<?php $parse_uri = explode('wp-content', $_SERVER['SCRIPT_FILENAME']); require_once $parse_uri[0] . 'wp-load.php'; $upload_dir = wp_upload_dir(); $function = $_GET['function']; $spcdm_ajax = new spdm_ajax(); switch ($function) { case "check-file-permissions": echo cdm_file_permissions($_GET['pid']); break; case "check-folder-permissions": echo cdm_folder_permissions($_GET['pid']); break; case "reload-project-dropdown": echo $spcdm_ajax->project_dropdown(); break; case "delete-file": echo $spcdm_ajax->delete_file(); break; case "get-file-info": echo $spcdm_ajax->get_file_info(); break; case "remove-category": echo $spcdm_ajax->remove_cat(); break; case "save-category": echo $spcdm_ajax->save_cat($_REQUEST['uid']); break; case "view-file": echo $spcdm_ajax->view_file();
function file_list() { global $wpdb, $current_user; if (!is_user_logged_in()) { exit; } if (function_exists('cdmFindGroups')) { $find_groups = cdmFindGroups($_GET['uid'], 1); } if ($_REQUEST['search'] != "") { $search_project .= " AND " . $wpdb->prefix . "sp_cu_project.name LIKE '%" . $_REQUEST['search'] . "%' "; } else { if ($_GET['pid'] == '' or $_GET['pid'] == 'undefined') { $search_project .= " AND " . $wpdb->prefix . "sp_cu_project.parent = '0' "; } else { $search_project .= " AND " . $wpdb->prefix . "sp_cu_project.parent = '" . $_GET['pid'] . "' "; } } if (get_option('sp_cu_hide_project') == 1) { $r_projects_query = "SELECT " . $wpdb->prefix . "sp_cu.name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu.id,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu.pid ,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu.uid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu.parent,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.name AS project_name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.parent\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t \r\n\r\n\t\t\t\t\t\t\t\t\t\tFROM " . $wpdb->prefix . "sp_cu \r\n\r\n\t\t\t\t\t\t\t\t\t\tLEFT JOIN " . $wpdb->prefix . "sp_cu_project ON " . $wpdb->prefix . "sp_cu.pid = " . $wpdb->prefix . "sp_cu_project.id\r\n\r\n\t\t\t\t\t\t\t\t\t\tWHERE (" . $wpdb->prefix . "sp_cu.uid = '" . $_GET['uid'] . "' " . $find_groups . ")\r\n\r\n\t\t\t\t\t\t\t\t\t\tAND pid != 0\r\n\r\n\t\t\t\t\t\t\t\t\t\tAND " . $wpdb->prefix . "sp_cu.parent = 0 \r\n\r\n\t\t\t\t\t\t\t\t\t\t" . $sub_projects . ""; if ($_GET['pid'] == 0 or $_GET['pid'] == '') { $r_projects_query = apply_filters('sp_cdm_projects_query', $r_projects_query, $_GET['uid']); } $r_projects_query .= "\t" . $search_project . "\r\n\t\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t\tGROUP BY pid\r\n\r\n\t\t\t\t\t\t\t\t\t\tORDER by date desc"; if (get_option('sp_cu_release_the_kraken') == 1) { unset($r_projects_query); $r_projects_query = "SELECT \t\t\t\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id AS pid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.uid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.name AS project_name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.parent\r\n\t\t\t\t\t\t\t\t\t\tFROM " . $wpdb->prefix . "sp_cu_project\r\n\t\t\t\t\t\t\t\t\t\tWHERE id != ''\r\n\t\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t\t" . $search_project . " ORDER by name\r\n"; } $r_projects = $wpdb->get_results($r_projects_query, ARRAY_A); } else { $r_projects_groups_addon = apply_filters('sp_cdm_projects_query', $r_projects_groups_addon, $_GET['uid']); $r_projects_query = "SELECT \r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id AS pid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.uid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.name AS project_name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.parent\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t \r\n\r\n\t\t\t\t\t\t\t\t\t\tFROM " . $wpdb->prefix . "sp_cu_project\r\n\r\n\t\t\t\t\t\t\t\t\t\tWHERE (" . $wpdb->prefix . "sp_cu_project.uid = '" . $_GET['uid'] . "' " . $find_groups . " " . $r_projects_groups_addon . ")\t\t\t\t\t\t\t\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t\t" . $search_project . "\r\n\r\n\t\t\t\t\t\t\t\t\t\t"; $r_projects_query .= "\r\n\r\n\t\t\t\t\t\t\t\t\t\tORDER by name"; if (get_option('sp_cu_release_the_kraken') == 1) { unset($r_projects_query); $r_projects_query = "SELECT \t\t\t\t\t\t\t\t\t\t \r\n\t\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.id AS pid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t" . $wpdb->prefix . "sp_cu_project.uid,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.name AS project_name,\r\n\r\n\t\t\t\t\t\t\t\t\t\t\t\t " . $wpdb->prefix . "sp_cu_project.parent\r\n\t\t\t\t\t\t\t\t\t\tFROM " . $wpdb->prefix . "sp_cu_project\r\n\t\t\t\t\t\t\t\t\t\tWHERE id != ''\r\n\t\t\t\t\t\t\t\t\t\t\r\n\t\t\t\t\t\t\t\t\t\t" . $search_project . " ORDER by name\r\n"; } $r_projects_query = apply_filters('sp_cdm_project_query_final', $r_projects_query); $r_projects = $wpdb->get_results($r_projects_query, ARRAY_A); } echo '<div id="dlg_cdm_file_list"> <table border="0" cellpadding="0" cellspacing="0"> <thead>'; if ($_GET['pid'] == '') { $jscriptpid = "''"; } else { $jscriptpid = "'" . $_GET['pid'] . "'"; } echo '<tr>'; do_action('spdm_file_list_column_before_sort'); echo '<th></th> <th class="cdm_file_info" style="text-align:left"><a href="javascript:sp_cdm_sort(\'name\',' . $jscriptpid . ')">' . __("Name", "sp-cdm") . '</a></th> <th class="cdm_file_date"><a href="javascript:sp_cdm_sort(\'date\',' . $jscriptpid . ')">' . __("Date", "sp-cdm") . '</a></th> <th class="cdm_file_type">' . __("Type", "sp-cdm") . '</th> </tr> '; if ($_GET['pid'] != "0" && $_GET['pid'] != '' && (get_option('sp_cu_user_projects') == 1 and get_option('sp_cu_user_projects_modify') != 1 or current_user_can('manage_options'))) { $r_project_info = $wpdb->get_results("SELECT * FROM " . $wpdb->prefix . "sp_cu_project where id = " . $_GET['pid'] . "", ARRAY_A); if ($r_project_info[0]['uid'] == $_GET['uid']) { echo '<tr> <th colspan="100%" style="text-align:right"> <div style="padding-right:10px">'; echo '<a href="javascript:sp_cu_dialog(\'#edit_category_' . $_GET['pid'] . '\',550,130)"><img src="' . SP_CDM_PLUGIN_URL . 'images/application_edit.png"> ' . __("Edit", "sp-cdm") . ' ' . sp_cdm_folder_name() . ' ' . __("Name", "sp-cdm") . '</a> <a href="javascript:sp_cu_remove_project()" style="margin-left:20px"> <img src="' . SP_CDM_PLUGIN_URL . 'images/delete_small.png"> ' . __("Remove", "sp-cdm") . ' ' . sp_cdm_folder_name() . '</a>'; do_action('cdm/ajax/folder/navigation', $_GET['pid']); echo '<div style="display:none"> <script type="text/javascript"> function sp_cu_edit_project(){ if(jQuery("#edit_project_name_' . $_GET['pid'] . '").val() == ""){ alert("' . __("Please enter a project name", "sp-cdm") . '"); }else{ jQuery.ajax({ type: "POST", url: "' . SP_CDM_PLUGIN_URL . 