コード例 #1
0
ファイル: plugin.php プロジェクト: KasaiDot/Dashboard2
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager;
     if (isset($manager->types[$data['type']]['content']['files']) && ($data['sheet'] == 'attachments' || $data['sheet'] == 'files')) {
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') {
             $tpl = new Template($this->getTemplate('json.template'));
             if ($data['sheet'] == 'files') {
                 $tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision']));
             } else {
                 $tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision']));
             }
             echo $tpl->fetch();
             exit;
         }
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') {
             $res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\tfilename='" . addslashes($_POST['delete']) . "'\r\n\t\t\t\t\t");
             if ($row = sql::fetch_array($res)) {
                 $directory = _BASE_MEDIA_ . 'files/';
                 if (file_exists($directory . $row['filename'])) {
                     unlink($directory . $row['filename']);
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\tfilename='" . addslashes($row['filename']) . "'\r\n\t\t\t\t\t\t");
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             exit;
         }
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             if (isset($_REQUEST['files']) && is_array($_REQUEST['files'])) {
                 // Update title and position
                 while (list($id, $file) = each($_REQUEST['files'])) {
                     $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\ttitle='" . addslashes($file['title']) . "',\r\n\t\t\t\t\t\t\t\t\tposition='" . addslashes($file['position']) . "'\r\n\t\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND \r\n\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "' AND \r\n\t\t\t\t\t\t\t\t\tfilename='" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
                 }
                 // Mark this action as a modification
                 revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             }
             if (isset($_FILES['Filedata'])) {
                 $flashUsed = preg_match('/Flash/i', $_SERVER['HTTP_USER_AGENT']);
                 if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
                     $directory = _BASE_MEDIA_ . 'files/';
                     $original = $_FILES['Filedata']['name'];
                     $contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']);
                     $filename = files::getUniqueName($contenttype, $directory);
                     if (files::allowedContentType($contenttype)) {
                         // Insert into database...
                         @move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename);
                         $attachment = $data['sheet'] == 'files' ? 0 : 1;
                         $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\t\tID = " . $data['params']['id'] . " AND\r\n\t\t\t\t\t\t\t\t\t\trevision = " . $data['params']['revision'] . " AND\r\n\t\t\t\t\t\t\t\t\t\tattachment = " . $attachment . "\r\n\t\t\t\t\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t\t\t\t\tposition DESC\r\n\t\t\t\t\t\t\t\t\tLIMIT 1\r\n\t\t\t\t\t\t\t\t");
                         if ($row = sql::fetch_array($res)) {
                             $position = $row['position'] + 1;
                         } else {
                             $position = 0;
                         }
                         $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO \r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_files \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "', \r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\ttitle='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\tposition='" . $position . "',\r\n\t\t\t\t\t\t\t\t\t\tattachment='" . $attachment . "',\r\n\t\t\t\t\t\t\t\t\t\tmodified=NOW()\r\n\t\t\t\t\t\t\t\t");
                         // Mark this action as a modification
                         revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
                         if (!$flashUsed) {
                             header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                         } else {
                             // Workaround for a Flash bug on OS X.. We need to send back content... any content will do
                             echo " ";
                             flush();
                         }
                     } else {
                         if ($flashUsed) {
                             header("HTTP/1.1 415 Unsupported Media Type");
                             header("Status: 415 Unsupported Media Type");
                         } else {
                             header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                         }
                     }
                     exit;
                 } else {
                     switch ($_FILES['Filedata']['error']) {
                         case UPLOAD_ERR_INI_SIZE:
                         case UPLOAD_ERR_FORM_SIZE:
                             if ($flashUsed) {
                                 header("HTTP/1.1 413 Request Entity Too Large");
                                 header("Status: 413 Request Entity Too Large");
                             } else {
                                 header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                             }
