} if (isset($action) && $action == "upload_file") { echo "\nhide_loading_div();\n"; if (!$re_set_can_upload) { echo "alert('" . $text['CannotUpload'] . "');\n"; } else { if (!$avail) { echo "alert('" . $text['NoAccessToThisDir'] . " \\'" . $rem_text['root'] . str_replace('\'', '\\\'', ereg_replace('^' . $initial_files_path, '/', $files_path)) . "\\'!');\n"; } else { $reason_found = false; if (isset($total_size_exceeded)) { echo "alert('" . $text['TotalSizeExceeded'] . " " . convert_file_size($re_set_total_size) . "');\n"; $reason_found = true; } if (isset($max_size_exceeded)) { echo "alert('" . $text['MaxSizeExceeded'] . " " . convert_file_size($re_set_max_size) . "');\n"; $reason_found = true; } if (isset($cannot_override)) { echo "alert('" . $text['CannotOverride'] . "');\n"; $reason_found = true; } if (isset($wrong_ext)) { echo "alert('" . $text['WrongExt'] . " " . $name . "');\n"; $reason_found = true; } if (isset($wrong_image_type)) { echo "alert('" . $text['WrongImageType'] . "');\n"; $reason_found = true; } if (isset($wrong_image_size)) {
function draw_dir_tree($files_path, $files_url, $file_type = '', &$id, $level = 1) { global $initial_files_path; global $initial_files_url; global $del_path; global $text; global $lang; global $cur_dir_id; // global $last_id; // global $last_path; // global $last_url; //prepare list of files and directories $entries = array(); $files = array(); $indx = 1; $abs_files_path = abs_path($files_path); $handle = @opendir($abs_files_path); if ($handle) { while (($file = readdir($handle)) !== false) { if ($file != '.' && $file != '..') { if (is_file($abs_files_path . $file)) { //files $files[] = $file; } else { //directory $entries[$indx]['name'] = $file; $entries[$indx]['is_dir'] = true; $indx++; } } } closedir($handle); } else { echo $text['WrongFilesPath'] . ' "' . $files_path . '"!'; return; } usort($entries, "cmp"); usort($files, "cmp"); //add list of files to list of directories while (list($k, $val) = each($files)) { $entries[$indx++]['name'] = $val; } if ($level > 1 && !($del_path && ereg("^{$files_path}(.*)", $del_path))) { $closed = true; } else { $closed = false; } if ($level == 1) { global $re_set_total_size; if ($re_set_total_size) { $total_dir_size = get_total_dir_size(abs_path(stripslashes($files_path))); echo '<tr><td class="re_remote_dirsize">' . $text['FreeSpace'] . ': ' . convert_file_size($re_set_total_size - $total_dir_size) . '/' . convert_file_size($re_set_total_size) . '</td></tr>'; } echo '<tr>'; echo '<td>'; echo '<table border="0" cellspacing="0" cellpadding="0" width="100%"><tr><td>'; echo '<b><a class="re_remote" id="dir_a' . $id . '" href="javascript: set_cur_dir(' . $id . ',\'' . $initial_files_path . '\',\'' . $initial_files_url . '\');" style="color:red">' . $text['root'] . '</a></b>'; // style="color:red" echo '</td>'; echo '<td align="right">'; global $re_set_can_create_dir; if ($re_set_can_create_dir) { echo '<a class="re_remote" href="#" onclick="window.remote_files_form.submit(); return false;">' . $text['CreateFolder'] . '</a>'; } else { echo ' '; } echo '</td>'; echo '</tr>'; echo '</table>'; echo '</td>'; echo '</tr>'; } echo '<tr height=0><td height=0><div id="dir_div' . $id . '"'; //if just created/renamed or deleted file/dir, make all parent dirs visible if ($closed) { echo 'style="display:none;"'; } echo '>'; echo '<table border="0" cellspacing="0" cellpadding="0" width="100%" height="100%">'; //adjust row heights echo '<tr><td>'; echo '<table border="0" cellspacing="0" cellpadding="0" width="100%"><tr><td>'; echo '</td></tr></table>'; echo '</td></tr>'; //draw content of the current directory if ($entries) { global $re_set_can_rename_file; global $re_set_can_delete_file; global $re_set_can_rename_dir; global $re_set_can_delete_dir; while (list($k, $val) = each($entries)) { $file = $val['name']; if (!isset($val['is_dir']) || !