'ajax.php?function=save-category", data: "name=" + jQuery("#edit_project_name_' . $_GET['pid'] . '").val() + "&id=" + jQuery("#edit_project_id_' . $_GET['pid'] . '").val(), success: function(msg){ jQuery("#cmd_file_thumbs").load("' . SP_CDM_PLUGIN_URL . 'ajax.php?function=file-list&uid=' . $_GET['uid'] . '&pid=' . $_GET['pid'] . '"); jQuery("#edit_category").dialog("close"); alert(msg); } }); } } function sp_cu_remove_project(){ jQuery( "#delete_category_' . $_GET['pid'] . '" ).dialog({ resizable: false, height:240, width:440, modal: true, buttons: { "Delete all items": function() { jQuery.ajax({ type: "POST", url: "' . SP_CDM_PLUGIN_URL . 'ajax.php?function=remove-category", data: "id=' . $_GET['pid'] . '" , success: function(msg){ jQuery.removeCookie("pid"); cdm_ajax_search(); } }); jQuery( this ).dialog( "close" ); }, Cancel: function() { jQuery( this ).dialog( "close" ); } } }); } </script> <div id="delete_category_' . $_GET['pid'] . '" title="' . __("Delete Category?", "sp-cdm") . '"> <p><span class="ui-icon ui-icon-alert" style="float:left; margin:0 7px 20px 0;"></span>' . __("Are you sure you would like to delete this category? Doing so will remove all files related to this category.", "sp-cdm") . '</p> </div> <div id="edit_category_' . $_GET['pid'] . '"> <input type="hidden" name="edit_project_id" id="edit_project_id_' . $_GET['pid'] . '" value="' . $_GET['pid'] . '"> ' . sp_cdm_folder_name() . ' ' . __("Name", "sp-cdm") . ': <input value="' . stripslashes($r_project_info[0]['name']) . '" id="edit_project_name_' . $_GET['pid'] . '" type="text" name="name" style="width:200px !important"> <input type="submit" value="' . __("Save", "sp-cdm") . ' ' . sp_cdm_folder_name() . '" onclick="sp_cu_edit_project()"> </div> </div> </th> </tr> '; } } echo '</thead><tbody>'; if ($_GET['pid'] != 0) { $query_project = $wpdb->get_results("SELECT *\r\n\r\n\t\r\n\r\n\t\t\t\t\t\t\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t FROM " . $wpdb->prefix . "sp_cu_project\r\n\r\n\t\t\t\t\t\t\t\t\tWHERE id = '" . $_GET['pid'] . "'\r\n\r\n\t\t\t\t\t\t\t\t\t\r\n\r\n\t\t\t\t\t\t\t\t\t ", ARRAY_A); echo '<tr >'; do_action('spdm_file_list_column_before_folder_back'); echo '<td class="cdm_file_icon ext_directory" onclick="sp_cdm_load_project(' . $query_project[0]['parent'] . ')"></td> <td class="cdm_file_info" onclick="sp_cdm_load_project(' . $query_project[0]['parent'] . ')">« ' . __("Go Back", "sp-cdm") . '</td> <td class="cdm_file_date" onclick="sp_cdm_load_project(' . $query_project[0]['parent'] . ')"> </td> <td class="cdm_file_type" onclick="sp_cdm_load_project(' . $query_project[0]['parent'] . ')">' . __("Folder", "sp-cdm") . '</td> </tr> '; } if (count($r_projects) > 0) { for ($i = 0; $i < count($r_projects); $i++) { if ($r_projects[$i]['project_name'] != "") { echo '<tr > '; do_action('spdm_file_list_column_before_folder', $r_projects[$i]['pid']); echo ' <td class="cdm_file_icon ext_directory" onclick="sp_cdm_load_project(' . $r_projects[$i]['pid'] . ')"></td> <td class="cdm_file_info" onclick="sp_cdm_load_project(' . $r_projects[$i]['pid'] . ')">' . stripslashes($r_projects[$i]['project_name']) . '</td> <td class="cdm_file_date" onclick="sp_cdm_load_project(' . $r_projects[$i]['pid'] . ')"> </td> <td class="cdm_file_type">Folder</td> </tr> '; } } } if ($_GET['sort'] == '') { $sort = $this->order_by(); } else { $sort = $_GET['sort']; } if ($_GET['pid'] == "" or $_GET['pid'] == "0" or $_GET['pid'] == "undefined" or $_GET['pid'] == "null") { if ($_REQUEST['search'] != "") { $search_file .