PageRenderTime 57ms CodeModel.GetById 20ms RepoModel.GetById 0ms app.codeStats 1ms

/filebrowser.php

https://github.com/adamfranco/segue-1.x
PHP | 1104 lines | 830 code | 143 blank | 131 comment | 172 complexity | b1e6778243e57486c4781d8ea0d7025b MD5 | raw file
    

  1. <? /* $Id$ */
    2. 

  2. 

  3. $content = ''; 
    4. 

  4. 

  5. $metadata = array (	"is_published"	=> "Is this from a published source?",
    6. 

  6. 					"title_whole" 	=> "Book/Joural Title",
    7. 

  7. 					"title_part" 	=> "Article/Chapter Title",
    8. 

  8. 					"author"		=> "Author",
    9. 

  9. 					"pagerange"		=> "Pages",
    10. 

  10. 					"publisher"		=> "Publisher",
    11. 

  11. 					"pubyear"		=> "Pub. Year",
    12. 

  12. 					"isbn"			=> "ISBN/ISSN"
    13. 

  13. 				);
    14. 

  14.  
    15. 

  15. ob_start(); 
    16. 

  16. session_start(); 
    17. 

  17.  
    18. 

  18. // include all necessary files 
    19. 

  19. include("includes.inc.php"); 
    20. 

  20. include("sniffer.inc.php");
    21. 

  21. include("objects/objects.inc.php");
    22. 

  22.  
    23. 

  23. //$siteObj = new site ($site);
    24. 

  24. //if ($_SESSION['ltype'] != 'admin') exit; 
    25. 

  25.  
    26. 

  26. db_connect($dbhost, $dbuser, $dbpass, $dbdb); 
    27. 

  27. 

  28. if ($_REQUEST['delete']) { 
    29. 

  29. 	deleteuserfile($_REQUEST['filetodelete']); 
    30. 

  30. 	printerr2(); 
    31. 

  31. } 
    32. 

  32. 

  33. $sitelist = array();
    34. 

  34. $owner = $_REQUEST[owner];
    35. 

  35. $editor = $_REQUEST[editor];
    36. 

  36. $site = $_SESSION[settings][site];
    37. 

  37. $order = $_REQUEST[order];
    38. 

  38. $lowerlimit = $_REQUEST[lowerlimit];
    39. 

  39. $user = $_REQUEST[user];
    40. 

  40. $name = $_REQUEST[name];
    41. 

  41. $upload = $_REQUEST[upload];
    42. 

  42. 

  43. /* if (isset($_SESSION[settings][sitename])) { */
    44. 

  44. /* 	$site = $_SESSION[settings][sitename]; */
    45. 

  45. /* } else if (isset($_SESSION[settings][site])) { */
    46. 

  46. /* 	$site = $_SESSION[settings][site]; */
    47. 

  47. /* } */
    48. 

  48. 

  49. //printpre($_SESSION[settings]);
    50. 

  50. //printpre($_REQUEST);
    51. 

  51. 

  52. if ($_REQUEST[site]) {
    53. 

  53. 	$site = $_REQUEST[site];
    54. 

  54. } else if ($_SESSION[settings][sitename]) {
    55. 

  55. 	$site = $_SESSION[settings][sitename];
    56. 

  56. } else {
    57. 

  57. 	$site = $_SESSION[settings][site];
    58. 

  58. }
    59. 

  59. 

  60. //print $owner;
    61. 

  61. //printpre($settings[site]);
    62. 

  62. 

  63. $w = array(); 
    64. 

  64. if ($_SESSION['ltype'] == 'admin') { 
    65. 

  65. 	if ($_REQUEST[site]) 
    66. 

  66. 		$w[]="slot_name='".addslashes($site)."'"; 
    67. 

  67. 	else if ($all) $w[]="slot_name like '%'"; 
    68. 

  68. 	else $w[]="slot_name='".addslashes($settings[site])."'"; 
    69. 

  69. } else $w[]="slot_name='".(($site)?"".addslashes($site)."":"".addslashes($settings[site])."")."'"; 
    70. 

  70. if (count($w)) $where = " WHERE ".implode(" and ",$w); 
    71. 

  71. 

  72. $query = "
    73. 

  73. 	SELECT 
    74. 

  74. 		media_id,
    75. 

  75. 		media_tag,
    76. 

  76. 		media_type,
    77. 

  77. 		media_size,
    78. 

  78. 		slot_name,
    79. 

  79. 		slot_uploadlimit
    80. 

  80. 	FROM 
    81. 

  81. 		media
    82. 

  82. 			INNER JOIN
    83. 

  83. 		slot
    84. 

  84. 			ON media.FK_site = slot.FK_site		
    85. 

  85. 	$where AND media_location = 'local'
    86. 

  86. "; 
    87. 

  87. $r = db_query($query); 
    88. 

  88. //printpre($query);
    89. 

  89. $totalsize = 0;
    90. 

  90. while ($a = db_fetch_assoc($r)) {
    91. 

  91. 	$totalsize = $totalsize + $a[media_size];
    92. 

  92. }
    93. 

  93. 

  94. /******************************************************************************
    95. 

  95.  * if source = discuss then show only files uploaded by currently authed user
    96. 

  96.  ******************************************************************************/
    97. 

  97. if ($_REQUEST[source]) {		
    98. 

  98. 	$user_id = $_SESSION[aid];
    99. 

  99. 	$username = $_SESSION[auser];
    100. 

  100. 	if ($username == $owner) {
    101. 

  101. 		$userfilter = "";
    102. 

  102. 	} else if (!$user_id) {		
    103. 

  103. 		$userfilter = "AND user_id = 'anonymous'";
    104. 

  104. 	} else {
    105. 

  105. 		$userfilter = "AND user_id = '".addslashes($user_id)."'";
    106. 

  106. 	}
    107. 

  107. 	//print "useruname=".$username;
    108. 

  108. } else {
    109. 

  109. 	$userfilter = "";
    110. 

  110. }
    111. 

  111. 

  112. if ($_REQUEST[comingFrom]) {		
    113. 

  113. 	//print $_REQUEST[comingFrom];
    114. 

  114. }
    115. 

  115. 

  116. /******************************************************************************
    117. 

  117.  * Uploads files: check if media limit is reached..
    118. 

  118.  ******************************************************************************/
    119. 

  119.  
    120. 

  120. if ($_REQUEST['upload']) { 
    121. 

  121. 	
    122. 

  122. 	$query = "
    123. 

  123. 		SELECT 
    124. 

  124. 			media_tag,
    125. 

  125. 			media_id,
    126. 

  126. 			media_size,
    127. 

  127. 			media_type,
    128. 

  128. 			slot_name,
    129. 

  129. 			user_id,
    130. 

  130. 			user_fname,
    131. 

  131. 			user_uname,
    132. 

  132. 			slot_uploadlimit
    133. 

  133. 		FROM 
    134. 

  134. 			media
    135. 

  135. 				INNER JOIN
    136. 

  136. 			slot
    137. 

  137. 				ON media.FK_site = slot.FK_site
    138. 

  138. 				INNER JOIN
    139. 

  139. 			user
    140. 

  140. 				ON media.FK_createdby = user_id
    141. 

  141. 		WHERE
    142. 

  142. 			slot_name='".addslashes((($_REQUEST[site])?$_REQUEST[site]:$settings[site]))."' 
    143. 

  143. 		AND 
    144. 

  144. 			media_location = 'local' 
    145. 

  145. 		$userfilter
    146. 

  146. 	"; 
    147. 

  147. 			
    148. 

  148. 			
    149. 

  149. //	print "$query <br />"; 
    150. 

  150. 	$r = db_query($query); 
    151. 

  151. 	$filename = ereg_replace("[\x27\x22]",'',trim($_FILES[file][name])); 
    152. 

  152. 	
    153. 

  153. // 	printpre ($_REQUEST);
    154. 

  154. // 	exit;
    155. 