$val['is_dir']) { //files switch ($file_type) { case "image": case "flash": $size = @getimagesize($abs_files_path . $file); if ($size[2] != 4 && $size[2] != 13 && $file_type == 'image' && $size[2] || ($size[2] == 4 || $size[2] == 13) && $file_type == 'flash') { //image&flash echo "<tr onmouseover=\"bgColor='#6699CC';\" onmouseout=\"bgColor='';\"><td width=\"100%\">\n"; echo '<table border="0" cellspacing="0" cellpadding="0" width="100%"><tr><td>'; echo indent($level); echo '<a class="re_remote" href="#" onClick="select_remote_file(\'' . correct_path($files_url . $file) . '\',' . $size[0] . ',' . $size[1] . '); return false;">' . $file . '</a> '; echo "</td>"; echo '<td width="1">'; if ($re_set_can_rename_file) { echo '<a class="re_remote" href="?files_path=' . $initial_files_path . '&files_url=' . $initial_files_url . '&file_type=' . $file_type . '&action=rename&del_path=' . $files_path . '&file=' . rawurlencode($file) . '&lang=' . $lang . (isset($_SESSION) ? '&' . SID : '') . '">r</a>'; } echo ' </td>'; echo '<td width="1">'; if ($re_set_can_delete_file) { echo '<a class="re_remote" href="?files_path=' . $initial_files_path . '&files_url=' . $initial_files_url . '&file_type=' . $file_type . '&action=delete&del_path=' . $files_path . '&file=' . rawurlencode($file) . '&lang=' . $lang . (isset($_SESSION) ? '&' . SID : '') . '" onclick="javascript: if (window.confirm(\'' . $text['Delete'] . ' \\\'' . str_replace('\'', '\\\'', $file) . '\\\'?\')) return true; else return false;">x</a>'; } echo '</td>'; // echo '<td width="1"><a class="re_remote" href="javascript: window.location = \'?files_path='.$initial_files_path.'&files_url='.$initial_files_url.'&file_type='.$file_type.'&action=rename&del_path='.$files_path.'&file='.$file.'&lang='.$lang.'\';">r</a> </td>'; // echo '<td width="1"><a class="re_remote" href="javascript: if (window.confirm(\'Delete \\\''.$file.'\\\'?\')) window.location = \'?files_path='.$initial_files_path.'&files_url='.$initial_files_url.'&file_type='.$file_type.'&action=delete&del_path='.$files_path.'&file='.$file.'&lang='.$lang.'\';">x</a></td>'; echo '</tr></table></td>'; echo "</tr>\n"; //adjust row heights echo '<tr><td>'; echo '<table border="0" cellspacing="0" cellpadding="0" width="100%"><tr><td>'; echo '</td></tr></table>'; echo '</td></tr>'; } break; default: echo "<tr onmouseover=\"bgColor='#6699CC';\" onmouseout=\"bgColor='';\"><td width=\"100%\">\n"; echo '<table border="0" cellspacing="0" cellpadding="0" width="100%"><tr><td>'; echo indent($level); echo '<a class="re_remote" href="#" onClick="select_remote_file(\'' . correct_path($files_url . $file) . '\'); return false;">' . $file . '</a> '; echo "</td>"; echo '<td width="1">'; if ($re_set_can_rename_file) { echo '<a class="re_remote" href="?files_path=' . $initial_files_path . '&files_url=' . $initial_files_url . '&file_type=' . $file_type . '&action=rename&del_path=' . $files_path . '&file=' . rawurlencode($file) . '&lang=' . $lang . (isset($_SESSION) ? '&' . SID : '') . '">r</a>'; } echo ' </td>'; echo '<td width="1">'; if ($re_set_can_delete_file) { echo '<a class="re_remote" href="?files_path=' . $initial_files_path . '&files_url=' . $initial_files_url . '&file_type=' . $file_type . '&action=delete&del_path=' . $files_path . '&file=' . rawurlencode($file) . '&lang=' . $lang . (isset($_SESSION) ? '&' . SID : '') . '" onclick="javascript: if (window.confirm(\'' . $text['Delete'] . ' \\\'' . str_replace('\'', '\\\'', $file) . '\\\'?\')) return true; else return false;">x</a>'; } echo '</td>'; // echo '<td width="1"><a class="re_remote" href="javascript: window.location = \'?files_path='.$initial_files_path.'&files_url='.$initial_files_url.'&file_type='.$file_type.'&action=rename&del_path='.$files_path.'&file='.rawurlencode($file).'&lang='.$lang.'\';">r</a> </td>'; // echo '<td width="1"><a class="re_remote" href="javascript: if (window.confirm(\'Delete \\\''.$file.'\\\'?\')) window.location = \'?files_path='.$initial_files_path.'&files_url='.$initial_files_url.'&file_type='.$file_type.'&action=delete&del_path='.$files_path.'&file='.$file.'&lang='.$lang.'\';">x</a></td>'; echo '</tr></table></td>'; echo "</tr>\n"; //adjust row heights echo '<tr><td>'; echo '<table border="0" cellspacing="0" cellpadding="0" width="100%"><tr><td>'; echo '</td></tr></table>'; echo '</td></tr>'; break; } //switch } else { //directories $id++; //get unique div id if (!($del_path && ereg("^{$files_path}{$file}/(.*)", $del_path))) { $closed = true; } else { $closed = false; if ($del_path == $files_path . $file . '/') { $cur_dir_id = $id; } } echo "<tr onmouseover=\"bgColor='#6699CC';\" onmouseout=\"bgColor='';\"><td width=\"100%\">\n"; echo '<table border="0" cellspacing="0" cellpadding="0" width="100%"><tr><td>'; echo indent($level); echo '<img width="11" height="11" id="dir_img' . $id . '" style="cursor:hand" onclick="switch_div(' . $id . ');" src="images/'; if (!