OSDN Git Service

(root) / nucleus-jp / nucleus-jp-ancient.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
FIX: デバッグ動作時に発生する警告に対処
[nucleus-jp/nucleus-jp-ancient.git] / nucleus / media.php
1 <?php
2 /*
3  * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
4  * Copyright (C) 2002-2011 The Nucleus Group
5  *
6  * This program is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU General Public License
8  * as published by the Free Software Foundation; either version 2
9  * of the License, or (at your option) any later version.
10  * (see nucleus/documentation/index.html#license for more info)
11  */
12 /**
13  * Media popup window for Nucleus
14  *
15  * Purpose:
16  *   - can be openen from an add-item form or bookmarklet popup
17  *   - shows a list of recent files, allowing browsing, search and
18  *     upload of new files
19  *   - close the popup by selecting a file in the list. The file gets
20  *     passed through to the add-item form (linkto, popupimg or inline img)
21  *
22  * @license http://nucleuscms.org/license.txt GNU General Public License
23  * @copyright Copyright (C) 2002-2011 The Nucleus Group
24  * @version $Id$
25  * $NucleusJP: media.php,v 1.8.2.1 2007/09/07 07:36:44 kimitake Exp $
26  *
27  */
28
29 $CONF = array();
30
31 // defines how much media items will be shown per page. You can override this
32 // in config.php if you like. (changing it in config.php instead of here will
33 // allow your settings to be kept even after a Nucleus upgrade)
34 $CONF['MediaPerPage'] = 10;
35
36 // include all classes and config data
37 $DIR_LIBS = '';
38 require_once('../config.php');
39 //include($DIR_LIBS . 'MEDIA.php');     // media classes
40 include_libs('MEDIA.php',false,false);
41
42 sendContentType('application/xhtml+xml', 'media');
43
44 // user needs to be logged in to use this
45 if (!$member->isLoggedIn()) {
46         media_loginAndPassThrough();
47         exit;
48 }
49
50 // check if member is on at least one teamlist
51 $query = 'SELECT * FROM ' . sql_table('team'). ' WHERE tmember=' . $member->getID();
52 $teams = sql_query($query);
53 if (sql_num_rows($teams) == 0 && !$member->isAdmin())
54         media_doError(_ERROR_DISALLOWEDUPLOAD);
55
56 // get action
57 $action = requestVar('action');
58 if ($action == '')
59         $action = 'selectmedia';
60
61 // check ticket
62 $aActionsNotToCheck = array('selectmedia', _MEDIA_FILTER_APPLY, _MEDIA_COLLECTION_SELECT);
63 if (!in_array($action, $aActionsNotToCheck))
64 {
65         if (!$manager->checkTicket())
66                 media_doError(_ERROR_BADTICKET);
67 }
68
69
70 switch($action) {
71         case 'chooseupload':
72         case _MEDIA_UPLOAD_TO:
73         case _MEDIA_UPLOAD_NEW:
74                 if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {
75                         media_doError(_ERROR_DISALLOWED);
76                 } else {
77                         media_choose();
78                 }
79                 break;
80         case 'uploadfile':
81                 if (!$member->isAdmin() and $CONF['AllowUpload'] != true) {
82                         media_doError(_ERROR_DISALLOWED);
83                 } else {
84                         media_upload();
85                 }
86                 break;
87         case _MEDIA_FILTER_APPLY:
88         case 'selectmedia':
89         case _MEDIA_COLLECTION_SELECT:
90         default:
91                 media_select();
92                 break;
93 }
94
95 // select a file
96 function media_select() {
97         global $member, $CONF, $DIR_MEDIA, $manager;
98
99         // show 10 files + navigation buttons
100         // show msg when no files
101         // show upload form
102         // files sorted according to last modification date
103
104         // currently selected collection
105         $currentCollection = requestVar('collection');
106         if (!$currentCollection || !@is_dir($DIR_MEDIA . $currentCollection))
107                 $currentCollection = $member->getID();
108
109         // avoid directory travarsal and accessing invalid directory
110         if (!MEDIA::isValidCollection($currentCollection)) media_doError(_ERROR_DISALLOWED);
111
112         media_head();
113
114         // get collection list
115         $collections = MEDIA::getCollectionList();
116
117         if (sizeof($collections) > 1) {
118         ?>
119                 <form method="post" action="media.php"><div>
120                         <label for="media_collection"><?php echo htmlspecialchars(_MEDIA_COLLECTION_LABEL)?></label>
121                         <select name="collection" id="media_collection">
122                                 <?php                                   foreach ($collections as $dirname => $description) {
123                                                 echo '<option value="',htmlspecialchars($dirname),'"';
