function SLAM_deleteAssets(&$config, $db, &$user, &$request)
{
    /*
    	Drops the records specified in request
    */
    $result = new SLAMresult($config, $db, $user, $request);
    /* drop them from the user's prefs first */
    SLAM_dropAssetTags($config, $db, &$user, $request);
    /* iterate through the categories and assets to be dropped */
    foreach ($result->assets as $category => $assets) {
        foreach ($assets as $i => $asset) {
            if (SLAM_getAssetAccess($user, $asset) > 1) {
                $q = "UPDATE `{$category}` SET `Removed`='1' WHERE `Identifier`='{$asset['Identifier']}' LIMIT 1";
            } else {
                return SLAM_makeErrorHTML('Authentication error: You are not authorized to remove this asset.', true);
            }
            /* attempt to run the query */
            if (($result = $db->Query($q)) === false) {
                return SLAM_makeErrorHTML('Database error: asset removal failure: ' . $db->ErrorState(), true);
            }
            /* remove from the request as well (mainly to remove from the breadcrumb trail) */
            unset($request->categories[$category][$i]);
        }
    }
    # returns nothing on success (maybe a status message in the future?)
    return '';
}
Пример #2
0
function SLAM_makeAssetEditHTML(&$config, $db, $user, $request, &$result)
{
    /*
    	Displays the edit page for the records corresponding to the first category in $result
    */
    /* register the necessary header files */
    $config->html['css'][] = 'css/asset.css';
    $config->html['js'][] = 'js/asset.js';
    $config->html['js'][] = 'js/convert.js';
    /* register the javascript plugin stub */
    $config->html['onload'][] = 'doEditJS()';
    $s = "<form id='editRecord' action='{$config->html['url']}' method='POST'>\n";
    $category = array_shift(array_keys($request->categories));
    //the first category
    $assets = $result->assets[$category];
    $structure = $result->fields[$category];
    $editable = array();
    /* retrieve the field values, either for a new entry or for editing existing ones */
    if ($request->action == 'new') {
        $editable[] = true;
        $fields = SLAM_setAssetFields($config, $db, $user, $category, $structure, null);
        /* save the identifier to the form so we can come back to it if the user saves changes */
        $s .= SLAM_makeHiddenInput($fields['Identifier'], 'Identifier');
        $s .= SLAM_makeHiddenInput('true', 'new');
    } elseif ($request->action == 'clone') {
        $editable[] = true;
        $fields = SLAM_setAssetFields($config, $db, $user, $category, $structure, $assets[0]);
        /* save the identifier to the form so we can come back to it if the user saves changes */
        $s .= SLAM_makeHiddenInput($fields['Identifier'], 'Identifier');
        $s .= SLAM_makeHiddenInput('true', 'new');
    } elseif (count($assets) > 0) {
        /* retrieve the consensus field values */
        $fields = SLAM_getAssetFields($config, $db, $user, $assets);
        foreach ($assets as $asset) {
            /* save the editable status for every asset */
            $editable[] = SLAM_getAssetAccess($user, $asset) > 1;
            /* save all of the identifiers we're to update into the form */
            $s .= SLAM_makeHiddenInput($asset['Identifier'], 'Identifier[]');
        }
        $editable = array_unique($editable);
        /* fields that cannot be edited for more than one asset at a time shouldn't be shown */
        if (count($assets) > 1) {
            unset($structure['Files']);
        }
    } else {
        return SLAM_makeNoteHTML("This asset has been removed, or does not exist.", true);
    }
    /* if there are a mix of editable and uneditable assets, provide the user a warning */
    if (count($editable) > 1) {
        $config->html['onload'][] = 'doNonEditableWarning()';
        $editable = true;
    } else {
        $editable = $editable[0];
    }
    /* set our location */
    $s .= SLAM_makeHiddenInput($request->location, 'loc');
    $s .= SLAM_makeHiddenInput($category, 'cat');
    $s .= "<div id='assetEditContainer'>\n";
    $export = http_build_query(array_merge($_GET, $_POST));
    $f = <<<EOL
<div id='assetEditFunctions'>
jump to <a href='#End'>bottom</a> | 
<a href='#' onClick="setSwitchableTR('none'); return false">hide</a>/<a href='' onClick="setSwitchableTR(''); return false">show</a> unused 
| <a href='ext/export.php?{$export}'>export</a>/<a href='ext/print.php?{$export}'>print</a>
| <a href='#' onClick="showPopupDiv('pub/help_edit.html','helpDiv',{}); return false">help</a>
