| [ Index ] |
PHP Cross Reference of phpwcms V1.4.3 _r380 (23.11.09) |
[Summary view] [Print] [Text view]
1 <?php 2 /************************************************************************************* 3 Copyright notice 4 5 (c) 2002-2009 Oliver Georgi (oliver@phpwcms.de) // All rights reserved. 6 7 This script is part of PHPWCMS. The PHPWCMS web content management system is 8 free software; you can redistribute it and/or modify it under the terms of 9 the GNU General Public License as published by the Free Software Foundation; 10 either version 2 of the License, or (at your option) any later version. 11 12 The GNU General Public License can be found at http://www.gnu.org/copyleft/gpl.html 13 A copy is found in the textfile GPL.txt and important notices to the license 14 from the author is found in LICENSE.txt distributed with these scripts. 15 16 This script is distributed in the hope that it will be useful, but WITHOUT ANY 17 WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A 18 PARTICULAR PURPOSE. See the GNU General Public License for more details. 19 20 This copyright notice MUST APPEAR in all copies of the script! 21 *************************************************************************************/ 22 23 // ---------------------------------------------------------------- 24 // obligate check for phpwcms constants 25 if (!defined('PHPWCMS_ROOT')) { 26 die("You Cannot Access This Script Directly, Have a Nice Day."); 27 } 28 // ---------------------------------------------------------------- 29 30 31 // initialize Mootools for autocomplete 32 initMootoolsAutocompleter(); 33 34 // Upload new file 35 $file_aktiv = 1; 36 $file_public = 0; 37 $file_shortinfo = ''; 38 $file_longinfo = ''; 39 $file_pid = empty($_GET["upload"]) ? 0 : intval($_GET["upload"]); 40 $file_copyright = ''; 41 $file_tags = ''; 42 $file_granted = 0; 43 $file_gallerydownload = 0; 44 $file_sort = 0; 45 46 //Auswerten des Formulars 47 if(isset($_POST["file_aktion"]) && intval($_POST["file_aktion"]) == 1) { 48 if(!ini_get('safe_mode') && function_exists('set_time_limit')) set_time_limit(0); 49 $file_pid = intval($_POST["file_pid"]); 50 $file_aktiv = empty($_POST["file_aktiv"]) ? 0 : 1; 51 $file_public = empty($_POST["file_public"]) ? 0 : 1; 52 $file_shortinfo = clean_slweg($_POST["file_shortinfo"]); 53 $file_longinfo = slweg(trim($_POST["file_longinfo"])); 54 $file_copyright = clean_slweg($_POST["file_copyright"]); 55 $file_tags = trim( clean_slweg($_POST["file_tags"]), ',' ); 56 $file_granted = empty($_POST["file_granted"]) ? 0 : 1; 57 $file_gallerydownload = empty($_POST["file_gallerydownload"]) ? 0 : 1; 58 $file_keys = ''; 59 $file_sort = intval($_POST["file_sort"]); 60 61 $file_keywords = empty($_POST["file_keywords"]) ? array() : $_POST["file_keywords"]; 62 if(count($file_keywords)) { 63 foreach($file_keywords as $key => $value) { 64 unset($file_keywords[$key]); 65 $key = intval($key); 66 if($value != "0_1") { 67 $file_keys .= (($file_keys) ? ":" : "").$key."_".intval($value); 68 $file_keywords[$key] = intval($value); 69 } else { 70 $file_error["keywords"][$key] = 1; 71 } 72 } 73 } 74 75 //starts upload of file 76 if(!is_uploaded_file($_FILES["file"]["tmp_name"])) { 77 $file_error["file"] = $BL['be_fprivup_err1']; 78 } else { 79 if($_FILES["file"]["size"] > $phpwcms["file_maxsize"]) { 80 $file_error["file"] = $BL['be_fprivup_err2']." ".number_format($phpwcms["file_maxsize"] / 1024, 2, ',', '.')." kB"; 81 } 82 } 83 84 //Create new file in database and give hashed 85 if(!isset($file_error)) { 86 $fileExt = check_image_extension($_FILES["file"]["tmp_name"], $_FILES["file"]["name"]); 87 $fileExt = $fileExt === false ? which_ext($_FILES["file"]["name"]) : $fileExt; 88 $fileName = clearfilename($_FILES["file"]["name"]); 89 $fileHash = md5( $fileName . microtime() ); 90 91 $sql = "INSERT INTO ".DB_PREPEND."phpwcms_file (". 