124                                                 if ($dirname == $currentCollection) {
125                                                         echo ' selected="selected"';
126                                                 }
127                                                 echo '>',htmlspecialchars($description),'</option>';
128                                         }
129                                 ?>
130                         </select>
131                         <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_COLLECTION_SELECT) ?>" title="<?php echo htmlspecialchars(_MEDIA_COLLECTION_TT)?>" />
132                         <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_TO) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />
133                         <?php $manager->addTicketHidden() ?>
134                 </div></form>
135         <?php   } else {
136         ?>
137                 <form method="post" action="media.php" style="float:right"><div>
138                         <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />
139                         <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_UPLOAD_NEW) ?>" title="<?php echo htmlspecialchars(_MEDIA_UPLOADLINK) ?>" />
140                         <?php $manager->addTicketHidden() ?>
141                 </div></form>
142         <?php   } // if sizeof
143
144         $filter = requestVar('filter');
145         $offset = intRequestVar('offset');
146         $arr = MEDIA::getMediaListByCollection($currentCollection, $filter);
147
148         ?>
149                 <form method="post" action="media.php"><div>
150                         <label for="media_filter"><?php echo htmlspecialchars(_MEDIA_FILTER_LABEL)?></label>
151                         <input id="media_filter" type="text" name="filter" value="<?php echo htmlspecialchars($filter)?>" />
152                         <input type="submit" name="action" value="<?php echo htmlspecialchars(_MEDIA_FILTER_APPLY) ?>" />
153                         <input type="hidden" name="collection" value="<?php echo htmlspecialchars($currentCollection)?>" />
154                         <input type="hidden" name="offset" value="<?php echo intval($offset)?>" />
155                 </div></form>
156
157         <?php
158
159         ?>
160                 <table width="100%">
161                 <caption><?php echo _MEDIA_COLLECTION_LABEL . htmlspecialchars($collections[$currentCollection])?></caption>
162                 <tr>
163                  <th><?php echo _MEDIA_MODIFIED?></th><th><?php echo _MEDIA_FILENAME?></th><th><?php echo _MEDIA_DIMENSIONS?></th>
164                 </tr>
165
166         <?php
167         
168         $idxStart = 0;
169         $idxEnd = 0;
170         
171         if (sizeof($arr)>0) {
172
173                 if (($offset + $CONF['MediaPerPage']) >= sizeof($arr))
174                         $offset = sizeof($arr) - $CONF['MediaPerPage'];
175
176                 if ($offset < 0) $offset = 0;
177
178                 $idxStart = $offset;
179                 $idxEnd = $offset + $CONF['MediaPerPage'];
180                 $idxNext = $idxEnd;
181                 $idxPrev = $idxStart - $CONF['MediaPerPage'];
182
183                 if ($idxPrev < 0) $idxPrev = 0;
184
185                 if ($idxEnd > sizeof($arr))
186                         $idxEnd = sizeof($arr);
187
188                 for($i=$idxStart;$i<$idxEnd;$i++) {
189                         $obj = $arr[$i];
190                         $filename = $DIR_MEDIA . $currentCollection . '/' . $obj->filename;
191
192                         $old_level = error_reporting(0);
193                         $size = @GetImageSize($filename);
194                         error_reporting($old_level);
195                         $width = $size[0];
196                         $height = $size[1];
197                         $filetype = $size[2];
198
199                         echo "<tr>";
200                         echo "<td>". date("Y-m-d",$obj->timestamp) ."</td>";
201
202                         // strings for javascript
203                         $jsCurrentCollection = str_replace("'","\\'",$currentCollection);
204                         $jsFileName = str_replace("'","\\'",$obj->filename);
205
206                         if ($filetype != 0) {
207                                 // image (gif/jpg/png/swf)
208                                 echo "<td><a href=\"media.php\" onclick=\"chooseImage('", htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "',"
209                                                            . "'", htmlspecialchars($width), "','" , htmlspecialchars($height), "'"
210                                                            . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"
211                                                            . htmlspecialchars(shorten($obj->filename,25,'...'))
