/** * Adds a new author account * * @access public * @param string New username * @param string New password * @param string The realname of the user * @param string The email address of the user * @param int The userlevel of a user * @return int The new user ID of the added author */ function serendipity_addAuthor($username, $password, $realname, $email, $userlevel = 0, $hashtype = 1) { global $serendipity; $password = serendipity_hash($password); $query = "INSERT INTO {$serendipity['dbPrefix']}authors (username, password, realname, email, userlevel, hashtype)\n VALUES ('" . serendipity_db_escape_string($username) . "',\n '" . serendipity_db_escape_String($password) . "',\n '" . serendipity_db_escape_String($realname) . "',\n '" . serendipity_db_escape_String($email) . "',\n '" . serendipity_db_escape_String($userlevel) . "',\n '" . serendipity_db_escape_String($hashtype) . "'\n )"; serendipity_db_query($query); $cid = serendipity_db_insert_id('authors', 'authorid'); $data = array('authorid' => $cid, 'username' => $username, 'realname' => $realname, 'email' => $email); serendipity_insertPermalink($data, 'author'); return $cid; }
/** * Moves a media directory * * @param string The old directory * @param string The new directory * @param string The type of what to remove (dir|file|filedir) * @param string An item id of a file * @return boolean * */ function serendipity_moveMediaDirectory($oldDir, $newDir, $type = 'dir', $item_id = null, $file = null) { global $serendipity; $real_oldDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir; $real_newDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir; if ($type == 'dir') { if (!is_dir($real_oldDir)) { printf(ERROR_FILE_NOT_EXISTS . '<br />', $oldDir); return false; } if (is_dir($real_newDir)) { printf(ERROR_FILE_EXISTS . '<br />', $newDir); return false; } if (!rename($real_oldDir, $real_newDir)) { printf(MEDIA_DIRECTORY_MOVE_ERROR . '<br />', $newDir); return false; } printf(MEDIA_DIRECTORY_MOVED . '<br />', $newDir); $dirs = serendipity_db_query("SELECT id, path\n FROM {$serendipity['dbPrefix']}images\n WHERE path LIKE '" . serendipity_db_escape_string($oldDir) . "%'", false, 'assoc'); if (is_array($dirs)) { foreach ($dirs as $dir) { $old = $dir['path']; $new = preg_replace('@^(' . preg_quote($oldDir) . ')@i', $newDir, $old); serendipity_db_query("UPDATE {$serendipity['dbPrefix']}images\n SET path = '" . serendipity_db_escape_string($new) . "'\n WHERE id = {$dir['id']}"); } } $dirs = serendipity_db_query("SELECT groupid, artifact_id, artifact_type, artifact_mode, artifact_index\n FROM {$serendipity['dbPrefix']}access\n WHERE artifact_type = 'directory'\n AND artifact_index LIKE '" . serendipity_db_escape_string($oldDir) . "%'", false, 'assoc'); if (is_array($dirs)) { foreach ($dirs as $dir) { $old = $dir['artifact_index']; $new = preg_replace('@^(' . preg_quote($oldDir) . ')@i', $newDir, $old); serendipity_db_query("UPDATE {$serendipity['dbPrefix']}access\n SET artifact_index = '" . serendipity_db_escape_string($new) . "'\n WHERE groupid = '" . serendipity_db_escape_string($dir['groupid']) . "'\n AND artifact_id = '" . serendipity_db_escape_string($dir['artifact_id']) . "'\n AND artifact_type = '" . serendipity_db_escape_string($dir['artifact_type']) . "'\n AND artifact_mode = '" . serendipity_db_escape_string($dir['artifact_mode']) . "'\n AND artifact_index = '" . serendipity_db_escape_string($dir['artifact_index']) . "'"); } } } if ($type == 'file') { if (serendipity_isActiveFile(basename($newDir))) { printf(ERROR_FILE_FORBIDDEN, htmlspecialchars($newDir)); return false; } if ($file['hotlink']) { serendipity_updateImageInDatabase(array('realname' => $newDir, 'name' => $newDir), $item_id); } else { $file_new = $file['path'] . $newDir . '.'; $file_old = $file['path'] . $file['name'] . '.'; $newfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file_new . $file['extension']; $oldfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file_old . $file['extension']; if ($newDir != '' && file_exists($oldfile) && !file_exists($newfile)) { $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $file['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $file)); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); // Rename file rename($renameValues[0]['from'], $renameValues[0]['to']); foreach ($renameValues as $renameData) { // Rename thumbnail rename($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file['path'] . $file['name'] . (!empty($renameData['fthumb']) ? '.' . $renameData['fthumb'] : '') . '.' . $file['extension'], $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file['path'] . $newDir . '.' . $renameData['thumb'] . '.' . $file['extension']); } serendipity_updateImageInDatabase(array('thumbnail_name' => $renameValues[0]['thumb'], 'realname' => $newDir, 'name' => $newDir), $item_id); $oldDir = $file_old; $newDir = $file_new; $real_oldDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir; $real_newDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir; // Forward user to overview (we don't want the user's back button to rename things again) } else { if (!file_exists($oldfile)) { echo ERROR_FILE_NOT_EXISTS; } elseif (file_exists($newfile)) { echo ERROR_FILE_EXISTS; } else { echo ERROR_SOMETHING; } return false; } } } elseif ($type == 'filedir') { serendipity_db_query("UPDATE {$serendipity['dbPrefix']}images\n SET path = '" . serendipity_db_escape_string($newDir) . "'\n WHERE id = " . (int) $item_id); $pick = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}images\n WHERE id = " . (int) $item_id, true, 'assoc'); // Move thumbs $oldfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir . $pick['name'] . '.' . $pick['extension']; $newfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir . $pick['name'] . '.' . $pick['extension']; $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $pick['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $file, 'name' => $pick['name'])); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); // Rename file rename($renameValues[0]['from'], $renameValues[0]['to']); foreach ($renameValues as $renameData) { // Rename thumbnail rename($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir . $pick['name'] . (!empty($renameData['fthumb']) ? '.' . $renameData['fthumb'] : '') . '.' . $pick['extension'], $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir . $pick['name'] . '.' . $renameData['thumb'] . '.' . $pick['extension']); } $oldDir .