<?php
$parse_uri = explode('wp-content', $_SERVER['SCRIPT_FILENAME']);
require_once $parse_uri[0] . 'wp-load.php';
$upload_dir = wp_upload_dir();
$function = $_GET['function'];
$spcdm_ajax = new spdm_ajax();
switch ($function) {
case "check-file-permissions":
echo cdm_file_permissions($_GET['pid']);
break;
case "check-folder-permissions":
echo cdm_folder_permissions($_GET['pid']);
break;
case "reload-project-dropdown":
echo $spcdm_ajax->project_dropdown();
break;
case "delete-file":
echo $spcdm_ajax->delete_file();
break;
case "get-file-info":
echo $spcdm_ajax->get_file_info();
break;
case "remove-category":
echo $spcdm_ajax->remove_cat();
break;
case "save-category":
echo $spcdm_ajax->save_cat($_REQUEST['uid']);
break;
case "view-file":
echo $spcdm_ajax->view_file();
function file_list()
{
global $wpdb, $current_user;
if (!is_user_logged_in()) {
exit;
}
if (function_exists('cdmFindGroups')) {
$find_groups = cdmFindGroups($_GET['uid'], 1);
}
if ($_REQUEST['search'] != "") {
$search_project .= " AND " . $wpdb->prefix . "sp_cu_project.name LIKE '%" . $_REQUEST['search'] . "%' ";
} else {
if ($_GET['pid'] == '' or $_GET['pid'] == 'undefined') {
$search_project .= " AND " . $wpdb->prefix . "sp_cu_project.parent = '0' ";
} else {
$search_project .= " AND " . $wpdb->prefix . "sp_cu_project.parent = '" . $_GET['pid'] . "' ";
}
}
if (get_option('sp_cu_hide_project') == 1) {
$r_projects_query = "SELECT " . $wpdb->prefix . "sp_cu.name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu.id,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu.pid ,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu.uid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu.parent,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.name AS project_name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.parent\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t \r\n\r\n\t\t\t\t\t\t\t\t\t\tFROM " . $wpdb->prefix . "sp_cu \r\n\r\n\t\t\t\t\t\t\t\t\t\tLEFT JOIN " . $wpdb->prefix . "sp_cu_project ON " . $wpdb->prefix . "sp_cu.pid = " . $wpdb->prefix . "sp_cu_project.id\r\n\r\n\t\t\t\t\t\t\t\t\t\tWHERE (" . $wpdb->prefix . "sp_cu.uid = '" . $_GET['uid'] . "' " . $find_groups . ")\r\n\r\n\t\t\t\t\t\t\t\t\t\tAND pid != 0\r\n\r\n\t\t\t\t\t\t\t\t\t\tAND " . $wpdb->prefix . "sp_cu.parent = 0 \r\n\r\n\t\t\t\t\t\t\t\t\t\t" . $sub_projects . "";
if ($_GET['pid'] == 0 or $_GET['pid'] == '') {
$r_projects_query = apply_filters('sp_cdm_projects_query', $r_projects_query, $_GET['uid']);
}
$r_projects_query .= "\t" . $search_project . "\r\n\t\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t\tGROUP BY pid\r\n\r\n\t\t\t\t\t\t\t\t\t\tORDER by date desc";
if (get_option('sp_cu_release_the_kraken') == 1) {
unset($r_projects_query);
$r_projects_query = "SELECT \t\t\t\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id AS pid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.uid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.name AS project_name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.parent\r\n\t\t\t\t\t\t\t\t\t\tFROM " . $wpdb->prefix . "sp_cu_project\r\n\t\t\t\t\t\t\t\t\t\tWHERE id != ''\r\n\t\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t\t" . $search_project . " ORDER by name\r\n";
}
$r_projects = $wpdb->get_results($r_projects_query, ARRAY_A);
} else {
