function event_ExecuteEditor(&$data)
{
global $lang, $manager;
if (isset($manager->types[$data['type']]['content']['files']) && ($data['sheet'] == 'attachments' || $data['sheet'] == 'files')) {
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') {
$tpl = new Template($this->getTemplate('json.template'));
if ($data['sheet'] == 'files') {
$tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision']));
} else {
$tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision']));
}
echo $tpl->fetch();
exit;
}
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') {
$res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\tfilename='" . addslashes($_POST['delete']) . "'\r\n\t\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$directory = _BASE_MEDIA_ . 'files/';
if (file_exists($directory . $row['filename'])) {
unlink($directory . $row['filename']);
}
$res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\tfilename='" . addslashes($row['filename']) . "'\r\n\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_REQUEST['files']) && is_array($_REQUEST['files'])) {
// Update title and position
while (list($id, $file) = each($_REQUEST['files'])) {
$res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\ttitle='" . addslashes($file['title']) . "',\r\n\t\t\t\t\t\t\t\t\tposition='" . addslashes($file['position']) . "'\r\n\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\t\tfilename='" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
}
if (isset($_FILES['Filedata'])) {
$flashUsed = preg_match('/Flash/i', $_SERVER['HTTP_USER_AGENT']);
if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
$directory = _BASE_MEDIA_ . 'files/';
$original = $_FILES['Filedata']['name'];
$contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']);
$filename = files::getUniqueName($contenttype, $directory);
if (files::allowedContentType($contenttype)) {
// Insert into database...
@move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename);
$attachment = $data['sheet'] == 'files' ? 0 : 1;
$res = sql::query("\r\n\t\t\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t\tID = " . $data['params']['id'] . " AND\r\n\t\t\t\t\t\t\t\t\t\trevision = " . $data['params']['revision'] . " AND\r\n\t\t\t\t\t\t\t\t\t\tattachment = " . $attachment . "\r\n\t\t\t\t\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t\t\t\t\tposition DESC\r\n\t\t\t\t\t\t\t\t\tLIMIT 1\r\n\t\t\t\t\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$position = $row['position'] + 1;
} else {
$position = 0;
}
$res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "', \r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\ttitle='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\tposition='" . $position . "',\r\n\t\t\t\t\t\t\t\t\t\tattachment='" . $attachment . "',\r\n\t\t\t\t\t\t\t\t\t\tmodified=NOW()\r\n\t\t\t\t\t\t\t\t");
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
if (!$flashUsed) {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
} else {
// Workaround for a Flash bug on OS X.. We need to send back content... any content will do
echo " ";
flush();
}
} else {
if ($flashUsed) {
header("HTTP/1.1 415 Unsupported Media Type");
header("Status: 415 Unsupported Media Type");
} else {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
}
}
exit;
} else {
switch ($_FILES['Filedata']['error']) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
if ($flashUsed) {
header("HTTP/1.1 413 Request Entity Too Large");
header("Status: 413 Request Entity Too Large");
} else {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
}
break;
case UPLOAD_ERR_NO_FILE:
case UPLOAD_ERR_PARTIAL:
if ($flashUsed) {
header("HTTP/1.1 400 Bad Request");
header("Status: 400 Bad Request");
} else {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
}
break;
case UPLOAD_ERR_NO_TMP_DIR:
case UPLOAD_ERR_CANT_WRITE:
case UPLOAD_ERR_EXTENSION:
default:
if ($flashUsed) {
header("HTTP/1.1 500 Internal Error");
header("Status: 500 Internal Error");
} else {
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
}
break;
}
exit;
}
}
header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
exit;
}
$tpl = new Template($this->getTemplate('editor.template'));
if ($data['sheet'] == 'files') {
$tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision']));
} else {
$tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision']));
}
$tpl->set("id", $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
$tpl->set("filemask", files::getFilemask());
$tpl->set("ticket", ticket::generate($data['params']['id']));
$tpl->set("sheet", $data['sheet']);
$data['template']->append('content', $tpl->fetch());
// Make sure the following assets are included
$data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/flash.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/upload.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/progress.js');
$data['page']->assets->registerCSS($this->localAsset('editor.css'));
$data['page']->assets->registerJavascript($this->localAsset('editor.js'));
}
}
function event_ExecuteEditor(&$data)
{
global $lang, $manager;
if (isset($manager->types[$data['type']]['content']['movie']) && $data['sheet'] == 'movie') {
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') {
$res = sql::query("\r\n\t\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
$tpl = new Template($this->getTemplate('json.template'));
if ($movie = sql::fetch_array($res)) {
$tpl->set("movie", $movie);
}
echo $tpl->fetch();
exit;
}
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') {
$res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$directory = _BASE_MEDIA_ . 'movies/';
if (file_exists($directory . $row['filename'])) {
unlink($directory . $row['filename']);
}
$res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
/* Upload */
if (isset($_FILES['Filedata'])) {
if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
$directory = _BASE_MEDIA_ . 'movies/';
$original = $_FILES['Filedata']['name'];
$contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']);
$filename = files::getUniqueName($contenttype, $directory);
if (files::allowedContentType($contenttype, 'movie')) {
// Insert into database...