= $pick['name']; $newDir .= $pick['name']; } elseif ($type == 'dir') { $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $file['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $file)); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); } // Only MySQL supported, since I don't know how to use REGEXPs differently. if ($serendipity['dbType'] != 'mysql' && $serendipity['dbType'] != 'mysqli') { echo MEDIA_DIRECTORY_MOVE_ENTRY . '<br />'; return true; } $q = "SELECT id, body, extended\n FROM {$serendipity['dbPrefix']}entries\n WHERE body REGEXP '(src=|href=|window.open.)(\\'|\")(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDir) . "|" . serendipity_db_escape_string($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ")'\n OR extended REGEXP '(src=|href=|window.open.)(\\'|\")(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDir) . "|" . serendipity_db_escape_string($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ")'\n "; $dirs = serendipity_db_query($q); if (is_array($dirs)) { foreach ($dirs as $dir) { $dir['body'] = preg_replace('@(src=|href=|window.open.)(\'|")(' . preg_quote($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDir) . '|' . preg_quote($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ')@', '\\1\\2' . $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $newDir, $dir['body']); $dir['extended'] = preg_replace('@(src=|href=|window.open.)(\'|")(' . preg_quote($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDir) . '|' . preg_quote($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ')@', '\\1\\2' . $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $newDir, $dir['extended']); $uq = "UPDATE {$serendipity['dbPrefix']}entries\n SET body = '" . serendipity_db_escape_string($dir['body']) . "' ,\n extended = '" . serendipity_db_escape_string($dir['extended']) . "'\n WHERE id = " . serendipity_db_escape_string($dir['id']); serendipity_db_query($uq); } printf(MEDIA_DIRECTORY_MOVE_ENTRIES . '<br />', count($dirs)); } return true; }
/** * Moves a media directory * * @param string The old directory * @param string The new directory * @param string The type of what to remove (dir|file|filedir) * @param string An item id of a file * @param array Result of serendipity_fetchImageFromDatabase($id) * @return boolean * */ function serendipity_moveMediaDirectory($oldDir, $newDir, $type = 'dir', $item_id = null, $file = null) { global $serendipity; $real_oldDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir; $real_newDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir; if ($type == 'dir') { if (!is_dir($real_oldDir)) { echo '<span class="msg_error"><span class="icon-attention-circled"></span> '; printf(ERROR_FILE_NOT_EXISTS, $oldDir); echo "</span>\n"; return false; } if (is_dir($real_newDir)) { echo '<span class="msg_error"><span class="icon-attention-circled"></span> '; printf(ERROR_FILE_EXISTS, $newDir); echo "</span>\n"; return false; } if (!rename($real_oldDir, $real_newDir)) { echo '<span class="msg_error"><span class="icon-attention-circled"></span> '; printf(MEDIA_DIRECTORY_MOVE_ERROR, $newDir); echo "</span>\n"; return false; } echo '<span class="msg_success"><span class="icon-ok-circled"></span> '; printf(MEDIA_DIRECTORY_MOVED, $newDir); echo "</span>\n"; $dirs = serendipity_db_query("SELECT id, path\n FROM {$serendipity['dbPrefix']}images\n WHERE path LIKE '" . serendipity_db_escape_string($oldDir) . "%'", false, 'assoc'); if (is_array($dirs)) { foreach ($dirs as $dir) { $old = $dir['path']; $new = preg_replace('@^(' . preg_quote($oldDir) . ')@i', $newDir, $old); serendipity_db_query("UPDATE {$serendipity['dbPrefix']}images\n SET path = '" . serendipity_db_escape_string($new) . "'\n WHERE id = {$dir['id']}"); } } $dirs = serendipity_db_query("SELECT groupid, artifact_id, artifact_type, artifact_mode, artifact_index\n FROM {$serendipity['dbPrefix']}access\n WHERE artifact_type = 'directory'\n AND artifact_index LIKE '" . serendipity_db_escape_string($oldDir) . "%'", false, 'assoc'); if (is_array($dirs)) { foreach ($dirs as $dir) { $old = $dir['artifact_index']; $new = preg_replace('@^(' . preg_quote($oldDir) . ')@i', $newDir, $old); serendipity_db_query("UPDATE {$serendipity['dbPrefix']}access\n SET artifact_index = '" . serendipity_db_escape_string($new) . "'\n WHERE groupid = '" . serendipity_db_escape_string($dir['groupid']) . "'\n AND artifact_id = '" . serendipity_db_escape_string($dir['artifact_id']) . "'\n AND artifact_type = '" . serendipity_db_escape_string($dir['artifact_type']) . "'\n AND artifact_mode = '" . serendipity_db_escape_string($dir['artifact_mode']) . "'\n AND artifact_index = '" . serendipity_db_escape_string($dir['artifact_index']) . "'"); } } } if ($type == 'file') { if (serendipity_isActiveFile(basename($newDir))) { echo '<span class="msg_error"><span class="icon-attention-circled"></span> '; printf(ERROR_FILE_FORBIDDEN, serendipity_specialchars($newDir)); echo "</span>\n"; return false; } if ($file['hotlink']) { serendipity_updateImageInDatabase(array('realname' => $newDir, 'name' => $newDir), $item_id); } else { $file_new = $newDir . $file['name'] . (empty($file['extension']) ? '' : '.'); $file_old = $file['path'] . $file['name'] . (empty($file['extension']) ? '' : '.'); $newfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file_new . $file['extension']; $oldfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file_old . $file['extension']; if ($newDir != '' && file_exists($oldfile) && !file_exists($newfile)) { $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $file['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $file)); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); // eg. for staticpage entries path regex replacements // Rename file rename($renameValues[0]['from'], $renameValues[0]['to']); foreach ($renameValues as $renameData) { // Rename thumbnail @rename($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file['path'] . $file['name'] . (!empty($renameData['fthumb']) ? '.' . $renameData['fthumb'] : '') . (empty($file['extension']) ? '' : '.' . $file['extension']), $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir . $file['name'] . (!empty($file['thumbnail_name']) ? '.' . $renameData['thumb'] : '') . (empty($file['extension']) ? '' : '.' . $file['extension'])); } serendipity_updateImageInDatabase(array('thumbnail_name' => $renameValues[0]['thumb'], 