$action = COM_applyFilter($_POST['action']);
$album_id = COM_applyFilter($_POST['album_id'], true);
switch ($action) {
case 'album':
require_once $_CONF['path'] . 'plugins/mediagallery/include/albumedit.php';
$retval .= MG_saveAlbum($album_id, $_MG_CONF['site_url'] . '/album.php?aid=' . $album_id);
CACHE_remove_instance('whatsnew');
break;
case 'remoteupload':
require_once $_CONF['path'] . 'plugins/mediagallery/include/remote.php';
$retval = MG_saveRemoteUpload($album_id);
break;
case 'upload':
require_once $_CONF['path'] . 'plugins/mediagallery/include/newmedia.php';
if (SEC_checkToken()) {
$retval = MG_saveUserUpload($album_id);
} else {
$retval = MG_errorHandler("Invalid input received");
}
break;
case 'ftp':
require_once $_CONF['path'] . 'plugins/mediagallery/include/ftpmedia.php';
$dir = $_REQUEST['directory'];
$purgefiles = isset($_REQUEST['purgefiles']) ? $_REQUEST['purgefiles'] : 0;
$recurse = isset($_REQUEST['recurse']) ? $_REQUEST['recurse'] : 0;
if (strstr($dir, "..")) {
$retval .= MG_errorHandler("Invalid input received");
} else {
$retval .= MG_navbar($LANG_MG01['ftp_media'], $album_id);
$retval .= MG_FTPpickFiles($album_id, $dir, $purgefiles, $recurse);
}
}
$action = COM_applyFilter($_POST['action']);
$album_id = COM_applyFilter($_POST['album_id'], true);
$display = '';
switch ($action) {
case 'album':
require_once $include . 'albumedit.php';
$display .= MG_saveAlbum($album_id);
break;
case 'remoteupload':
require_once $include . 'remote.php';
$display .= MG_saveRemoteUpload($album_id);
break;
case 'upload':
require_once $include . 'newmedia.php';
$display .= MG_saveUserUpload($album_id);
break;
case 'ftp':
require_once $include . 'ftpmedia.php';
$dir = $_REQUEST['directory'];
$purgefiles = $_REQUEST['purgefiles'];
$recurse = $_REQUEST['recurse'];
if (strstr($dir, "..")) {
$display .= COM_showMessageText('Invalid input received' . ' [ <a href=\'javascript:history.go(-1)\'>' . $LANG_MG02['go_back'] . '</a> ]');
} else {
$display .= MG_FTPpickFiles($album_id, $dir, $purgefiles, $recurse);
}
break;
case 'ftpprocess':
require_once $include . 'ftpmedia.php';
MG_ftpProcess($album_id);
