| [ Index ] |
|
Code source de Joomla 1.0.13 |
1 <?php 2 /** 3 * @version $Id: admin.media.php 5876 2006-11-29 00:21:35Z facedancer $ 4 * @package Joomla 5 * @subpackage Massmail 6 * @copyright Copyright (C) 2005 Open Source Matters. All rights reserved. 7 * @license http://www.gnu.org/copyleft/gpl.html GNU/GPL, see LICENSE.php 8 * Joomla! is free software. This version may have been modified pursuant 9 * to the GNU General Public License, and as distributed it includes or 10 * is derivative of works licensed under the GNU General Public License or 11 * other free or open source software licenses. 12 * See COPYRIGHT.php for copyright notices and details. 13 */ 14 15 // no direct access 16 defined( '_VALID_MOS' ) or die( 'Restricted access' ); 17 18 // ensure user has access to this function 19 if (!($acl->acl_check( 'administration', 'edit', 'users', $my->usertype, 'components', 'all' ) 20 | $acl->acl_check( 'administration', 'edit', 'users', $my->usertype, 'components', 'com_media' ))) { 21 mosRedirect( 'index2.php', _NOT_AUTH ); 22 } 23 24 require_once( $mainframe->getPath( 'admin_html' ) ); 25 26 /** 27 * Makes file name safe to use 28 * Temporary function for 1.0.x only 29 * @param string The name of the file (not full path) 30 * @return string The sanitised string 31 */ 32 function makeSafe( $file ) { 33 return str_replace( '..', '', urldecode( $file ) ); 34 } 35 36 $cid = josGetArrayInts( 'cid' ); 37 38 $listdir = makeSafe( mosGetParam( $_REQUEST, 'listdir', '' ) ); 39 $dirPath = makeSafe( mosGetParam( $_POST, 'dirPath', '' ) ); 40 41 if (is_int(strpos ($listdir, "..")) && $listdir != '') { 42 mosRedirect( "index2.php?option=com_media&listdir=".$_POST['dirPath'], "NO HACKING PLEASE" ); 43 } 44 45 define( 'COM_MEDIA_BASE', $mosConfig_absolute_path . DIRECTORY_SEPARATOR . 'images' ); 46 define( 'COM_MEDIA_BASEURL', $mosConfig_live_site . '/images' ); 47 48 switch ($task) { 49 50 case 'upload': 51 upload(); 52 showMedia( $dirPath ); 53 break; 54 55 case 'newdir': 56 if (ini_get('safe_mode')=='On') { 57 mosRedirect( "index2.php?option=com_media&listdir=".$_POST['dirPath'], "Directory creation not allowed while running in SAFE MODE as this can cause problems." ); 58 } else { 59 create_folder( $dirPath ); 60 } 61 showMedia( $dirPath ); 62 break; 63 64 case 'delete': 65 delete_file( $listdir ); 66 showMedia( $listdir ); 67 break; 68 69 case 'deletefolder': 70 delete_folder( $listdir ); 71 showMedia( $listdir ); 72 break; 73 74 case 'list': 75 listImages( $listdir ); 76 break; 77 78 case 'cancel': 79 mosRedirect( 'index2.php' ); 80 break; 81 82 default: 83 showMedia( $listdir ); 84 break; 85 } 86 87 /** 88 * Deletes a file 89 * @param string The relative folder path to the file 90 */ 91 function delete_file( $listdir ) { 92 $delFile = makeSafe( mosGetParam( $_REQUEST, 'delFile', '' ) ); 93 $fullPath = COM_MEDIA_BASE . $listdir . DIRECTORY_SEPARATOR . stripslashes( $delFile ); 94 95 if (file_exists( $fullPath )) { 96 unlink( $fullPath ); 97 } 98 } 99 100 function create_folder($dirPath) { 101 $folder_name = mosGetParam( $_POST, 'foldername', '' ); 102 103 if(strlen($folder_name) >0) { 104 if (eregi("[^0-9a-zA-Z_]", $folder_name)) { 105 mosRedirect( "index2.php?option=com_media&listdir=".$_POST['dirPath'], "Directory name must only contain alphanumeric characters and no spaces please." ); 106 } 107 $folder = COM_MEDIA_BASE . $dirPath . DIRECTORY_SEPARATOR . $folder_name; 108 if(!is_dir( $folder ) && !is_file( $folder )) { 109 mosMakePath( $folder ); 110 $fp = fopen( $folder . "/index.html", "w" ); 111 fwrite( $fp, "<html>\n<body bgcolor=\"#FFFFFF\">\n</body>\n</html>" ); 112 fclose( $fp ); 113 mosChmod( $folder."