= " AND (name LIKE '%" . $_REQUEST['search'] . "%' or tags LIKE '%" . $_REQUEST['search'] . "%') "; $r_projects_groups_addon_search = str_replace("wp_sp_cu_project.id", "pid", $r_projects_groups_addon); } else { $search_file .= " AND pid = 0 AND parent = 0 "; } $search_file = apply_filters("sp_cdm_file_search_query", $search_file, $_GET['pid']); $r = $wpdb->get_results("SELECT * FROM " . $wpdb->prefix . "sp_cu where (uid = '" . $_GET['uid'] . "' " . $r_projects_groups_addon_search . ") \t " . $search_file . " order by " . $sort . " ", ARRAY_A); } else { if ($_REQUEST['search'] != "") { $search_file .= " AND (name LIKE '%" . $_REQUEST['search'] . "%' or tags LIKE '%" . $_REQUEST['search'] . "%') "; } else { $search_file .= " AND parent = 0 "; } $search_file = apply_filters("sp_cdm_file_search_query", $search_file, $_GET['pid']); $r = $wpdb->get_results("SELECT * FROM " . $wpdb->prefix . "sp_cu where (pid = '" . $_GET['pid'] . "') " . $search_file . " order by " . $sort . " ", ARRAY_A); } if (get_option('sp_cu_release_the_kraken') == 1) { unset($r); if ($_GET['pid'] == '') { $_GET['pid'] = 0; } if ($_REQUEST['search'] == "") { $search_file .= " AND (pid = '" . $_GET['pid'] . "') "; } $search_file = apply_filters("sp_cdm_file_search_query", $search_file, $_GET['pid']); $query = "SELECT * FROM " . $wpdb->prefix . "sp_cu where id != '' " . $search_file . " order by " . $sort . " "; //echo $query ; $r = $wpdb->get_results($query, ARRAY_A); } for ($i = 0; $i < count($r); $i++) { $ext = preg_replace('/^.*\\./', '', $r[$i]['file']); $r_cat = $wpdb->get_results("SELECT name FROM " . $wpdb->prefix . "sp_cu_cats where id = '" . $r[$i]['cid'] . "' ", ARRAY_A); if ($r_cat[0]['name'] == '') { $cat = stripslashes($r_cat[0]['name']); } else { $cat = ''; } if ($_REQUEST['search'] != "" && sp_cdm_get_project_name($r[$i]['pid']) != false) { $project_name = ' <em>(' . sp_cdm_folder_name() . ': ' . sp_cdm_get_project_name($r[$i]['pid']) . ')</em> '; } else { $project_name = ''; } echo '<tr > '; do_action('spdm_file_list_column_before_file', $r[$i]['id']); if (get_option('sp_cu_file_direct_access') == 1) { $file_link = 'window.open(\'' . SP_CDM_PLUGIN_URL . 'download.php?fid=' . base64_encode($r[$i]['id'] . '|' . $r[$i]['date'] . '|' . $r[$i]['file']) . '\')'; } else { $file_link = 'cdmViewFile(' . $r[$i]['id'] . ')'; } if (cdm_file_permissions($r[$i]['pid']) == 1) { $file_link = apply_filters('spcdm/file_list/link', $file_link, $r[$i]); echo ' <td class="cdm_file_icon ext_' . $ext . '" onclick="cdmViewFile(' . $r[$i]['id'] . ')"></td> <td class="cdm_file_info" onclick="' . $file_link . '">' . stripslashes($r[$i]['name']) . ' ' . $project_name . '</td> <td class="cdm_file_date" onclick="' . $file_link . '">' . date("F jS Y g:i A", strtotime($r[$i]['date'])) . '</td> <td class="cdm_file_type" onclick="' . $file_link . '">' . $ext . '</td> </tr> '; } } echo '</tbody></table><div style="clear:both"></div></div>'; }