$file = new file();
$file->load($_REQUEST['id']);
$file->refresh();
$DB->disconnect();
core_terminate();
}
}
}
}
echo false;
core_terminate();
} else {
if ($_REQUEST['engine'] == 'tinymce') {
$DB = new database();
$DB->connect();
$file = file::register_upload($_FILES['file']['tmp_name'], $_FILES['file']['name'], 0, NULL, true);
if (!empty($file)) {
echo json_encode(array('location' => file::file_url($file->id)));
} else {
echo json_encode(false);
}
$DB->disconnect();
core_terminate();
} else {
// plUpload engine
if ($user->permission("files.upload") == "true") {
// Get parameters
$chunk = isset($_REQUEST["chunk"]) ? $_REQUEST["chunk"] : 0;
$chunks = isset($_REQUEST["chunks"]) ? $_REQUEST["chunks"] : 0;
$fileName = isset($_REQUEST["name"]) ? $_REQUEST["name"] : '';
// Clean the fileName for security reasons
function metaWeblog_newMediaObject($args)
{
global $DB;
global $session;
$out = array();
list($website_id, $username, $password, $file_struct) = $args;
// check auth
if (metaWeblog_userAllowed($username, $password, $website_id)) {
$file_name_tmp = uniqid('metaweblog-upload-');
file_put_contents(NAVIGATE_PRIVATE . '/' . $website_id . '/files/' . $file_name_tmp, $file_struct['bits']);
$file = file::register_upload($file_name_tmp, $file_struct['name'], 0, NULL, false);
@unlink(AVIGATE_PRIVATE . '/' . $website_id . '/files/' . $file_name_tmp);
// if everything goes fine, file is renamed, so cannot be deleted here
$out = array('id' => $file->id, 'file' => $file->name, 'url' => file::file_url($file->id, 'inline'), 'type' => $file->mime);
} else {
$out = new IXR_Error(401, "User not allowed.");
}
return $out;
}
function run()
{
global $user;
global $layout;
global $DB;
global $website;
$out = '';
$item = new file();
switch ($_REQUEST['act']) {
case 1:
// json retrieval & operations
// json retrieval & operations
case "json":
if ($_REQUEST['op'] == 'upload') {
$tmp_name = $_REQUEST['tmp_name'];
if ($tmp_name == "{{BASE64}}") {
$tmp_name = base64_encode($_REQUEST['name']);
}
$file = file::register_upload($tmp_name, $_REQUEST['name'], $_REQUEST['parent']);
if (!empty($file)) {
echo json_encode(array('id' => $file->id, 'name' => $file->name));
} else {
echo json_encode(false);
}
}
switch ($_REQUEST['op']) {
case 'create_folder':
file::create_folder($_REQUEST['name'], $_REQUEST['mime'], $_REQUEST['parent']);
echo json_encode(true);
break;
case 'edit_folder':
$f = new file();
$f->load(intval($_REQUEST['id']));
$f->name = $_REQUEST['name'];
$f->mime = $_REQUEST['mime'];
$ok = $f->save();
echo json_encode($ok);
break;
case 'edit_file':
$f = new file();
$f->load(intval($_REQUEST['id']));
$f->name = $_REQUEST['name'];
$ok = $f->save();
echo json_encode($ok);
break;
case 'duplicate_file':
//error_reporting(~0);
//ini_set('display_errors', 1);
$status = false;
$f = new file();
$f->load(intval($_REQUEST['id']));
$f->id = 0;
$f->insert();
if (!empty($f->id)) {
$done = copy(NAVIGATE_PRIVATE . '/' . $website->id . '/files/' . intval($_REQUEST['id']), NAVIGATE_PRIVATE . '/' . $website->id . '/files/' . $f->id);
$status = "true";
if (!$done) {
$f->delete();
$status = t(56, "Unexpected error");
}
}
echo $status;
break;
case 'move':
if (is_array($_REQUEST['item'])) {
$ok = true;
for ($i = 0; $i < count($_REQUEST['item']); $i++) {
unset($item);
$item = new file();
$item->load($_REQUEST['item'][$i]);
$item->parent = $_REQUEST['folder'];
$ok = $ok & $item->update();
}
echo json_encode($ok ? true : false);
} else {
$item->load($_REQUEST['item']);
$item->parent = $_REQUEST['folder'];
echo json_encode($item->update());
}
break;
case 'delete':
try {
$item->load($_REQUEST['id']);
$status = $item->delete();
echo json_encode($status);
} catch (Exception $e) {
echo $e->getMessage();
}
break;
case 'permissions':
$item->load($_REQUEST['id']);
if (!empty($_POST)) {