  155. 	
    156. 

  156. 	if ($_FILES['file']['tmp_name'] == 'none') { 
    157. 

  157. 		$upload_results = "<li>No file selected";
    158. 

  158. 	} else {
    159. 

  159. 		
    160. 

  160. 	/*********************************************************
    161. 

  161. 	 * Check for file validity before uploading.
    162. 

  162. 	 * There are two modes that this can run in:
    163. 

  163. 	 *
    164. 

  164. 	 *		- Whitelist - Only file extensions specified are allowed. 
    165. 

  165. 	 *						All others are blocked.
    166. 

  166. 	 *
    167. 

  167. 	 *		- Blacklist - Only file extensions specified are blocked. 
    168. 

  168. 	 *						All others are allowed.
    169. 

  169. 	 *
    170. 

  170. 	 *********************************************************/
    171. 

  171. 	 
    172. 

  172. 		/*********************************************************
    173. 

  173. 		 * Blacklist mode
    174. 

  174. 		 *********************************************************/
    175. 

  175. 		if ($cfg['useBlacklistMode']) {
    176. 

  176. 			if (is_array($cfg['additionalBlacklist']))
    177. 

  177. 				$expressionsToCheck = array_merge($cfg['defaultBlacklist'], 
    178. 

  178. 												$cfg['additionalBlacklist']);
    179. 

  179. 			else
    180. 

  180. 				$expressionsToCheck = $cfg['defaultBlacklist'];
    181. 

  181. 			
    182. 

  182. 			$isBlocked = nameMatches($filename, $expressionsToCheck);
    183. 

  183. 		}
    184. 

  184. 		/*********************************************************
    185. 

  185. 		 * Whitelist (default) mode.
    186. 

  186. 		 *********************************************************/
    187. 

  187. 		else {
    188. 

  188. 			if (is_array($cfg['additionalWhitelist']))
    189. 

  189. 				$expressionsToCheck = array_merge($cfg['defaultWhitelist'], 
    190. 

  190. 												$cfg['additionalWhitelist']);
    191. 

  191. 			else
    192. 

  192. 				$expressionsToCheck = $cfg['defaultWhitelist'];
    193. 

  193. 			
    194. 

  194. 			$isBlocked = !(nameMatches($filename, $expressionsToCheck));
    195. 

  195. 		}
    196. 

  196. 		
    197. 

  197. 		if ($isBlocked) { 
    198. 

  198. 			ereg("\.([^\.]+)$", $filename, $filenameParts);
    199. 

  199. 				$extension = $filenameParts[1];
    200. 

  200. 			$upload_results = "
    201. 

  201. 			<li>For security reasons, file-upload types must be approved by the system administrator.
    202. 

  202. 			<br />".strtoupper($extension)." files have not [yet] been approved.
    203. 

  203. 			<br />Please contact the system administrator if you feel that this is in error.
    204. 

  204. 			<br /><b>File, $filename, was NOT uploaded.</b>"; 
    205. 

  205. 		} else {
    206. 

  206. 		
    207. 

  207. 		
    208. 

  208. 			// Check to see if the name is used.
    209. 

  209. 			$nameUsed = 0; 
    210. 

  210. 			while ($a = db_fetch_assoc($r)) { 
    211. 

  211. 				if ($a[media_tag] == $filename) {
    212. 

  212. 					$nameUsed = 1;
    213. 

  213. 					$usedId = $a[media_id];
    214. 

  214. 				}
    215. 

  215. 			}
    216. 

  216. 			
    217. 

  217. 			$q = "
    218. 

  218. 				SELECT 
    219. 

  219. 					slot_uploadlimit 
    220. 

  220. 				FROM 
    221. 

  221. 					slot 
    222. 

  222. 				WHERE 
    223. 

  223. 					slot_name='".(($_REQUEST[site])?"".addslashes($_REQUEST[site])."":"".addslashes($settings[site])."")."'";
    224. 

  224. 			$res = db_query($q);
    225. 

  225. 			$b = db_fetch_assoc($res);
    226. 

  226. 			if ($b[slot_uploadlimit]) {
    227. 

  227. 				$dirlimit = $b[slot_uploadlimit];
    228. 

  228. 			} else {
    229. 

  229. 				$dirlimit = $userdirlimit;
    230. 

  230. 			}
    231. 

  231. 			
    232. 

  232. 			
    233. 

  233. 			if (($_FILES[file][size] + $totalsize) > $dirlimit) {
    234. 

  234. 				$upload_results = "<li>There is not enough room in your directory for $filename."; 
    235. 

  235. 

  236. 			} else if ($_REQUEST[overwrite] && $nameUsed) {
    237. 

  237. 				
    238. 

  238. 				$newID = copyuserfile($_FILES['file'],(($_REQUEST[site])?"$_REQUEST[site]":"$settings[site]"),1,$usedId,0);
    239. 

  239. 				if ($newID && $newID != 'ERROR') {
    240. 

  240. 					$upload_results = "<li>$filename successfully uploaded to ID $newID. <li>The origional file was overwritten. <li>If the your new version does not appear, please reload your page. If the new version still doesn't appear, clear your browser cache."; 
    241. 

  241. 					
    242. 

  242. 					
    243. 

  243. 				
    244. 

  244. 				} else {
    245. 

  245. 					$upload_results = "<li>An error occurred when trying to upload ".$filename.". <li>Please see above for any additional messages.";
    246. 

  246. 				}
    247. 

  247. 			} else if ($nameUsed) { 
    248. 

  248. 				$upload_results = "<li>Filename, $filename, is already in use. <li>Please change the filename before uploading or check \"overwrite\" to OVERWRITE"; 
    249. 

  249. 			} else { 
    250. 

  250. 				$newID = copyuserfile($_FILES['file'],(($_REQUEST[site])?"$_REQUEST[site]":"$settings[site]"),0,0);
    251. 

  251. 				printpre($newID);
    252. 

  252. 				if ($newID && $newID != 'ERROR') {
    253. 

  253. 					$upload_results = "<li>$filename successfully uploaded to ID $newID"; 
    254. 

  254. 				} else {
    255. 

  255. 					$upload_results = "<li>An error occurred when trying to upload ".$filename.". <li>Please see above for any additional messages.";
    256. 

  256. 				}
    257. 

  257. 			}
    258. 

  258. 		}
    259. 

  259. 	}
    260. 

  260. }
    261. 

  261. 

  262. // If we've uploaded a file, then add any specified metadata
    263. 

  263. if (($upload && $newID) || $_REQUEST['update_id']) {
    264. 

  264. 	if ($_REQUEST['update_id']) {
    265. 

  265. 		$newID = $_REQUEST['update_id'];
    266. 

  266. 		
    267. 

  267. 		// Clear out existing metadata
    268. 

  268. 		$query = "UPDATE media SET ";
    269. 

  269. 		$query .= implode("=NULL, ", array_keys($metadata));
    270. 

  270. 		$query .= "=NULL WHERE media_id='".addslashes($newID)."'";
    271. 

  271. //		printpre($query);
    272. 

  272. 		db_query($query);
    273. 

  273. 	}
    274. 

  274. 	
    275. 

  275. 	// Add new metada
    276. 

  276. 	$arguments = array();
    277. 

  277. 	
    278. 

  278. 	if ($_REQUEST['is_published'] == '1') 
    279. 

  279. 		$arguments[] = "is_published=1";
    280. 

  280. 	else
    281. 

  281. 		$arguments[] = "is_published=0";
    282. 

  282. 		
    283. 

  283. 	if ($_REQUEST['title_whole']) 
    284. 

  284. 		$arguments[] = "title_whole='".addslashes($_REQUEST['title_whole'])."'";
    285. 

  285. 	if ($_REQUEST['title_part']) 
    286. 

  286. 		$arguments[] = "title_part='".addslashes($_REQUEST['title_part'])."'";
    287. 

  287. 	if ($_REQUEST['author']) 
    288. 

