/**
* Deletes paths from the current path
*
* @since 1.5
*/
public function delete()
{
Session::checkToken(['get', 'post']);
// Get some data from the request
$tmpl = Request::getCmd('tmpl');
$paths = Request::getVar('rm', array(), '', 'array');
$folder = Request::getVar('folder', '', '', 'path');
$redirect = 'index.php?option=com_media&folder=' . $folder;
if ($tmpl == 'component') {
// We are inside the iframe
$redirect .= '&view=mediaList&tmpl=component';
}
$this->setRedirect($redirect);
// Nothing to delete
if (empty($paths)) {
return true;
}
// Authorize the user
if (!$this->authoriseUser('delete')) {
return false;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
// Initialise variables.
$ret = true;
foreach ($paths as $path) {
if ($path !== Filesystem::clean($path)) {
// filename is not safe
$filename = htmlspecialchars($path, ENT_COMPAT, 'UTF-8');
Notify::warning(Lang::txt('COM_MEDIA_ERROR_UNABLE_TO_DELETE_FILE_WARNFILENAME', substr($filename, strlen(COM_MEDIA_BASE))));
continue;
}
$fullPath = Filesystem::cleanPath(implode(DIRECTORY_SEPARATOR, array(COM_MEDIA_BASE, $folder, $path)));
$object_file = new \Hubzero\Base\Object(array('filepath' => $fullPath));
if (is_file($fullPath)) {
// Trigger the onContentBeforeDelete event.
$result = Event::trigger('content.onContentBeforeDelete', array('com_media.file', &$object_file));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
Notify::warning(Lang::txts('COM_MEDIA_ERROR_BEFORE_DELETE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
continue;
}
$ret &= Filesystem::delete($fullPath);
// Trigger the onContentAfterDelete event.
Event::trigger('content.onContentAfterDelete', array('com_media.file', &$object_file));
$this->setMessage(Lang::txt('COM_MEDIA_DELETE_COMPLETE', substr($fullPath, strlen(COM_MEDIA_BASE))));
} elseif (is_dir($fullPath)) {
$contents = Filesystem::files($fullPath, '.', true, false, array('.svn', 'CVS', '.DS_Store', '__MACOSX', 'index.html'));
if (empty($contents)) {
// Trigger the onContentBeforeDelete event.
$result = Event::trigger('content.onContentBeforeDelete', array('com_media.folder', &$object_file));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
Notify::warning(Lang::txts('COM_MEDIA_ERROR_BEFORE_DELETE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
continue;
}
$ret &= Filesystem::deleteDirectory($fullPath);
// Trigger the onContentAfterDelete event.
Event::trigger('content.onContentAfterDelete', array('com_media.folder', &$object_file));
$this->setMessage(Lang::txt('COM_MEDIA_DELETE_COMPLETE', substr($fullPath, strlen(COM_MEDIA_BASE))));
} else {
// This makes no sense...
Notify::warning(Lang::txt('COM_MEDIA_ERROR_UNABLE_TO_DELETE_FOLDER_NOT_EMPTY', substr($fullPath, strlen(COM_MEDIA_BASE))));
}
}
}
return $ret;
}
/**
* Upload a file
*
* @since 1.5
*/
function upload()
{
$params = Component::params('com_media');
// Check for request forgeries
if (!Session::checkToken(['get', 'post'], true)) {
$response = array('status' => '0', 'error' => Lang::txt('JINVALID_TOKEN'));
echo json_encode($response);
return;
}
// Get the user
$log = JLog::getInstance('upload.error.php');
// Get some data from the request
$file = Request::getVar('Filedata', '', 'files', 'array');
$folder = Request::getVar('folder', '', '', 'path');
$return = Request::getVar('return-url', null, 'post', 'base64');
if ($_SERVER['CONTENT_LENGTH'] > $params->get('upload_maxsize', 0) * 1024 * 1024 || $_SERVER['CONTENT_LENGTH'] > (int) ini_get('upload_max_filesize') * 1024 * 1024 || $_SERVER['CONTENT_LENGTH'] > (int) ini_get('post_max_size') * 1024 * 1024 || $_SERVER['CONTENT_LENGTH'] > (int) ini_get('memory_limit') * 1024 * 1024) {
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_WARNFILETOOLARGE'));
echo json_encode($response);
return;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
// Make the filename safe
$file['name'] = Filesystem::clean($file['name']);
if (isset($file['name'])) {
// The request is valid
$err = null;
$filepath = \Hubzero\Filesystem\Util::normalizePath(COM_MEDIA_BASE . '/' . $folder . '/' . strtolower($file['name']));
if (!MediaHelper::canUpload($file, $err)) {
$log->addEntry(array('comment' => 'Invalid: ' . $filepath . ': ' . $err));
$response = array('status' => '0', 'error' => Lang::txt($err));
echo json_encode($response);
return;
}
// Trigger the onContentBeforeSave event.