$r_projects_groups_addon = apply_filters('sp_cdm_projects_query', $r_projects_groups_addon, $_GET['uid']);
$r_projects_query = "SELECT \r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id AS pid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.uid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.name AS project_name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.parent\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t \r\n\r\n\t\t\t\t\t\t\t\t\t\tFROM " . $wpdb->prefix . "sp_cu_project\r\n\r\n\t\t\t\t\t\t\t\t\t\tWHERE (" . $wpdb->prefix . "sp_cu_project.uid = '" . $_GET['uid'] . "' " . $find_groups . " " . $r_projects_groups_addon . ")\t\t\t\t\t\t\t\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t\t" . $search_project . "\r\n\r\n\t\t\t\t\t\t\t\t\t\t";
$r_projects_query .= "\r\n\r\n\t\t\t\t\t\t\t\t\t\tORDER by name";
if (get_option('sp_cu_release_the_kraken') == 1) {
unset($r_projects_query);
$r_projects_query = "SELECT \t\t\t\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id AS pid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.uid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.name AS project_name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.parent\r\n\t\t\t\t\t\t\t\t\t\tFROM " . $wpdb->prefix . "sp_cu_project\r\n\t\t\t\t\t\t\t\t\t\tWHERE id != ''\r\n\t\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t\t" . $search_project . " ORDER by name\r\n";
}
$r_projects_query = apply_filters('sp_cdm_project_query_final', $r_projects_query);
$r_projects = $wpdb->get_results($r_projects_query, ARRAY_A);
}
echo '<div id="dlg_cdm_file_list">
<table border="0" cellpadding="0" cellspacing="0">
<thead>';
if ($_GET['pid'] == '') {
$jscriptpid = "''";
} else {
$jscriptpid = "'" . $_GET['pid'] . "'";
}
echo '<tr>';
do_action('spdm_file_list_column_before_sort');
echo '<th></th>
<th class="cdm_file_info" style="text-align:left"><a href="javascript:sp_cdm_sort(\'name\',' . $jscriptpid . ')">' . __("Name", "sp-cdm") . '</a></th>
<th class="cdm_file_date"><a href="javascript:sp_cdm_sort(\'date\',' . $jscriptpid . ')">' . __("Date", "sp-cdm") . '</a></th>
<th class="cdm_file_type">' . __("Type", "sp-cdm") . '</th>
</tr>
';
if ($_GET['pid'] != "0" && $_GET['pid'] != '' && (get_option('sp_cu_user_projects') == 1 and get_option('sp_cu_user_projects_modify') != 1 or current_user_can('manage_options'))) {
$r_project_info = $wpdb->get_results("SELECT * FROM " . $wpdb->prefix . "sp_cu_project where id = " . $_GET['pid'] . "", ARRAY_A);
if ($r_project_info[0]['uid'] == $_GET['uid']) {
echo '<tr>
<th colspan="100%" style="text-align:right">
<div style="padding-right:10px">';
echo '<a href="javascript:sp_cu_dialog(\'#edit_category_' . $_GET['pid'] . '\',550,130)"><img src="' . SP_CDM_PLUGIN_URL . 'images/application_edit.png"> ' . __("Edit", "sp-cdm") . ' ' . sp_cdm_folder_name() . ' ' . __("Name", "sp-cdm") . '</a>
<a href="javascript:sp_cu_remove_project()" style="margin-left:20px"> <img src="' . SP_CDM_PLUGIN_URL . 'images/delete_small.png"> ' . __("Remove", "sp-cdm") . ' ' . sp_cdm_folder_name() . '</a>';
do_action('cdm/ajax/folder/navigation', $_GET['pid']);
echo '<div style="display:none">
<script type="text/javascript">
function sp_cu_edit_project(){
if(jQuery("#edit_project_name_' . $_GET['pid'] . '").val() == ""){