  288. 		$arguments[] = "author='".addslashes($_REQUEST['author'])."'";
    289. 

  289. 	if ($_REQUEST['pagerange']) 
    290. 

  290. 		$arguments[] = "pagerange='".addslashes($_REQUEST['pagerange'])."'";
    291. 

  291. 	if ($_REQUEST['publisher']) 
    292. 

  292. 		$arguments[] = "publisher='".addslashes($_REQUEST['publisher'])."'";
    293. 

  293. 	if (preg_match('/^[0-9]{4}$/', $_REQUEST['pubyear']))
    294. 

  294. 		$arguments[] = "pubyear='".addslashes($_REQUEST['pubyear'])."'";
    295. 

  295. 	if ($_REQUEST['isbn']) 
    296. 

  296. 		$arguments[] = "isbn='".addslashes($_REQUEST['isbn'])."'";
    297. 

  297. 	
    298. 

  298. 	// Set the values if any are in the request
    299. 

  299. 	if (count($arguments)) {
    300. 

  300. 		$query = "UPDATE media SET ";
    301. 

  301. 		$query .= implode(", ", $arguments);
    302. 

  302. 		$query .= " WHERE media_id='".addslashes($newID)."'";
    303. 

  303. //		printpre($query);
    304. 

  304. 		db_query($query);
    305. 

  305. 	}
    306. 

  306. }
    307. 

  307. 

  308. /******************************************************************************
    309. 

  309.  * clears filename search UI??
    310. 

  310.  ******************************************************************************/
    311. 

  311.  
    312. 

  312. if ($_REQUEST[clear]) {
    313. 

  313. 	if ($_SESSION['ltype'] == 'admin') {
    314. 

  314. 		$user = ""; 
    315. 

  315. 		$site = ""; 
    316. 

  316. 		$name = ""; 
    317. 

  317. 	} else {
    318. 

  318. 		$name = "";
    319. 

  319. 		$user = $user;
    320. 

  320. 		$site = $site;
    321. 

  321. 	}
    322. 

  322. } 
    323. 

  323. 

  324. /******************************************************************************
    325. 

  325.  * get media file
    326. 

  326.  ******************************************************************************/
    327. 

  327. 

  328. $w = array(); 
    329. 

  329. if ($_SESSION['ltype'] == 'admin') { 
    330. 

  330. 	if ($site) $w[]="slot_name='".addslashes($site)."'"; 
    331. 

  331. 	else if ($all) $w[]="slot_name like '%'"; 
    332. 

  332. 	else $w[]="slot_name='".addslashes($settings[site])."'"; 
    333. 

  333. } else $w[]="slot_name='".(($site)?"".addslashes($site)."":"".addslashes($settings[site])."")."'"; 
    334. 

  334. if (count($w)) $where = " where ".implode(" and ",$w); 
    335. 

  335. 

  336. $query = "
    337. 

  337. 	SELECT 
    338. 

  338. 		media_tag,
    339. 

  339. 		media_id,
    340. 

  340. 		media_size,
    341. 

  341. 		media_type,
    342. 

  342. 		slot_name,
    343. 

  343. 		user_fname,
    344. 

  344. 		user_uname
    345. 

  345. 

  346. 	FROM 
    347. 

  347. 		media
    348. 

  348. 			INNER JOIN
    349. 

  349. 		slot
    350. 

  350. 			ON media.FK_site = slot.FK_site
    351. 

  351. 			INNER JOIN
    352. 

  352. 		user
    353. 

  353. 			ON media.FK_createdby = user_id
    354. 

  354. 	$where AND media_location = 'local'
    355. 

  355. "; 
    356. 

  356. $r = db_query($query); 
    357. 

  357. 

  358. $totalsize = 0;
    359. 

  359. while ($a = db_fetch_assoc($r)) {
    360. 

  360. 	$totalsize = $totalsize + $a[media_size];
    361. 

  361. }
    362. 

  362. 

  363. if (!isset($order)) $order = "media_updated_tstamp desc"; 
    364. 

  364. 

  365. $order = addslashes($order);
    366. 

  366. $orderby = " ORDER BY $order"; 
    367. 

  367.  
    368. 

  368. $w = array(); 
    369. 

  369. 

  370. if ($_SESSION['ltype'] == 'admin') { 
    371. 

  371. 	if ($site) {
    372. 

  372. 		$w[]="slot_name='".addslashes($site)."'"; 
    373. 

  373. 	} else if ($all) {
    374. 

  374. 		$w[]="slot_name like '%'"; 
    375. 

  375. 	} else {
    376. 

  376. 		$w[]="slot_name='".addslashes($settings[site])."'"; 
    377. 

  377. 	}
    378. 

  378. 	
    379. 

  379. } else {
    380. 

  380. 	$w[]="slot_name='".(($site)?"".addslashes($site)."":"".addslashes($settings[site])."")."'"; 
    381. 

  381. }
    382. 

  382. 

  383. if ($user) $w[]="user_uname LIKE '%".addslashes($user)."%'"; 
    384. 

  384. if ($name) $w[]="media_tag LIKE '%".addslashes($name)."%'"; 
    385. 

  385.  
    386. 

  386. if (count($w)) $where = " WHERE ".implode(" AND ",$w); 
    387. 

  387.  
    388. 

  388. $query = "	
    389. 

  389. 	SELECT 
    390. 

  390. 		COUNT(media_id) AS media_count
    391. 

  391. 	FROM 
    392. 

  392. 		media
    393. 

  393. 			INNER JOIN
    394. 

  394. 		slot
    395. 

  395. 			ON media.FK_site = slot.FK_site
    396. 

  396. 			INNER JOIN
    397. 

  397. 		user
    398. 

  398. 			ON media.FK_createdby = user_id
    399. 

  399. 	$where AND media_location = 'local'
    400. 

  400. ";
    401. 

    402. 

  402. $r=db_query($query); 
    403. 

  403. $a = db_fetch_assoc($r);
    404. 

  404. $numrows = $a[media_count];
    405. 

  405. $numperpage = 20; 
    406. 

  406.  
    407. 

  407.  
    408. 

  408. if (!isset($lowerlimit)) $lowerlimit = 0; 
    409. 

  409. if ($lowerlimit < 0) $lowerlimit = 0; 
    410. 

  410. $lowerlimit = addslashes($lowerlimit);
    411. 

  411. $limit = " LIMIT $lowerlimit,$numperpage"; 
    412. 

  412.  
    413. 

  413. $query = "
    414. 

  414. 	SELECT 
    415. 

  415. 		media_tag,
    416. 

  416. 		media_id,
    417. 

  417. 		media_size,
    418. 

  418. 		date_format(media_updated_tstamp, '%m/%d/%Y %k:%i') AS media_updated_tstamp_text,
    419. 

  419. 		media_updated_tstamp,
    420. 

  420. 		media_type,
    421. 

  421. 		slot_name,
    422. 

  422. 		user_fname,
    423. 

  423. 		user_uname,
    424. 

  424. 		slot_uploadlimit,
    425. 

  425. 		is_published,
    426. 

  426. 		title_whole,
    427. 

  427. 		title_part,
    428. 

  428. 		author,
    429. 

  429. 		pagerange,
    430. 

  430. 		publisher,
    431. 

  431. 		pubyear,
    432. 

  432. 		isbn
    433. 

  433. 	FROM 
    434. 

  434. 		media
    435. 

  435. 			INNER JOIN
    436. 

  436. 		slot
    437. 

  437. 			ON media.FK_site = slot.FK_site
    438. 

  438. 			INNER JOIN
    439. 

  439. 		user
    440. 

  440. 			ON media.FK_createdby = user_id
    441. 

  441. 	$where AND media_location = 'local'
    442. 

  442. 	$userfilter
    443. 

  443. 	$orderby
    444. 

  444. 	$limit
    445. 

  445. "; 
    446. 

  446. // printpre($query);
    447. 

  447.  
    448. 

