<?php
/*
* Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
- * Copyright (C) 2002-2009 The Nucleus Group
+ * Copyright (C) 2002-2012 The Nucleus Group
*
* This program is free software; you can redistribute it and/or
* modify it under the terms of the GNU General Public License
* passed through to the add-item form (linkto, popupimg or inline img)
*
* @license http://nucleuscms.org/license.txt GNU General Public License
- * @copyright Copyright (C) 2002-2009 The Nucleus Group
+ * @copyright Copyright (C) 2002-2012 The Nucleus Group
* @version $Id: media.php 1624 2012-01-09 11:36:20Z sakamocchi $
*
*/
// check if member is on at least one teamlist
$query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();
-$teams = sql_query($query);
-if (sql_num_rows($teams) == 0 && !$member->isAdmin())
+$teams = DB::getResult($query);
+if ($teams->rowCount() == 0 && !$member->isAdmin())
media_doError(_ERROR_DISALLOWEDUPLOAD);
// get action
$currentCollection = $member->getID();
// avoid directory travarsal and accessing invalid directory
- if (!MEDIA::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED);
+ if (!Media::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED);
media_head();
// get collection list
- $collections = MEDIA::getCollectionList();
+ $collections = Media::getCollectionList();
if (sizeof($collections) > 1) {
?>
<form method="post" action="media.php"><div>
- <label for="media_collection"><?php echo ENTITY::hsc(_MEDIA_COLLECTION_LABEL)?></label>
+ <label for="media_collection"><?php echo Entity::hsc(_MEDIA_COLLECTION_LABEL)?></label>
<select name="collection" id="media_collection">
<?php foreach ($collections as $dirname => $description) {
- echo '<option value="',ENTITY::hsc($dirname),'"';
+ echo '<option value="',Entity::hsc($dirname),'"';
if ($dirname == $currentCollection) {
echo ' selected="selected"';
}
- echo '>',ENTITY::hsc($description),'</option>';
+ echo '>',Entity::hsc($description),'</option>';
}
?>
</select>
- <input type="submit" name="action" value="<?php echo ENTITY::hsc(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo ENTITY::hsc(_MEDIA_COLLECTION_TT)?>" />
- <input type="submit" name="action" value="<?php echo ENTITY::hsc(_MEDIA_UPLOAD_TO) ?>" title="<?php echo ENTITY::hsc(_MEDIA_UPLOADLINK) ?>" />
+ <input type="submit" name="action" value="<?php echo Entity::hsc(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo Entity::hsc(_MEDIA_COLLECTION_TT)?>" />
+ <input type="submit" name="action" value="<?php echo Entity::hsc(_MEDIA_UPLOAD_TO) ?>" title="<?php echo Entity::hsc(_MEDIA_UPLOADLINK) ?>" />
<?php $manager->addTicketHidden() ?>
</div></form>
<?php } else {
?>
<form method="post" action="media.php" style="float:right"><div>
- <input type="hidden" name="collection" value="<?php echo ENTITY::hsc($currentCollection)?>" />
- <input type="submit" name="action" value="<?php echo ENTITY::hsc(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo ENTITY::hsc(_MEDIA_UPLOADLINK) ?>" />
+ <input type="hidden" name="collection" value="<?php echo Entity::hsc($currentCollection)?>" />
+ <input type="submit" name="action" value="<?php echo Entity::hsc(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo Entity::hsc(_MEDIA_UPLOADLINK) ?>" />
<?php $manager->addTicketHidden() ?>
</div></form>
<?php } // if sizeof
$filter = requestVar('filter');
$offset = intRequestVar('offset');
- $arr = MEDIA::getMediaListByCollection($currentCollection, $filter);
+ $arr = Media::getMediaListByCollection($currentCollection, $filter);
?>
<form method="post" action="media.php"><div>
- <label for="media_filter"><?php echo ENTITY::hsc(_MEDIA_FILTER_LABEL)?></label>
- <input id="media_filter" type="text" name="filter" value="<?php echo ENTITY::hsc($filter)?>" />
- <input type="submit" name="action" value="<?php echo ENTITY::hsc(_MEDIA_FILTER_APPLY) ?>" />
- <input type="hidden" name="collection" value="<?php echo ENTITY::hsc($currentCollection)?>" />
+ <label for="media_filter"><?php echo Entity::hsc(_MEDIA_FILTER_LABEL)?></label>
+ <input id="media_filter" type="text" name="filter" value="<?php echo Entity::hsc($filter)?>" />
+ <input type="submit" name="action" value="<?php echo Entity::hsc(_MEDIA_FILTER_APPLY) ?>" />
+ <input type="hidden" name="collection" value="<?php echo Entity::hsc($currentCollection)?>" />
<input type="hidden" name="offset" value="<?php echo intval($offset)?>" />
</div></form>
?>
<table width="100%">
- <caption><?php echo _MEDIA_COLLECTION_LABEL . ENTITY::hsc($collections[$currentCollection])?></caption>
+ <caption><?php echo _MEDIA_COLLECTION_LABEL . Entity::hsc($collections[$currentCollection])?></caption>
<tr>
<th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th>
</tr>
if ($filetype != 0) {
// image (gif/jpg/png/swf)
- echo "<td><a href=\"media.php\" onclick=\"chooseImage('", ENTITY::hsc($jsCurrentCollection), "','", ENTITY::hsc($jsFileName), "',"
- . "'", ENTITY::hsc($width), "','" , ENTITY::hsc($height), "'"
- . ")\" title=\"" . ENTITY::hsc($obj->filename). "\">"
- . ENTITY::hsc(shorten($obj->filename,25,'...'))