                             break;
                         case UPLOAD_ERR_NO_FILE:
                         case UPLOAD_ERR_PARTIAL:
                             if ($flashUsed) {
                                 header("HTTP/1.1 400 Bad Request");
                                 header("Status: 400 Bad Request");
                             } else {
                                 header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                             }
                             break;
                         case UPLOAD_ERR_NO_TMP_DIR:
                         case UPLOAD_ERR_CANT_WRITE:
                         case UPLOAD_ERR_EXTENSION:
                         default:
                             if ($flashUsed) {
                                 header("HTTP/1.1 500 Internal Error");
                                 header("Status: 500 Internal Error");
                             } else {
                                 header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
                             }
                             break;
                     }
                     exit;
                 }
             }
             header("Location: " . url::item($data['params']['id'], 'edit') . "/" . $data['sheet'] . "?revision=" . $data['params']['revision']);
             exit;
         }
         $tpl = new Template($this->getTemplate('editor.template'));
         if ($data['sheet'] == 'files') {
             $tpl->set("files", $this->_files_list($data['params']['id'], $data['params']['revision']));
         } else {
             $tpl->set("files", $this->_attachments_list($data['params']['id'], $data['params']['revision']));
         }
         $tpl->set("id", $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         $tpl->set("filemask", files::getFilemask());
         $tpl->set("ticket", ticket::generate($data['params']['id']));
         $tpl->set("sheet", $data['sheet']);
         $data['template']->append('content', $tpl->fetch());
         // Make sure the following assets are included
         $data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/flash.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/upload.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/progress.js');
         $data['page']->assets->registerCSS($this->localAsset('editor.css'));
         $data['page']->assets->registerJavascript($this->localAsset('editor.js'));
     }
 }
コード例 #2
0
ファイル: plugin.php プロジェクト: KasaiDot/Dashboard2
 function event_ExecuteEditor(&$data)
 {
     global $lang, $manager;
     if (isset($manager->types[$data['type']]['content']['movie']) && $data['sheet'] == 'movie') {
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'list') {
             $res = sql::query("\r\n\t\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t\t*\r\n\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
             $tpl = new Template($this->getTemplate('json.template'));
             if ($movie = sql::fetch_array($res)) {
                 $tpl->set("movie", $movie);
             }
             echo $tpl->fetch();
             exit;
         }
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'delete') {
             $res = sql::query("\r\n\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t* \r\n\t\t\t\t\t\tFROM \r\n\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t");
             if ($row = sql::fetch_array($res)) {
                 $directory = _BASE_MEDIA_ . 'movies/';
                 if (file_exists($directory . $row['filename'])) {
                     unlink($directory . $row['filename']);
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM \r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tWHERE \r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t");
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             exit;
         }
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             /* Upload */
             if (isset($_FILES['Filedata'])) {
                 if ($_FILES['Filedata']['error'] == UPLOAD_ERR_OK && is_uploaded_file($_FILES['Filedata']['tmp_name'])) {
                     $directory = _BASE_MEDIA_ . 'movies/';
                     $original = $_FILES['Filedata']['name'];
                     $contenttype = files::getCleanContentType($_FILES['Filedata']['type'], $_FILES['Filedata']['name']);
                     $filename = files::getUniqueName($contenttype, $directory);
                     if (files::allowedContentType($contenttype, 'movie')) {
                         // Insert into database...
                         move_uploaded_file($_FILES['Filedata']['tmp_name'], $directory . $filename);
                         $res = sql::query("\r\n\t\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie \r\n\t\t\t\t\t\t\t\t\tSET \r\n\t\t\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "', \r\n\t\t\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "',\r\n\t\t\t\t\t\t\t\t\t\tfilename='" . addslashes($filename) . "', \r\n\t\t\t\t\t\t\t\t\t\tname='" . addslashes($original) . "',\r\n\t\t\t\t\t\t\t\t\t\ttype='" . addslashes($contenttype) . "', \r\n\t\t\t\t\t\t\t\t\t\tsize='" . addslashes($_FILES['Filedata']['size']) . "',\r\n\t\t\t\t\t\t\t\t\t\twidth=320,\r\n\t\t\t\t\t\t\t\t\t\theight=240,\r\n\t\t\t\t\t\t\t\t\t\tautostart=0\r\n\t\t\t\t\t\t\t\t");
                         // Mark this action as a modification