  448. $r = db_query($query); 
    449. 

  449.  
    450. 

  450. ?> 
    451. 

  451. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
    452. 

  452. <html> 
    453. 

  453. <head>
    454. 

  454. <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    455. 

  455. <title>File Browser</title> 
    456. 

  456.  
    457. 

  457. <style type='text/css'> 
    458. 

  458. a { 
    459. 

  459. 	color: #a33; 
    460. 

  460. 	text-decoration: none; 
    461. 

  461. } 
    462. 

  462.  
    463. 

  463. a:hover {text-decoration: underline;} 
    464. 

  464.  
    465. 

  465. table { 
    466. 

  466. 	border: 1px solid #555; 
    467. 

  467. } 
    468. 

  468.  
    469. 

  469. th, td { 
    470. 

  470. 	border: 0px; 
    471. 

  471. 	background-color: #FFFFFF; 
    472. 

  472. 	text-align: center; 
    473. 

  473. } 
    474. 

  474.  
    475. 

  475. .td1 {  
    476. 

  476. 	background-color: #F0F0F0;  
    477. 

  477. 	padding-left: 4px;
    478. 

  478. 	padding-right: 4px;
    479. 

  479. } 
    480. 

  480.  
    481. 

  481. .td0 {  
    482. 

  482. 	border-right: 1px solid #F0F0F0; 
    483. 

  483. 	background-color: #FFFFFF; 
    484. 

  484. 	padding-left: 4px;
    485. 

  485. 	padding-right: 4px;
    486. 

  486. } 
    487. 

  487.  
    488. 

  488. th {  
    489. 

  489. 	background-color: #ccc;  
    490. 

  490. 	font-variant: small-caps; 
    491. 

  491. } 
    492. 

  492. 

  493. .sizebox1 {
    494. 

  494. 	text-align: left;
    495. 

  495. 	padding-right: 5px;
    496. 

  496. }
    497. 

  497. 

  498. .sizebox2 {
    499. 

  499. 	text-align: right;
    500. 

  500. }
    501. 

  501. 

  502. body {  
    503. 

  503. 	background-color: white;  
    504. 

  504. } 
    505. 

  505.  
    506. 

  506. body, table, td, th, input { 
    507. 

  507. 	font-size: 10px; 
    508. 

  508. 	font-family: "Verdana", "sans-serif"; 
    509. 

  509. } 
    510. 

  510.  
    511. 

  511. /* td { font-size: 10px; } */ 
    512. 

  512.  
    513. 

  513. input,select { 
    514. 

  514. 	border: 1px solid black; 
    515. 

  515. 	background-color: white; 
    516. 

  516. 	font-size: 10px; 
    517. 

  517. } 
    518. 

  518.  
    519. 

  519. </style> 
    520. 

  520.  
    521. 

  521. <script type="text/javascript">
    522. 

  522. // <![CDATA[ 
    523. 

  523. 

  524. <? 
    525. 

  525. /******************************************************************************
    526. 

  526.  * Use button action:
    527. 

  527.  * if source is discuss then values pasted to discussion post form
    528. 

  528.  * if source is not discuss, then is one of following:
    529. 

  529.  *  site header/footer image or text content block
    530. 

  530.  ******************************************************************************/
    531. 

  531.  
    532. 

  532. //if ($source == 'discuss') { 
    533. 

  533. 

  534. ?> 
    535. 

  535. 	function useFileDiscuss(fileID,fileName) { 
    536. 

  536. 		o = opener.document.postform; 
    537. 

  537. 		o.libraryfileid.value=fileID; 
    538. 

  538. 		o.libraryfilename.value=fileName;  
    539. 

  539. 		window.close(); 
    540. 

  540. 	} 
    541. 

  541. 	 
    542. 

  542. <? 
    543. 

  543. //} 
    544. 

  544. 

  545. ?> 
    546. 

  546.  
    547. 

  547. <? 
    548. 

  548. /******************************************************************************
    549. 

  549.  * if image content block then editor = none and useFile is used
    550. 

  550.  * if text content block then editor = html and getUrl is used
    551. 

  551.  ******************************************************************************/
    552. 

  552. ?> 
    553. 

  553. function useFile(fileID,fileName) { 
    554. 

  554. 	o = opener.document.addform; 
    555. 

  555. 	o.libraryfileid.value=fileID; 
    556. 

  556. 	o.libraryfilename.value=fileName; 
    557. 

  557. 	o.submit(); 
    558. 

  558. 	window.close(); 
    559. 

  559. } 
    560. 

  560.  
    561. 

  561. function getUrl(url,img_url) { 
    562. 

  562. 	o = opener.document.addform; 
    563. 

  563. 	o.media_url.value=url; 
    564. 

  564. 	window.close(); 
    565. 

  565. }
    566. 

  566. 

  567. function FCKSetUrl(url) {
    568. 

  568. 	window.opener.SetUrl(url);
    569. 

  569. 	window.close();
    570. 

  570. }
    571. 

  571. 

  572. <?
    573. 

  573. // this function may not be needed....
    574. 

  574. ?> 
    575. 

  575. function useFile2(siteName,fileName,fileID) { 
    576. 

  576. 	opener = window.dialogArguments;
    577. 

  577. 	var _editor_url = opener._editor_url;
    578. 

  578. 	var objname     = location.search.substring(1,location.search.length);
    579. 

  579. 	var config      = opener.document.all[objname].config;
    580. 

  580. 	var editor_obj  = opener.document.all["_" +objname+  "_editor"];
    581. 

  581. 	var editdoc     = editor_obj.contentWindow.document;
    582. 

  582. 	var image 	= '<img src="<?echo $uploadurl ?>/' +siteName+ '/' +fileName+ '" imageID=\"' +fileID+ '\" />\n';
    583. 

  583. 	opener.editor_insertHTML(objname, image);
    584. 

  584. 	window.close();
    585. 

  585. } 
    586. 

  586. 

  587. <?
    588. 

  588. 

  589. ?> 
    590. 

  590.  
    591. 

  591. function deleteFile(fileID,fileName) { 
    592. 

  592. 	if (confirm("Are you sure that you want to delete "+fileName+"? If this file is in use anywhere in your site, it will no longer appear.")) { 
    593. 

  593. 		f = document.deleteform; 
    594. 

  594. 		f.filetodelete.value=fileID; 
    595. 

  595. 		f.submit(); 
    596. 

  596. 	} 
    597. 

  597. } 
    598. 

  598.  
    599. 

  599. function changeOrder(order) { 
    600. 

  600. 	f = document.searchform; 
    601. 

  601. 	f.order.value=order; 
    602. 

  602. 	f.submit(); 
    603. 

  603. }
    604. 

  604. 

  605. function changePage(lolim) {
    606. 

  606. 	f = document.searchform;
    607. 

  607. 	f.lowerlimit.value=lolim;
    608. 

  608. 	f.submit();
    609. 

  609. }
    610. 

  610.  
    611. 

  611. // ]]>
    612. 

  612. </script> 
    613. 

  613. </head>
    614. 

  614. <body>
    615. 

  615.  
    616. 

  616. <!--  
    617. 

  617. <table width='100%'> 
    618. 

  618. <tr><td style='text-align: left'> 
    619. 

  619. 	<? //print $content; ?> 
    620. 

  620. 	<? //print $numrows . " | " . $query;  
    621. 

  621. 	?> 
    622. 

  622. </td></tr> 
    623. 

  623. </table> --> 
    624. 

  624. 

  625. <table cellspacing='1' width='100%'> 
    626. 

  626.  
    627. 

  627. 	<tr> 
    628. 

  628. 		<td colspan='<? print (($_SESSION['ltype']=='admin')?"10":"9"); ?>'> 
    629. 

  629. 			<table width='100%' > 
    630. 

  630. 				<tr>
    631. 

  631. 				<td style='text-align: left; border: 0px solid #FFF; margin-bottom: 10px;' valign='top'>
    632. 

