$admin = new admin('Media', 'media_upload', false);
if (!$admin->checkFTAN()) {
$admin->print_header();
$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
}
// After check print the header
$admin->print_header();
// Target location
$requestMethod = '_' . strtoupper($_SERVER['REQUEST_METHOD']);
$target = isset(${$requestMethod}['target']) ? ${$requestMethod}['target'] : '';
// Include the WB functions file
$directory = $target == '/' ? '' : $target;
$dirlink = 'index.php?dir=' . $directory;
$rootlink = 'index.php?dir=';
// Check to see if target contains ../
if (!check_media_path($target, false)) {
$admin->print_error($MESSAGE['MEDIA_TARGET_DOT_DOT_SLASH']);
}
// Create relative path of the target location for the file
$relative = WB_PATH . $target . '/';
$resizepath = str_replace(array('/', ' '), '_', $target);
// Find out whether we should replace files or give an error
$overwrite = $admin->get_post('overwrite') != '' ? true : false;
// Get list of file types to which we're supposed to append 'txt'
$get_result = $database->query("SELECT value FROM " . TABLE_PREFIX . "settings WHERE name='rename_files_on_upload' LIMIT 1");
$file_extension_string = '';
if ($get_result->numRows() > 0) {
$fetch_result = $get_result->fetchRow();
$file_extension_string = $fetch_result['value'];
}
$file_extensions = explode(",", $file_extension_string);
return round($size / pow(1024, $i = floor(log($size, 1024))), 1) . $filesizename[$i];
}
// Setup template object, parse vars to it, then parse it
// Create new template object
$template = new Template(dirname($admin->correct_theme_source('media_browse.htt')));
$template->set_file('page', 'media_browse.htt');
$template->set_block('page', 'main_block', 'main');
// Get the current dir
$currentHome = $admin->get_home_folder();
$directory = ($currentHome and !array_key_exists('dir', $_GET)) ? $currentHome : $admin->strip_slashes($admin->get_get('dir'));
if ($directory == '/' or $directory == '\\') {
$directory = '';
}
$dir_backlink = 'browse.php?dir=' . $directory;
// Check to see if it contains ../
if (!check_media_path($directory)) {
// $admin->print_header();
$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH']);
}
if (!file_exists(WB_PATH . MEDIA_DIRECTORY . $directory)) {
// $admin->print_header();
$admin->print_error($MESSAGE['MEDIA']['DIR_DOES_NOT_EXIST']);
}
// Check to see if the user wanted to go up a directory into the parent folder
if ($admin->get_get('up') == 1) {
$parent_directory = dirname($directory);
header("Location: browse.php?dir={$parent_directory}");
exit(0);
}
if ($_SESSION['GROUP_ID'] != 1 && $pathsettings['global']['admin_only']) {
// Only show admin the settings link
* @link http://websitebaker.org/
* @license http://www.gnu.org/licenses/gpl.html
* @platform WebsiteBaker 2.8.3
* @requirements PHP 5.3.6 and higher
* @version $Id: thumb.php 5 2015-04-27 08:02:19Z luisehahne $
* @filesource $HeadURL: https://localhost:8443/svn/wb283Sp4/SP4/branches/wb/admin/media/thumb.php $
* @lastmodified $Date: 2015-04-27 10:02:19 +0200 (Mo, 27. Apr 2015) $
*
*/
require '../../config.php';
include_once 'resize_img.php';
require_once WB_PATH . '/framework/functions.php';
if (isset($_GET['img']) && isset($_GET['t'])) {
$image = addslashes($_GET['img']);
// Check to see if it contains ..
if (!check_media_path($image)) {
$admin->print_error($MESSAGE['MEDIA']['DIR_DOT_DOT_SLASH'], WB_URL, false);
}
$type = addslashes($_GET['t']);
$media = WB_PATH . MEDIA_DIRECTORY;
$img = new RESIZEIMAGE($media . $image);
if ($img->imgWidth) {
if ($type == 1) {
$img->resize_limitwh(50, 50);
} else {
if ($type == 2) {
$img->resize_limitwh(200, 200);
}
}
$img->close();
} else {
