| [ Index ] |
PHP Cross Reference of Nucleus CMS v3.51 code documentation |
[Summary view] [Print] [Text view]
1 <?php 2 /* 3 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/) 4 * Copyright (C) 2002-2009 The Nucleus Group 5 * 6 * This program is free software; you can redistribute it and/or 7 * modify it under the terms of the GNU General Public License 8 * as published by the Free Software Foundation; either version 2 9 * of the License, or (at your option) any later version. 10 * (see nucleus/documentation/index.html#license for more info) 11 */ 12 /** 13 * Media popup window for Nucleus 14 * 15 * Purpose: 16 * - can be openen from an add-item form or bookmarklet popup 17 * - shows a list of recent files, allowing browsing, search and 18 * upload of new files 19 * - close the popup by selecting a file in the list. The file gets 20 * passed through to the add-item form (linkto, popupimg or inline img) 21 * 22 * @license http://nucleuscms.org/license.txt GNU General Public License 23 * @copyright Copyright (C) 2002-2009 The Nucleus Group 24 * @version $Id: media.php 1390 2009-07-19 02:41:50Z ftruscot $ 25 * 26 */ 27 28 $CONF = array(); 29 30 // defines how much media items will be shown per page. You can override this 31 // in config.php if you like. (changing it in config.php instead of here will 32 // allow your settings to be kept even after a Nucleus upgrade) 33 $CONF['MediaPerPage'] = 10; 34 35 // include all classes and config data 36 require ('../config.php'); 37 include($DIR_LIBS . 'MEDIA.php'); // media classes 38 39 sendContentType('application/xhtml+xml', 'media'); 40 41 // user needs to be logged in to use this 42 if (!$member->isLoggedIn()) { 43 media_loginAndPassThrough(); 44 exit; 45 } 46 47 // check if member is on at least one teamlist 48 $query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID(); 49 $teams = sql_query($query); 50 if (sql_num_rows($teams) == 0 && !$member->isAdmin()) 51 media_doError(_ERROR_DISALLOWEDUPLOAD); 52 53 // get action 54 $action = requestVar('action'); 55 if ($action == '') 56 $action = 'selectmedia'; 57 58 // check ticket 59 $aActionsNotToCheck = array('selectmedia', _MEDIA_FILTER_APPLY, _MEDIA_COLLECTION_SELECT); 60 if (!in_array($action, $aActionsNotToCheck)) 61 { 62 if (!$manager->checkTicket()) 63 media_doError(_ERROR_BADTICKET); 64 } 65 66 67 switch($action) { 68 case 'chooseupload': 69 case _MEDIA_UPLOAD_TO: 70 case _MEDIA_UPLOAD_NEW: 71 if (!$member->isAdmin() and $CONF['AllowUpload'] != true) { 72 media_doError(_ERROR_DISALLOWED); 73 } else { 74 media_choose(); 75 } 76 break; 77 case 'uploadfile': 78 if (!$member->isAdmin() and $CONF['AllowUpload'] != true) { 79 media_doError(_ERROR_DISALLOWED); 80 } else { 81 media_upload(); 82 } 83 break; 84 case _MEDIA_FILTER_APPLY: 85 case 'selectmedia': 86 case _MEDIA_COLLECTION_SELECT: 87 default: 88 media_select(); 89 break; 90 } 91 92 // select a file 93 function media_select() { 94 global $member, $CONF, $DIR_MEDIA, $manager; 95 96 // show 10 files + navigation buttons 97 // show msg when no files 98 // show upload form 99 // files sorted according to last modification date 100 101 // currently selected collection 102 $currentCollection = requestVar('collection'); 103 if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection)) 104 $currentCollection = $member->getID(); 105 106 // avoid directory travarsal and accessing invalid directory 107 if (!MEDIA::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED); 108 109 media_head(); 110 111 // get collection list 112 $collections = MEDIA::getCollectionList(); 113 114 if (sizeof($collections) > 1) { 115 ?> 116 <form method="post" action="media.php"><div> 117 <label for="media_collection"><?php echo htmlspecialchars(_MEDIA_COLLECTION_LABEL)?></label> 118 <select name="collection" id="media_collection"> 119 <?php foreach ($collections as $dirname => $description) { 120 echo '<option value="',htmlspecialchars($dirname),'"'; 121 if ($dirname == $currentCollection) { 122 echo ' selected="selected"'; 123 } 124 echo '>',htmlspecialchars($description),'</option>'; 125 } 126 ?> 127 </select> 128 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo htmlspecialchars(_MEDIA_COLLECTION_TT)?>" /> 129 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_TO) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" /> 130 <?php $manager->addTicketHidden() ?> 131 </div></form> 132 <?php } else { 133 ?