<form method="post" action="' . htmlspecialchars($pluginUrl) . '">';
+                       $manager->addTicketHidden();
+                       echo '<input type="hidden" name="action" value="delfile_process" />';
+                       echo '<input type="hidden" name="file" value="' . htmlspecialchars(sfRelativePath($directory . $file)) . '" />';
 
+                       echo '<h4>' . _SKINFILES_DELETE_FILE . ' &laquo;' . htmlspecialchars($file) . '&raquo; ' . _SKINFILES_DELETE_FILE2 . '</h4><div>';
+                       echo '<p class="buttons">';
+                       echo '<input type="hidden" name="sure" value="yes" />';
+                       echo '<input type="submit" value="' . _SKINFILES_DELETE . '" />';
+                       echo '<input type="button" name="sure" value="' . _SKINFILES_CANCEL . '" onclick="history.back();" />';
+                       echo '</p>';
+                       echo '</div></form></div>';
+               }
+               else
+               {
+                       echo "<p class='error'>"  . _SKINFILES_ERR_DELETE_FILE1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DELETE_FILE2;
+                       echo _SKINFILES_ERR_DELETE_FILE3 . "</p>";
+               }
        }
 
+       function _skinfiles_delfile_process() {
+
+               global $pluginUrl, $manager;
+               
+               $file      = basename(trim(requestVar('file')));
+               $directory = dirname(trim(requestVar('file')));
+               $directory = sfExpandDirectory ($directory);
+               
+               if (requestVar('sure') == 'yes')
+               {
+                       if (sfValidPath($directory) && file_exists($directory . $file) && 
+                               is_file($directory . $file) && is_writable($directory . $file)) 
+                       {
+                               if (!@unlink($directory . $file)) 
+                               {
+                                       echo "<p class='error'>" . _SKINFILES_ERR_DELETE_FILE4 . "&laquo;" . htmlspecialchars($file) . "&raquo;</p>";
+                                       sfShowDirectory($directory);
+                                       return;
+                               }
        
+                               echo "<p class='message'>" . _SKINFILES_ERR_DELETE_FILE5 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DELETE_FILE6 . "</p>";
+                               sfShowDirectory($directory);
+                       }               
+                       else
+                       {
+                               echo "<p class='error'>" . _SKINFILES_ERR_DELETE_FILE1 . "&laquo;" . htmlspecialchars($file) . "&raquo; " . _SKINFILES_ERR_DELETE_FILE2;
+                               echo _SKINFILES_ERR_DELETE_FILE3 . "</p>";
+                       }
+               }
+               else
+               {
+                       // User cancelled
+                       sfShowDirectory($directory);
+               }
+       }
+
+
+
+       /* Upload file *******************************************************************************************************************/
+
+       function _skinfiles_uploadfile() {
+
+               global $pluginUrl, $manager, $CONF;
+               
+               $directory = trim(requestVar('dir'));
+               $directory = sfExpandDirectory($directory);
+
+               if (sfValidPath($directory) && is_dir($directory) && is_writable($directory)) 
+               {
+                       $file = postFileInfo('name');
+
+                       if ($file['size'] > $CONF['MaxUploadSize']) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_UPLOAD_FILE1 . "&laquo;" . htmlspecialchars($file['name']) . "&raquo; " . _SKINFILES_ERR_UPLOAD_FILE2 . _ERROR_FILE_TOO_BIG . "<br />";
+                               echo _SKINFILES_ERR_UPLOAD_FILE3 . $CONF['MaxUploadSize'] . " / ";
+                               echo $file['size'] . " bytes</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+
+                       if (!is_uploaded_file($file['tmp_name'])) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_UPLOAD_FILE1 . "&laquo;" . htmlspecialchars($file['name']) . "&raquo; " . _SKINFILES_ERR_UPLOAD_FILE2 . _ERROR_BADREQUEST .  _SKINFILES_ERR_UPLOAD_FILE4 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+                       
+                       if (sfIllegalFilename($file['name'])) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_UPLOAD_FILE5 . "&laquo;" . htmlspecialchars($file['name']) . "&raquo; ";
+                               echo _SKINFILES_ERR_UPLOAD_FILE6 . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+                       
+                       if (file_exists($directory . $file['name'])) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_UPLOAD_FILE1 . "&laquo;" . htmlspecialchars($file['name']) . "&raquo; " . _SKINFILES_ERR_UPLOAD_FILE2 . _ERROR_UPLOADDUPLICATE . "</p>";
+                               sfShowDirectory($directory);
+                               return;
+                       }
+
+                       if (!@move_uploaded_file($file['tmp_name'], $directory . $file['name'])) {
+                               echo "<p class='error'>" . _SKINFILES_ERR_UPLOAD_FILE1 . "&laquo;" . htmlspecialchars($file['name']) . "&raquo; " . _SKINFILES_ERR_UPLOAD_FILE2 . _ERROR_UPLOADMOVEP . _SKINFILES_ERR_UPLOAD_FILE4 . "</p>";
+                               sfShowDirectory($directory);
+                       }
+
+                       $mask = @umask(0000);
+                       @chmod($directory . $file['name'], 0755);
+                       @umask($mask);
+
+                       echo "<p class='message'>" . _SKINFILES_ERR_UPLOAD_FILE7 . "&laquo;" . htmlspecialchars($file['name']) . "&raquo; " . _SKINFILES_ERR_UPLOAD_FILE8 . "</p>";
+                       sfShowDirectory($directory);
+               }
+               else
+               {
+                       echo "<p class='error'>" . _SKINFILES_ERR_UPLOAD_FILE9 . "&laquo;" . htmlspecialchars(basename($directory)) . "&raquo; " . _SKINFILES_ERR_UPLOAD_FILE10;
+                       echo _SKINFILES_ERR_UPLOAD_FILE11 . "</p>";
+               }       
+       }
+
+
+
+
        
-?>
\ No newline at end of file
+?>