alert("' . __("Please enter a project name", "sp-cdm") . '");
}else{
jQuery.ajax({
type: "POST",
url: "' . SP_CDM_PLUGIN_URL . 'ajax.php?function=save-category",
data: "name=" + jQuery("#edit_project_name_' . $_GET['pid'] . '").val() + "&id=" + jQuery("#edit_project_id_' . $_GET['pid'] . '").val(),
success: function(msg){
jQuery("#cmd_file_thumbs").load("' . SP_CDM_PLUGIN_URL . 'ajax.php?function=file-list&uid=' . $_GET['uid'] . '&pid=' . $_GET['pid'] . '");
jQuery("#edit_category").dialog("close");
alert(msg);
}
});
}
}
function sp_cu_remove_project(){
jQuery( "#delete_category_' . $_GET['pid'] . '" ).dialog({
resizable: false,
height:240,
width:440,
modal: true,
buttons: {
"Delete all items": function() {
jQuery.ajax({
type: "POST",
url: "' . SP_CDM_PLUGIN_URL . 'ajax.php?function=remove-category",
data: "id=' . $_GET['pid'] . '" ,
success: function(msg){
jQuery.removeCookie("pid");
cdm_ajax_search();
}
});
jQuery( this ).dialog( "close" );
},
Cancel: function() {
jQuery( this ).dialog( "close" );
}
}
});
}
</script>
<div id="delete_category_' . $_GET['pid'] . '" title="' . __("Delete Category?", "sp-cdm") . '">
<p><span class="ui-icon ui-icon-alert" style="float:left; margin:0 7px 20px 0;"></span>' . __("Are you sure you would like to delete this category? Doing so will remove all files related to this category.", "sp-cdm") . '</p>
</div>
<div id="edit_category_' . $_GET['pid'] . '">
<input type="hidden" name="edit_project_id" id="edit_project_id_' . $_GET['pid'] . '" value="' . $_GET['pid'] . '">
' . sp_cdm_folder_name() . ' ' . __("Name", "sp-cdm") . ': <input value="' . stripslashes($r_project_info[0]['name']) . '" id="edit_project_name_' . $_GET['pid'] . '" type="text" name="name" style="width:200px !important">
<input type="submit" value="' . __("Save", "sp-cdm") . ' ' . sp_cdm_folder_name() . '" onclick="sp_cu_edit_project()">
</div>
</div>
</th>
</tr>
';
}
}
echo '</thead><tbody>';
if ($_GET['pid'] != 0) {
$query_project = $wpdb->get_results("SELECT *\r\n\r\n\t\r\n\r\n\t\t\t\t\t\t\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t FROM " . $wpdb->prefix . "sp_cu_project\r\n\r\n\t\t\t\t\t\t\t\t\tWHERE id = '" . $_GET['pid'] . "'\r\n\r\n\t\t\t\t\t\t\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t ", ARRAY_A);
echo '<tr >';
do_action('spdm_file_list_column_before_folder_back');
echo '<td class="cdm_file_icon ext_directory" onclick="sp_cdm_load_project(' . $query_project[0]['parent'] . ')"></td>
<td class="cdm_file_info" onclick="sp_cdm_load_project(' . $query_project[0]['parent'] . ')">« ' . __("Go Back", "sp-cdm") . '</td>
<td class="cdm_file_date" onclick="sp_cdm_load_project(' . $query_project[0]['parent'] . ')"> </td>
<td class="cdm_file_type" onclick="sp_cdm_load_project(' . $query_project[0]['parent'] . ')">' . __("Folder", "sp-cdm") . '</td>
</tr>
';
}
if (count($r_projects) > 0) {
for ($i = 0; $i < count($r_projects); $i++) {
if ($r_projects[$i]['project_name'] != "") {
echo '<tr >
';
do_action('spdm_file_list_column_before_folder', $r_projects[$i]['pid']);
echo '
<td class="cdm_file_icon ext_directory" onclick="sp_cdm_load_project(' . $r_projects[$i]['pid'] . ')"></td>
<td class="cdm_file_info" onclick="sp_cdm_load_project(' . $r_projects[$i]['pid'] . ')">' . stripslashes($r_projects[$i]['project_name']) . '</td>