$item->access = intval($_POST['access']);
$item->permission = intval($_POST['permission']);
$item->enabled = intval($_POST['enabled']);
$item->groups = $_POST['groups'];
if ($item->access < 3) {
$item->groups = array();
}
$status = $item->save();
echo json_encode($status);
} else {
echo json_encode(array('access' => $item->access, 'groups' => $item->groups, 'permission' => $item->permission, 'enabled' => $item->enabled));
}
break;
case 'description':
$item->load($_REQUEST['id']);
if (!empty($_POST)) {
$item->title = array();
$item->description = array();
foreach ($website->languages as $language) {
$lcode = $language['code'];
if (!isset($_REQUEST['titles'][$lcode])) {
break;
}
$item->title[$lcode] = $_REQUEST['titles'][$lcode];
$item->description[$lcode] = $_REQUEST['descriptions'][$lcode];
}
$status = $item->save();
echo json_encode($status);
} else {
// return file title and description (alt)
$data = array('title' => $item->title, 'description' => $item->description);
echo json_encode($data);
}
break;
case 'focalpoint':
$item->load($_REQUEST['id']);
if (!empty($_POST)) {
$item->focalpoint = $_REQUEST['top'] . '#' . $_REQUEST['left'];
$status = $item->save();
// remove cached thumbnails
file::thumbnails_remove($item->id);
echo json_encode($status);
} else {
if (empty($item->focalpoint)) {
$item->focalpoint = '50#50';
$item->save();
// remove cached thumbnails
file::thumbnails_remove($item->id);
}
echo $item->focalpoint;
}
break;
case 'video_info':
if ($_REQUEST['provider'] == 'youtube') {
$item->load_from_youtube($_REQUEST['reference'], false);
// force cache reload
} else {
if ($_REQUEST['provider'] == 'vimeo') {
$item->load_from_vimeo($_REQUEST['reference'], false);
// force cache reload
} else {
if (!empty($_REQUEST['reference']) && is_numeric($_REQUEST['reference'])) {
$item->load($_REQUEST['reference']);
} else {
if (is_numeric($_REQUEST['provider'])) {
$item->load($_REQUEST['provider']);
} else {
unset($item);
}
}
if (!empty($item)) {
// add some extra data
$item->extra = array('reference' => $item->id, 'link' => '', 'thumbnail' => 'img/icons/ricebowl/mimetypes/video.png', 'thumbnail_big' => 'img/icons/ricebowl/mimetypes/video.png', 'thumbnail_url' => 'img/icons/ricebowl/mimetypes/video.png', 'duration' => '', 'embed_code' => '<video src="' . file::file_url($item->id, 'inline') . '></video>');
}
}
}
if (!empty($item)) {
echo json_encode($item);
} else {
echo false;
}
break;
}
session_write_close();
$DB->disconnect();
exit;
break;
case 2:
// show/edit item properties
// show/edit item properties
case "edit":
$item->load($_REQUEST['id']);
if (isset($_REQUEST['form-sent'])) {
$item->load_from_post();
try {
$item->save();
unset($item);
$item = new file();
$item->load($_REQUEST['id']);
$layout->navigate_notification(t(53, "Data saved successfully."), false, false, 'fa fa-check');
} catch (Exception $e) {
$layout->navigate_notification($e->getMessage(), true, true);
}
}
$out = files_item_properties($item);
break;
case 10:
case 'media_browser':
files_media_browser($_GET['limit'], $_GET['offset']);
break;
case 92:
// pixlr (image editor) overlay remover
// pixlr (image editor) overlay remover
case 'pixlr_exit':
ob_clean();
file::thumbnails_remove(intval($_GET['id']));
echo '
<html>
<head></head>
<body>
<script language="javascript" type="text/javascript">
//window.parent.eval("$(\'#thumbnail-cache\').attr(\'src\', $(\'#thumbnail-cache\').attr(\'src\') + \'&refresh=\' + new Date().getTime());");
window.parent.eval(\'$("#image-preview").attr("src", $("#image-preview").attr("src") + "&refresh=" + new Date().getTime());\');
window.parent.eval("pixlr.overlay.hide();");
</script>
</body>
</html>
';
core_terminate();
break;
/*
case 91: // picnik editing
ob_clean();
// $strPicnikUrl is the URL that we use to launch Picnik.