move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename);
$res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\twidth=320,\r\n\t\t\t\t\t\t\t\t\t\theight=240,\r\n\t\t\t\t\t\t\t\t\t\tautostart=0\r\n\t\t\t\t\t\t\t\t");
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
// Workaround for a Flash bug on OS X.. We need to send back content... any content will do
echo " ";
flush();
exit;
} else {
header("HTTP/1.1 415 Unsupported Media Type");
header("Status: 415 Unsupported Media Type");
exit;
}
} else {
switch ($_FILES['Filedata']['error']) {
case UPLOAD_ERR_INI_SIZE:
case UPLOAD_ERR_FORM_SIZE:
header("HTTP/1.1 413 Request Entity Too Large");
header("Status: 413 Request Entity Too Large");
exit;
case UPLOAD_ERR_NO_FILE:
case UPLOAD_ERR_PARTIAL:
default:
header("HTTP/1.1 400 Bad Request");
header("Status: 400 Bad Request");
exit;
}
}
} else {
// Update size and autostart
$autostart = isset($_REQUEST['autostart']) ? intval($_REQUEST['autostart']) : 0;
$width = isset($_REQUEST['size']) ? intval($_REQUEST['size']) : 320;
switch ($width) {
case 320:
$height = 240;
case 640:
$height = 480;
default:
$height = round($width / 4 * 3);
}
$res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\twidth='" . addslashes($width) . "',\r\n\t\t\t\t\t\t\t\theight='" . addslashes($height) . "',\r\n\t\t\t\t\t\t\t\tautostart='" . addslashes($autostart) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t");
}
// Mark this action as a modification
revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
header("Location: " . url::item($data['params']['id'], 'edit') . "/movie?revision=" . $data['params']['revision']);
exit;
}
$res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
$tpl = new Template($this->getTemplate('editor.template'));
if ($movie = sql::fetch_array($res)) {
$tpl->set("movie", $movie);
}
$tpl->set("id", $data['params']['id']);
$tpl->set("revision", $data['params']['revision']);
$tpl->set("filemask", files::getFilemask('movie'));
$tpl->set("ticket", ticket::generate($data['params']['id']));
$data['template']->append('content', $tpl->fetch());
// Make sure the following assets are included
$data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/flash.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/upload.js');
$data['page']->assets->registerJavascript('/core/assets/javascript/progress.js');
$data['page']->assets->registerJavascript($this->localAsset('editor.js'));
$data['page']->assets->registerJavascript($this->localAsset('player.js'));
}
}
function action_medialibrary($args)
{
global $lang, $user;
$folder = isset($_REQUEST['folder']) ? $_REQUEST['folder'] : (isset($_SESSION['lastFolder']) ? $_SESSION['lastFolder'] : 1);
$_SESSION['lastFolder'] = $folder;
$res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM\r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tID = '" . $folder . "'\r\n\t\t\t");
if (sql::num_rows($res) == 0) {
$res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t`order`\r\n\t\t\t\t\tLIMIT 1\r\n\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$folder = $row['ID'];
}
}
$flash = false;
// Map Flash upload name to regular upload name
if (isset($_FILES['Filedata'])) {
$flash = true;
$_FILES['file'] =& $_FILES['Filedata'];
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_FILES['file'])) {
if ($_FILES['file']['error'] > UPLOAD_ERR_OK) {
error_log('Could not upload file because error ' . $_FILES['file']['error'] . ' occurred');
} else {
if (is_uploaded_file($_FILES['file']['tmp_name'])) {
$directory = _BASE_MEDIA_ . 'images/';
$original = $_FILES['file']['name'];
$contenttype = files::getCleanContentType($_FILES['file']['type'], $_FILES['file']['name']);
$filename = files::getUniqueName($contenttype, $directory);
if (files::allowedContentType($contenttype, 'picture')) {
// Move file to the media directory
move_uploaded_file($_FILES['file']['tmp_name'], $directory . $filename);
// Get information from the file...
