PageRenderTime 44ms CodeModel.GetById 14ms RepoModel.GetById 0ms app.codeStats 0ms

/serendipity_admin_image_selector.php

http://github.com/s9y/Serendipity
PHP | 306 lines | 285 code | 17 blank | 4 comment | 13 complexity | 36998202ff5fa437a97789ff7294e791 MD5 | raw file
Possible License(s): BSD-3-Clause, LGPL-3.0, LGPL-2.1, MPL-2.0-no-copyleft-exception, Apache-2.0 
    

  1. <?php
    2. 

  2. # Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
    3. 

  3. # All rights reserved.  See LICENSE file for licensing details
    4. 

  4. 

  5. include('serendipity_config.inc.php');
    6. 

  6. 

  7. if (IN_serendipity !== true) {
    8. 

  8.     die ("Don't hack!");
    9. 

  9. }
    10. 

  10. 

  11. header('Content-Type: text/html; charset=' . LANG_CHARSET);
    12. 

  12. 

  13. if ($_SESSION['serendipityAuthedUser'] !== true && $serendipity['GET']['step'] != 'showItem')  {
    14. 

  14.     die(HAVE_TO_BE_LOGGED_ON);
    15. 

  15. }
    16. 

  16. 

  17. if (!isset($serendipity['GET']['adminModule'])) {
    18. 

  18.     $serendipity['GET']['adminModule'] = (isset($serendipity['POST']['adminModule']) ? $serendipity['POST']['adminModule'] : '');
    19. 

  19. }
    20. 

  20. 

  21. if (!isset($serendipity['GET']['step'])) {
    22. 

  22.     $serendipity['GET']['step']        = (isset($serendipity['POST']['step'])        ? $serendipity['POST']['step']        : '');
    23. 

  23. }
    24. 

  24. 

  25. if (empty($serendipity['GET']['step']) && isset($serendipity['GET']['adminAction'])) {
    26. 

  26.     $serendipity['GET']['step'] = $serendipity['GET']['adminAction'];
    27. 

  27. }
    28. 

  28. 

  29. serendipity_smarty_init();
    30. 

  30. if (empty($serendipity['GET']['step']) && $serendipity['GET']['page'] < 1) {
    31. 

  31.     $media = array(
    32. 

  32.         'GET_STRING' => serendipity_build_query($_GET),
    33. 

  33.         'frameset'   => true
    34. 

  34.     );
    35. 

  35.     $serendipity['smarty']->assignByRef('media', $media);
    36. 

  36.     $serendipity['smarty']->display(serendipity_getTemplateFile('admin/media_choose.tpl', 'serendipityPath'));
    37. 

  37.     return;
    38. 

  38. }
    39. 

  39. 

  40. $import_vars = $serendipity['GET'];
    41. 

  41. unset($import_vars['step']);
    42. 

  42. unset($import_vars['only_path']);
    43. 

  43. 

  44. $showFile = 'admin/media_choose.tpl';
    45. 

  45. $body_id = 'serendipityAdminBodyImageSelector';
    46. 

  46. if ($serendipity['GET']['step'] === 'tree') {
    47. 

  47.     $body_id = 'serendipityAdminBodyImageSelectorTree';
    48. 

  48. }
    49. 

  49. 

  50. $media = array(
    51. 

  51.     'body_id'    => $body_id,
    52. 

  52.     'only_path'  => $serendipity['GET']['only_path'],
    53. 

  53.     'css'        => serendipity_rewriteURL('serendipity_admin.css'),
    54. 

  54.     'css_tree'   => serendipity_getTemplateFile('treeview/tree.css'),
    55. 

  55.     'css_front'  => serendipity_rewriteURL('serendipity.css'),
    56. 

  56.     'token_url'  => serendipity_setFormToken('url'),
    57. 

  57.     'imgID'      => (int)$serendipity['GET']['image'],
    58. 

  58.     'from'       => $serendipity['GET']['from'],
    59. 

  59.     'GET_STRING' => serendipity_build_query($import_vars, 'serendipity', '&'),
    60. 

  60.     'paths'      => serendipity_getMediaPaths()
    61. 

  61. );
    62. 

  62. 

  63. switch ($serendipity['GET']['step']) {
    64. 

  64.     case '1':
    65. 

  65.         if (isset($serendipity['GET']['adminAction'])) { // Embedded upload form
    66. 

  66.             if (!empty($serendipity['POST']['textarea'])) {
    67. 

  67.                 $serendipity['GET']['textarea'] = $serendipity['POST']['textarea'];
    68. 

  68.             }
    69. 

  69. 