$object_file = new \Hubzero\Base\Object($file);
$object_file->filepath = $filepath;
$result = Event::trigger('content.onContentBeforeSave', array('com_media.file', &$object_file, true));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
$log->addEntry(array('comment' => 'Errors before save: ' . $filepath . ' : ' . implode(', ', $object_file->getErrors())));
$response = array('status' => '0', 'error' => Lang::txts('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
echo json_encode($response);
return;
}
if (Filesystem::exists($filepath)) {
// File exists
$log->addEntry(array('comment' => 'File exists: ' . $filepath . ' by user_id ' . User::get('id')));
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_FILE_EXISTS'));
echo json_encode($response);
return;
} elseif (!User::authorise('core.create', 'com_media')) {
// File does not exist and user is not authorised to create
$log->addEntry(array('comment' => 'Create not permitted: ' . $filepath . ' by user_id ' . User::get('id')));
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_CREATE_NOT_PERMITTED'));
echo json_encode($response);
return;
}
$file = (array) $object_file;
if (!Filesystem::upload($file['tmp_name'], $file['filepath'])) {
// Error in upload
$log->addEntry(array('comment' => 'Error on upload: ' . $filepath));
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_UNABLE_TO_UPLOAD_FILE'));
echo json_encode($response);
return;
} else {
// Trigger the onContentAfterSave event.
Event::trigger('content.onContentAfterSave', array('com_media.file', &$object_file, true));
$log->addEntry(array('comment' => $folder));
$response = array('status' => '1', 'error' => Lang::txt('COM_MEDIA_UPLOAD_COMPLETE', substr($file['filepath'], strlen(COM_MEDIA_BASE))));
echo json_encode($response);
return;
}
} else {
$response = array('status' => '0', 'error' => Lang::txt('COM_MEDIA_ERROR_BAD_REQUEST'));
echo json_encode($response);
return;
}
}
/**
* Create a folder
*
* @param string $path Path of the folder to create
* @since 1.5
*/
public function create()
{
// Check for request forgeries
Session::checkToken(['get', 'post']);
$folder = Request::getCmd('foldername', '');
$folderCheck = Request::getVar('foldername', null, '', 'string', JREQUEST_ALLOWRAW);
$parent = Request::getVar('folderbase', '', '', 'path');
$this->setRedirect('index.php?option=com_media&folder=' . $parent . '&tmpl=' . Request::getCmd('tmpl', 'index'));
if (strlen($folder) > 0) {
if (!User::authorise('core.create', 'com_media')) {
// User is not authorised to delete
Notify::warning(Lang::txt('JLIB_APPLICATION_ERROR_CREATE_NOT_PERMITTED'));
return false;
}
// Set FTP credentials, if given
JClientHelper::setCredentialsFromRequest('ftp');
Request::setVar('folder', $parent);
if ($folderCheck !== null && $folder !== $folderCheck) {
$this->setMessage(Lang::txt('COM_MEDIA_ERROR_UNABLE_TO_CREATE_FOLDER_WARNDIRNAME'));
return false;
}
$path = \Hubzero\Filesystem\Util::normalizePath(COM_MEDIA_BASE . '/' . $parent . '/' . $folder);
if (!is_dir($path) && !is_file($path)) {
// Trigger the onContentBeforeSave event.
$object_file = new \Hubzero\Base\Object(array('filepath' => $path));
$result = Event::trigger('content.onContentBeforeSave', array('com_media.folder', &$object_file, true));
if (in_array(false, $result, true)) {
// There are some errors in the plugins
Notify::warning(Lang::txts('COM_MEDIA_ERROR_BEFORE_SAVE', count($errors = $object_file->getErrors()), implode('<br />', $errors)));
return false;
}
Filesystem::makeDirectory($path);
$data = "<html>\n<body bgcolor=\"#FFFFFF\">\n</body>\n</html>";
Filesystem::write($path . "/index.html", $data);
// Trigger the onContentAfterSave event.
Event::trigger('content.onContentAfterSave', array('com_media.folder', &$object_file, true));
$this->setMessage(Lang::txt('COM_MEDIA_CREATE_COMPLETE', substr($path, strlen(COM_MEDIA_BASE))));
}
Request::setVar('folder', $parent ? $parent . '/' . $folder : $folder);
}
}