  632. 					<div class='desc'>
    633. 

  633. 						Select the file or image you would like to upload by clicking the 'Browse...' button below.
    634. 

  634. 						<br/><em>(Titles, author, etc are optional, but are encouraged for files originating from published sources.)</em>
    635. 

  635. 					</div> 
    636. 

  636. 				</td>
    637. 

  637. 				<td rowspan='3' valign='top' style='text-align: right; border: 0px solid #FFF'>
    638. 

  638. 					<?
    639. 

  639. 					$dirtotal = convertfilesize($totalsize);
    640. 

  640. 					if ($all) {
    641. 

  641. 						
    642. 

  642. 						$res = db_query("SELECT COUNT(site_id) AS num_sites FROM site");
    643. 

  643. 						$b = db_fetch_assoc($res);
    644. 

  644. 						$dirlimit_B = $b['num_sites']*$userdirlimit;
    645. 

  645. 					} else {
    646. 

  646. //						printpre($dirlimit);
    647. 

  647. 						if ($site) {
    648. 

  648. 							$q = "SELECT slot_uploadlimit FROM slot WHERE slot_name='".addslashes($site)."'";
    649. 

  649. 							$res = db_query($q);
    650. 

  650. 							$b = db_fetch_assoc($res);
    651. 

  651. 							if ($b[slot_uploadlimit])
    652. 

  652. 								$dirlimit_B = $b[slot_uploadlimit];
    653. 

  653. 							else
    654. 

  654. 								$dirlimit_B = $userdirlimit;
    655. 

  655. 						}else
    656. 

  656. 							$dirlimit_B = $userdirlimit;
    657. 

  657. 					}
    658. 

  658. 					$dirlimit = convertfilesize($dirlimit_B);
    659. 

  659. 					
    660. 

  660. 					$percentused = round($totalsize/$dirlimit_B,"4")*100;
    661. 

  661. 					$percentfree = 100-$percentused;
    662. 

  662. 					$space = $dirlimit_B - $totalsize;
    663. 

  663. 					$space = convertfilesize($space);
    664. 

  664. 					//print "<div style='text-align: right;'>";
    665. 

  665. 					print helplink("filelibrary");
    666. 

  666. 					print "<br \><br \>";
    667. 

  667. 					print "<table cellspacing='0' cellpadding='1' align='right'>";
    668. 

  668. 					print "<tr><td class='sizebox1'>Total media allowed: </td><td class='sizebox2'> $dirlimit</td></tr>";
    669. 

  669. 					print "<tr><td class='sizebox1'>Total size of your media: </td><td class='sizebox2'> $dirtotal</td></tr>";
    670. 

  670. 					print "<tr><td class='sizebox1'>Space available: </td><td class='sizebox2' style='border-top: 1px solid #000'> $space</td></tr>";
    671. 

  671. 					print "<tr><td colspan='2'><table width='100%'><tr>";
    672. 

  672. 					if ($percentused == 0)
    673. 

  673. 						print "<td style='background-color: #00C; height: 5px;' width='100%'> </td>";
    674. 

  674. 					else if ($percentused == 100)
    675. 

  675. 						print "<td style='background-color: #F00; height: 5px;' width='100%'> </td>";
    676. 

  676. 					else
    677. 

  677. 						print "<td style='background-color: #F00; height: 5px;' width='$percentused%'> </td><td style='background-color: #00C;' width='$percentfree%'> </td>";
    678. 

  678. 					print "</tr></table></td></tr>";
    679. 

  679. 					print "</table><br />";
    680. 

  680. 					?>
    681. 

  681. 				</td>
    682. 

  682. 				</tr>
    683. 

  683. 				
    684. 

  684. 				<tr> 
    685. 

  685. 				<td style='text-align: left; padding-top: 5px; border: 0px solid #FFF' valign='top'> 
    686. 

  686. 					<form action="filebrowser.php" name='addform' method="post" enctype="multipart/form-data"> 
    687. 

  687. 					<input type='hidden' name='comingfrom' value='<? echo $comingfrom ?>' />
    688. 

  688. 					<input type='hidden' name='site' value='<? echo $site ?>' /> 
    689. 

  689. 					<input type='hidden' name='upload' value='1' /> 
    690. 

  690. 					<input type='hidden' name='order' value='<? echo $order ?>' /> 
    691. 

  691. 					<input type='hidden' name='editor' value='<? echo $editor ?>' /> 
    692. 

  692. 					<input type='hidden' name='source' value='<? echo $source ?>' /> 
    693. 

  693. 					<input type='hidden' name='owner' value='<? echo $owner ?>' /> 
    694. 

  694. 					<input type='file' name='file' class='textfield' style='color: #000' />
    695. 

  695. 					<input type='submit' value='Upload' />
    696. 

  696. 					<input type='checkbox' name='overwrite' value='1' style='border: 0px;' /> Overwrite existing version?
    697. 

  697. 					<div style='margin-top: 10px'>
    698. 

  698. 						Is this file from a published source?
    699. 

  699. 						<input type='radio' name='is_published' value='1' style='border: 0px;' />yes 
    700. 

  700. 						<input type='radio' name='is_published' value='0' checked='checked' style='border: 0px;' />no 
    701. 

  701. 					</div>
    702. 

  702. 					<table cellpadding='0', cellspacing='3' style='border: 0px;'>
    703. 

  703. 					<tr>
    704. 

  704. 					<td style='text-align: right;'>Book/Journal Title</td>
    705. 

  705. 					<td style='text-align: left;'><input type='text' class='textfield small' name='title_whole' value='' /></td>
    706. 

  706. 					<td style='text-align: right;'>Article/Chapter Title</td>
    707. 

  707. 					<td style='text-align: left;'><input type='text' name='title_part' value='' /></td>
    708. 

  708. 					</tr>
    709. 

  709. 					<tr>
    710. 

  710. 					<td style='text-align: right;'>Author</td>
    711. 

  711. 					<td style='text-align: left;'><input type='text' name='author' value='' /></td>
    712. 

  712. 					<td style='text-align: right;'>Publisher</td>
    713. 

  713. 					<td style='text-align: left;'><input type='text' name='publisher' value='' /></td>
    714. 

  714. 					</tr>
    715. 

  715. 					<tr>
    716. 

  716. 					<td style='text-align: right;'>Pages</td>
    717. 

  717. 					<td style='text-align: left;'><input type='text' name='pagerange' value='' /></td>
    718. 

  718. 					<td style='text-align: right;'>Pub.Year</td>
    719. 

  719. 					<td style='text-align: left;'>
    720. 

  720. 						<input type='text' name='pubyear' value='' 
    721. 

  721. 							onchange='if (!this.value.match(/^([0-9]{4})?$/)) {alert("Year must be four digits.\n\""+this.value+"\" is not a valid year."); this.value=""; this.focus();}' />
    722. 

  722. 					</td>
    723. 

  723. 					</tr>
    724. 

  724. 					<tr>
    725. 

  725. 					<td style='text-align: right;'>ISBN/ISSN</td><td><input type='text' name='isbn' value='' /></td>
    726. 

  726. 					<td style='text-align: center; font-style: italic' colspan='2'>
    727. 

  727. 						
    728. 

  728. 					</td>
    729. 

  729. 					</tr>
    730. 

  730. 					</table>	
    731. 

  731. 					
    732. 

  732. 					</form> 
    733. 

  733. 				</td> 
    734. 

  734. 				</tr> 
    735. 

  735. 				<tr>
    736. 

  736. 				<td style='text-align: left;  border: 0px solid #FFF; margin-top: 10px;' valign='top'> 
    737. 

  737. 					<? 					
    738. 

  738. 					if ($upload) { 
    739. 

  739. 						print "Upload Results: <div style='margin-left: 25px'>"; 
    740. 

  740. 						print $upload_results; 
    741. 

  741. 						print "</div>"; 
    742. 

  742. 					} else {
    743. 