> 134 <form method="post" action="media.php" style="float:right"><div> 135 <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" /> 136 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" /> 137 <?php $manager->addTicketHidden() ?> 138 </div></form> 139 <?php } // if sizeof 140 141 $filter = requestVar('filter'); 142 $offset = intRequestVar('offset'); 143 $arr = MEDIA::getMediaListByCollection($currentCollection, $filter); 144 145 ?> 146 <form method="post" action="media.php"><div> 147 <label for="media_filter"><?php echo htmlspecialchars(_MEDIA_FILTER_LABEL)?></label> 148 <input id="media_filter" type="text" name="filter" value="<?php echo htmlspecialchars($filter)?>" /> 149 <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_FILTER_APPLY) ?>" /> 150 <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" /> 151 <input type="hidden" name="offset" value="<?php echo intval($offset)?>" /> 152 </div></form> 153 154 <?php 155 156 ?> 157 <table width="100%"> 158 <caption><?php echo _MEDIA_COLLECTION_LABEL . htmlspecialchars($collections[$currentCollection])?></caption> 159 <tr> 160 <th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th> 161 </tr> 162 163 <?php 164 165 if (sizeof($arr)>0) { 166 167 if (($offset + $CONF['MediaPerPage']) >= sizeof($arr)) 168 $offset = sizeof($arr) - $CONF['MediaPerPage']; 169 170 if ($offset < 0) $offset = 0; 171 172 $idxStart = $offset; 173 $idxEnd = $offset + $CONF['MediaPerPage']; 174 $idxNext = $idxEnd; 175 $idxPrev = $idxStart - $CONF['MediaPerPage']; 176 177 if ($idxPrev < 0) $idxPrev = 0; 178 179 if ($idxEnd > sizeof($arr)) 180 $idxEnd = sizeof($arr); 181 182 for($i=$idxStart;$i<$idxEnd;$i++) { 183 $obj = $arr[$i]; 184 $filename = $DIR_MEDIA . $currentCollection . '/' . $obj->filename; 185 186 $old_level = error_reporting(0); 187 $size = @GetImageSize($filename); 188 error_reporting($old_level); 189 $width = $size[0]; 190 $height = $size[1]; 191 $filetype = $size[2]; 192 193 echo "<tr>"; 194 echo "<td>". date("Y-m-d",$obj->timestamp) ."</td>"; 195 196 // strings for javascript 197 $jsCurrentCollection = str_replace("'","\\'",$currentCollection); 198 $jsFileName = str_replace("'","\\'",$obj->filename); 199 200 if ($filetype != 0) { 201 // image (gif/jpg/png/swf) 202 echo "<td><a href=\"media.php\" onclick=\"chooseImage('", htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'," 203 . "'", htmlspecialchars($width), "','" , htmlspecialchars($height), "'" 204 . ")\" title=\"" . htmlspecialchars($obj->filename). "\">" 205 . htmlspecialchars(shorten($obj->filename,25,'...')) 206 ."</a>"; 207 echo ' (<a href="', htmlspecialchars($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',htmlspecialchars(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)'; 208 echo "</td>"; 209 } else { 210 // no image (e.g. mpg) 211 echo "<td><a href='media.php' onclick=\"chooseOther('" , htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'" 212 . ")\" title=\"" . htmlspecialchars($obj->filename). "\">" 213 . htmlspecialchars(shorten($obj->filename,30,'...')) 214 ."</a></td>"; 215 216 } 217 echo '<td>' , htmlspecialchars($width) , 'x' , htmlspecialchars($height) , '</td>'; 218 echo '</tr>'; 219 } 220 } // if (sizeof($arr)>0) 221 ?> 222 223 </table> 224 <?php 225 if ($idxStart > 0) 226 echo "<a href='media.php?offset=$idxPrev&collection=".urlencode($currentCollection)."'>". _LISTS_PREV."</a> "; 227 if ($idxEnd < sizeof($arr)) 228 echo "<a href='media.php?offset=$idxNext&collection=".urlencode($currentCollection)."'>". _LISTS_NEXT."</a> "; 229 230 ?> 231 <input id="typeradio0" type="radio" name="typeradio" onclick="setType(0);" checked="checked" /><label for="typeradio0"><?php echo _MEDIA_INLINE?></label> 232 <input id="typeradio1" type="radio" name="typeradio" onclick="setType(1);" /><label for="typeradio1"><?php echo _MEDIA_POPUP?></label> 233 <?php 234 media_foot(); 235 236 237 } 238 239 /** 240 * Shows a screen where you can select the file to upload 241 */ 242 function media_choose() { 243 global $CONF, $member, $manager; 244 245 $currentCollection = requestVar('collection'); 246 247 $collections = MEDIA::getCollectionList(); 248 249 media_head(); 250 ?> 251 <h1><?php echo _UPLOAD_TITLE?></h1> 252 253 <p><?php echo _UPLOAD_MSG?></p> 254 255 <form method="post" enctype="multipart/form-data" action="media.php"> 256 <div> 257 <input type="hidden" name="action" value="uploadfile" /> 258 <?php $manager->addTicketHidden() ?