</div>

EOL;
    $b = "{$f}<table id='assetEdit'>\n";
    /* go through the structure and put together each fields's html */
    foreach ($structure as $name => $scheme) {
        /* when we run across the title field, save it to the $t variable for later use */
        if ($name == $config->categories[$category]['title_field']) {
            $t = "<div id='assetEditTitle'>{$category} : {$fields[$name]}</div>\n";
        }
        /* collapse fields that are empty */
        $collapsed = false;
        if (in_array($fields[$name], $config->values['hide_empty'])) {
            $collapsed = true;
        }
        if ($request->action == 'new') {
            $collapsed = false;
        }
        switch ($name) {
            case 'Identifier':
                /* identifier should not be editable if the user is not a superuser */
                $b .= SLAM_makeFieldHTML($config, $request, $fields[$name], $scheme, $user->superuser, $collapsed);
                break;
            case 'permissions':
                /* insert the permissions control panel */
                $b .= SLAM_makePermissionsHTML($config, $user, $assets);
                $b .= SLAM_makeHiddenInput(base64_encode(json_encode($fields[$name])), 'permissions');
                break;
            case 'Project':
                /* save the default projects array to the structure of the projects field */
                $scheme['values'] = $config->projects;
                $b .= SLAM_makeFieldHTML($config, $request, $fields[$name], $scheme, $editable, False);
                break;
            case 'Files':
                /* if there's a "Files" field, show a link to the file browser instead */
                $b .= "<tr>\n<td class='assetEditField'>Files :</td><td class='assetEditValue'><input type='button' class='assetFileButton' onClick=\"showFileManager('ext/files.php?i={$fields['Identifier']}'); return false\" value='Open Browser' /></td><td class='assetEditFunction'>&nbsp;</td>\n</tr>\n";
                break;
            default:
                if ($scheme['hidden'] && !$user->superuser) {
                    $b .= SLAM_makeHiddenInput($fields[$name], 'edit_' . base64_encode($scheme['name']));
                } else {
                    $b .= SLAM_makeFieldHTML($config, $request, $fields[$name], $scheme, $editable, $collapsed);
                }
        }
    }
    $s .= "{$t}{$b}</table>\n";
    $s .= "<div id='assetEditActions'>\n";
    if ($editable) {
        $s .= "<input type='button' name='action' value='Cancel' onClick='javascript: history.go(-1)'/><input type='submit' name='action' value='Delete' onClick=\"javascript:return confirm('Are you sure you want to delete the selected record?')\"/><input type='submit' name='action' value='Save' /><input type='submit' name='action' value='Save Changes' />\n";
    } else {
        $s .= "<input type='button' name='action' value='Cancel' onClick='javascript: history.go(-1)'/>\n";
    }
    $s .= "<a name='End'>&nbsp;</a>\n";
    $s .= "</div>\n</div></form>\n";
    return $s;
}
Пример #3
0
//exit status descriptions from the zip man page
$slam_file_errors['unzip_errors'] = array('No error', 'One or more warning errors were encountered, but processing completed successfully anyway', 'A generic error in the zipfile format was detected', 'A severe error in the zipfile format was detected.', 'unzip was unable to allocate itself memory.', 'unzip was unable to allocate memory, or encountered an encryption error', 'unzip was unable to allocate memory during decompression to disk', 'unzip was unable allocate memory during in-memory decompression', 'unused', 'The specified zipfiles were not found', 'Bad command line parameters', 'No matching files were found', '50' => 'The disk is (or was) full during extraction', 51 => 'The end of the ZIP archive was encountered prematurely.', 80 => 'The user aborted unzip prematurely.', 81 => 'Testing or extraction of one or more files failed due to unsupported compression methods or unsupported decryption.', 82 => 'No files were found due to bad decryption password(s)');
if (!$user->authenticated) {
    echo "You are not logged in.\n";
    return;
}
$request = new SLAMrequest($config, $db, $user);
$result = new SLAMresult($config, $db, $user, $request);
$category = array_shift(array_keys($request->categories));
$identifier = array_shift($request->categories[$category]);
$path = SLAM_getArchivePath($config, $category, $identifier);
$access = 0;
/* get asset and set the accessibility appropriately */
if (count($result->assets[$category]) == 1) {