'realname' => $newDir, 'name' => $newDir), $item_id); $oldDir = $file_old; $newDir = $file_new; $real_oldDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir; $real_newDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir; // Forward user to overview (we don't want the user's back button to rename things again) } else { if (!file_exists($oldfile)) { echo '<span class="msg_error"><span class="icon-attention-circled"></span> ' . ERROR_FILE_NOT_EXISTS . '</span>'; } elseif (file_exists($newfile)) { echo '<span class="msg_error"><span class="icon-attention-circled"></span> ' . ERROR_FILE_EXISTS . '</span>'; } else { echo '<span class="msg_error"><span class="icon-attention-circled"></span> ' . ERROR_SOMETHING . '</span>'; } return false; } } } elseif ($type == 'filedir') { serendipity_db_query("UPDATE {$serendipity['dbPrefix']}images\n SET path = '" . serendipity_db_escape_string($newDir) . "'\n WHERE id = " . (int) $item_id); $pick = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}images\n WHERE id = " . (int) $item_id, true, 'assoc'); // Move thumbs $oldfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir . $pick['name'] . (empty($pick['extension']) ? '' : '.' . $pick['extension']); $newfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir . $pick['name'] . (empty($pick['extension']) ? '' : '.' . $pick['extension']); $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $pick['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $pick, 'name' => $pick['name'])); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); // Rename file rename($renameValues[0]['from'], $renameValues[0]['to']); foreach ($renameValues as $renameData) { // Rename thumbnail @rename($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir . $pick['name'] . (!empty($renameData['fthumb']) ? '.' . $renameData['fthumb'] : '') . (empty($pick['extension']) ? '' : '.' . $pick['extension']), $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir . $pick['name'] . (!empty($pick['thumbnail_name']) ? '.' . $pick['thumbnail_name'] : '') . (empty($pick['extension']) ? '' : '.' . $pick['extension'])); } $oldDir .= $pick['name']; $newDir .= $pick['name']; $hasExt = isset($pick['extension']) ? '.' . $pick['extension'] : ''; if (file_exists($newfile)) { echo '<span class="msg_success"><span class="icon-ok-circled"></span> '; printf(MEDIA_DIRECTORY_MOVED, $newDir . $hasExt); echo "</span>\n"; } } elseif ($type == 'dir') { $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $file['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $file)); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); } // Only MySQL supported, since I don't know how to use REGEXPs differently. if ($serendipity['dbType'] != 'mysql' && $serendipity['dbType'] != 'mysqli') { echo '<span class="msg_notice"><span class="icon-info-circled"></span> ' . MEDIA_DIRECTORY_MOVE_ENTRY . "</span>\n"; return true; } // Prepare the SELECT query for filetypes if ($type == 'filedir' || $type == 'file') { $_file = $type == 'filedir' ? $pick : $file; $oldDir = $type == 'file' ? str_replace($_file['name'] . '.', '', $oldDir) : $oldDir; // Path patterns to SELECT en detail to not pick path parts in a loop $oldDirThumb = $oldDir . $_file['name'] . '.' . $_file['thumbnail_name'] . ($_file['extension'] ? '.' . $_file['extension'] : ''); $oldDirFile = $oldDir . $_file['name'] . ($_file['extension'] ? '.' . $_file['extension'] : ''); $quickblogFilePath = $serendipity['serendipityPath'] . $serendipity['uploadHTTPPath'] . $oldDirFile; // REPLACE BY Path and Name only to also match Thumbs if (strpos($oldDir, $_file['name']) === FALSE) { $oldDir .= $_file['name']; } if (strpos($newDir, $_file['name']) === FALSE) { $newDir .= $_file['name']; } // imageselectorplus plugin quickblog is either quickblog:FullPath or quickblog:none|FullPath or quickblog:|(plugin|js|_blankl)|FullPath // For a possible future isp regex change, we search for 'none' between pipes too $q = "SELECT id, body, extended\n FROM {$serendipity['dbPrefix']}entries\n WHERE body REGEXP '(src=|href=|window.open.|<!--quickblog:)(\\'|\"|none\\\\||\\\\|(plugin|none|js|_blank)\\\\|)(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDirFile) . "|" . serendipity_db_escape_String($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDirFile) . "|" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDirThumb) . "|" . serendipity_db_escape_String($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDirThumb) . "|" . serendipity_db_escape_String($quickblogFilePath) . ")'\n OR extended REGEXP '(src=|href=|window.open.)(\\'|\")(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDirFile) . "|" . serendipity_db_escape_String($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDirFile) . "|" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDirThumb) . "|" . serendipity_db_escape_String($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDirThumb) . ")'\n "; } else { $q = "SELECT id, body, extended\n FROM {$serendipity['dbPrefix']}entries\n WHERE body REGEXP '(src=|href=|window.open.)(\\'|\")(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDir) . "|" . serendipity_db_escape_string($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ")'\n OR extended REGEXP '(src=|href=|window.open.)(\\'|\")(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDir) . "|" . serendipity_db_escape_string($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ")'\n "; } // strip, if last char is a period ".", which may happen with quickblog image path strings $newDir = rtrim($newDir, '.'); $dirs = serendipity_db_query($q); if (is_array($dirs)) { foreach ($dirs as $dir) { $dir['body'] = preg_replace('@(src=|href=|window.open.)(\'|")(' . preg_quote($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDir) . '|' . preg_quote($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ')@', '\\1\\2' . $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $newDir, $dir['body']); $dir['body'] = preg_replace('@(<!--quickblog:)(none\\||\\|(plugin|none|js|_blank)\\|)(' . preg_quote($serendipity['serendipityPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ')@', '\\1\\2' . $serendipity['serendipityPath'] . $serendipity['uploadHTTPPath'] . $newDir, $dir['body']); $dir['extended'] = preg_replace('@(src=|href=|window.open.)(\'|")(' . preg_quote($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDir) . '|' . preg_quote($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDir) . ')@', '\\1\\2' . $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $newDir, $dir['extended']); $uq = "UPDATE {$serendipity['dbPrefix']}entries\n SET body = '" . serendipity_db_escape_string($dir['body']) . "' ,\n extended = '" . serendipity_db_escape_string($dir['extended']) . "'\n WHERE id = " . serendipity_db_escape_string($dir['id']); serendipity_db_query($uq); } $imgmovedtodir = sprintf(MEDIA_DIRECTORY_MOVE_ENTRIES, count($dirs)); printf('<span class="msg_notice"><span class="icon-info-circled"></span> ' . $imgmovedtodir . '</span>'); } return true; }