212                                                            ."</a>";
213                                 echo ' (<a href="', htmlspecialchars($CONF['MediaURL'] . $currentCollection . '/' . $obj->filename), '" onclick="window.open(this.href); return false;" title="',htmlspecialchars(_MEDIA_VIEW_TT),'">',_MEDIA_VIEW,'</a>)';
214                                 echo "</td>";
215                         } else {
216                                 // no image (e.g. mpg)
217                                 echo "<td><a href='media.php' onclick=\"chooseOther('" , htmlspecialchars($jsCurrentCollection), "','", htmlspecialchars($jsFileName), "'"
218                                                            . ")\" title=\"" . htmlspecialchars($obj->filename). "\">"
219                                                            . htmlspecialchars(shorten($obj->filename,30,'...'))
220                                                            ."</a></td>";
221
222                         }
223                         echo '<td>' , htmlspecialchars($width) , 'x' , htmlspecialchars($height) , '</td>';
224                         echo '</tr>';
225                 }
226         } // if (sizeof($arr)>0)
227         ?>
228
229                 </table>
230         <?php
231         if ($idxStart > 0)
232                 echo "<a href='media.php?offset=$idxPrev&amp;collection=".urlencode($currentCollection)."'>". _LISTS_PREV."</a> ";
233         if ($idxEnd < sizeof($arr))
234                 echo "<a href='media.php?offset=$idxNext&amp;collection=".urlencode($currentCollection)."'>". _LISTS_NEXT."</a> ";
235
236         ?>
237                 <input id="typeradio0" type="radio" name="typeradio" onclick="setType(0);" checked="checked" /><label for="typeradio0"><?php echo _MEDIA_INLINE?></label>
238                 <input id="typeradio1" type="radio" name="typeradio" onclick="setType(1);" /><label for="typeradio1"><?php echo _MEDIA_POPUP?></label>
239         <?php
240         media_foot();
241
242
243 }
244
245 /**
246   * Shows a screen where you can select the file to upload
247   */
248 function media_choose() {
249         global $CONF, $member, $manager;
250
251         $currentCollection = requestVar('collection');
252
253         $collections = MEDIA::getCollectionList();
254
255         media_head();
256         ?>
257         <h1><?php echo _UPLOAD_TITLE?></h1>
258
259         <p><?php echo _UPLOAD_MSG?></p>
260
261         <form method="post" enctype="multipart/form-data" action="media.php">
262         <div>
263           <input type="hidden" name="action" value="uploadfile" />
264           <?php $manager->addTicketHidden() ?>
265           <input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $CONF['MaxUploadSize']?>" />
266           File:
267           <br />
268           <input name="uploadfile" type="file" size="40" />
269         <?php           if (sizeof($collections) > 1) {
270         ?>
271                 <br /><br /><label for="upload_collection">Collection:</label>
272                 <br /><select name="collection" id="upload_collection">
273                         <?php                           foreach ($collections as $dirname => $description) {
274                                         echo '<option value="',htmlspecialchars($dirname),'"';
275                                         if ($dirname == $currentCollection) {
276                                                 echo ' selected="selected"';
277                                         }
278                                         echo '>',htmlspecialchars($description),'</option>';
279                                 }
280                         ?>
281                 </select>
282         <?php           } else {
283         ?>
284                 <input name="collection" type="hidden" value="<?php echo htmlspecialchars(requestVar('collection'))?>" />
285         <?php           } // if sizeof
286         ?>
287         <br /><br />
288         <?php
289         $param = array();
290         $manager->notify('MediaUploadFormExtras', $param);
291         ?>
292         <br /><br />
293         <input type="submit" value="<?php echo _UPLOAD_BUTTON?>" />
294         </div>
295         </form>
296
297         <?php
298         media_foot();
299 }
300
301
302 /**
303   * accepts a file for upload
304   */
305 function media_upload() {
306         global $DIR_MEDIA, $member, $CONF;
307         
308         $uploadInfo = postFileInfo('uploadfile');
309         
310         $filename = $uploadInfo['name'];
311         $filetype = $uploadInfo['type'];
312         $filesize = $uploadInfo['size'];
313         $filetempname = $uploadInfo['tmp_name'];
314         $fileerror = intval($uploadInfo['error']);
315         
316         // clean filename of characters that may cause trouble in a filename using cleanFileName() function from globalfunctions.php
317         $filename = cleanFileName($filename);
318         if ($filename === false) 
319                 media_doError(_ERROR_BADFILETYPE);
320         
321         switch ($fileerror)
322         {
323                 case 0: // = UPLOAD_ERR_OK
