From 889e8eaf7c40817663dd602a21ac771062ccac3b Mon Sep 17 00:00:00 2001 From: Alex AUVOLAT Date: Thu, 21 Jun 2012 16:34:27 +0200 Subject: Big change, sir. Can now upload any kind of files. --- lib/conf/apps.php | 2 +- lib/conf/file.php | 13 +++++++++++ lib/conf/image.php | 7 ------ lib/file/delete.php | 21 +++++++++++++++++ lib/file/delfld.php | 16 +++++++++++++ lib/file/editfld.php | 44 +++++++++++++++++++++++++++++++++++ lib/file/editinfo.php | 51 ++++++++++++++++++++++++++++++++++++++++ lib/file/folder.php | 43 ++++++++++++++++++++++++++++++++++ lib/file/index.php | 44 +++++++++++++++++++++++++++++++++++ lib/file/newfld.php | 32 +++++++++++++++++++++++++ lib/file/upload.php | 54 +++++++++++++++++++++++++++++++++++++++++++ lib/image/delete.php | 21 ----------------- lib/image/delfld.php | 16 ------------- lib/image/editfld.php | 44 ----------------------------------- lib/image/editinfo.php | 51 ---------------------------------------- lib/image/folder.php | 43 ---------------------------------- lib/image/index.php | 49 --------------------------------------- lib/image/newfld.php | 32 ------------------------- lib/image/upload.php | 63 -------------------------------------------------- 19 files changed, 319 insertions(+), 327 deletions(-) create mode 100644 lib/conf/file.php delete mode 100644 lib/conf/image.php create mode 100644 lib/file/delete.php create mode 100644 lib/file/delfld.php create mode 100644 lib/file/editfld.php create mode 100644 lib/file/editinfo.php create mode 100644 lib/file/folder.php create mode 100644 lib/file/index.php create mode 100644 lib/file/newfld.php create mode 100644 lib/file/upload.php delete mode 100644 lib/image/delete.php delete mode 100644 lib/image/delfld.php delete mode 100644 lib/image/editfld.php delete mode 100644 lib/image/editinfo.php delete mode 100644 lib/image/folder.php delete mode 100644 lib/image/index.php delete mode 100644 lib/image/newfld.php delete mode 100644 lib/image/upload.php (limited to 'lib') diff --git a/lib/conf/apps.php b/lib/conf/apps.php index 8afeb2d..8e755b1 100644 --- a/lib/conf/apps.php +++ b/lib/conf/apps.php @@ -5,7 +5,7 @@ $homepage = "blog"; $apps = array( // Image upload application - "image" => array( + "file" => array( "index" => 1, "delete" => 1, "editinfo" => 1, diff --git a/lib/conf/file.php b/lib/conf/file.php new file mode 100644 index 0000000..4a8830e --- /dev/null +++ b/lib/conf/file.php @@ -0,0 +1,13 @@ += 3, 'file'); +$fldid = intval($args[2]); + +$fld = mysql_fetch_assoc(sql( + "SELECT id, name, comment, public, owner ". + "FROM folders WHERE id = $fldid" + )); +assert_error($fld && $fld['owner'] == $user['id'], + "This folder does not exist, or you are not allowed to edit it."); + +token_validate("Do you really want to delete this folder ?", "folder-file-$fldid"); +sql("DELETE FROM folders WHERE id = $fldid"); +sql("UPDATE files SET folder = 0 WHERE folder = $fldid"); +header("location: file"); diff --git a/lib/file/editfld.php b/lib/file/editfld.php new file mode 100644 index 0000000..db5a304 --- /dev/null +++ b/lib/file/editfld.php @@ -0,0 +1,44 @@ + "Folder name : ", "name" => "name", "value" => $fld_name), + array("label" => "Public ? ", "name" => "public", "type" => "checkbox", "checked" => $fld_public), + array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $fld_comment), + ); +$validate = "Save"; + +require("tpl/general/form.php"); + diff --git a/lib/file/editinfo.php b/lib/file/editinfo.php new file mode 100644 index 0000000..eea9f35 --- /dev/null +++ b/lib/file/editinfo.php @@ -0,0 +1,51 @@ + "[no folder]"); +$r = sql("SELECT id, name FROM folders WHERE owner = " . $user['id'] . " ORDER BY name ASC"); +while ($n = mysql_fetch_array($r)) + $folders[$n['id']] = $n['name']; + +$title = "Edit file info : " . $info['name']; +$fields = array( + array("label" => "File name : ", "name" => "name", "value" => $name), + array("label" => "Folder : ", "type" => "select", "name" => "folder", "choices" => $folders, "value" => $folder), + array("label" => "Comment : ", "name" => "comment", "value" => $comment, "type" => "textarea"), +); +$validate = "Save"; + +require("tpl/general/form.php"); diff --git a/lib/file/folder.php b/lib/file/folder.php new file mode 100644 index 0000000..15e8625 --- /dev/null +++ b/lib/file/folder.php @@ -0,0 +1,43 @@ += $apps['file']['editfld'] && $user['id'] == $fld['owner']); +$is_owner = ($user['id'] == $fld['owner']); + +$filters = array ( + "order" => array ( + "name" => "title", + "upl_date" => "date uploaded", + ), + "way" => $ord_ways, +); +$fdefaults = array ( + "order" => "name", + "way" => "ASC", +); + +$title = $fld["name"]; + +$files = array(); +$fileq = sql("SELECT files.id AS id, files.name AS name, files.extension AS extension, files.upl_date AS upl_date, ". + "files.comment_html AS comment_html FROM files WHERE files.folder = $fldid"); +while ($img = mysql_fetch_assoc($fileq)) $files[] = $img; + +$s = sql("SELECT id, name FROM folders WHERE owner = " . $fld['owner'] . ($fld['owner'] == $user['id'] ? '' : " AND public != 0"). " ORDER BY name ASC"); +$folers = array(); +while ($f = mysql_fetch_assoc($s)) $folders[] = $f; + +require("tpl/file/folder.php"); diff --git a/lib/file/index.php b/lib/file/index.php new file mode 100644 index 0000000..34686c5 --- /dev/null +++ b/lib/file/index.php @@ -0,0 +1,44 @@ + array ( + "name" => "title", + "upl_date" => "date uploaded", + "folder_name" => "folder", + ), + "way" => $ord_ways, +); +$fdefaults = array ( + "order" => "upl_date", + "way" => "DESC", +); + +$title = "Image upload"; + +$files = array(); +$fileq = sql("SELECT files.id AS id, files.name AS name, files.extension AS extension, files.upl_date AS upl_date, ". + "files.comment_html AS comment_html, folders.id AS folder_id, folders.name AS folder_name ". + " FROM files LEFT JOIN folders ON folders.id = files.folder ". + "WHERE files.owner = " . $user['id'] . + " ORDER BY " . get_filter('order') . " " . get_filter('way')); +while ($img = mysql_fetch_assoc($fileq)) $files[] = $img; + +if ($user['priv'] < $apps['file']['upload']) { + $error = "You don't have the rights to upload files."; + $can_upload = false; +} else { + $can_upload = true; +} + +$folders = array(); +$r = sql("SELECT id, name FROM folders WHERE owner = " . $user['id'] . " ORDER BY name ASC"); +while ($f = mysql_fetch_assoc($r)) { + $folders[] = $f; +} + +$can_delete = ($user['priv'] >= $apps['file']['delete'] && $user['id'] != 0); +$can_rename = ($user['priv'] >= $apps['file']['editinfo'] && $user['id'] != 0); + +require("tpl/file/index.php"); diff --git a/lib/file/newfld.php b/lib/file/newfld.php new file mode 100644 index 0000000..6b5ba1f --- /dev/null +++ b/lib/file/newfld.php @@ -0,0 +1,32 @@ + "Name : ", "name" => "name", "value" => $fld_name), + array("label" => "Public ? ", "name" => "public", "type" => "checkbox", "checked" => $fld_public), + array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $fld_comment), + ); +$validate = "Create folder"; + +require("tpl/general/form.php"); diff --git a/lib/file/upload.php b/lib/file/upload.php new file mode 100644 