                         revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
                         // Workaround for a Flash bug on OS X.. We need to send back content... any content will do
                         echo " ";
                         flush();
                         exit;
                     } else {
                         header("HTTP/1.1 415 Unsupported Media Type");
                         header("Status: 415 Unsupported Media Type");
                         exit;
                     }
                 } else {
                     switch ($_FILES['Filedata']['error']) {
                         case UPLOAD_ERR_INI_SIZE:
                         case UPLOAD_ERR_FORM_SIZE:
                             header("HTTP/1.1 413 Request Entity Too Large");
                             header("Status: 413 Request Entity Too Large");
                             exit;
                         case UPLOAD_ERR_NO_FILE:
                         case UPLOAD_ERR_PARTIAL:
                         default:
                             header("HTTP/1.1 400 Bad Request");
                             header("Status: 400 Bad Request");
                             exit;
                     }
                 }
             } else {
                 // Update size and autostart
                 $autostart = isset($_REQUEST['autostart']) ? intval($_REQUEST['autostart']) : 0;
                 $width = isset($_REQUEST['size']) ? intval($_REQUEST['size']) : 320;
                 switch ($width) {
                     case 320:
                         $height = 240;
                     case 640:
                         $height = 480;
                     default:
                         $height = round($width / 4 * 3);
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\twidth='" . addslashes($width) . "',\r\n\t\t\t\t\t\t\t\theight='" . addslashes($height) . "',\r\n\t\t\t\t\t\t\t\tautostart='" . addslashes($autostart) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t\t\t");
             }
             // Mark this action as a modification
             revisions::updateModificationDate($data['params']['id'], $data['params']['revision']);
             header("Location: " . url::item($data['params']['id'], 'edit') . "/movie?revision=" . $data['params']['revision']);
             exit;
         }
         $res = sql::query("\r\n\t\t\t\t\tSELECT\r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "contents_movie\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tID='" . $data['params']['id'] . "' AND\r\n\t\t\t\t\t\trevision='" . $data['params']['revision'] . "'\r\n\t\t\t\t");
         $tpl = new Template($this->getTemplate('editor.template'));
         if ($movie = sql::fetch_array($res)) {
             $tpl->set("movie", $movie);
         }
         $tpl->set("id", $data['params']['id']);
         $tpl->set("revision", $data['params']['revision']);
         $tpl->set("filemask", files::getFilemask('movie'));
         $tpl->set("ticket", ticket::generate($data['params']['id']));
         $data['template']->append('content', $tpl->fetch());
         // Make sure the following assets are included
         $data['page']->assets->registerJavascript('/core/assets/javascript/plugin.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/flash.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/upload.js');
         $data['page']->assets->registerJavascript('/core/assets/javascript/progress.js');
         $data['page']->assets->registerJavascript($this->localAsset('editor.js'));
         $data['page']->assets->registerJavascript($this->localAsset('player.js'));
     }
 }
コード例 #3
0
ファイル: plugin.php プロジェクト: KasaiDot/Dashboard2
 function action_medialibrary($args)
 {
     global $lang, $user;
     $folder = isset($_REQUEST['folder']) ? $_REQUEST['folder'] : (isset($_SESSION['lastFolder']) ? $_SESSION['lastFolder'] : 1);
     $_SESSION['lastFolder'] = $folder;
     $res = sql::query("\r\n\t\t\t\tSELECT \r\n\t\t\t\t\t*\r\n\t\t\t\tFROM\r\n\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tID = '" . $folder . "'\r\n\t\t\t");
     if (sql::num_rows($res) == 0) {
         $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t`order`\r\n\t\t\t\t\tLIMIT 1\r\n\t\t\t\t");
         if ($row = sql::fetch_array($res)) {
             $folder = $row['ID'];
         }
     }
     $flash = false;
     // Map Flash upload name to regular upload name
     if (isset($_FILES['Filedata'])) {
         $flash = true;
         $_FILES['file'] =& $_FILES['Filedata'];
     }
     if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_FILES['file'])) {
         if ($_FILES['file']['error'] > UPLOAD_ERR_OK) {
             error_log('Could not upload file because error ' . $_FILES['file']['error'] . ' occurred');
         } else {
             if (is_uploaded_file($_FILES['file']['tmp_name'])) {
                 $directory = _BASE_MEDIA_ . 'images/';
                 $original = $_FILES['file']['name'];
                 $contenttype = files::getCleanContentType($_FILES['file']['type'], $_FILES['file']['name']);
                 $filename = files::getUniqueName($contenttype, $directory);
                 if (files::allowedContentType($contenttype, 'picture')) {
                     // Move file to the media directory
                     move_uploaded_file($_FILES['file']['tmp_name'], $directory . $filename);
                     // Get information from the file...