/index.html" ); 114 $refresh_dirs = true; 115 } 116 } 117 } 118 119 function delete_folder($listdir) { 120 $delFolder = mosGetParam( $_REQUEST, 'delFolder', '' ); 121 122 $del_html = COM_MEDIA_BASE . $listdir . $delFolder . DIRECTORY_SEPARATOR . 'index.html'; 123 $del_folder = COM_MEDIA_BASE . $listdir . $delFolder; 124 125 $entry_count = 0; 126 $dir = opendir( $del_folder ); 127 while ($entry = readdir( $dir )) { 128 if( $entry != "." & $entry != ".." & strtolower($entry) != "index.html" ) 129 $entry_count++; 130 } 131 closedir( $dir ); 132 133 if ($entry_count < 1) { 134 @unlink( $del_html ); 135 rmdir( $del_folder ); 136 } else { 137 echo '<font color="red">Unable to delete: not empty!</font>'; 138 } 139 } 140 141 function upload() { 142 if (isset($_FILES['upload']) && is_array($_FILES['upload']) && isset($_POST['dirPath'])) { 143 $dirPathPost = $_POST['dirPath']; 144 $file = $_FILES['upload']; 145 146 if (strlen($dirPathPost) > 0) { 147 if (substr($dirPathPost,0,1) == '/') { 148 $IMG_ROOT .= $dirPathPost; 149 } else { 150 $IMG_ROOT = $dirPathPost; 151 } 152 } 153 154 if (strrpos( $IMG_ROOT, '/' ) != strlen( $IMG_ROOT )-1) { 155 $IMG_ROOT .= '/'; 156 } 157 158 do_upload( $file, COM_MEDIA_BASE . $dirPathPost . '/' ); 159 } 160 } 161 162 function do_upload($file, $dest_dir) { 163 global $clearUploads; 164 165 if (empty($file['name'])) { 166 mosRedirect( "index2.php?option=com_media&listdir=".$_POST['dirPath'], "Upload file not selected" ); 167 } 168 if (file_exists($dest_dir.$file['name'])) { 169 mosRedirect( "index2.php?option=com_media&listdir=".$_POST['dirPath'], "Upload FAILED. File already exists" ); 170 } 171 172 $format = substr( $file['name'], -3 ); 173 174 $allowable = array ( 175 'bmp', 176 'csv', 177 'doc', 178 'epg', 179 'gif', 180 'ico', 181 'jpg', 182 'odg', 183 'odp', 184 'ods', 185 'odt', 186 'pdf', 187 'png', 188 'ppt', 189 'swf', 190 'txt', 191 'xcf', 192 'xls' 193 ); 194 195 $noMatch = 0; 196 foreach( $allowable as $ext ) { 197 if ( strcasecmp( $format, $ext ) == 0 ) { 198 $noMatch = 1; 199 } 200 } 201 if(!$noMatch){ 202 mosRedirect( "index2.php?option=com_media&listdir=".$_POST['dirPath'], 'This file type is not supported' ); 203 } 204 205 if (!move_uploaded_file($file['tmp_name'], $dest_dir.strtolower($file['name']))){ 206 mosRedirect( "index2.php?option=com_media&listdir=".$_POST['dirPath'], "Upload FAILED" ); 207 } else { 208 mosChmod($dest_dir.strtolower($file['name'])); 209 mosRedirect( "index2.php?option=com_media&listdir=".$_POST['dirPath'], "Upload complete" ); 210 } 211 212 $clearUploads = true; 213 } 214 215 function recursive_listdir( $base ) { 216 static $filelist = array(); 217 static $dirlist = array(); 218 219 if(is_dir($base)) { 220 $dh = opendir($base); 221 while (false !== ($dir = readdir($dh))) { 222 if ($dir !== '.' && $dir !== '..' && is_dir($base .'/'. $dir) && strtolower($dir) !== 'cvs' && strtolower($dir) !== '.svn') { 223 $subbase = $base .'/'. $dir; 224 $dirlist[] = $subbase; 225 $subdirlist = recursive_listdir($subbase); 226 } 227 } 228 closedir($dh); 229 } 230 return $dirlist; 231 } 232 233 234 /** 235 * Show media manager 236 * @param string The image directory to display 237 */ 238 function showMedia( $listdir ) { 239 global $mosConfig_live_site; 240 241 // get list of directories 242 $imgFiles = recursive_listdir( COM_MEDIA_BASE ); 243 $images = array(); 244 $folders = array(); 245 $folders[] = mosHTML::makeOption( "/" ); 246 247 $len = strlen( COM_MEDIA_BASE ); 248 foreach ($imgFiles as $file) { 