  70.             if (!empty($serendipity['POST']['htmltarget'])) {
    71. 

  71.                 $serendipity['GET']['htmltarget'] = $serendipity['POST']['htmltarget'];
    72. 

  72.             }
    73. 

  73. 

  74.             if (!empty($serendipity['POST']['filename_only'])) {
    75. 

  75.                 $serendipity['GET']['filename_only'] = $serendipity['POST']['filename_only'];
    76. 

  76.             }
    77. 

  77. 

  78.             $image_selector_addvars = array(
    79. 

  79.                 'step'          => 1,
    80. 

  80.                 'textarea'      => (!empty($serendipity['GET']['textarea'])      ? $serendipity['GET']['textarea']      : ''),
    81. 

  81.                 'htmltarget'    => (!empty($serendipity['GET']['htmltarget'])    ? $serendipity['GET']['htmltarget']    : ''),
    82. 

  82.                 'filename_only' => (!empty($serendipity['GET']['filename_only']) ? $serendipity['GET']['filename_only'] : '')
    83. 

  83.             );
    84. 

  84. 

  85.             switch ($serendipity['GET']['adminAction']) {
    86. 

  86.                 case 'addSelect':
    87. 

  87.                     $media['case'] = 'external';
    88. 

  88.                     ob_start();
    89. 

  89.                     include S9Y_INCLUDE_PATH . 'include/admin/images.inc.php';
    90. 

  90.                     $media['external'] = ob_get_contents();
    91. 

  91.                     ob_end_clean();
    92. 

  92.                     break 2;
    93. 

  93. 

  94.                 case 'add':
    95. 

  95.                     $media['case'] = 'external';
    96. 

  96.                     ob_start();
    97. 

  97.                     include S9Y_INCLUDE_PATH . 'include/admin/images.inc.php';
    98. 

  98.                     $media['external'] = ob_get_contents();
    99. 

  99.                     ob_end_clean();
    100. 

  100.                     if (isset($created_thumbnail) && isset($image_id)) {
    101. 

  101.                         $media['is_uploaded'] = true;
    102. 

  102.                         $serendipity['GET']['image'] = $media['imgID'] = (int)$image_id; // $image_id is passed from images.inc.php
    103. 

  103.                         break;
    104. 

  104.                     } else {
    105. 

  105.                         break 2;
    106. 

  106.                     }
    107. 

  107.             }
    108. 

  108.         }
    109. 

  109.         $media['case'] = 'choose';
    110. 

  110. 

  111.         $file           = serendipity_fetchImageFromDatabase($serendipity['GET']['image']);
    112. 

  112.         $media['file'] = &$file;
    113. 

  113.         if (!is_array($file)) {
    114. 

  114.             $media['perm_denied'] = true;
    115. 

  115.             break;
    116. 

  116.         }
    117. 

  117. 

  118.         serendipity_prepareMedia($file);
    119. 

  119. 

  120.         $media['file']['props'] =& serendipity_fetchMediaProperties((int)$serendipity['GET']['image']);
    121. 

  121.         serendipity_plugin_api::hook_event('media_getproperties_cached', $media['file']['props']['base_metadata'], $media['file']['realfile']);
    122. 

  122. 

  123.         if ($file['is_image']) {
    124. 

  124.             $file['finishJSFunction'] = $file['origfinishJSFunction'] = 'serendipity.serendipity_imageSelector_done(\'' . serendipity_specialchars($serendipity['GET']['textarea']) . '\')';
    125. 

  125. 

  126.             if (!empty($serendipity['GET']['filename_only']) && $serendipity['GET']['filename_only'] !== 'true') {
    127. 

  127.                 $file['fast_select'] = true;
    128. 

  128.             }
    129. 

  129.         }
    130. 

  130.         break;
    131. 

  131. 

  132.     case 'directoryDoCreate':
    133. 

  133.     case 'directoryDoDelete':
    134. 

  134.         $is_created = true;
    135. 

  135.         if ($serendipity['GET']['step'] == 'directoryDoDelete') {
    136. 

  136.             $is_deleted = true;
    137. 

  137.         }
    138. 

  138.     case 'directoryCreate':
    139. 

  139.         $serendipity['GET']['adminAction'] = $serendipity['GET']['step'];
    140. 

  140.         $media['case'] = 'external';
    141. 

  141.         ob_start();
    142. 

  142.         include S9Y_INCLUDE_PATH . 'include/admin/images.inc.php';
    143. 

  143.         if ($is_created || $is_deleted) {
    144. 

  144.             $media['is_created'] = $is_created;
    145. 