324                         break;
325                 case 1: // = UPLOAD_ERR_INI_SIZE
326                 case 2: // = UPLOAD_ERR_FORM_SIZE
327                         media_doError(_ERROR_FILE_TOO_BIG);
328                 case 3: // = UPLOAD_ERR_PARTIAL
329                 case 4: // = UPLOAD_ERR_NO_FILE
330                 case 6: // = UPLOAD_ERR_NO_TMP_DIR
331                 case 7: // = UPLOAD_ERR_CANT_WRITE
332                 default:
333                         // include error code for debugging
334                         // (see http://www.php.net/manual/en/features.file-upload.errors.php)
335                         media_doError(_ERROR_BADREQUEST . ' (' . $fileerror . ')');
336         }
337         
338         if ($filesize > $CONF['MaxUploadSize'])
339                 media_doError(_ERROR_FILE_TOO_BIG);
340         
341         // check file type against allowed types
342         $ok = 0;
343         $allowedtypes = explode (',', $CONF['AllowedTypes']);
344         foreach ( $allowedtypes as $type )
345         {
346                 //if (eregi("\." .$type. "$",$filename)) $ok = 1;
347                 if (preg_match("#\." .$type. "$#i",$filename)) $ok = 1;
348         }
349         if (!$ok) media_doError(_ERROR_BADFILETYPE);
350         
351         if (!is_uploaded_file($filetempname))
352                 media_doError(_ERROR_BADREQUEST);
353         
354         // prefix filename with current date (YYYY-MM-DD-)
355         // this to avoid nameclashes
356         if ($CONF['MediaPrefix'])
357                 $filename = strftime("%Y%m%d-", time()) . $filename;
358
359         $collection = requestVar('collection');
360         $res = MEDIA::addMediaObject($collection, $filetempname, $filename);
361
362         if ($res != '')
363                 media_doError($res);
364
365         // shows updated list afterwards
366         media_select();
367 }
368
369 function media_loginAndPassThrough() {
370         media_head();
371         ?>
372                 <h1><?php echo _LOGIN_PLEASE?></h1>
373
374                 <form method="post" action="media.php">
375                 <div>
376                         <input name="action" value="login" type="hidden" />
377                         <input name="collection" value="<?php echo htmlspecialchars(requestVar('collection'))?>" type="hidden" />
378                         <?php echo _LOGINFORM_NAME?>: <input name="login" />
379                         <br /><?php echo _LOGINFORM_PWD?>: <input name="password" type="password" />
380                         <br /><input type="submit" value="<?php echo _LOGIN?>" />
381                 </div>
382                 </form>
383                 <p><a href="media.php" onclick="window.close();"><?php echo _POPUP_CLOSE?></a></p>
384         <?php   media_foot();
385         exit;
386 }
387
388 function media_doError($msg) {
389         media_head();
390         ?>
391         <h1><?php echo _ERROR?></h1>
392         <p><?php echo $msg?></p>
393         <p><a href="media.php" onclick="history.back(); return false;"><?php echo _BACK?></a></p>
394         <?php   media_foot();
395         exit;
396 }
397
398
399 function media_head() {
400 ?>
401         <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
402         <html <?php echo _HTML_XML_NAME_SPACE_AND_LANG_CODE; ?>>
403         <head>
404                 <meta http-equiv="Content-Type" content="text/html; charset=<?php echo _CHARSET ?>" />
405                 <title>Nucleus Media</title>
406                 <link rel="stylesheet" type="text/css" href="styles/popups.css" />
407                 <script type="text/javascript">
408                         var type = 0;
409                         function setType(val) { type = val; }
410
411                         function chooseImage(collection, filename, width, height) {
412                                 window.opener.focus();
413                                 window.opener.includeImage(collection,
414                                                                                    filename,
415                                                                                    type == 0 ? 'inline' : 'popup',
416                                                                                    width,
417                                                                                    height
418                                                                                    );
419                                 window.close();
420                         }
421
422                         function chooseOther(collection, filename) {
423                                 window.opener.focus();
424                                 window.opener.includeOtherMedia(collection, filename);
425                                 window.close();
426
427                         }
428                 </script>
429         </head>
430         <body>
431 <?php }
432
433 function media_foot() {
434 ?>
435         </body>
436         </html>
437 <?php }
438
439 ?>
Nucleus CMS日本語版SVNをgit-svnしたもの。リポジトリの変換作業用
About OSDN
Find Software
Develop Software
Help