> 259 <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" /> 260 File: 261 <br /> 262 <input name="uploadfile" type="file" size="40" /> 263 <?php if (sizeof($collections) > 1) { 264 ?> 265 <br /><br /><label for="upload_collection">Collection:</label> 266 <br /><select name="collection" id="upload_collection"> 267 <?php foreach ($collections as $dirname => $description) { 268 echo '<option value="',htmlspecialchars($dirname),'"'; 269 if ($dirname == $currentCollection) { 270 echo ' selected="selected"'; 271 } 272 echo '>',htmlspecialchars($description),'</option>'; 273 } 274 ?> 275 </select> 276 <?php } else { 277 ?> 278 <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection'))?>" /> 279 <?php } // if sizeof 280 ?> 281 <br /><br /> 282 <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" /> 283 </div> 284 </form> 285 286 <?php 287 media_foot(); 288 } 289 290 291 /** 292 * accepts a file for upload 293 */ 294 function media_upload() { 295 global $DIR_MEDIA, $member, $CONF; 296 297 $uploadInfo = postFileInfo('uploadfile'); 298 299 $filename = $uploadInfo['name']; 300 $filetype = $uploadInfo['type']; 301 $filesize = $uploadInfo['size']; 302 $filetempname = $uploadInfo['tmp_name']; 303 $fileerror = intval($uploadInfo['error']); 304 305 switch ($fileerror) 306 { 307 case 0: // = UPLOAD_ERR_OK 308 break; 309 case 1: // = UPLOAD_ERR_INI_SIZE 310 case 2: // = UPLOAD_ERR_FORM_SIZE 311 media_doError(_ERROR_FILE_TOO_BIG); 312 case 3: // = UPLOAD_ERR_PARTIAL 313 case 4: // = UPLOAD_ERR_NO_FILE 314 case 6: // = UPLOAD_ERR_NO_TMP_DIR 315 case 7: // = UPLOAD_ERR_CANT_WRITE 316 default: 317 // include error code for debugging 318 // (see http://www.php.net/manual/en/features.file-upload.errors.php) 319 media_doError(_ERROR_BADREQUEST . ' (' . $fileerror . ')'); 320 } 321 322 if ($filesize > $CONF['MaxUploadSize']) 323 media_doError(_ERROR_FILE_TOO_BIG); 324 325 // check file type against allowed types 326 $ok = 0; 327 $allowedtypes = explode (',', $CONF['AllowedTypes']); 328 foreach ( $allowedtypes as $type ) 329 if (eregi("\." .$type. "$",$filename)) $ok = 1; 330 if (!$ok) media_doError(_ERROR_BADFILETYPE); 331 332 if (!is_uploaded_file($filetempname)) 333 media_doError(_ERROR_BADREQUEST); 334 335 // prefix filename with current date (YYYY-MM-DD-) 336 // this to avoid nameclashes 337 if ($CONF['MediaPrefix']) 338 $filename = strftime("%Y%m%d-", time()) . $filename; 339 340 $collection = requestVar('collection'); 341 $res = MEDIA::addMediaObject($collection, $filetempname, $filename); 342 343 if ($res != '') 344 media_doError($res); 345 346 // shows updated list afterwards 347 media_select(); 348 } 349 350 function media_loginAndPassThrough() { 351 media_head(); 352 ?> 353 <h1><?php echo _LOGIN_PLEASE?></h1> 354 355 <form method="post" action="media.php"> 356 <div> 357 <input name="action" value="login" type="hidden" /> 358 <input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" /> 359 <?php echo _LOGINFORM_NAME?>: <input name="login" /> 360 <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" /> 361 <br /><input type="submit" value="<?php echo _LOGIN?>" /> 362 </div> 363 </form> 364 <p><a href="media.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p> 365 <?php media_foot(); 366 exit; 367 } 368 369 function media_doError($msg) { 370 media_head(); 371 ?> 372 <h1><?php echo _ERROR?></h1> 373 <p><?php echo $msg?></p> 374 <p><a href="media.php" onclick="history.back()"><?php echo _BACK?></a></p> 375 <?php media_foot(); 376 exit; 377 } 378 379 380 function media_head() { 381 ?> 382 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> 383 <html xmlns="http://www.w3.org/1999/xhtml"> 384 <head> 385 <title>Nucleus Media</title> 386 <link rel="stylesheet" type="text/css" href="styles/popups.css" /> 387 <script type="text/javascript"> 388 var type = 0; 389 function setType(val) { type = val; } 390 391 function chooseImage(collection, filename, width, height) { 392 window.opener.focus(); 393 window.opener.includeImage(collection, 394 filename, 395 type == 0 ? 'inline' : 'popup', 396 width, 397 height 398 ); 399 window.close(); 400 } 401 402 function chooseOther(collection, filename) { 403 window.opener.focus(); 404 window.opener.includeOtherMedia(collection, filename); 405 window.close(); 406 407 } 408 </script> 409 </head> 410 <body> 411 <?php } 412 413 function media_foot() { 414 ?> 415 </body> 416 </html> 417 <?php } 418 419 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Sun Aug 1 03:56:06 2010 |