92 "f_pid, f_uid, f_kid, f_aktiv, f_public, f_name, f_created, f_size, f_type, f_ext, ". 93 "f_shortinfo, f_longinfo, f_keywords, f_hash, f_copyright, f_tags, f_granted, f_gallerystatus, f_sort) VALUES (". 94 $file_pid.", ".intval($_SESSION["wcs_user_id"]).", 1, ".$file_aktiv.", ".$file_public.", '". 95 $fileName."', '".time()."', '".intval($_FILES["file"]["size"])."', '". 96 aporeplace($_FILES["file"]["type"])."', '".$fileExt."', '".aporeplace($file_shortinfo)."', '". 97 aporeplace($file_longinfo)."', '".aporeplace($file_keys)."', '".aporeplace($fileHash)."', '". 98 aporeplace($file_copyright)."', '".aporeplace($file_tags)."', ".$file_granted.", ". 99 $file_gallerydownload.", ".$file_sort.")"; 100 101 if($result = mysql_query($sql, $db) or die("error while insert file information")) { 102 $new_fileId = mysql_insert_id($db); //Festlegen der aktuellen File-ID 103 $wcs_newfilename = ($fileExt) ? $fileHash.'.'.$fileExt : $fileHash; 104 105 // changed for using hashed file names 106 $useruploadpath = PHPWCMS_ROOT.$phpwcms["file_path"]; 107 $usernewfile = $useruploadpath.$wcs_newfilename; 108 109 if ($dir = @opendir($useruploadpath)) { 110 if(!@move_uploaded_file($_FILES["file"]["tmp_name"], $usernewfile)) { 111 112 $file_error["upload"] = $BL['be_fprivup_err3'].' (1)'; 113 } 114 } else { 115 $oldumask = umask(0); 116 if(@mkdir($useruploadpath, 0777)) {; 117 if(!@move_uploaded_file($_FILES["file"]["tmp_name"], $usernewfile)) { 118 $file_error["upload"] = $BL['be_fprivup_err3'].' (2)'; 119 } 120 } else { 121 $file_error["upload"] = $BL['be_fprivup_err4']; 122 } 123 umask($oldumask); 124 } 125 if(file_exists($usernewfile)) { 126 @chmod($usernewfile, 0666); 127 } 128 if(!isset($file_error["upload"])) { 129 130 // store tags 131 _dbSaveCategories($file_tags, 'file', $new_fileId, ','); 132 133 //after successful upload go back to clear post (form) var 134 headerRedirect(PHPWCMS_URL."phpwcms.php?do=files&f=0&uploaded=1"); 135 } else { 136 echo $file_error["upload"]."<br />"; 137 $file_error["upload"] = str_replace('{VAL}', $phpwcms["admin_email"], $BL['be_fprivup_err6']); 138 mysql_query("DELETE FROM ".DB_PREPEND."phpwcms_file WHERE f_id=".$new_fileId." AND f_uid=".$_SESSION["wcs_user_id"].";", $db); 139 } 140 } 141 } 142 if(!ini_get('safe_mode') && function_exists('set_time_limit')) set_time_limit(30); 143 } 144 //Ende Auswerten Formular 145 146 147 ?> 148 <form action="phpwcms.php?do=files&f=0" method="post" enctype="multipart/form-data" name="uploadfile" id="uploadfile"> 149 <table border="0" cellpadding="0" cellspacing="0" bgcolor='#EBF2F4' summary=""> 150 <tr> 151 <td rowspan="2" valign="top"><a href="phpwcms.php?do=files&f=0"><img src="img/button/close_reiter.gif" alt="" width="45" height="12" border="0" /></a></td> 152 <td><img src="img/leer.gif" alt="" width="1" height="6" /></td> 153 </tr> 154 <tr><td class="title"><?php echo $BL['be_fprivup_title'] ?></td></tr> 155 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="5" /></td></tr> 156 <tr> 157 <td align="right" class="v09"><?php echo $BL['be_ftptakeover_directory'] ?>: </td> 158 <td class="v10"><select name="file_pid" id="file_pid" class="width400"> 159 <option value="0"><?php echo $BL['be_ftptakeover_rootdir'] ?></option> 160 <?php dir_menu(0, $file_pid, $db, "+", $_SESSION["wcs_user_id"], "+") ?> 161 </select></td> 162 </tr> 163 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="6" /></td></tr> 164 <tr><td colspan="2"><img src="img/lines/line-bluelight.gif" alt="" width="538" height="1" /></td></tr> 165 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="6" /></td></tr> 166 <?php if(isset($file_error["upload"])) { ?> 167 <tr> 168 <td><img src="img/leer.gif" alt="" width="1" height="1" /></td> 169 <td class="v10"><strong style="color:#FF3300"><?php echo $file_error["upload"] ?