249 $folders[] = mosHTML::makeOption( substr( $file, $len ) ); 250 } 251 if (is_array( $folders )) { 252 sort( $folders ); 253 } 254 // create folder selectlist 255 $dirPath = mosHTML::selectList( $folders, 'dirPath', "class=\"inputbox\" size=\"1\" onchange=\"goUpDir()\" ", 'value', 'text', $listdir ); 256 257 HTML_Media::showMedia( $dirPath, $listdir ); 258 } 259 260 261 /** 262 * Build imagelist 263 * @param string The image directory to display 264 */ 265 function listImages($listdir) { 266 global $mosConfig_live_site; 267 268 // get list of images 269 $d = @dir( COM_MEDIA_BASE . DIRECTORY_SEPARATOR .$listdir); 270 271 if($d) { 272 //var_dump($d); 273 $images = array(); 274 $folders = array(); 275 $docs = array(); 276 $allowable = '\.xcf$|\.odg$|\.gif$|\.jpg$|\.png$|\.bmp$'; 277 278 while (false !== ($entry = $d->read())) { 279 $img_file = $entry; 280 if(is_file( COM_MEDIA_BASE .$listdir.'/'.$img_file) && substr($entry,0,1) != '.' && strtolower($entry) !== 'index.html' ) { 281 if (eregi( $allowable, $img_file )) { 282 $image_info = @getimagesize( COM_MEDIA_BASE ."/".$listdir.'/'.$img_file); 283 $file_details['file'] = COM_MEDIA_BASE . $listdir."/".$img_file; 284 $file_details['img_info'] = $image_info; 285 $file_details['size'] = filesize( COM_MEDIA_BASE .$listdir."/".$img_file); 286 $images[$entry] = $file_details; 287 } else { 288 // file is document 289 $file_details['size'] = filesize( COM_MEDIA_BASE .$listdir."/".$img_file); 290 $file_details['file'] = COM_MEDIA_BASE .$listdir."/".$img_file; 291 $docs[$entry] = $file_details; 292 } 293 } else if(is_dir( COM_MEDIA_BASE .'/'.$listdir.'/'.$img_file) && substr($entry,0,1) != '.' && strtolower($entry) !== 'cvs') { 294 $folders[$entry] = $img_file; 295 } 296 } 297 $d->close(); 298 299 HTML_Media::imageStyle($listdir); 300 301 if(count($images) > 0 || count($folders) > 0 || count($docs) > 0) { 302 //now sort the folders and images by name. 303 ksort($images); 304 ksort($folders); 305 ksort($docs); 306 307 308 HTML_Media::draw_table_header(); 309 310 for($i=0; $i<count($folders); $i++) { 311 $folder_name = key($folders); 312 HTML_Media::show_dir('/'.$folders[$folder_name], $folder_name,$listdir); 313 next($folders); 314 } 315 316 for($i=0; $i<count($docs); $i++) { 317 $doc_name = key($docs); 318 $iconfile= $GLOBALS['mosConfig_absolute_path'].'/administrator/components/com_media/images/'.substr($doc_name,-3).'_16.png'; 319 if (file_exists($iconfile)) { 320 $icon = 'components/com_media/images/'.(substr($doc_name,-3)).'_16.png' ; 321 } else { 322 $icon = 'components/com_media/images/con_info.png'; 323 } 324 HTML_Media::show_doc($doc_name, $docs[$doc_name]['size'],$listdir, $icon); 325 next($docs); 326 } 327 328 for($i=0; $i<count($images); $i++) { 329 $image_name = key($images); 330 HTML_Media::show_image($images[$image_name]['file'], $image_name, $images[$image_name]['img_info'], $images[$image_name]['size'],$listdir); 331 next($images); 332 } 333 334 HTML_Media::draw_table_footer(); 335 } else { 336 HTML_Media::draw_no_results(); 337 } 338 } else { 339 HTML_Media::draw_no_dir(); 340 } 341 } 342 343 function rm_all_dir($dir) { 344 if(is_dir($dir)) { 345 $d = @dir($dir); 346 347 while ( false !== ( $entry = $d->read() ) ) { 348 if($entry != '.' && $entry != '..') { 349 $node = $dir.'/'.$entry; 350 if(is_file($node)) { 351 unlink($node); 352 } else if(is_dir($node)) { 353 rm_all_dir($node); 354 } 355 } 356 } 357 $d->close(); 358 359 rmdir($dir); 360 } 361 } 362 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Wed Nov 21 14:43:32 2007 | par Balluche grâce à PHPXref 0.7 |
|
|