function event_hook($event, &$bag, &$eventData, $addData = null) { global $serendipity; $hooks =& $bag->get('event_hooks'); if (isset($hooks[$event])) { switch ($event) { case 'backend_category_showForm': $pages = $this->fetchStaticPages(true); $categorypage = $this->fetchCatProp((int) $eventData); if (debug_staticpage == 'true') { echo "category "; echo (int) $eventData . " "; echo " staticpage "; echo $this->fetchCatProp((int) $eventData); } ?> <tr> <td valign="top"><label for="staticpage_categorypage"><?php echo STATICPAGE_CATEGORYPAGE; ?> </label></td> <td> <select name="serendipity[cat][staticpage_categorypage]"> <option value=""><?php echo NONE; ?> </option> <?php $pages = $this->fetchStaticPages(); if (is_array($pages)) { $pages = serendipity_walkRecursive($pages); foreach ($pages as $page) { if ($this->checkPageUser($page['authorid'])) { echo ' <option value="' . $page['id'] . '" ' . ($page['id'] == $this->fetchCatProp((int) $eventData) ? 'selected="selected"' : '') . '>'; echo str_repeat(' ', $page['depth']) . (function_exists('serendipity_specialchars') ? serendipity_specialchars($page['pagetitle']) : htmlspecialchars($page['pagetitle'], ENT_COMPAT, LANG_CHARSET)) . '</option>'; } } } ?> </select> </td> </tr> <?php return true; break; case 'backend_category_delete': $this->setCatProps($eventData, null, true); /* ** problem: different to backend_category_update and backend_category_addNew, here $eventData did not contain the id of the category, so ** the entry in the table _staticpage_categorypage is not deleted :-( Every time I get "35 AND 36" in the debug-modus. ** GARVIN: Yes, the ID contains a SQL statement for Category ID because the category children are contained as well! */ break; case 'backend_category_update': case 'backend_category_addNew': $val = array('categoryid ' => (int) $eventData, 'staticpage_categorypage' => $serendipity['POST']['cat']['staticpage_categorypage']); $this->setCatProps($eventData, $val); break; case 'frontend_fetchentries': case 'frontend_rss': $this->smarty_init(); break; case 'genpage': $this->setupDB(); $args = implode('/', serendipity_getUriArguments($eventData, true)); if ($serendipity['rewrite'] != 'none') { $nice_url = $serendipity['serendipityHTTPPath'] . $args; } else { $nice_url = $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?/' . $args; } // Manko10 patch: http://board.s9y.org/viewtopic.php?f=3&t=17910&p=10426432#p10426432 // Check if static page exists or if this is an error 404 // // NOTE: as soon as you set a static page to be a 404 handler // from within the backend, you need to add a specific redirect rule // to your .htaccess for each static page generated by other // plugins such as serendipity_event_contactform // This behavior might change in future releases. $this->error_404 = $_SERVER['REDIRECT_STATUS'] == '404'; $pages = $this->fetchStaticPages(true, $nice_url); if (is_array($pages)) { foreach ($pages as $page) { if ($page['permalink'] == $nice_url) { $this->error_404 = FALSE; if ($pages['is_404_page']) { $this->error_404 = TRUE; } break; } } } // Set static page to 404 error document if page not found if ($this->error_404) { $serendipity['GET']['subpage'] = $this->get404Errorpage(); } // Set static page with is_startpage flag set as startpage if ((empty($args) || preg_match('@' . $serendipity['indexFile'] . '\\??$@', trim($args))) && empty($serendipity['GET']['subpage'])) { $serendipity['GET']['subpage'] = $this->getStartpage(); } // Set static page according to requested URL if (empty($serendipity['GET']['subpage'])) { $serendipity['GET']['subpage'] = $nice_url; } if ($this->selected()) { $te = $this->get_static('title_element'); if (!empty($te)) { $serendipity['head_title'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($te) : htmlspecialchars($te, ENT_COMPAT, LANG_CHARSET); $serendipity['head_subtitle'] = ''; } else { $serendipity['head_title'] = $this->get_static('headline'); $serendipity['head_subtitle'] = $serendipity['blogTitle']; } } break; case 'frontend_header': $md = function_exists('serendipity_specialchars') ? serendipity_specialchars($this->get_static('meta_description')) : htmlspecialchars($this->get_static('meta_description'), ENT_COMPAT, LANG_CHARSET); $mk = function_exists('serendipity_specialchars') ? serendipity_specialchars($this->get_static('meta_keywords')) : htmlspecialchars($this->get_static('meta_keywords'), ENT_COMPAT, LANG_CHARSET); if (!empty($md)) { echo ' <meta name="description" content="' . $md . '" />' . "\n"; } if (!empty($mk)) { echo ' <meta name="keywords" content="' . $mk . '" />' . "\n"; } break; case 'frontend_fetchentries': if ($serendipity['GET']['action'] == 'search') { serendipity_smarty_fetch('ENTRIES', 'entries.tpl', true); } break; case 'entry_display': $this->smarty_init(); if ($this->selected()) { if (is_array($eventData)) { $eventData['clean_page'] = true; // This is important to not display an entry list! } else { $eventData = array('clean_page' => true); } } break; case 'backend_sidebar_entries': $this->setupDB(); echo '<li class="serendipitySideBarMenuLink serendipitySideBarMenuEntryLinks"><a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=staticpages">' . STATICPAGE_TITLE . '</a></li>'; break; case 'backend_sidebar_entries_event_display_staticpages': $this->showBackend(); break; case 'backend_media_rename': // Only MySQL supported, since I don't know how to use REGEXPs differently. if ($serendipity['dbType'] != 'mysql' && $serendipity['dbType'] != 'mysqli') { echo STATICPAGE_MEDIA_DIRECTORY_MOVE_ENTRY . '<br />'; break; } if (!isset($eventData[0]['oldDir'])) { return true; } if ($eventData[0]['type'] == 'dir') { } elseif ($eventData[0]['type'] == 'filedir') { $eventData[0]['oldDir'] .