></strong></td> 170 </tr> 171 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="2" /></td> 172 </tr> 173 <?php } 174 175 if(isset($file_error["file"])) { ?> 176 <tr> 177 <td><img src="img/leer.gif" alt="" width="1" height="1" /></td> 178 <td class="v10"><strong style="color:#FF3300"><?php echo $file_error["file"] ?></strong></td> 179 </tr> 180 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="2" /></td></tr> 181 <?php } ?> 182 <tr> 183 <td align="right" class="v09"><?php echo $BL['be_fprivup_upload'] ?>: </td> 184 <td><input name="file" type="file" id="file" size="40" /></td> 185 </tr> 186 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="6" /></td></tr> 187 <tr><td colspan="2"><img src="img/lines/line-bluelight.gif" alt="" width="538" height="1" /></td></tr> 188 <tr bgcolor="#F5F8F9"><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="6" /></td></tr> 189 <?php 190 191 //Auswahlliste vordefinierte Keywörter 192 $sql = "SELECT * FROM ".DB_PREPEND."phpwcms_filecat WHERE fcat_deleted=0 ORDER BY fcat_sort, fcat_name"; 193 if($result = mysql_query($sql, $db) or die("error while browsing file categories for selecting keywords")) { 194 $k = ""; 195 while($row = mysql_fetch_array($result)) { 196 if(get_filecat_childcount ($row["fcat_id"], $db)) { 197 198 $ke = empty($file_error["keywords"][$row["fcat_id"]])? '' : "<img src=\"img/symbole/error.gif\" width=\"8\" height=\"9\"> "; 199 $k .= "<tr>\n<td class=\"f10b\">".$ke.html_specialchars($row["fcat_name"]).": </td>\n"; 200 $k .= "<td><select name=\"file_keywords[".$row["fcat_id"]."]\" class=\"width300\">\n"; 201 $k .= "<option value=\"".(($row["fcat_needed"])?"0_".$row["fcat_needed"]."\">".$BL['be_ftptakeover_needed']:'0">'.$BL['be_ftptakeover_optional'])."</option>\n"; 202 203 $ksql = "SELECT * FROM ".DB_PREPEND."phpwcms_filekey WHERE fkey_deleted=0 AND fkey_cid=".$row["fcat_id"]." ORDER BY fkey_name"; 204 if($kresult = mysql_query($ksql, $db) or die("error while listing file keywords")) { 205 while($krow = mysql_fetch_array($kresult)) { 206 $k .= "<option value=\"".$krow["fkey_id"]."\""; 207 $k .= isset($file_keywords[$row["fcat_id"]]) && $file_keywords[$row["fcat_id"]] == $krow["fkey_id"] ? " selected" : ""; 208 $k .= ">".html_specialchars($krow["fkey_name"])."</option>\n"; 209 } 210 mysql_free_result($kresult); 211 } 212 213 $k .= "</select></td>\n</tr>\n"; 214 $k .= "<tr>\n<td colspan=\"2\"><img src=\"img/leer.gif\" width=\"1\" height=\"2\"></td>\n</tr>\n"; 215 216 } 217 } 218 mysql_free_result($result); 219 } 220 //Ende vordefinierte Keywörter 221 222 ?> 223 <tr bgcolor="#F5F8F9"> 224 <td align="right" valign="top" class="v09"><img src="img/leer.gif" alt="" width="1" height="13" /><?php echo $BL['be_ftptakeover_keywords'] ?>: </td> 225 <td><table border="0" cellpadding="0" cellspacing="0" summary=""> 226 <?php if($k) echo $k; ?> 227 <tr> 228 <td class="f10b"><?php echo $BL['be_ftptakeover_additional'] ?>: </td> 229 <td><input name="file_shortinfo" type="text" class="width300" id="file_shortinfo" value="<?php echo html_specialchars($file_shortinfo) ?>" size="40" maxlength="250" /></td> 230 </tr> 231 </table></td> 232 </tr> 233 <tr bgcolor="#F5F8F9"><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="6" /></td> 234 </tr> 235 <tr><td colspan="2"><img src="img/lines/line-bluelight.gif" alt="" width="538" height="1" /></td> 236 </tr> 237 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="6" /></td> 238 </tr> 239 <tr> 240 <td align="right" valign="top" class="v09"><img src="img/leer.gif" alt="" width="1" height="13" /><?php echo $BL['be_ftptakeover_longinfo'] ?>: </td> 241 <td valign="top"><textarea name="file_longinfo" cols="40" rows="10" class="v12 width400" id="file_longinfo"><?php echo html_specialchars($file_longinfo) ?