<td class="cdm_file_date" onclick="sp_cdm_load_project(' . $r_projects[$i]['pid'] . ')"> </td>
<td class="cdm_file_type">Folder</td>
</tr>
';
}
}
}
if ($_GET['sort'] == '') {
$sort = $this->order_by();
} else {
$sort = $_GET['sort'];
}
if ($_GET['pid'] == "" or $_GET['pid'] == "0" or $_GET['pid'] == "undefined" or $_GET['pid'] == "null") {
if ($_REQUEST['search'] != "") {
$search_file .= " AND (name LIKE '%" . $_REQUEST['search'] . "%' or tags LIKE '%" . $_REQUEST['search'] . "%') ";
$r_projects_groups_addon_search = str_replace("wp_sp_cu_project.id", "pid", $r_projects_groups_addon);
} else {
$search_file .= " AND pid = 0 AND parent = 0 ";
}
$search_file = apply_filters("sp_cdm_file_search_query", $search_file, $_GET['pid']);
$r = $wpdb->get_results("SELECT * FROM " . $wpdb->prefix . "sp_cu where (uid = '" . $_GET['uid'] . "' " . $r_projects_groups_addon_search . ") \t " . $search_file . " order by " . $sort . " ", ARRAY_A);
} else {
if ($_REQUEST['search'] != "") {
$search_file .= " AND (name LIKE '%" . $_REQUEST['search'] . "%' or tags LIKE '%" . $_REQUEST['search'] . "%') ";
} else {
$search_file .= " AND parent = 0 ";
}
$search_file = apply_filters("sp_cdm_file_search_query", $search_file, $_GET['pid']);
$r = $wpdb->get_results("SELECT * FROM " . $wpdb->prefix . "sp_cu where (pid = '" . $_GET['pid'] . "') " . $search_file . " order by " . $sort . " ", ARRAY_A);
}
if (get_option('sp_cu_release_the_kraken') == 1) {
unset($r);
if ($_GET['pid'] == '') {
$_GET['pid'] = 0;
}
if ($_REQUEST['search'] == "") {
$search_file .= " AND (pid = '" . $_GET['pid'] . "') ";
}
$search_file = apply_filters("sp_cdm_file_search_query", $search_file, $_GET['pid']);
$query = "SELECT * FROM " . $wpdb->prefix . "sp_cu where id != '' " . $search_file . " order by " . $sort . " ";
//echo $query ;
$r = $wpdb->get_results($query, ARRAY_A);
}
for ($i = 0; $i < count($r); $i++) {
$ext = preg_replace('/^.*\\./', '', $r[$i]['file']);
$r_cat = $wpdb->get_results("SELECT name FROM " . $wpdb->prefix . "sp_cu_cats where id = '" . $r[$i]['cid'] . "' ", ARRAY_A);
if ($r_cat[0]['name'] == '') {
$cat = stripslashes($r_cat[0]['name']);
} else {
$cat = '';
}
if ($_REQUEST['search'] != "" && sp_cdm_get_project_name($r[$i]['pid']) != false) {
$project_name = ' <em>(' . sp_cdm_folder_name() . ': ' . sp_cdm_get_project_name($r[$i]['pid']) . ')</em> ';
} else {
$project_name = '';
}
echo '<tr >
';
do_action('spdm_file_list_column_before_file', $r[$i]['id']);
if (get_option('sp_cu_file_direct_access') == 1) {
$file_link = 'window.open(\'' . SP_CDM_PLUGIN_URL . 'download.php?fid=' . base64_encode($r[$i]['id'] . '|' . $r[$i]['date'] . '|' . $r[$i]['file']) . '\')';
} else {
$file_link = 'cdmViewFile(' . $r[$i]['id'] . ')';
}
if (cdm_file_permissions($r[$i]['pid']) == 1) {
$file_link = apply_filters('spcdm/file_list/link', $file_link, $r[$i]);
echo '
<td class="cdm_file_icon ext_' . $ext . '" onclick="cdmViewFile(' . $r[$i]['id'] . ')"></td>
<td class="cdm_file_info" onclick="' . $file_link . '">' . stripslashes($r[$i]['name']) . ' ' . $project_name . '</td>
<td class="cdm_file_date" onclick="' . $file_link . '">' . date("F jS Y g:i A", strtotime($r[$i]['date'])) . '</td>
<td class="cdm_file_type" onclick="' . $file_link . '">' . $ext . '</td>
</tr>
';
}
}
echo '</tbody></table><div style="clear:both"></div></div>';
}