    $asset = array_shift($result->assets[$category]);
    $access = SLAM_getAssetAccess($user, $asset);
} else {
    // possibly a new asset
    $access = 2;
}
/* if we've encountered any errors at this point, bail */
if (count($config->errors) == 0 && $access > 1) {
    /* sanitize the path before going any further */
    $path = escapeshellarg($path);
    /* are there files ready to be uploaded? */
    if (isset($_FILES['asset_file'])) {
        $i = 0;
        foreach ($_FILES['asset_file']['error'] as $error) {
            if ($error == UPLOAD_ERR_OK) {
                # single quotes really mess with zip's ability to access file, may fix at a later date
                $name = str_replace("\\'", '', urldecode($_FILES['asset_file']['name'][$i]));
Пример #4
0
function SLAM_makeAssetTableHTML($config, $db, $user, $request, $category, $assets)
{
    $s = '';
    /* loop through each category */
    if (count($assets) < 1) {
        return "<div class='assetListEmpty'>( No entries found )</div>\n";
    }
    /* start the table output */
    $s .= "<table class='assetList' id='assetListTable_{$category}'>\n";
    /* register onloads */
    $config->html['onload'][] = "checkAssetListBoxes(\"{$category}\")";
    /* combine the two field arrays, except remove those that are present in both */
    $fields = $config->categories[$category]['list_fields'];
    /* build the header bar showing the fields for each table */
    $s .= "<tr class='assetListHeader'>\n";
    $s .= "<td><a href='#' onClick='toggleCategoryCheckboxes(\"{$category}\"); return false'>Select</a></td>\n";
    // cell for the edit link and radio buttons
    foreach ($fields as $field) {
        $field = strlen($field) > $config->values['title_truncate'] ? substr($field, 0, $config->value['title_truncate']) . '...' : $field;
        $direction = $request->order['direction'] == 'DESC' ? "ASC" : "DESC";
        $s .= "<td><a href='" . $request->makeRequestURL($config, array('order' => array('field' => $field, 'direction' => $direction)), true) . "'>{$field}</a></td>\n";
    }
    $s .= "</tr>\n";
    /* build the asset rows */
    $i = 0;
    // the record counter, used for even/odd TR classes
    foreach ($assets as $asset) {
        /* use the appropriate tr class */
        $s .= ($i + 1) % 2 == 0 ? "<tr class='assetListRowEven'>\n" : "<tr class='assetListRowOdd'>\n";
        /* is it selected? */
        //	$c = (@in_array($asset['Identifier'],$request->categories[$category])) ? 'checked=\'true\'' : '';
        /* generate the checkbox and link */
        $s .= "<td class='assetListLink'>\n";
        $s .= "<input type='checkbox' name='i[]' value='{$asset['Identifier']}' id='{$category}_checkbox_{$i}' onClick='checkAssetListBoxes(\"{$category}\")' /> ";
        /* the url for the entry */
        $url = $request->makeRequestURL($config, array('identifier' => array($asset['Identifier']), 'action' => 'open'), true);
        /* is the current user qualified to edit this record ? */
        $editable = SLAM_getAssetAccess($user, $asset) > 1;
        $d = $editable ? '' : "disabled='disabled'";
        $s .= $editable ? "<a href='{$url}'>open</a>\n" : "<a href='{$url}'>view</a>\n";
        $s .= "</td>\n";
        foreach ($fields as $field) {
            /* use the reduced-size class if it's too long */
            $class = strlen($asset[$field]) > $config->values['field_resize'] ? 'assetListFieldLong' : 'assetListField';
            /* truncate the value if it's too long */
            $value = strlen($asset[$field]) > $config->values['field_truncate'] ? substr($asset[$field], 0, $config->values['field_truncate']) . '...' : $asset[$field];
            if ($field == 'Files') {
                /* change the status of the button if there are no attached files */
                if ($asset[$field] == '') {
                    $s .= "<td class='assetListField'><input type='button' class='listFileButton' onClick=\"showFileManager('ext/files.php?i={$asset['Identifier']}'); return false\" value='None' />\n";
                } else {
                    $s .= "<td class='assetListField'><input type='button' class='listFileButton' onClick=\"showFileManager('ext/files.php?i={$asset['Identifier']}'); return false\" value='View' />\n";
                }
            } else {
                $s .= $f_value == $value ? "<td class='{$class}'>{$value}</td>\n" : "<td class='{$class}' title='{$asset[$field]}'>{$value}</td>\n";
            }
        }
        $s .= "</tr>\n";
        $i++;
    }
    $s .= "</table>\n";
    return $s;
}