list($width, $height) = getimagesize($directory . $filename);
$size = round(filesize($directory . $filename) / 1024);
// Insert it into the database
$res = sql::query("\r\n\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "',\r\n\t\t\t\t\t\t\t\t\tfilename = '" . addslashes($filename) . "',\r\n\t\t\t\t\t\t\t\t\toriginal = '" . addslashes(basename($original)) . "',\r\n\t\t\t\t\t\t\t\t\twidth = '" . $width . "',\r\n\t\t\t\t\t\t\t\t\theight = '" . $height . "',\r\n\t\t\t\t\t\t\t\t\tsize = '" . $size . "',\r\n\t\t\t\t\t\t\t\t\tmodified = NOW()\r\n\t\t\t\t\t\t\t");
if ($flash) {
// Workaround for a Flash bug on OS X.. We need to send back content... any content will do
echo " ";
flush();
}
} else {
error_log('Could not upload file because its mimetype was not recognized or rejected');
}
} else {
error_log('Could not upload file because it got lost on the server');
}
}
if ($flash == false) {
header('Location: ' . url::action('medialibrary') . '?folder=' . $folder);
}
exit;
} else {
if (isset($_REQUEST['json'])) {
if ($_REQUEST['json'] == 'editImage' && isset($_REQUEST['image'])) {
$id = intval($_REQUEST['image']);
$res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\toriginal = '" . addslashes($_REQUEST['value']) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t");
echo $_REQUEST['value'];
exit;
}
if ($_REQUEST['json'] == 'moveImage' && isset($_REQUEST['image'])) {
$ids = explode(',', $_REQUEST['image']);
while (list(, $id) = each($ids)) {
$res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "'\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
}
exit;
}
if ($_REQUEST['json'] == 'deleteImage' && isset($_REQUEST['image'])) {
$ids = explode(',', $_REQUEST['image']);
while (list(, $id) = each($ids)) {
$res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tdeleted = 1\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
}
exit;
}
if ($_REQUEST['json'] == 'orderFolder' && isset($_REQUEST['folders'])) {
$order = 0;
while (list(, $id) = each($_REQUEST['folders'])) {
$res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t`order` = " . $order . "\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tID = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
$order++;
}
exit;
}
if ($_REQUEST['json'] == 'editFolder' && isset($_REQUEST['value'])) {
$res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\tname = '" . addslashes($_REQUEST['value']) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID = '" . addslashes($folder) . "'\r\n\t\t\t\t\t\t");
echo $_REQUEST['value'];
exit;
}
if ($_REQUEST['json'] == 'deleteFolder') {
$res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID = '" . addslashes($folder) . "'\r\n\t\t\t\t\t\t");
exit;
}
if ($_REQUEST['json'] == 'newFolder') {
$res = sql::query("\r\n\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\tMAX(`order`) AS max\r\n\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t");
if ($row = sql::fetch_array($res)) {
$order = $row['max'] + 1;
} else {
$order = 0;
}
$res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`name` = '" . addslashes($user->lang->s('untitled')) . "',\r\n\t\t\t\t\t\t\t\t`order` = " . $order . "\r\n\t\t\t\t\t\t");
echo '[{id: "' . sql::insert_id() . '", name: "' . addslashes($user->lang->s('untitled')) . '"}]';
exit;
}
}
// Show contents....
$files = array();
$res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\tdeleted = 0\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\tmodified DESC\r\n\t\t\t\t");
while ($row = sql::fetch_array($res)) {
$files[] = array('id' => $row['ID'], 'imageurl' => _BASE_URL_ . '/media/images/' . $row['filename'], 'thumburl' => _BASE_URL_ . '/media/images/' . $row['filename'] . '?s{size}', 'name' => $row['original'], 'width' => $row['width'], 'height' => $row['height'], 'size' => $row['size']);
}
$res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t`order`\r\n\t\t\t\t");
while ($row = sql::fetch_array($res)) {
$folders[] = $row;
}
if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'loadData') {
$tpl = new Template($this->getTemplate('data.template'));
} else {
$tpl = new Template($this->getTemplate('main.template'));
}
$tpl->set("files", $files);
$tpl->set("folders", $folders);
$tpl->set("current_folder", $folder);
echo $tpl->fetch();
exit;
}
}
