if (!serendipity_checkFormToken() || !serendipity_checkPermission('adminImagesDirectories')) {
return;
}
$data['case_directoryDoCreate'] = true;
$new_dir = serendipity_uploadSecure($serendipity['POST']['parent'] . '/' . serendipity_makeFilename($serendipity['POST']['name']), true);
$new_dir = str_replace(array('..', '//'), array('', '/'), $new_dir);
$nd = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $new_dir;
serendipity_plugin_api::hook_event('backend_directory_create', $nd);
/* TODO: check if directory already exist */
if (is_dir($nd) || @mkdir($nd)) {
$data['print_DIRECTORY_CREATED'] = sprintf(DIRECTORY_CREATED, $serendipity['POST']['name']);
@umask(00);
@chmod($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $new_dir, 0777);
// Apply parent ACL to new child.
$array_parent_read = serendipity_ACLGet(0, 'directory', 'read', $serendipity['POST']['parent']);
$array_parent_write = serendipity_ACLGet(0, 'directory', 'write', $serendipity['POST']['parent']);
if (!is_array($array_parent_read) || count($array_parent_read) < 1) {
$parent_read = array(0);
} else {
$parent_read = array_keys($array_parent_read);
}
if (!is_array($array_parent_write) || count($array_parent_write) < 1) {
$parent_write = array(0);
} else {
$parent_write = array_keys($array_parent_write);
}
serendipity_ACLGrant(0, 'directory', 'read', $parent_read, $new_dir . '/');
serendipity_ACLGrant(0, 'directory', 'write', $parent_write, $new_dir . '/');
} else {
$data['print_DIRECTORY_WRITE_ERROR'] = sprintf(DIRECTORY_WRITE_ERROR, $new_dir);
}
/**
* Checks whether a user has access to write into a directory
*
* @access public
* @param string Directory to check
* @return boolean
*/
function serendipity_checkDirUpload($dir)
{
global $serendipity;
/*
if (serendipity_checkPermission('adminImagesMaintainOthers')) {
return true;
}
*/
$allowed = serendipity_ACLGet(0, 'directory', 'write', $dir);
$mygroups = serendipity_checkPermission(null, null, true);
// Usergroup "0" always means that access is granted. If no array exists, no ACL restrictions have been set and all is fine.
if (!is_array($allowed) || isset($allowed[0])) {
return true;
}
if (!is_array($mygroups)) {
return true;
}
foreach ($mygroups as $grpid => $grp) {
if (isset($allowed[$grpid])) {
return true;
break;
}
}
return false;
}
foreach ($cats as $cat_data) {
if ($cat_data['categoryid'] != $serendipity['GET']['cid'] && (serendipity_checkPermission('adminCategoriesMaintainOthers') || $cat_data['authorid'] == '0' || $cat_data['authorid'] == $serendipity['authorid'])) {
$data['cats'][] = $cat_data;
}
}
}
}
if ($serendipity['GET']['adminAction'] == 'edit' || $serendipity['GET']['adminAction'] == 'new' || $serendipity['GET']['adminAction'] == 'newSub') {
if ($serendipity['GET']['adminAction'] == 'edit') {
$data['edit'] = true;
$cid = (int) $serendipity['GET']['cid'];
$this_cat = serendipity_fetchCategoryInfo($cid);
$data['category_name'] = $this_cat['category_name'];
$save = SAVE;
$read_groups = serendipity_ACLGet($cid, 'category', 'read');
$write_groups = serendipity_ACLGet($cid, 'category', 'write');
} else {
$data['new'] = true;
$cid = false;
$this_cat = array();
echo '<h2>' . CREATE_NEW_CAT . '</h2>';
$save = CREATE;
$read_groups = array(0 => 0);
$write_groups = array(0 => 0);
}
if ($serendipity['GET']['adminAction'] == 'newSub') {
$data['new'] = true;
$data['newSub'] = true;
$this_cat['parentid'] = (int) $serendipity['GET']['cid'];
}
$data['cid'] = $cid;