  743. 						print " &nbsp; ";
    744. 

  744. 					}
    745. 

  745. 					?> 
    746. 

  746. 				</td> 
    747. 

  747. 

  748. 				</tr>
    749. 

  749. 			</table> 
    750. 

  750. 		</td> 
    751. 

  751. 	</tr> 
    752. 

  752.  
    753. 

  753. <? 
    754. 

  754. if (1) { 
    755. 

  755. ?> 
    756. 

  756. <tr> 
    757. 

  757. 	<td colspan='<? print (($_SESSION['ltype']=='admin')?"10":"9"); ?>'> 
    758. 

  758. 		<table width='100%'> 
    759. 

  759. 		<tr><td style='text-align: left'> 
    760. 

  760. 		<form action='<?echo "$PHP_SELF?$sid"?>' method='post' name='searchform'> 
    761. 

  761. 		<? 
    762. 

  762. 		if ($_SESSION['ltype'] == 'admin') { 
    763. 

  763. 		?> 
    764. 

  764. 			filename: <input type='text' name='name' size='15' value='<?echo $name?>' /> 
    765. 

  765. 			site: <input type='text' name='site' size='10' value='<?echo $site?>' /> 
    766. 

  766. 			user: <input type='text' name='user' size='10' value='<?echo $user?>' /> 
    767. 

  767. 		<? } else { ?> 
    768. 

  768. 			filename: <input type='text' name='name' size='10' value='<?echo $name?>' /> 
    769. 

  769. 			<input type='hidden' name='site' value='<?echo $site?>' />
    770. 

  770. 		<? } ?> 
    771. 

  771. 		<input type='submit' value='search' /> 
    772. 

  772. 		<input type='submit' name='clear' value='clear' /> 
    773. 

  773. 		<? if ($_SESSION['ltype'] == 'admin') print "Search all sites: <input type='checkbox' name='all' value='all sites'".(($all)?" checked='checked'":"")." style='border: 0px;' />"; ?> 
    774. 

  774. 		<input type='hidden' name='order' value='<? echo $order ?>' /> 
    775. 

  775. 		<input type='hidden' name='editor' value='<? echo $editor ?>' /> 
    776. 

  776. 		<input type='hidden' name='source' value='<? echo $source ?>' /> 
    777. 

  777. 		<input type='hidden' name='comingfrom' value='<? echo $comingfrom ?>' /> 
    778. 

  778. 		<input type='hidden' name='lowerlimit' value='0' />
    779. 

  779. 		</form> 
    780. 

  780. 		</td> 
    781. 

  781. 		<td align='right'> 
    782. 

  782. 		 
    783. 

  783. 		<? 
    784. 

  784. 		$tpages = ceil($numrows/$numperpage); 
    785. 

  785. 		$curr = ceil(($lowerlimit+$numperpage)/$numperpage); 
    786. 

  786. 		$prev = $lowerlimit-$numperpage; 
    787. 

  787. 		if ($prev < 0) $prev = 0; 
    788. 

  788. 		$next = $lowerlimit+$numperpage; 
    789. 

  789. 		if ($next >= $numrows) $next = $numrows-$numperpage; 
    790. 

  790. 		if ($next < 0) $next = 0; 
    791. 

  791. 		print "$curr of $tpages "; 
    792. 

  792. //		print "$prev $lowerlimit $next "; 
    793. 

  793. 		if ($prev != $lowerlimit) 
    794. 

  794. 			print "<input type='button' value='&lt;&lt;' onclick=\"changePage('$prev')\" />\n"; 
    795. 

  795. 		if ($next != $lowerlimit && $next > $lowerlimit) 
    796. 

  796. 			print "<input type='button' value='&gt;&gt;' onclick=\"changePage('$next')\" />\n"; 
    797. 

  797. 		?> 
    798. 

  798. 		</td> 
    799. 

  799. 		</tr> 
    800. 

  800. 		</table> 
    801. 

  801. 	</td> 
    802. 

  802. </tr> 
    803. 

  803. <? } else { ?> 
    804. 

  804. 	<form action='<?echo "$PHP_SELF?$sid"?>' method='post' name='searchform'> 
    805. 

  805. 	<input type='hidden' name='order' value='<? echo $order ?>' /> 
    806. 

  806. 	<input type='hidden' name='editor' value='<? echo $editor ?>' /> 
    807. 

  807. 	<input type='hidden' name='source' value='<? echo $source ?>' /> 
    808. 

  808. 	<input type='hidden' name='comingfrom' value='<? echo $comingfrom ?>' />
    809. 

  809. 	<input type='hidden' name='site' value='<? echo $site ?>' />
    810. 

  810. 	</form>
    811. 

  811. <? } ?>
    812. 

  812. 

  813. 

  814. <tr> 
    815. 

  815. 	<th> </th> 
    816. 

  816. 	<th> </th> 
    817. 

  817. <? 
    818. 

  818. //	print "<th><a href='#' onclick=\"changeOrder('"; 
    819. 

  819. //	if ($order =='media_id asc') print "media_id desc"; 
    820. 

  820. //	else print "media_id asc"; 
    821. 

  821. //	print "')\" style='color: #000'>ID"; 
    822. 

  822. //	if ($order =='media_id asc') print " &or;"; 
    823. 

  823. //	if ($order =='media_id desc') print " &and;";	 
    824. 

  824. //	print "</a></th>"; 
    825. 

  825. 	 
    826. 

  826. 	print "<th><a href='#' onclick=\"changeOrder('"; 
    827. 

  827. 	if ($order =='media_tag asc') print "media_tag desc"; 
    828. 

  828. 	else print "media_tag asc"; 
    829. 

  829. 	print "')\" style='color: #000'>File Name"; 
    830. 

  830. 	if ($order =='media_tag asc') print " &and;"; 
    831. 

  831. 	if ($order =='media_tag desc') print " &or;";	 
    832. 

  832. 	print "</a></th>"; 
    833. 

  833. 	 
    834. 

  834. 	print "<th><a href='#' onclick=\"changeOrder('"; 
    835. 

  835. 	if ($order =='media_type asc') print "media_type desc"; 
    836. 

  836. 	else print "media_type asc"; 
    837. 

  837. 	print "')\" style='color: #000'>Type"; 
    838. 

  838. 	if ($order =='media_type asc')  print " &and;"; 
    839. 

  839. 	if ($order =='media_type desc') print " &or;";	 
    840. 

  840. 	print "</a></th>"; 
    841. 

  841. 	 
    842. 

  842. 	print "<th><a href='#' onclick=\"changeOrder('"; 
    843. 

  843. 	if ($order =='media_size asc') print "media_size desc"; 
    844. 

  844. 	else print "media_size asc"; 
    845. 

  845. 	print "')\" style='color: #000'>Size"; 
    846. 

  846. 	if ($order =='media_size asc') print " &and;"; 
    847. 

  847. 	if ($order =='media_size desc') print " &or;";	 
    848. 

  848. 	print "</a></th>"; 
    849. 

  849. 	 
    850. 

  850. 	if ($_SESSION['ltype'] == 'admin') { 
    851. 

  851. 		print "<th><a href='#' onclick=\"changeOrder('"; 
    852. 

  852. 		if ($order =='slot_name asc') print "slot_name desc"; 
    853. 

  853. 		else print "slot_name asc"; 
    854. 

  854. 		print "')\" style='color: #000'>Site"; 
    855. 

  855. 		if ($order =='slot_name asc') print " &and;"; 
    856. 

  856. 		if ($order =='slot_name desc') print " &or;";	 
    857. 

  857. 		print "</a></th>"; 
    858. 

  858. 	} 
    859. 

  859.  
    860. 

  860. 	print "<th><a href='#' onclick=\"changeOrder('"; 
    861. 

  861. 	if ($order =='media_updated_tstamp asc') print "media_updated_tstamp desc"; 
    862. 

  862. 	else print "media_updated_tstamp asc"; 
    863. 