= $eventData[0]['name']; $eventData[0]['newDir'] .= $eventData[0]['name']; } $q = "SELECT id, content, pre_content\n FROM {$serendipity['dbPrefix']}staticpages\n WHERE content REGEXP '(src=|href=|window.open.)(\\'|\")(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $eventData[0]['oldDir']) . "|" . serendipity_db_escape_string($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $eventData[0]['oldDir']) . ")'\n OR pre_content REGEXP '(src=|href=|window.open.)(\\'|\")(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $eventData[0]['oldDir']) . "|" . serendipity_db_escape_string($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $eventData[0]['oldDir']) . ")'\n "; $dirs = serendipity_db_query($q); if (is_array($dirs)) { foreach ($dirs as $dir) { $dir['content'] = preg_replace('@(src=|href=|window.open.)(\'|")(' . preg_quote($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $eventData[0]['oldDir']) . '|' . preg_quote($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $eventData[0]['oldDir']) . ')@', '\\1\\2' . $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $eventData[0]['newDir'], $dir['content']); $dir['pre_content'] = preg_replace('@(src=|href=|window.open.)(\'|")(' . preg_quote($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $eventData[0]['oldDir']) . '|' . preg_quote($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $eventData[0]['oldDir']) . ')@', '\\1\\2' . $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $eventData[0]['newDir'], $dir['pre_content']); $uq = "UPDATE {$serendipity['dbPrefix']}staticpages\n SET content = '" . serendipity_db_escape_string($dir['content']) . "' ,\n pre_content = '" . serendipity_db_escape_string($dir['pre_content']) . "'\n WHERE id = " . serendipity_db_escape_string($dir['id']); serendipity_db_query($uq); } printf(STATICPAGE_MEDIA_DIRECTORY_MOVE_ENTRIES . '<br />', count($dirs)); } break; case 'external_plugin': $parts = explode('_', $eventData); if (!empty($parts[1])) { $param = (int) $parts[1]; } else { $param = null; } if ($parts[0] == 'dtree.js') { header('Content-Type: text/javascript'); echo file_get_contents(dirname(__FILE__) . '/dtree.js'); } break; case 'entries_header': if (!$this->isplugin()) { $this->show(); } break; case 'entries_footer': if ($serendipity['GET']['action'] == 'search' && serendipity_db_bool($this->get_config('use_quicksearch'))) { $this->showSearch(); } break; case 'css_backend': if (!strpos($eventData, '#serendipityStaticpagesNav')) { // class exists in CSS, so a user has customized it and we don't need default echo file_get_contents(dirname(__FILE__) . '/style_staticpage_backend.css'); } break; default: return false; } return true; } return false; }
function fetchLinkedEntries($id, $big, $thumb, $single = false) { global $serendipity; if (strtolower($serendipity['dbType']) != 'mysql' && strtolower($serendipity['dbType']) != 'mysqli') { return false; } $q = "SELECT e.id, e.timestamp, e.title\n FROM {$serendipity['dbPrefix']}entries AS e\n WHERE (MATCH(e.title, e.body, e.extended) AGAINST ('" . serendipity_db_escape_string($big) . "')\n OR MATCH(e.title, e.body, e.extended) AGAINST ('" . serendipity_db_escape_string($thumb) . "'))\n AND (e.body REGEXP '(" . preg_quote(serendipity_db_escape_String($thumb)) . "|" . preg_quote(serendipity_db_escape_string($big)) . ")'\n OR e.extended REGEXP '(" . preg_quote(serendipity_db_escape_String($thumb)) . "|" . preg_quote(serendipity_db_escape_string($big)) . ")')\n AND e.isdraft = 'false'\n ORDER BY e.timestamp DESC"; $e = serendipity_db_query($q, false, 'assoc'); if (is_array($e)) { $_e = $e; $e = array(); foreach ($_e as $idx => $item) { $e[$item['id']] = $item; } } if ($single && is_array($e)) { reset($e); $return = array(0 => current($e)); return $return; } return $e; }
/** * Moves a media directory * * @param string The old directory. * This can be NULL or (an empty / a) STRING for re-name/multiCheck move comparison events * @param string The new directory * @param string The type of what to remove (dir|file|filedir) * @param string An item id of a file * @param array Result of serendipity_fetchImageFromDatabase($id) * @return boolean * */ function serendipity_moveMediaDirectory($oldDir, $newDir, $type = 'dir', $item_id = null, $file = null) { global $serendipity; // paranoid case for updating an old image id entry - else we have a new entry incrementary if (is_null($item_id) && isset($file['id']) && $file['id'] > 0) { $item_id = $file['id']; } if (!$item_id || $item_id < 1) { // only print message if not posting a case_directoryEdit submit if (empty($serendipity['POST']['save'])) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> '; printf(ERROR_FILE_NOT_EXISTS, $item_id); echo "</span>\n"; return false; } } // Prepare data for the database, any hooks and the real file move, by case AREA: // DIR = Media directory form edit, // FILE = File rename or File bulk move, // FILEDIR = Media properties form edit // images.inc case 'directoryEdit', which is ML Directories form, via ML case 'directorySelect' if ($type == 'dir') { $real_oldDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir; $real_newDir = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir; if (!is_dir($real_oldDir)) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> '; printf(ERROR_FILE_NOT_EXISTS, $oldDir); echo "</span>\n"; return false; } if (is_dir($real_newDir)) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> '; printf(ERROR_FILE_EXISTS, $newDir); echo "</span>\n"; return false; } if (!rename($real_oldDir, $real_newDir)) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> '; printf(MEDIA_DIRECTORY_MOVE_ERROR, $newDir); echo "</span>\n"; return false; } echo '<span class="msg_success"><span class="icon-ok-circled" aria-hidden="true"></span> '; printf(MEDIA_DIRECTORY_MOVED, $newDir); echo "</span>\n"; $dirs = serendipity_db_query("SELECT id, path\n FROM {$serendipity['dbPrefix']}images\n WHERE path LIKE '" . serendipity_db_escape_string($oldDir) . "%'", false, 'assoc'); if (is_array($dirs)) { foreach ($dirs as $dir) { $old = $dir['path']; $new = preg_replace('@^(' . preg_quote($oldDir) . ')@i', $newDir, $old); serendipity_db_query("UPDATE {$serendipity['dbPrefix']}images\n SET path = '" . serendipity_db_escape_string($new) . "'\n WHERE id = {$dir['id']}"); } } $dirs = serendipity_db_query("SELECT groupid, artifact_id, artifact_type, artifact_mode, artifact_index\n FROM {$serendipity['dbPrefix']}access\n WHERE artifact_type = 'directory'\n AND artifact_index LIKE '" . serendipity_db_escape_string($oldDir) . "%'", false, 'assoc'); if (is_array($dirs)) { foreach ($dirs as $dir) { $old = $dir['artifact_index']; $new = preg_replace('@^(' . preg_quote($oldDir) . ')@i', $newDir, $old); serendipity_db_query("UPDATE {$serendipity['dbPrefix']}access\n SET artifact_index = '" . serendipity_db_escape_string($new) . "'\n WHERE groupid = '" . serendipity_db_escape_string($dir['groupid']) . "'\n AND artifact_id = '" . serendipity_db_escape_string($dir['artifact_id']) . "'\n AND artifact_type = '" . serendipity_db_escape_string($dir['artifact_type']) . "'\n AND artifact_mode = '" . serendipity_db_escape_string($dir['artifact_mode']) . "'\n AND artifact_index = '" . serendipity_db_escape_string($dir['artifact_index']) . "'"); } } // hook into staticpage for the renaming regex replacements // first and last two are null - only differ by being set already by their default var for the last two $renameValues = array(array('from' => null, 'to' => null, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => null, 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $file)); // Changing a ML directory via directoryEdit needs to run through entries too! serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); // case 'rename' OR 'multidelete' (bulk multimove) } else { if ($type == 'file') { // active in mean of eval or executable if (serendipity_isActiveFile(basename($newDir))) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> '; printf(ERROR_FILE_FORBIDDEN, serendipity_specialchars($newDir)); echo "</span>\n"; return false; } if (!empty($file['hotlink'])) { $newHotlinkFile = false === strpos($newDir, $file['extension']) ? $newDir . (empty($file['extension']) ? '' : '.' . $file['extension']) : $newDir; serendipity_updateImageInDatabase(array('realname' => $newHotlinkFile, 'name' => $newDir), $item_id); } else { $parts = pathinfo($newDir); // build new, thumb and old file names relative to Serendipity root path if ($oldDir === null && $newDir != 'uploadRoot') { // case single file re-name event (newDir = newName is passed without path!) $newName = $newDir; // for better readability // do we really need this? if ($parts['extension'] != $file['extension']) { $file_new = $file['path'] . $newName . (empty($file['extension']) ? '' : '.' . $file['extension']); $file_old = $file['path'] . $file['name'] . (empty($file['extension']) ? '' : '.' . $file['extension']); } else { $file_new = $file['path'] . $newName; $file_old = $file['path'] . $file['name']; } // build full thumb file names $file_newthumb = $file['path'] . $newName . (!empty($file['thumbnail_name']) ? '.' . $file['thumbnail_name'] : '') . (empty($file['extension']) ? '' : '.' . $file['extension']); $file_oldthumb = $file['path'] . $file['name'] . (!empty($file['thumbnail_name']) ? '.' . $file['thumbnail_name'] : '') . (empty($file['extension']) ? '' : '.' . $file['extension']); $newThumb = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file_newthumb; $oldThumb = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file_oldthumb; } else { // case bulkmove event (newDir is passed inclusive path! and normally w/o the filename, but we better check this though) $newDir = $newDir == 'uploadRoot' ? '' : $newDir; // Take care: remove temporary 'uploadRoot' string, in case of moving a subdir file into upload root by bulkmove $_newDir = str_replace($file['name'] . (empty($file['extension']) ? '' : '.' . $file['extension']), '', $newDir); // do we really need this? if ($parts['extension'] != $file['extension']) { $file_new = $_newDir . $file['name'] . (empty($file['extension']) ? '' : '.' . $file['extension']); $file_old = $file['path'] . $file['name'] . (empty($file['extension']) ? '' : '.' . $file['extension']); } else { $file_new = $_newDir . $file['name']; $file_old = $file['path'] . $file['name']; } } // build full origin and new file path names $newfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file_new; $oldfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file_old; // check files existence if (file_exists($oldfile) && !file_exists($newfile)) { // for the paranoid, securely check these build filenames again, since we really need a real file set to continue! $newparts = pathinfo($newfile); if ($newparts['dirname'] == '.' || !empty($file['extension']) && empty($newparts['extension']) || empty($newparts['filename'])) { // error new file build mismatch echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> ' . $newfile . ' ' . ERROR_SOMETHING . "</span>\n"; return false; } // Case re-name event, keeping a possible moved directory name for a single file if ($oldDir === null) { // Move the origin file @rename($oldfile, $newfile); // do not re-name again, if item has no thumb name (eg zip object file case) and old thumb actually exists (possible missing pdf preview image on WinOS with IM) if ($newThumb != $newfile && file_exists($oldThumb)) { // the thumb file @rename($oldThumb, $newThumb); // Keep both rename() error disabled, since we have to avoid any output in renaiming cases } // hook into staticpage for the renaming regex replacements $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $file['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $file)); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); // renaming filenames has to update mediaproperties if set $q = "UPDATE {$serendipity['dbPrefix']}mediaproperties\n SET value = '" . serendipity_db_escape_string($newName . (empty($file['extension']) ? '' : '.' . $file['extension'])) . "'\n WHERE mediaid = " . (int) $item_id . ' AND property = "realname" AND value = "' . $file['realname'] . '"'; serendipity_db_query($q); $q = "UPDATE {$serendipity['dbPrefix']}mediaproperties\n SET value = '" . serendipity_db_escape_string($newName) . "'\n WHERE mediaid = " . (int) $item_id . ' AND property = "name" AND value = "' . $file['name'] . '"'; serendipity_db_query($q); $q = "UPDATE {$serendipity['dbPrefix']}mediaproperties\n SET value = '" . serendipity_db_escape_string($newName . (empty($file['extension']) ? '' : '.' . $file['extension'])) . "'\n WHERE mediaid = " . (int) $item_id . ' AND property = "TITLE" AND value = "' . $file['realname'] . '"'; serendipity_db_query($q); serendipity_updateImageInDatabase(array('thumbnail_name' => $renameValues[0]['thumb'], 'realname' => $newName . (empty($file['extension']) ? '' : '.' . $file['extension']), 'name' => $newName), $item_id); // Forward user to overview (we don't want the user's back button to rename things again) ?? What does this do? Check!!! } elseif (!empty($newfile)) { if ($newDir == 'uploadRoot') { $newDir = ''; } // now move back into root of /uploads dir // hook into staticpage for the renaming regex replacements $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $file['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $file)); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); // eg. for staticpage entries path regex replacements // Move the origin file try { rename($oldfile, $newfile); } catch (Exception $e) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> ' . ERROR_SOMETHING . ': ' . $e->getMessage() . "</span>\n"; } // do still need this? YES, it is definitely false, so we would not need the ternary // Rename newDir + file name in case it is called by the Bulk Move and not by rename $newDirFile = false === strpos($newDir, $file['name']) ? $newDir . $file['name'] : $newDir; foreach ($renameValues as $renameData) { // build full thumb file names $thisOldThumb = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $renameData['oldDir'] . $file['name'] . (!empty($renameData['fthumb']) ? '.' . $renameData['fthumb'] : '.' . $serendipity['thumbSuffix']) . (empty($file['extension']) ? '' : '.' . $file['extension']); $thisNewThumb = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDirFile . (!empty($file['thumbnail_name']) ? '.' . $renameData['thumb'] : '.' . $serendipity['thumbSuffix']) . (empty($file['extension']) ? '' : '.' . $file['extension']); // Check for existent old thumb files first, to not need to disable rename by @rename(), then move the thumb file and catch any wrong renaming if ($thisNewThumb != $newfile && file_exists($thisOldThumb)) { // the thumb file and catch any wrong renaming try { rename($thisOldThumb, $thisNewThumb); } catch (Exception $e) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> ' . ERROR_SOMETHING . ': ' . $e->getMessage() . "</span>\n"; } } } serendipity_updateImageInDatabase(array('thumbnail_name' => $renameValues[0]['thumb'], 'path' => $newDir, 'realname' => $file['realname'], 'name' => $file['name']), $item_id); // Forward user to overview (we don't want the user's back button to rename things again) } else { //void } } else { if (!file_exists($oldfile)) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> ' . ERROR_FILE_NOT_EXISTS . "</span>\n"; } elseif (file_exists($newfile)) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> ' . ERROR_FILE_EXISTS . "</span>\n"; } else { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> ' . ERROR_SOMETHING . "</span>\n"; } return false; } } // used solely by serendipity_parsePropertyForm base_properties when changing the file selected path within mediaproperties form } elseif ($type == 'filedir') { serendipity_db_query("UPDATE {$serendipity['dbPrefix']}images\n SET path = '" . serendipity_db_escape_string($newDir) . "'\n WHERE id = " . (int) $item_id); $pick = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}images\n WHERE id = " . (int) $item_id, true, 'assoc'); // Move thumbs - Rebuild full origin and new file path names by the new picked file array $oldfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir . $pick['name'] . (empty($pick['extension']) ? '' : '.' . $pick['extension']); $newfile = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir . $pick['name'] . (empty($pick['extension']) ? '' : '.' . $pick['extension']); // hook into staticpage for the renaming regex replacements $renameValues = array(array('from' => $oldfile, 'to' => $newfile, 'thumb' => $serendipity['thumbSuffix'], 'fthumb' => $pick['thumbnail_name'], 'oldDir' => $oldDir, 'newDir' => $newDir, 'type' => $type, 'item_id' => $item_id, 'file' => $pick, 'name' => $pick['name'])); serendipity_plugin_api::hook_event('backend_media_rename', $renameValues); // Move the origin file try { rename($oldfile, $newfile); } catch (Exception $e) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> ' . ERROR_SOMETHING . ': ' . $e->getMessage() . "</span>\n"; } foreach ($renameValues as $renameData) { $thisOldThumb = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $oldDir . $pick['name'] . (!empty($renameData['fthumb']) ? '.' . $renameData['fthumb'] : '') . (empty($pick['extension']) ? '' : '.' . $pick['extension']); $thisNewThumb = $serendipity['serendipityPath'] . $serendipity['uploadPath'] . $newDir . $pick['name'] . (!empty($pick['thumbnail_name']) ? '.' . $pick['thumbnail_name'] : '') . (empty($pick['extension']) ? '' : '.' . $pick['extension']); // Check for existent old thumb files first, to not need to disable rename by @rename(),then move the thumb file and catch any wrong renaming if ($thisNewThumb != $newfile && file_exists($thisOldThumb)) { // the thumb file and catch any wrong renaming try { rename($thisOldThumb, $thisNewThumb); } catch (Exception $e) { echo '<span class="msg_error"><span class="icon-attention-circled" aria-hidden="true"></span> ' . ERROR_SOMETHING . ': ' . $e->getMessage() . "</span>\n"; } } } // no need to use serendipity_updateImageInDatabase() here since already done in this case start // ???? Forward user to overview (we don't want the user's back button to rename things again) // prepare for message $thisnew = (empty($newDir) ? $serendipity['uploadPath'] : '') . $newDir . $pick['name']; $thisExt = isset($pick['extension']) ? '.' . $pick['extension'] : ''; if (file_exists($newfile)) { echo '<span class="msg_success"><span class="icon-ok-circled" aria-hidden="true"></span> '; printf(MEDIA_DIRECTORY_MOVED, $thisnew . $thisExt); echo "</span>\n"; } } } // case dir, file, filedir end // Entry REPLACEMENT AREA // Only MySQL supported, since I don't know how to use REGEXPs differently. // Ian: we should improve this to all! if ($serendipity['dbType'] != 'mysql' && $serendipity['dbType'] != 'mysqli') { echo '<span class="msg_notice"><span class="icon-info-circled" aria-hidden="true"></span> ' . MEDIA_DIRECTORY_MOVE_ENTRY . "</span>\n"; return true; } // Prepare the SELECT query for filetypes if ($type == 