function file_upload_show($content)
{
//echo "<h2>".__('Add Category')."</h2>";
$results = array();
preg_match_all("/\\[\\s?fileuploader \\s?(.*)\\s?\\]/", $content, $results);
//print_r($results);
$i = 0;
foreach ($results[0] as $r) {
$content = str_replace($r, show_files($results[1][$i]), $content);
$i++;
}
return $content;
}
function lists()
{
$item = v('item');
switch ($item) {
case 'casecat':
$data['contents'] = show_cat('yxy_casecat');
$data['h1title'] = '案例分类管理';
break;
case 'caseslist':
$data['contents'] = show_cases();
$data['h1title'] = '案例管理';
break;
case 'lawcat':
$data['contents'] = show_cat('yxy_lawcat');
$data['h1title'] = '法律法规分类管理';
break;
case 'lawlist':
$data['contents'] = show_laws();
$data['h1title'] = '法律法规管理';
break;
case 'filecat':
$data['contents'] = show_cat('yxy_filecat');
$data['h1title'] = '文档分类管理';
break;
case 'filelist':
$data['contents'] = show_files();
$data['filecat'] = get_all_filecat();
$data['h1title'] = '文档管理';
break;
default:
$data['contents'] = show_cases();
break;
}
$data['title'] = $data['top_title'] = '网站后台';
$data['itemname'] = $item;
render($data, 'web', 'editcontent');
}
}
# what is the current id
if (isset($_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
header("Location: index.php");
die('need an id');
}
# Make sure we can get here.
if ($sections[$table]['level']['edit'] < get_page_acccess_level() && ($table != "users" || $id != get_userid())) {
#header("Location: {$matches[1]}/index.php");
die("Not authorized. " . get_userid());
}
# print top
print_header($table);
print_menu($section);
# print form to edit entry
$msg = print_entry($id, $table, false);
# list files associated
if ($section['files']) {
$tmp = show_files($id, $table, false);
if ($msg == "") {
$msg = $tmp;
} else {
if ($tmp != "") {
$msg = "{$msg}<br/>{$tmp}";
}
}
}
# print footer of html
print_footer($msg);
require "common.php";
# find the table
$table = isset($_REQUEST['table']) ? $_REQUEST['table'] : "";
$section = $sections[$table];
if (empty($section)) {
#header("Location: index.php");
die("Invalid table.");
}
# what is the current id
if (isset($_REQUEST['id'])) {
$id = $_REQUEST['id'];
} else {
#header("Location: index.php");
die('need an id');
}
# Make sure we can get here.
if ($sections[$table]['level']['show'] < get_page_acccess_level() && ($table != "users" || $id != get_userid())) {
#header("Location: index.php");
die("Not authorized.");
}
# print top
print_header($table);
print_menu($section);
# print form to show entry
print_entry($id, $table, true);
# list files associated
if ($section['files']) {
show_files($id, $table, true);
}
# print footer of html
print_footer();
function show_prj()
{
checkPerm('view');
$out =& $GLOBALS['page'];
$out->setWorkingZone('content');
$lang =& DoceboLanguage::createInstance('project', "lms");
global $pathprj;
require_once _base_ . '/lib/lib.table.php';
// Controllo che l'utente non cerchi di entrare in progetti a cui non e' iscritto.
$id = $_GET["id"];
$myprj = user_projects(Docebo::user()->getIdSt());
if (!in_array($id, $myprj)) {
die("You can't access");
}
$modimg = '<img src="' . getPathImage() . 'standard/edit.png" alt="' . $lang->def("_MOD") . '" />';
$query = sql_query("SELECT * FROM " . $GLOBALS["prefix_lms"] . "_prj WHERE id='{$id}';");
if ($query && mysql_num_rows($query) > 0) {
$row = mysql_fetch_array($query);
}
$ta_array = array();
$ta_array["index.php?modname=project&op=project"] = $lang->def("_PROJECT_MANAGER");
$ta_array[] = $row["ptitle"];
$out->add(getTitleArea($ta_array, "project"));
$out->add('<div class="std_block">');
/* $out->add('<div class="alignRight">'
.'<a class="back_comand" href="index.php?modname=project&op=project">'.$lang->def("_BACK").'</a></div><br />'); */
$url = "index.php?modname=project&op=project";
$out->add(getBackUi($url, $lang->def('_BACK')));
$show_something = false;
$out->add("<table class=\"prjcontainer\">\n");
$out->add("<tr>\n");
$out->add("<td width=\"60%\">\n");
//=TASKS==============
if ($row["pstasks"]) {
show_task($id, $row, $modimg);
$show_something = true;
}
//=FILES==============