  863. 	print "')\" style='color: #000'>Date Modified"; 
    864. 

  864. 	if ($order =='media_updated_tstamp asc') print " &and;"; 
    865. 

  865. 	if ($order =='media_updated_tstamp desc') print " &or;";	 
    866. 

  866. 	print "</a></th>"; 
    867. 

  867. 	 
    868. 

  868. 	print "<th><a href='#' onclick=\"changeOrder('"; 
    869. 

  869. 	if ($order =='user_uname asc') print "user_uname desc"; 
    870. 

  870. 	else print "user_uname asc"; 
    871. 

  871. 	print "')\" style='color: #000'>Added by User:"; 
    872. 

  872. 	if ($order =='user_uname asc') print " &and;"; 
    873. 

  873. 	if ($order =='user_uname desc') print " &or;";	 
    874. 

  874. 	print "</a></th>"; 
    875. 

  875. ?>	 
    876. 

  876. 	<th> </th> 
    877. 

  877. </tr> 
    878. 

  878. <? 
    879. 

  879. $color = 0; 
    880. 

  880. $today = date(Ymd); 
    881. 

  881. $yesterday = date(Ymd)-1; 
    882. 

  882.  
    883. 

  883. if (db_num_rows($r)) { 
    884. 

  884. 	while ($a=db_fetch_assoc($r)) { 
    885. 

  885. 		$a[media_tag] = urldecode($a[media_tag]); 
    886. 

  886. 		$a[media_size] = convertfilesize($a[media_size]); 
    887. 

  887. 		
    888. 

  888. 		$url = $uploadurl."/".$a[slot_name]."/".rawurlencode($a[media_tag]); 
    889. 

  889. 		if ($a[media_type] == 'image') { 
    890. 

  890. 			$img_path = $uploaddir."/".$a[slot_name]."/".$a[media_tag];
    891. 

  891. 			$img_url = $url;
    892. 

  892. 		} else { 
    893. 

  893. 			$img_path = "images/file.gif";
    894. 

  894. 			$img_url = $img_path;
    895. 

  895. 		}  
    896. 

  896. 		if (file_exists($img_path)) {
    897. 

  897. 			$thumb_size = get_sizes($img_path,'50');
    898. 

  898. 			$img_size = get_size($img_path); 
    899. 

  899. 		} else {
    900. 

  900. 			$img_url = "images/nofile.gif";
    901. 

  901. 			$thumb_size = get_sizes($img_path);
    902. 

  902. 			$img_size = get_size($img_path); 
    903. 

  903. 		}
    904. 

  904. 		
    905. 

  905. /* 		$img_size = get_size($url);  */
    906. 

  906. 		 
    907. 

  907. 		print "<tr>"; 
    908. 

  908. 		
    909. 

  909. 		/******************************************************************************
    910. 

  910. 		 * Media file USE button
    911. 

  911. 		 * Use button depends on context 
    912. 

  912. 		 * viewsite: no USE button displayed
    913. 

  913. 		 * discussion UI: source = discuss
    914. 

  914. 		 * image content block: editor = none
    915. 

  915. 		 * text content block: editor = html 
    916. 

  916. 		 ******************************************************************************/
    917. 

  917.  		
    918. 

  918. 		print "<td class='td$color'>\n";
    919. 

  919. 			if ($comingfrom != "viewsite") {
    920. 

  920. 				
    921. 

  921. 				// for discussions, get media filename and id
    922. 

  922. 				if ($source == 'discuss') {
    923. 

  923. 					print "<input type='button' name='use' value='use' onclick=\"useFileDiscuss('".$a[media_id]."','".$a[media_tag]."')\" />\n";	
    924. 

  924. 				
    925. 

  925. 				// for image content blocks				
    926. 

  926. 				} else if ($editor == 'none') {
    927. 

  927. 					print "<input type='button' name='use' value='use' onclick=\"useFile('".$a[media_id]."','".$a[media_tag]."')\" />\n";
    928. 

  928. 				
    929. 

  929. 				// for text editors... (not needed?)
    930. 

  930.                 } else if ($editor == 'text') {
    931. 

  931.                         print "<input type='button' name='use' value='use' onclick=\"useFile('".$a[media_id]."','".$a[media_tag]."')\" />\n";
    932. 

  932.                         
    933. 

  933.                 // for HTML editors get media url, mediatype image url,        
    934. 

  934.                 } else if ($editor == 'html') {
    935. 

  935.                 		//printpre($editor);
    936. 

  936.                         print "<input type='button' name='use' value='use' onclick=\"getUrl('".$url."','".$img_url."')\" />\n";
    937. 

  937.                         
    938. 

  938.                 // not sure where this function is called
    939. 

  939.                 } else {
    940. 

  940.                         //print "<input type='button' name='use' value='use' onclick=\"useFile2('".$a[slot_name]."','".$a[media_tag]."','".$a[media_id]."')\" />\n";
    941. 

  941.                			print "<input type='button' name='use' value='use' onclick=\"FCKSetUrl('".$url."')\" />\n";
    942. 

  942.                }   
    943. 

  943.             } else print " &nbsp; ";
    944. 

  944. //			print "<input type='button' name='use' value='use' onclick=\"useFile()\" />";  
    945. 

  945. 		print "</td>\n"; 
    946. 

  946.  
    947. 

  947. 		print "<td class='td$color'>"; 
    948. 

  948. 			if ($a[media_type]=='image') { 
    949. 

  949. 				$windowSize[x] = $img_size[x]+15; 
    950. 

  950. 				$windowSize[y] = $img_size[y]+15; 
    951. 

  951. //				print "<a href='#' onclick=\"window.open('$url','imagewindow',config='width=$img_size[x],height=$img_size[y],resizeable=1,scrollbars=0')\">"; 
    952. 

  952. 				print "<a href=\"JavaScript:window.open('$url','imagewindow',config='width=$windowSize[x],height=$windowSize[y],resizeable=1,scrollbars=0');void('');\">"; 
    953. 

  953. 			} else 
    954. 

  954. 				print "<a href='$url'>"; 
    955. 

  955. 			print "<img src='$img_url' height='$thumb_size[y]' width='$thumb_size[x]' border='0' alt='thumbnail image for file'/>"; 
    956. 

  956. 			print "</a>"; 
    957. 

  957. 		print "</td>\n"; 
    958. 

  958.  
    959. 

  959. //		print "<td class='td$color' style='vertical-align: top;'>"; 
    960. 

  960. //			print "$a[media_id]"; 
    961. 

  961. //		print "</td>\n"; 
    962. 

  962. 		 
    963. 

  963. 		print "<td class='td$color' style='text-align: left;'>"; 
    964. 

  964. 			print "<strong>$a[media_tag]</strong>"; 
    965. 

  965. 			
    966. 

  966. 			//-----------------------------------------------
    967. 

  967. 			// Metdata
    968. 

  968. 			//-----------------------------------------------
    969. 

  969. 			print "\n<div>";
    970. 

  970. 			printCitation($a);
    971. 

  971. 			print "</div>";
    972. 

  972. 			
    973. 

  973. 			print<<<END
    974. 

  974. 			<div
    975. 

  975. 				style='cursor: pointer; text-align: right; font-size: 9px;'
    976. 

  976. 				onclick="if (this.nextSibling.style.display!='block') {this.nextSibling.style.display='block'; this.innerHTML='cancel';} else {this.nextSibling.style.display='none'; this.innerHTML='edit'}"
    977. 

  977. 			>	
    978. 

  978. END;
    979. 

  979. 			print "edit</div>";
    980. 

  980. 			print "<div style='display: none'>";
    981. 

  981. 			print "<form action='".$_SERVER['PHP_SELF']."' method='post'>";
    982. 

  982. 			print "\n\t<input type='hidden' name='update_id' value='".$a['media_id']."'/>";
    983. 

  983. 			print <<<END
    984. 

  984. 		<input type='hidden' name='order' value='$order' /> 
    985. 