index 0000000..4b5299d --- /dev/null +++ b/lib/file/upload.php @@ -0,0 +1,54 @@ += 3, 'image'); -$fldid = intval($args[2]); - -$fld = mysql_fetch_assoc(sql( - "SELECT id, name, comment, public, owner ". - "FROM img_folders WHERE id = $fldid" - )); -assert_error($fld && $fld['owner'] == $user['id'], - "This folder does not exist, or you are not allowed to edit it."); - -token_validate("Do you really want to delete this folder ?", "folder-image-$fldid"); -sql("DELETE FROM img_folders WHERE id = $fldid"); -sql("UPDATE images SET folder = 0 WHERE folder = $fldid"); -header("location: image"); diff --git a/lib/image/editfld.php b/lib/image/editfld.php deleted file mode 100644 index a0bef1f..0000000 --- a/lib/image/editfld.php +++ /dev/null @@ -1,44 +0,0 @@ - "Name : ", "name" => "name", "value" => $fld_name), - array("label" => "Public ? ", "name" => "public", "type" => "checkbox", "checked" => $fld_public), - array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $fld_comment), - ); -$validate = "Save"; - -require("tpl/general/form.php"); - diff --git a/lib/image/editinfo.php b/lib/image/editinfo.php deleted file mode 100644 index 8223c18..0000000 --- a/lib/image/editinfo.php +++ /dev/null @@ -1,51 +0,0 @@ - "[no folder]"); -$r = sql("SELECT id, name FROM img_folders WHERE owner = " . $user['id'] . " ORDER BY name ASC"); -while ($n = mysql_fetch_array($r)) - $folders[$n['id']] = $n['name']; - -$title = "Edit image info : " . $info['name']; -$fields = array( - array("label" => "Name : ", "name" => "name", "value" => $name), - array("label" => "Folder : ", "type" => "select", "name" => "folder", "choices" => $folders, "value" => $folder), - array("label" => "Comment : ", "name" => "comment", "value" => $comment, "type" => "textarea"), -); -$validate = "Save"; - -require("tpl/general/form.php"); diff --git a/lib/image/folder.php b/lib/image/folder.php deleted file mode 100644 index 574531c..0000000 --- a/lib/image/folder.php +++ /dev/null @@ -1,43 +0,0 @@ -= $apps['image']['editfld'] && $user['id'] == $fld['owner']); -$is_owner = ($user['id'] == $fld['owner']); - -$filters = array ( - "order" => array ( - "name" => "title", - "upl_date" => "date uploaded", - ), - "way" => $ord_ways, -); -$fdefaults = array ( - "order" => "name", - "way" => "ASC", -); - -$title = $fld["name"]; - -$images = array(); -$files = sql("SELECT images.id AS id, images.name AS name, images.extension AS extension, images.upl_date AS upl_date, ". - "images.comment_html AS comment_html FROM images WHERE images.folder = $fldid"); -while ($img = mysql_fetch_assoc($files)) $images[] = $img; - -$s = sql("SELECT id, name FROM img_folders WHERE owner = " . $fld['owner'] . ($fld['owner'] == $user['id'] ? '' : " AND public != 0"). " ORDER BY name ASC"); -$folers = array(); -while ($f = mysql_fetch_assoc($s)) $folders[] = $f; - -require("tpl/image/folder.php"); diff --git a/lib/image/index.php b/lib/image/index.php deleted file mode 100644 index b9748dc..0000000 --- a/lib/image/index.php +++ /dev/null @@ -1,49 +0,0 @@ - array ( - "name" => "title", - "upl_date" => "date uploaded", - "folder_name" => "folder", - ), - "way" => $ord_ways, -); -$fdefaults = array ( - "order" => "name", - "way" => "ASC", -); - -$title = "Image upload"; - -$images = array(); -$files = sql("SELECT images.id AS id, images.name AS name, images.extension AS extension, images.upl_date AS upl_date, ". - "images.comment_html AS comment_html, img_folders.id AS folder_id, img_folders.name AS folder_name ". - " FROM images LEFT JOIN img_folders ON img_folders.id = images.folder ". - "WHERE images.owner = " . $user['id'] . - " ORDER BY " . get_filter('order') . " " . get_filter('way')); -while ($img = mysql_fetch_assoc($files)) $images[] = $img; - -/*if (count($images) >= $quota && $user['priv'] < $min_priv_for_no_quota) { - $error = "You have already exceeded your quota of $quota uploadable images."; - $can_upload = false; -} else */ - -if ($user['priv'] < $apps['image']['upload']) { - $error = "You don't have the rights to upload images."; - $can_upload = false; -} else { - $can_upload = true; -} - -$folders = array(); -$r = sql("SELECT id, name FROM img_folders WHERE owner = " . $user['id'] . " ORDER BY name ASC"); -while ($f = mysql_fetch_assoc($r)) { - $folders[] = $f; -} - -$can_delete = ($user['priv'] >= $apps['image']['delete'] && $user['id'] != 0); -$can_rename = ($user['priv'] >= $apps['image']['editinfo'] && $user['id'] != 0); - -require("tpl/image/index.php"); diff --git a/lib/image/newfld.php b/lib/image/newfld.php deleted file mode 100644 index 63afd17..0000000 --- a/lib/image/newfld.php +++ /dev/null @@ -1,32 +0,0 @@ - "Name : ", "name" => "name", "value" => $fld_name), - array("label" => "Public ? ", "name" => "public", "type" => "checkbox", "checked" => $fld_public), - array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $fld_comment), - ); -$validate = "Create folder"; - -require("tpl/general/form.php"); diff --git a/lib/image/upload.php b/lib/image/upload.php deleted file mode 100644 index 5176a3a..0000000 --- a/lib/image/upload.php +++ /dev/null @@ -1,63 +0,0 @@ -= $min_priv_for_no_quota || $user['id'] == 0, - "You have already exceeded your upload quota."); -*/ - -if (isset($_FILES['image']) && isset($_POST['name'])) { - $name = esca($_POST['name']); - if ($name == "") $name = $_FILES['image']['name']; - if ($_FILES['image']['error'] != 0) { - $error = "Sorry, an error occurred while uploading your file. Try with a smaller one."; - require("tpl/image/upload.php"); - } - $origname = strtolower(basename($_FILES['image']['name'])); - if (preg_match("#\.png$#",$origname)) { - $type = "png"; - } elseif (preg_match("#\.gif$#",$origname)) { - $type = "gif"; - } elseif (preg_match("#\.jpg$#",$origname) or preg_match("#\.jpeg$#",$origname)) { - $type = "jpg"; - } else { - $error = "Sorry, we only accept GIF, PNG and JPEG images."; - require("tpl/image/upload.php"); - } - sql("INSERT INTO images(owner, extension, name, upl_date) VALUES(" . $user['id'] . ", '$type', '" . escs($name) . "', NOW())"); - $id = mysql_insert_id(); - $filen = $savedir . $id . "." . $type; - $minin = $savedir . $id . "-min." . $type; - if (!copy($_FILES['image']['tmp_name'], $filen)) { - $error = "An internal error occurred. You might want to try again later."; - sql("DELETE FROM images WHERE id = $id"); - require("tpl/image/upload.php"); - } - - if ($type == "png") - $source = imagecreatefrompng($filen); - elseif ($type == "jpg") - $source = imagecreatefromjpeg($filen); - elseif ($type == "gif") - $source = imagecreatefromgif($filen); - $l = imagesx($source); - $h = imagesy($source); - $l2 = $miniature_width; - $h2 = $l2 * $h / $l; - $mini = imagecreatetruecolor($l2, $h2); - imagecopyresampled($mini, $source, 0, 0, 0, 0, $l2, $h2, $l, $h); - if ($type == "png") - imagepng($mini, $minin); - elseif ($type == "jpg") - imagejpeg($mini, $minin); - elseif ($type == "gif") - imagegif($mini, $minin); - $message = "Your image has been uploaded successfully."; - require("tpl/image/upload-ok.php"); -} else { - require("tpl/image/upload.php"); -} -- cgit v1.2.3