$closed) { echo 'minus.gif'; } else { echo 'plus.gif'; } echo '"> '; echo '<b><a class="re_remote" id="dir_a' . $id . '" href="javascript: set_cur_dir(' . $id . ',\'' . str_replace('\'', '\\\'', $files_path . $file) . '/\',\'' . str_replace('\'', '\\\'', $files_url . $file) . '/\');">' . $file . '</a></b> </td>'; echo '<td width="1">'; if ($re_set_can_rename_dir) { echo '<a class="re_remote" href="?files_path=' . $initial_files_path . '&files_url=' . $initial_files_url . '&file_type=' . $file_type . '&action=rename&del_path=' . $files_path . '&file=' . rawurlencode($file) . '&lang=' . $lang . (isset($_SESSION) ? '&' . SID : '') . '">r</a>'; } echo ' </td>'; echo '<td width="1">'; if ($re_set_can_delete_dir) { echo '<a class="re_remote" href="?files_path=' . $initial_files_path . '&files_url=' . $initial_files_url . '&file_type=' . $file_type . '&action=delete&del_path=' . $files_path . '&file=' . rawurlencode($file) . '&lang=' . $lang . (isset($_SESSION) ? '&' . SID : '') . '" onclick="javascript: if (window.confirm(\'' . $text['Delete'] . ' \\\'' . str_replace('\'', '\\\'', $file) . '\\\'?\')) return true; else return false;">x</a>'; } echo '</td>'; // echo '<td width="1"><a class="re_remote" href="javascript: window.location = \'?files_path='.$initial_files_path.'&files_url='.$initial_files_url.'&file_type='.$file_type.'&action=rename&del_path='.$files_path.'&file='.rawurlencode($file).'&lang='.$lang.'\';">r</a> </td>'; // echo '<td width="1"><a class="re_remote" href="javascript: if (window.confirm(\'Delete \\\''.$file.'\\\'?\')) window.location = \'?files_path='.$initial_files_path.'&files_url='.$initial_files_url.'&file_type='.$file_type.'&action=delete&del_path='.$files_path.'&file='.rawurlencode($file).'&lang='.$lang.'\';">x</a></td>'; echo '</tr></table></td>'; echo "</tr>\n"; draw_dir_tree($files_path . $file . '/', $files_url . $file . '/', $file_type, $id, $level + 1); } } } echo '</table></div></td></tr>'; }
/** * database entry part of the file uploading process * */ function __filesAdd() { //profiling $this->data['controller_profiling'][] = __FUNCTION__; //flow control $next = true; //check if any post data (avoid direct url access) if (!isset($_POST['submit'])) { redirect('/admin/files/' . $this->project_id . '/view'); } //PERMISSIONS CHECK - PROJECT //do this check after __commonAll_ProjectBasics() if ($this->data['project_permissions']['add_item_my_project_files'] != 1) { redirect('/admin/error/permission-denied'); } //validate form & display any errors if (!$this->__flmFormValidation('add_file')) { //show error $this->notices('error', $this->form_processor->error_message); $next = false; } //validate hidden fields if ($next) { //array of hidden fields and their check type $hidden_fields = array('files_project_id' => 'numeric', 'files_client_id' => 'numeric', 'files_events_id' => 'string', 'files_uploaded_by' => 'string', 'files_uploaded_by_id' => 'numeric', 'files_size' => 'numeric', 'files_foldername' => 'string', 'files_extension' => 'string'); //loop through and validate each hidden field foreach ($hidden_fields as $key => $value) { if ($value == 'numeric' && !is_numeric($_POST[$key]) || $value == 'string' && $_POST[$key] == '') { //log this error $this->__errorLogging(__LINE__, __FUNCTION__, __FILE__, "Adding new file failed: Required hidden form field ({$key}) missing or invalid"); //show error $this->notices('error', $this->data['lang']['lang_request_could_not_be_completed']); $next = false; } } } //add new file to database if ($next) { //human file size $this->data['vars']['files_size_human'] = convert_file_size($this->input->post('files_size')); if ($result = $this->files_model->addFile()) { //show success $this->notices('success', $this->data['lang']['lang_request_has_been_completed']); //events tracker $this->__eventsTracker('new_file', array('target_id' => $result)); //email notification $this->__emailer('mailqueue_new_file', $email_vars); } else { //show error $this->notices('error', $this->data['lang']['lang_request_could_not_be_completed']); } } $this->data['debug'][] = $this->tasks_model->debug_data; //show files page $this->__filesView(); }