+ echo "<td><a href=\"media.php\" onclick=\"chooseImage('", Entity::hsc($jsCurrentCollection), "','", Entity::hsc($jsFileName), "',"
+ . "'", Entity::hsc($width), "','" , Entity::hsc($height), "'"
+ . ")\" title=\"" . Entity::hsc($obj->filename). "\">"
+ . Entity::hsc(Entity::shorten($obj->filename,25,'...'))
."</a>";
- echo ' (<a href="', ENTITY::hsc($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',ENTITY::hsc(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)';
+ echo ' (<a href="', Entity::hsc($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',Entity::hsc(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)';
echo "</td>";
} else {
// no image (e.g. mpg)
- echo "<td><a href='media.php' onclick=\"chooseOther('" , ENTITY::hsc($jsCurrentCollection), "','", ENTITY::hsc($jsFileName), "'"
- . ")\" title=\"" . ENTITY::hsc($obj->filename). "\">"
- . ENTITY::hsc(shorten($obj->filename,30,'...'))
+ echo "<td><a href='media.php' onclick=\"chooseOther('" , Entity::hsc($jsCurrentCollection), "','", Entity::hsc($jsFileName), "'"
+ . ")\" title=\"" . Entity::hsc($obj->filename). "\">"
+ . Entity::hsc(Entity::shorten($obj->filename,30,'...'))
."</a></td>";
}
- echo '<td>' , ENTITY::hsc($width) , 'x' , ENTITY::hsc($height) , '</td>';
+ echo '<td>' , Entity::hsc($width) , 'x' , Entity::hsc($height) , '</td>';
echo '</tr>';
}
} // if (sizeof($arr)>0)
$currentCollection = requestVar('collection');
- $collections = MEDIA::getCollectionList();
+ $collections = Media::getCollectionList();
media_head();
?>
<br /><br /><label for="upload_collection">Collection:</label>
<br /><select name="collection" id="upload_collection">
<?php foreach ($collections as $dirname => $description) {
- echo '<option value="',ENTITY::hsc($dirname),'"';
+ echo '<option value="',Entity::hsc($dirname),'"';
if ($dirname == $currentCollection) {
echo ' selected="selected"';
}
- echo '>',ENTITY::hsc($description),'</option>';
+ echo '>',Entity::hsc($description),'</option>';
}
?>
</select>
<?php } else {
?>
- <input name="collection" type="hidden" value="<?php echo ENTITY::hsc(requestVar('collection'))?>" />
+ <input name="collection" type="hidden" value="<?php echo Entity::hsc(requestVar('collection'))?>" />
<?php } // if sizeof
?>
<br /><br />
// check file type against allowed types
$ok = 0;
- $allowedtypes = i18n::explode (',', $CONF['AllowedTypes']);
+ $allowedtypes = preg_split('#,#', $CONF['AllowedTypes']);
foreach ( $allowedtypes as $type )
{
//if (eregi("\." .$type. "$",$filename)) $ok = 1;
// prefix filename with current date (YYYY-MM-DD-)
// this to avoid nameclashes
- if ($CONF['MediaPrefix'])
- $filename = i18n::strftime("%Y%m%d-", time()) . $filename;
-
+ if ( $CONF['MediaPrefix'] )
+ {
+ $filename = i18n::formatted_datetime("%Y%m%d-", time()) . $filename;
+ }
+
$collection = requestVar('collection');
- $res = MEDIA::addMediaObject($collection, $filetempname, $filename);
+ $res = Media::addMediaObject($collection, $filetempname, $filename);
if ($res != '')
media_doError($res);
<form method="post" action="media.php">
<div>
<input name="action" value="login" type="hidden" />
- <input name="collection" value="<?php echo ENTITY::hsc(requestVar('collection'))?>" type="hidden" />
+ <input name="collection" value="<?php echo Entity::hsc(requestVar('collection'))?>" type="hidden" />
<?php echo _LOGINFORM_NAME?>: <input name="login" />
<br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" />
<br /><input type="submit" value="<?php echo _LOGIN?>" />