/** * Shows a screen where you can select the file to upload */ function media_choose() { global $CONF, $member, $manager; $currentCollection = requestVar('collection'); $collections = MEDIA::getCollectionList(); media_head(); ?> <h1><?php echo _UPLOAD_TITLE; ?> </h1> <p><?php echo _UPLOAD_MSG; ?> </p> <form method="post" enctype="multipart/form-data" action="media.php"> <div> <input type="hidden" name="action" value="uploadfile" /> <?php $manager->addTicketHidden(); ?> <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']; ?> " /> File: <br /> <input name="uploadfile" type="file" size="40" /> <?php if (sizeof($collections) > 1) { ?> <br /><br /><label for="upload_collection">Collection:</label> <br /><select name="collection" id="upload_collection"> <?php foreach ($collections as $dirname => $description) { echo '<option value="', htmlspecialchars($dirname), '"'; if ($dirname == $currentCollection) { echo ' selected="selected"'; } echo '>', htmlspecialchars($description), '</option>'; } ?> </select> <?php } else { ?> <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection')); ?> " /> <?php } // if sizeof ?> <br /><br /> <input type="submit" value="<?php echo _UPLOAD_BUTTON; ?> " id="insert" class="button" /> </div> </form> <?php media_foot(); }
/** * checks if a collection exists with the given name, and if it's * allowed for the currently logged in member to upload files to it */ function isValidCollection($collectionName, $exceptReadOnly = false) { global $member, $DIR_MEDIA; // allow creating new private directory if ($collectionName === (string) $member->getID()) { return true; } $collections = MEDIA::getCollectionList($exceptReadOnly); $dirname = $collections[$collectionName]; if ($dirname == NULL || $dirname === PRIVATE_COLLECTION) { return false; } // other collections should exist and be writable $collectionDir = $DIR_MEDIA . $collectionName; if ($exceptReadOnly) { return @is_dir($collectionDir) && @is_writable($collectionDir); } // other collections should exist return @is_dir($collectionDir); }