  985. 		<input type='hidden' name='all' value='$all' /> 
    986. 

  986. 		<input type='hidden' name='editor' value='$editor' />
    987. 

  987. 		<input type='hidden' name='source' value='$source' />
    988. 

  988. 		<input type='hidden' name='site' value='$site' />
    989. 

  989. 		<input type='hidden' name='comingfrom' value='$comingfrom' /> 
    990. 

  990. 		
    991. 

  991. END;
    992. 

  992. 			print "\n\t\t<dl>";
    993. 

  993. 			foreach ($metadata as $field => $label) {
    994. 

  994. 				print "\n\t\t\t<dt style='font-weight: bold'>".$label."</dt>";
    995. 

  995. 				if ($field == "is_published") {
    996. 

  996. 					print "\n\t\t\t<dd style='margin-left: 10px;'>
    997. 

  997. 					<input type='radio' name='is_published' value='1' ".(($a['is_published'] == '1')?" checked='checked'":"")." style='border: 0px;' />yes 
    998. 

  998. 					<input type='radio' name='is_published' value='0' ".(($a['is_published'] == '0')?" checked='checked'":"")." style='border: 0px;' />no 
    999. 

  999. 				</dd>";
    1000. 

  1000. 				} else if ($field == 'pubyear') {
    1001. 

  1001. 					$val = $a[$field];
    1002. 

  1002. 					print <<<END
    1003. 

  1003. 					<dd style='margin-left: 10px;'>
    1004. 

  1004. 						<input type='text' name='pubyear' value='$val' 
    1005. 

  1005. 							onchange='if (!this.value.match(/^([0-9]{4})?$/)) {alert("Year must be four digits.\\n\\""+this.value+"\\" is not a valid year."); this.value="$val"; this.focus();}' />
    1006. 

  1006. 					</dd>
    1007. 

  1007. END;
    1008. 

  1008. 				} else {
    1009. 

  1009. 					print "\n\t\t\t<dd style='margin-left: 10px;'><input type='text' name='".$field."' value=\"".$a[$field]."\" /></dd>";
    1010. 

  1010. 				}
    1011. 

  1011. 			}
    1012. 

  1012. 			print "\n\t\t</dl>";
    1013. 

  1013. 			print "\n\t\t<input type='submit' value='Update' />";
    1014. 

  1014. 			print "\n\t\t</form>";
    1015. 

  1015. 			print "\n\t</div>\n";
    1016. 

  1016. //			if ($hasMetadata)
    1017. 

  1017. //				ob_end_flush();
    1018. 

  1018. //			else
    1019. 

  1019. //				ob_end_clean();
    1020. 

  1020. 			
    1021. 

  1021. 			
    1022. 

  1022. 		print "</td>\n"; 
    1023. 

  1023.  
    1024. 

  1024. 		print "<td class='td$color'>"; 
    1025. 

  1025. 			print "$a[media_type]"; 
    1026. 

  1026. 		print "</td>\n"; 
    1027. 

  1027.  
    1028. 

  1028. 		print "<td class='td$color'>"; 
    1029. 

  1029. 			print "$a[media_size]"; 
    1030. 

  1030. 		print "</td>\n"; 
    1031. 

  1031. 		 
    1032. 

  1032. 		if ($_SESSION['ltype'] == 'admin') { 
    1033. 

  1033. 			print "<td class='td$color'>"; 
    1034. 

  1034. 			print "$a[slot_name]"; 
    1035. 

  1035. 		print "</td>\n"; 
    1036. 

  1036. 		} 
    1037. 

  1037.  
    1038. 

  1038. 		print "<td class='td$color'><span style='white-space: nowrap;'>"; 
    1039. 

  1039. 			if (strncmp($today, $a[media_updated_tstamp], 8) == 0 || strncmp($yesterday, $a[media_updated_tstamp], 8) == 0) print "<b>"; 
    1040. 

  1040. 			print $a[media_updated_tstamp_text]; 
    1041. 

  1041. 			if (strncmp($today, $a[media_updated_tstamp], 8) == 0 || strncmp($yesterday, $a[media_updated_tstamp], 8) == 0) print "</b>"; 
    1042. 

  1042. 		print "</span></td>\n"; 
    1043. 

  1043. 		 
    1044. 

  1044. 		print "<td class='td$color'>"; 
    1045. 

  1045. 			print "$a[user_fname] ($a[user_uname])"; 
    1046. 

  1046. 		print "</td>\n"; 
    1047. 

  1047. 		 
    1048. 

  1048. 		print "<td class='td$color'>"; 
    1049. 

  1049. 			print "<input type='button' value='delete' onclick=\"deleteFile('".$a[media_id]."','".$a[media_tag]."')\" />";  
    1050. 

  1050. //			print "<input type='button' name='delete' value='delete' />";  
    1051. 

  1051. 		print "</td>\n"; 
    1052. 

  1052.  
    1053. 

  1053. 		print "</tr>"; 
    1054. 

  1054. 		$color = 1-$color; 
    1055. 

  1055. 	} 
    1056. 

  1056. } else { 
    1057. 

  1057. 	print "<tr><td colspan=".(($_SESSION['ltype']=='admin')?"10":"9")." style='text-align: left'>No media.</td></tr>"; 
    1058. 

  1058. } 
    1059. 

  1059. ?> 
    1060. 

  1060.  
    1061. 

  1061. </table><br /> 
    1062. 

  1062.  
    1063. 

  1063. <form action='filebrowser.php' name='deleteform' method='post'> 
    1064. 

  1064. <input type='hidden' name='filetodelete' /> 
    1065. 

  1065. <input type='hidden' name='delete' value='1' /> 
    1066. 

  1066. <input type='hidden' name='order' value='<? echo $order ?>' /> 
    1067. 

  1067. <input type='hidden' name='all' value='<? echo $all ?>' /> 
    1068. 

  1068. <input type='hidden' name='editor' value='<? echo $editor ?>' />
    1069. 

  1069. <input type='hidden' name='source' value='<? echo $source ?>' />
    1070. 

  1070. <input type='hidden' name='site' value='<? echo $site ?>' />
    1071. 

  1071. <input type='hidden' name='comingfrom' value='<? echo $comingfrom ?>' /> 
    1072. 

  1072. </form> 
    1073. 

  1073.  
    1074. 

  1074. <div align='right'><input type='button' value='Close Window' onclick='window.close()' /></div> 
    1075. 

  1075. 

  1076. <?
    1077. 

  1077. 

  1078. // debug output -- handy :)
    1079. 

  1079. /* print "<pre>"; */
    1080. 

  1080. /* print "request:\n"; */
    1081. 

  1081. /* print_r($_REQUEST); */
    1082. 

  1082. /* print "\n\n"; */
    1083. 

  1083. /* print "session:\n"; */
    1084. 

  1084. /* print_r($_SESSION); */
    1085. 

  1085. /* print "\n\n"; */
    1086. 

  1086. 

  1087. /* if (is_object($thisPage)) { */
    1088. 

  1088. /* 	print "\n\n"; */
    1089. 

  1089. /* 	print "thisPage:\n"; */
    1090. 

  1090. /* 	print_r($thisPage); */
    1091. 

  1091. /* } else if (is_object($thisSection)) { */
    1092. 

  1092. /* 	print "\n\n"; */
    1093. 

  1093. /* 	print "thisSection:\n"; */
    1094. 

  1094. /* 	print_r($thisSection); */
    1095. 

  1095. /* } else if (is_object($thisSite)) { */
    1096. 

  1096. /* 	print "\n\n"; */
    1097. 

  1097. /* 	print "thisSite:\n"; */
    1098. 

  1098. /* 	print_r($thisSite); */
    1099. 

  1099. /* } */
    1100. 

  1100. // print "</pre>";
    1101. 

  1101. ?>
    1102. 

  1102. 

  1103. </body>
    1104. 

  1104. </html>
    1105.