                     list($width, $height) = getimagesize($directory . $filename);
                     $size = round(filesize($directory . $filename) / 1024);
                     // Insert it into the database
                     $res = sql::query("\r\n\t\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "',\r\n\t\t\t\t\t\t\t\t\tfilename = '" . addslashes($filename) . "',\r\n\t\t\t\t\t\t\t\t\toriginal = '" . addslashes(basename($original)) . "',\r\n\t\t\t\t\t\t\t\t\twidth = '" . $width . "',\r\n\t\t\t\t\t\t\t\t\theight = '" . $height . "',\r\n\t\t\t\t\t\t\t\t\tsize = '" . $size . "',\r\n\t\t\t\t\t\t\t\t\tmodified = NOW()\r\n\t\t\t\t\t\t\t");
                     if ($flash) {
                         // Workaround for a Flash bug on OS X.. We need to send back content... any content will do
                         echo " ";
                         flush();
                     }
                 } else {
                     error_log('Could not upload file because its mimetype was not recognized or rejected');
                 }
             } else {
                 error_log('Could not upload file because it got lost on the server');
             }
         }
         if ($flash == false) {
             header('Location: ' . url::action('medialibrary') . '?folder=' . $folder);
         }
         exit;
     } else {
         if (isset($_REQUEST['json'])) {
             if ($_REQUEST['json'] == 'editImage' && isset($_REQUEST['image'])) {
                 $id = intval($_REQUEST['image']);
                 $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\toriginal = '" . addslashes($_REQUEST['value']) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t");
                 echo $_REQUEST['value'];
                 exit;
             }
             if ($_REQUEST['json'] == 'moveImage' && isset($_REQUEST['image'])) {
                 $ids = explode(',', $_REQUEST['image']);
                 while (list(, $id) = each($ids)) {
                     $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "'\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
                 }
                 exit;
             }
             if ($_REQUEST['json'] == 'deleteImage' && isset($_REQUEST['image'])) {
                 $ids = explode(',', $_REQUEST['image']);
                 while (list(, $id) = each($ids)) {
                     $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\tdeleted = 1\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\t\t\t\tid = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
                 }
                 exit;
             }
             if ($_REQUEST['json'] == 'orderFolder' && isset($_REQUEST['folders'])) {
                 $order = 0;
                 while (list(, $id) = each($_REQUEST['folders'])) {
                     $res = sql::query("\r\n\t\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t\t`order` = " . $order . "\r\n\t\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\t\tID = '" . addslashes($id) . "'\r\n\t\t\t\t\t\t\t");
                     $order++;
                 }
                 exit;
             }
             if ($_REQUEST['json'] == 'editFolder' && isset($_REQUEST['value'])) {
                 $res = sql::query("\r\n\t\t\t\t\t\t\tUPDATE\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\tname = '" . addslashes($_REQUEST['value']) . "'\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID = '" . addslashes($folder) . "'\r\n\t\t\t\t\t\t");
                 echo $_REQUEST['value'];
                 exit;
             }
             if ($_REQUEST['json'] == 'deleteFolder') {
                 $res = sql::query("\r\n\t\t\t\t\t\t\tDELETE FROM\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\t\tID = '" . addslashes($folder) . "'\r\n\t\t\t\t\t\t");
                 exit;
             }
             if ($_REQUEST['json'] == 'newFolder') {
                 $res = sql::query("\r\n\t\t\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t\t\tMAX(`order`) AS max\r\n\t\t\t\t\t\t\tFROM\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t");
                 if ($row = sql::fetch_array($res)) {
                     $order = $row['max'] + 1;
                 } else {
                     $order = 0;
                 }
                 $res = sql::query("\r\n\t\t\t\t\t\t\tINSERT INTO\r\n\t\t\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\t\t\tSET\r\n\t\t\t\t\t\t\t\t`name` = '" . addslashes($user->lang->s('untitled')) . "',\r\n\t\t\t\t\t\t\t\t`order` = " . $order . "\r\n\t\t\t\t\t\t");
                 echo '[{id: "' . sql::insert_id() . '", name: "' . addslashes($user->lang->s('untitled')) . '"}]';
                 exit;
             }
         }
         // Show contents....
         $files = array();
         $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\tfolder = '" . $folder . "' AND\r\n\t\t\t\t\t\tdeleted = 0\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\tmodified DESC\r\n\t\t\t\t");
         while ($row = sql::fetch_array($res)) {
             $files[] = array('id' => $row['ID'], 'imageurl' => _BASE_URL_ . '/media/images/' . $row['filename'], 'thumburl' => _BASE_URL_ . '/media/images/' . $row['filename'] . '?s{size}', 'name' => $row['original'], 'width' => $row['width'], 'height' => $row['height'], 'size' => $row['size']);
         }
         $res = sql::query("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\t*\r\n\t\t\t\t\tFROM\r\n\t\t\t\t\t\t" . _TABLE_PREFIX_ . "media_folder\r\n\t\t\t\t\tORDER BY\r\n\t\t\t\t\t\t`order`\r\n\t\t\t\t");
         while ($row = sql::fetch_array($res)) {
             $folders[] = $row;
         }
         if (isset($_REQUEST['json']) && $_REQUEST['json'] == 'loadData') {
             $tpl = new Template($this->getTemplate('data.template'));
         } else {
             $tpl = new Template($this->getTemplate('main.template'));
         }
         $tpl->set("files", $files);
         $tpl->set("folders", $folders);
         $tpl->set("current_folder", $folder);
         echo $tpl->fetch();
         exit;
     }
 }