$strPicnikUrl = "http://www.picnik.com/service";
// $aPicnikParams collects together all the params we'll give Picnik. Start with an API key
$aPicnikParams['_apikey'] = $website->picnik_api_key;
// tell Picnik where to send the exported image
$aPicnikParams['_export'] = NAVIGATE_URL.'/navigate_upload.php?wid='.$website->id.'&engine=picnik&id='.$_REQUEST['id'].'&engine=picnik&session_id='.session_id();
// give the export button a title
$aPicnikParams['_export_title'] = t(34, 'Save');
// turn on the close button, and tell it to come back here
//$aPicnikParams['_close_target'] = $strRoot;
// send in the previous "king" image in case the user feels like decorating it
$aPicnikParams['_import'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=attachment&sid='.session_id();
// tell Picnik to redirect the user to the following URL after the HTTP POST instead of just redirecting to _export
$aPicnikParams['_redirect'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=inline&ts='.core_time(); //'javascript: return false;';
// tell Picnik our name. It'll use it in a few places as appropriate
$aPicnikParams['_host_name'] = 'Navigate';
// turn off the "Save & Share" tab so users don't get confused
$aPicnikParams['_exclude'] = "out";
echo '<html><head></head><body>';
echo '<form id="picnik_form" method="POST" action="'.$strPicnikUrl.'" style=" visibility: hidden; ">';
// put all the API parameters into the form as hidden inputs
foreach( $aPicnikParams as $key => $value ) {
echo "<input type='hidden' name='$key' value='$value'/>\n";
}
//echo "<input type='text' name='address' value='Your Majesty'/>\n";
echo "<input type='submit' value='Picnik'/>\n";
echo "</form>";
echo '<script language="javascript" type="text/javascript">
document.forms[0].submit();
</script>';
echo '</body></html>';
core_terminate();
break;
*/
/*
case 91: // picnik editing
ob_clean();
// $strPicnikUrl is the URL that we use to launch Picnik.
$strPicnikUrl = "http://www.picnik.com/service";
// $aPicnikParams collects together all the params we'll give Picnik. Start with an API key
$aPicnikParams['_apikey'] = $website->picnik_api_key;
// tell Picnik where to send the exported image
$aPicnikParams['_export'] = NAVIGATE_URL.'/navigate_upload.php?wid='.$website->id.'&engine=picnik&id='.$_REQUEST['id'].'&engine=picnik&session_id='.session_id();
// give the export button a title
$aPicnikParams['_export_title'] = t(34, 'Save');
// turn on the close button, and tell it to come back here
//$aPicnikParams['_close_target'] = $strRoot;
// send in the previous "king" image in case the user feels like decorating it
$aPicnikParams['_import'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=attachment&sid='.session_id();
// tell Picnik to redirect the user to the following URL after the HTTP POST instead of just redirecting to _export
$aPicnikParams['_redirect'] = NAVIGATE_DOWNLOAD.'?wid='.$website->id.'&id='.$_REQUEST['id'].'&disposition=inline&ts='.core_time(); //'javascript: return false;';
// tell Picnik our name. It'll use it in a few places as appropriate
$aPicnikParams['_host_name'] = 'Navigate';
// turn off the "Save & Share" tab so users don't get confused
$aPicnikParams['_exclude'] = "out";
echo '<html><head></head><body>';
echo '<form id="picnik_form" method="POST" action="'.$strPicnikUrl.'" style=" visibility: hidden; ">';
// put all the API parameters into the form as hidden inputs
foreach( $aPicnikParams as $key => $value ) {
echo "<input type='hidden' name='$key' value='$value'/>\n";
}
//echo "<input type='text' name='address' value='Your Majesty'/>\n";
echo "<input type='submit' value='Picnik'/>\n";
echo "</form>";
echo '<script language="javascript" type="text/javascript">
document.forms[0].submit();
</script>';
echo '</body></html>';
core_terminate();
break;
*/
case 0:
// list / search result
// list / search result
default:
// show requested folder or search
$out = files_browser($_REQUEST['parent'], $_REQUEST['navigate-quicksearch']);
users_log::action($_REQUEST['fid'], intval($_REQUEST['parent']), 'list', '', json_encode($_REQUEST));
break;
}
return $out;
}