></textarea></td> 242 </tr> 243 244 245 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="3" /></td> 246 </tr> 247 248 <tr> 249 <td align="right" class="v09"><?php echo $BL['be_copyright'] ?>: </td> 250 <td><input name="file_copyright" type="text" id="file_copyright" size="40" class="width400" maxlength="255" value="<?php echo html_specialchars($file_copyright) ?>" /></td> 251 </tr> 252 253 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="3" /></td></tr> 254 255 <tr> 256 <td align="right" class="v09"> <?php echo $BL['be_tags'] ?>: </td> 257 <td><input name="file_tags" type="text" id="file_tags" size="40" class="width400" maxlength="255" value="<?php echo html_specialchars($file_tags) ?>" /></td> 258 </tr> 259 260 261 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="8" /></td></tr> 262 263 264 <tr> 265 <td align="right" class="v09"> <?php echo $BL['be_cnt_sorting'] ?>: </td> 266 <td><input name="file_sort" type="text" id="file_sort" size="10" class="width50" maxlength="10" value="<?php echo intval($file_sort) ?>" /></td> 267 </tr> 268 269 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="5" /></td></tr> 270 271 272 <tr> 273 <td align="right" class="v09 tdtop3"><?php echo $BL['be_ftptakeover_status'] ?>: </td> 274 <td><table border="0" cellpadding="0" cellspacing="0" summary=""> 275 <tr> 276 <td><input name="file_aktiv" type="checkbox" id="file_aktiv" value="1"<?php is_checked("1", $file_aktiv) ?> /></td> 277 <td class="v10"><strong><label for="file_aktiv"><?php echo $BL['be_ftptakeover_active'] ?></label></strong> </td> 278 279 <td><input name="file_granted" type="checkbox" id="file_granted" value="1"<?php is_checked("1", $file_granted) ?>></td> 280 <td class="v10"><label for="file_granted"><?php echo $BL['be_granted_download'] ?></label></td> 281 </tr> 282 <tr> 283 <td><input name="file_public" type="checkbox" id="file_public" value="1"<?php is_checked("1", $file_public) ?> /></td> 284 <td class="v10"><strong><label for="file_public"><?php echo $BL['be_ftptakeover_public'] ?></label></strong> </td> 285 286 <td><input name="file_gallerydownload" type="checkbox" id="file_gallerydownload" value="1"<?php is_checked(1, $file_gallerydownload) ?>></td> 287 <td class="v10"><label for="file_gallerydownload"><?php echo $BL['be_gallerydownload'] ?></label></td> 288 </tr> 289 </table></td> 290 </tr> 291 292 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="5" /></td></tr> 293 294 <tr> 295 <td valign="top"><input name="file_aktion" type="hidden" id="file_aktion" value="1" /> 296 <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $phpwcms["file_maxsize"] ?>" /></td> 297 <td><input name="Submit" type="submit" class="button10" value="<?php echo $BL['be_fprivup_button'] ?>" /></td> 298 </tr> 299 <tr><td colspan="2"><img src="img/leer.gif" alt="" width="1" height="8" /></td></tr> 300 <tr><td colspan="2" bgcolor="#9BBECA"><img src="img/leer.gif" alt="" width="1" height="4" /></td></tr> 301 </table> 302 </form> 303 <script type="text/javascript"> 304 <!-- 305 306 window.addEvent('domready', function(){ 307 308 /* Autocompleter for keywords (=tags) */ 309 var searchKeyword = $('file_tags'); 310 var indicator = new Element('span', {'class': 'autocompleter-loading', 'styles': {'display': 'none'}}).setHTML('').injectAfter(searchKeyword); 311 var completer = new Autocompleter.Ajax.Json(searchKeyword, 'include/inc_act/ajax_connector.php', { 312 multi: true, 313 maxChoices: 30, 314 autotrim: true, 315 minLength: 0, 316 allowDupes: false, 317 postData: {action: 'category', method: 'json'}, 318 onRequest: function(el) { 319 indicator.setStyle('display', ''); 320 }, 321 onComplete: function(el) { 322 indicator.setStyle('display', 'none'); 323 } 324 }); 325 326 327 }); 328 329 330 //--> 331 </script>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Dec 30 05:55:15 2009 | Cross-referenced by PHPXref 0.7 |