<?php

$relPath = "./../../pinc/";
include_once $relPath . 'base.inc';
include_once $relPath . 'misc.inc';
include_once $relPath . 'user_is.inc';
include_once $relPath . 'project_edit.inc';
include_once $relPath . 'DPage.inc';
include_once $relPath . 'Project.inc';
include_once $relPath . 'projectinfo.inc';
require_login();
$projectid = validate_projectID('project', @$_GET['project']);
$loading_tpnv = @$_GET['tpnv'] == '1';
abort_if_cant_edit_project($projectid);
if (!user_can_add_project_pages($projectid, $loading_tpnv == 1 ? "tp&v" : "normal")) {
    // abort if a load_disabled user is trying to load normal pages into an empty project
    check_user_can_load_projects(true);
    // exit if they can't
    // otherwise the state must have been wrong
    echo "<p>" . _("Pages cannot be added to the project in its current state.") . "</p>";
    exit;
}
if ($_GET['rel_source'] == '') {
    die('rel_source parameter is empty or unset');
} else {
    $rel_source = $_GET['rel_source'];
    if (get_magic_quotes_gpc()) {
        $rel_source = stripslashes($rel_source);
    }
    // Prevent sneaky parent-link tricks.
    if (str_contains($rel_source, "..")) {
function do_early_uploads()
{
    global $project, $code_url, $pguser;
    global $uploads_host, $uploads_account, $uploads_password;
    if (!$project->can_be_managed_by_current_user) {
        return;
    }
    $projectid = $project->projectid;
    $add_reminder = FALSE;
    $user_dir = str_replace(' ', '_', $pguser);
    // Load TP&V (Title Page & Verso) images
    if (user_can_add_project_pages($projectid, "tp&v")) {
        echo "<br>\n";
        echo "<form method='get' action='{$code_url}/tools/project_manager/add_files.php'>\n";
        echo "<input type='hidden' name='project' value='{$projectid}'>\n";
        echo "<input type='hidden' name='tpnv' value='1'>\n";
        echo "<b>", _("Add title page and verso from directory or zip file:"), "</b>";
        echo "<br>\n";
        $initial_rel_source = "{$user_dir}/";
        echo "~{$uploads_account}/ <input type='text' name='rel_source' size='50' value='{$initial_rel_source}'>";
        echo "<br>\n";
        echo "<input type='submit' value='", attr_safe(_("Add")), "'>";
        echo "<br>\n";
        echo "</form>\n";
        $add_reminder = TRUE;
    }
    // Load text+images from uploads area into project.
    // Can do this if it's a new project (as measured by the state it's in)
    // If the user is disabled from uploading new projects, they can only
    // do this if the project already has some pages loaded, but there is
    // no need to display a message reminding them that they can't, as
    // there will already be one instead of the clone project link, just above.
    if (user_can_add_project_pages($projectid, "normal")) {
        echo "<br>\n";
        echo "<form method='get' action='{$code_url}/tools/project_manager/add_files.php'>\n";
        echo "<input type='hidden' name='project' value='{$projectid}'>\n";
        echo _("Add/Replace text and images from directory or zip file:");
        echo "<br>\n";
        $initial_rel_source = "Users/{$user_dir}/";
        echo "~{$uploads_account}/ <input type='text' name='rel_source' size='50' value='{$initial_rel_source}'>";
        echo "<br>\n";
        echo "<p>\n";
        echo _("Remember to upload the illustration files as well as the page files!");
        echo "</p>\n";
        echo "<input type='submit' value='", attr_safe(_("Add/Replace")), "'>";
        echo "<br>\n";
        echo "</form>\n";
        $add_reminder = TRUE;
    }
    if ($add_reminder) {
        echo "<p>";
        echo sprintf(_("To upload your files to %s, use the <a href='tools/project_manager/remote_file_manager.php'>remote file manager</a>."), "~{$uploads_account}");
        // if the site has $uploads_host set, show the FTP details
        if ($uploads_host) {
            echo "<br>";
            echo sprintf(_("For FTP uploads, use host=%s account=%s password=%s"), "<b>{$uploads_host}</b>", "<b>{$uploads_account}</b>", "<i><font color='#DDDDDD'>{$uploads_password}</font></i>");
        }
        echo "</p>";
    }
}