'filedir' || $type == 'file') { // get the right $file, which is array or null, by type $_file = $type == 'filedir' ? $pick : $file; // check oldDir in bulkmove case $oldDir = $type == 'file' && !is_null($oldDir) ? str_replace($_file['name'] . '.' . $_file['extension'], '', $oldDir) : $oldDir; // Path patterns to SELECT en detail to not pick path parts in a loop if ($oldDir === null) { // care for file renaming with oldpath $oldDirFile = $_file['path'] . $_file['name'] . ($_file['extension'] ? '.' . $_file['extension'] : ''); $oldDirThumb = $_file['path'] . $_file['name'] . '.' . $_file['thumbnail_name'] . ($_file['extension'] ? '.' . $_file['extension'] : ''); } else { $oldDirFile = $oldDir . $_file['name'] . ($_file['extension'] ? '.' . $_file['extension'] : ''); $oldDirThumb = $oldDir . $_file['name'] . '.' . $_file['thumbnail_name'] . ($_file['extension'] ? '.' . $_file['extension'] : ''); } if ($type == 'filedir' && !isset($newDirFile)) { $newDirFile = strpos($newDir, $_file['name']) === FALSE ? $newDir . $_file['name'] : $newDir; } if ($type == 'file' && $oldDir === null) { $newDirFile = empty($newDirFile) ? $newDir : $newDirFile; // for file renamings $newDirFile has to be $newDir ( which is subdir and new NAME w/o ext) } $ispOldFile = $serendipity['serendipityPath'] . $serendipity['uploadHTTPPath'] . $oldDirFile; } elseif ($type == 'dir') { // since this is case 'dir', we do not have a filename and have to rename replacement File vars to oldDir and newDir values for the update preg_replace match $oldDirFile = $oldDir; $newDirFile = $newDir; $ispOldFile = $serendipity['serendipityPath'] . $serendipity['uploadHTTPPath'] . $oldDirFile . ($_file['extension'] ? '.' . $_file['extension'] : ''); } // Please note: imageselectorplus plugin quickblog is either quickblog:FullPath or quickblog:|?(none|plugin|js|_blank)|FullPath // SELECTing the entries uses a more detailled approach to be as precise as possible, thus we need to reset these vars for the preg_replace later on in some cases $q = "SELECT id, body, extended\n FROM {$serendipity['dbPrefix']}entries\n WHERE body REGEXP '(src=|href=|window.open.|<!--quickblog:)(\\'|\"|\\\\|?(plugin|none|js|_blank)?\\\\|?)(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDirFile) . "|" . serendipity_db_escape_String($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDirFile) . "|" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDirThumb) . "|" . serendipity_db_escape_String($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDirThumb) . "|" . serendipity_db_escape_String($ispOldFile) . ")'\n OR extended REGEXP '(src=|href=|window.open.)(\\'|\")(" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDirFile) . "|" . serendipity_db_escape_String($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDirFile) . "|" . serendipity_db_escape_String($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $oldDirThumb) . "|" . serendipity_db_escape_String($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $oldDirThumb) . ")'\n "; $entries = serendipity_db_query($q, false, 'assoc'); if (is_array($entries) && !empty($entries)) { // here we need to match thumbs too, so we do not want the extension, see detailled SELECT regex note if ($type == 'file' && $oldDir === null) { $_ispOldFile = $oldfile; // these vars are more exact in every case $_ispNewFile = $newfile; // dito $oldDirFile = $_file['path'] . $oldDirFile; // oldDirFile is missing a possible subdir path for the preg_replace $newDirFile = $_file['path'] . $newDirFile; // newDirFile - dito } else { $_ispOldFile = $ispOldFile; $_ispNewFile = $serendipity['serendipityPath'] . $serendipity['uploadHTTPPath'] . $newDirFile . ($_file['extension'] ? '.' . $_file['extension'] : ''); } // last paranoidal check $_oldDirFile = strpos($oldDirFile, $_file['extension']) === FALSE ? $oldDirFile : $oldDir . $_file['name']; // what we actually need here, is oldDirFile w/o EXT to newDirFile w/o EXT and full ispOldFile path to full ispNewFile path !!! foreach ($entries as $entry) { $entry['body'] = preg_replace('@(src=|href=|window.open.)(\'|")(' . preg_quote($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $_oldDirFile) . '|' . preg_quote($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $_oldDirFile) . ')@', '\\1\\2' . $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $newDirFile, $entry['body']); $entry['body'] = preg_replace('@(<!--quickblog:)(\\|?(plugin|none|js|_blank)?\\|?)(' . preg_quote($_ispOldFile) . ')@', '\\1\\2' . $_ispNewFile, $entry['body']); $entry['extended'] = preg_replace('@(src=|href=|window.open.)(\'|")(' . preg_quote($serendipity['baseURL'] . $serendipity['uploadHTTPPath'] . $_oldDirFile) . '|' . preg_quote($serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $_oldDirFile) . ')@', '\\1\\2' . $serendipity['serendipityHTTPPath'] . $serendipity['uploadHTTPPath'] . $newDirFile, $entry['extended']); $uq = "UPDATE {$serendipity['dbPrefix']}entries\n SET body = '" . serendipity_db_escape_string($entry['body']) . "' ,\n extended = '" . serendipity_db_escape_string($entry['extended']) . "'\n WHERE id = " . serendipity_db_escape_string($entry['id']); serendipity_db_query($uq); } if ($oldDir !== null) { $imgmovedtodir = sprintf(MEDIA_DIRECTORY_MOVE_ENTRIES, count($entries)); echo '<span class="msg_notice"><span class="icon-info-circled" aria-hidden="true"></span> ' . $imgmovedtodir . "</span>\n"; } } return true; }
function fetchStaticPages($id, $big, $thumb) { global $serendipity; if (strtolower($serendipity['dbType']) != 'mysql' && strtolower($serendipity['dbType']) != 'mysqli') { return false; } $q = "SELECT s.*\n FROM {$serendipity['dbPrefix']}staticpages AS s\n WHERE (MATCH(headline,content) AGAINST('" . serendipity_db_escape_string($big) . "')\n OR MATCH(headline,content) AGAINST('" . serendipity_db_escape_string($thumb) . "'))\n AND (s.content REGEXP '(" . preg_quote(serendipity_db_escape_String($thumb)) . "|" . preg_quote(serendipity_db_escape_string($big)) . ")'\n OR s.content REGEXP '(" . preg_quote(serendipity_db_escape_String($thumb)) . "|" . preg_quote(serendipity_db_escape_string($big)) . ")')\n AND s.publishstatus = 1\n AND s.pass = ''\n GROUP BY s.id\n ORDER BY s.timestamp DESC"; $e = serendipity_db_query($q, false, 'assoc'); if (is_array($e)) { $_e = $e; $e = array(); foreach ($_e as $idx => $item) { $e[$item['id']] = $item; } } return $e; }