if ($row["psfiles"]) {
show_files($id, $row, $modimg);
$show_something = true;
}
$out->add("</td>\n");
$out->add("<td>");
//=NEWS==============
if ($row["psnews"]) {
show_news($id, $row, $modimg);
$show_something = true;
}
//=TODO==============
if ($row["pstodo"]) {
show_todo($id, $row, $modimg);
$show_something = true;
}
$out->add("</td>\n");
$out->add("</tr>\n");
$out->add("</table><br />\n");
require_once _base_ . '/lib/lib.dialog.php';
setupHrefDialogBox('a[href*=prjdelitem]');
//=MSG======================================================
if ($row["psmsg"]) {
$show_something = true;
require_once $GLOBALS["where_framework"] . "/lib/lib.sysforum.php";
$out->add('<h3 class="prjmsg_title">' . $lang->def("_MESSAGES") . '</h3>' . "\n");
$out =& $GLOBALS['page'];
$out->setWorkingZone('content');
//$lang=DoceboLanguage::createInstance("sysforum", "lms");
$sf = new sys_forum("lms", "project_message", $id);
$sf->setPrefix($GLOBALS["prefix_lms"]);
$sf->can_write = true;
$sf->can_moderate = (bool) (is_owner(Docebo::user()->getIdSt(), $id) || is_admin(Docebo::user()->getIdSt(), $id));
$sf->can_upload = true;
$sf->use_realname = true;
$sf->url = "index.php?modname=project&op=showprj&id=" . $id;
$out->add($sf->show());
// Change with sysforum class
}
if (!$show_something) {
$out->add("<h3>" . $lang->def("_NOTHINGTOSEE") . "</h3>\n");
}
$out->add('</div>');
}
require_once './config.php';
/* Get path */
if (isset($_GET['path'])) {
$dir = sanitize($_GET['path']);
} else {
$dir = TFTP_FILE_ROOT;
}
/* Download or show files */
if (isset($_GET['download'])) {
/* Download files */
$file = sanitize($_GET['download']);
get_file($file);
} else {
/* Show files */
send_header($dir);
show_files($dir);
send_footer();
}
function sanitize($path)
{
/* Don't get back up the directory structure */
if (preg_match('/\\.\\./', $path) > 0) {
echo "Illegal path specified";
exit;
}
/* Make sure we are within DIRROOT */
if (preg_match('!^' . TFTP_FILE_ROOT . '!', $path) == 0) {
echo "Illegal access";
exit;
}
return $path;
} elseif (my_session_valid()) {
$path = $GLOBALS['config']['my_file_path'];
if (isset($_GET['c'])) {
$path = my_validate_path($_GET['c']);
}
if (isset($_GET['p'])) {
$path = my_validate_path($_GET['p']);
}
if (is_file($path) && !is_link($path)) {
if (isset($_GET['c'])) {
show_checksum($path);
} else {
show_download($path);
}
} elseif (is_dir($path)) {
show_files($path);
} else {
header("HTTP/1.0 404 Not Found");
show_error("404 - Not found");
}
} else {
show_login();
}
exit;
################################################################################
function my_init()
{
if (is_readable('../depot.conf')) {
$GLOBALS['config'] = parse_ini_file('../depot.conf');
} else {
show_error('Could not read config file.');
$tmp['JSTEXT'] = $tmp['JSTEXT'] . 'var pp_modified = "' . $cms_lang['upl_js_texte_pp_modified'] . '";' . "\n";
$tmp['JSTEXT'] = $tmp['JSTEXT'] . 'var pp_author = "' . $cms_lang['upl_js_texte_pp_author'] . '";' . "\n";
$tmp['JSTEXT'] = $tmp['JSTEXT'] . 'var pp_size = "' . $cms_lang['upl_js_texte_pp_size'] . '";' . "\n";
$tmp['JSTEXT'] = $tmp['JSTEXT'] . '</script>' . "\n";
//
// do layout props
//
$tpl->setVariable($tmp);
unset($tmp);
//
// show directories and files
//
$tpl->setCurrentBlock('ENTRY');
showTree($fm_tree);
if ($idopen > 0 && $perm->have_perm(1, 'folder', $idopen)) {
show_files($idopen);
}
//
// generate file upload
// check upload permission for area first
if ($perm->have_perm(25, 'area_upl') || $perm->have_perm(25, 'folder', $idopen)) {
$tpl->setCurrentBlock('FILEIMPORTBULK');
$tmp['FILEIMPORTTRIPLE_ACTION'] = $sess->url("main.php?area=upl&idexpand={$idexpand}&viewtype={$viewtype}");
$tmp['FILEIMPORTTRIPLE_FUNC'] = 'uploadfile';
$tmp['FILEIMPORTTRIPLE_CLIENT'] = $client;
$tmp['FILEIMPORTTRIPLE_BGCOLOR'] = 'content7';
$tmp['FILEIMPORTTRIPLE_TEXT'] = $cms_lang['upl_upload'];
$tmp['FILEIMPORTTRIPLE_NAME'] = 'userfile[]';
$tmp['FILEIMPORTTRIPLE_PICT'] = 'tpl/' . $cfg_cms['skin'] . '/img/upl_upload.gif';
$tmp['FILEIMPORTTRIPLE_HINT'] = $cms_lang["upl_upload"];
$tmp['FILEIMPORTTRIPLE_TO'] = $cms_lang['upl_newplace'];