  145.             $media['is_deleted'] = $is_deleted;
    146. 

  146.             $media['new_dir']    = $new_dir;
    147. 

  147.         }
    148. 

  148.         $media['external'] = ob_get_contents();
    149. 

  149.         ob_end_clean();
    150. 

  150.         break;
    151. 

  151. 

  152.     case 'tree':
    153. 

  153.         $media['case']  = 'tree';
    154. 

  154.         break;
    155. 

  155. 

  156.     case 'showItem':
    157. 

  157.         serendipity_plugin_api::hook_event('frontend_media_showitem_init', $media);
    158. 

  158. 

  159.         if ($media['perm_denied']) {
    160. 

  160.             break;
    161. 

  161.         }
    162. 

  162.         $media['case'] = 'showitem';
    163. 

  163.         $file          = serendipity_fetchImageFromDatabase((int)$serendipity['GET']['image']);
    164. 

  164.         $media['file'] = &$file;
    165. 

  165.         $keywords = $dprops = '';
    166. 

  166. 

  167.         if (!is_array($file)) {
    168. 

  168.             $media['perm_denied'] = true;
    169. 

  169.             break;
    170. 

  170.         }
    171. 

  171. 

  172.         serendipity_prepareMedia($file);
    173. 

  173. 

  174.         $showfile = null;
    175. 

  175.         if (($serendipity['GET']['resizeWidth'] || $serendipity['GET']['resizeHeight']) && $serendipity['dynamicResize'] && $media['file']['is_image']) {
    176. 

  176.             $width  = (int)$serendipity['GET']['resizeWidth'];
    177. 

  177.             $height = (int)$serendipity['GET']['resizeHeight'];
    178. 

  178.             if (empty($width)) {
    179. 

  179.                 $width = NULL;
    180. 

  180.             }
    181. 

  181.             if (empty($height)) {
    182. 

  182.                 $height = NULL;
    183. 

  183.             }
    184. 

  184. 

  185.             $showfile = $serendipity['serendipityPath'] . PATH_SMARTY_COMPILE . '/mediacache/cache_img' . (int)$serendipity['GET']['image'] . '_' . $width . '_' . $height;
    186. 

  186. 

  187.             if (!file_exists($showfile)) {
    188. 

  188.                 serendipity_makeThumbnail(
    189. 

  189.                     $media['file']['realname'],
    190. 

  190.                     $media['file']['path'],
    191. 

  191.                     array(
    192. 

  192.                         'width'  => $width,
    193. 

  193.                         'height' => $height
    194. 

  194.                     ),
    195. 

  195.                     $showfile,
    196. 

  196.                     true
    197. 

  197.                 );
    198. 

  198.             }
    199. 

  199.         }
    200. 

  200. 

  201.         $hit = serendipity_db_query("SELECT id
    202. 

  202.                                        FROM {$serendipity['dbPrefix']}references
    203. 

  203.                                       WHERE link = '" . serendipity_db_escape_string($_SERVER['HTTP_REFERER']) . "'
    204. 

  204.                                         AND entry_id = " . (int)$serendipity['GET']['image'] . "
    205. 

  205.                                         AND type = 'media'", true, 'assoc');
    206. 

  206.         if (!is_array($hit) || !isset($hit['id'])) {
    207. 

  207.             serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}references
    208. 

  208.                                               (entry_id, link, name, type)
    209. 

  209.                                        VALUES (" . (int)$serendipity['GET']['image'] . ", '" . serendipity_db_escape_string($_SERVER['HTTP_REFERER']) . "', 1, 'media')");
    210. 

  210.         } else {
    211. 

  211.             serendipity_db_query("UPDATE {$serendipity['dbPrefix']}references
    212. 

  212.                                      SET name = name + 1
    213. 

  213.                                    WHERE id   = " . (int)$hit['id']);
    214. 

  214.         }
    215. 

  215. 

  216.         $curl = ($_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . ($_SERVER['HTTP_PORT'] != 80 ? ':' . $_SERVER['HTTP_PORT'] : '');
    217. 

  217.         switch($serendipity['GET']['show']) {
    218. 

  218.             case 'redirect':
    219. 

  219.                 header('Status: 302 Found');
    220. 

  220.                 header('Location: ' . $curl . $file['links']['imagelinkurl']);
    221. 

  221.                 exit;
    222. 

  222.                 break;
    223. 

  223. 

  224.             case 'redirectThumb':
    225. 

  225.                 header('Status: 302 Found');
    226. 

  226.                 header('Location: ' . $curl . $file['show_thumb']);
    227. 

  227.                 exit;
    228. 

  228.                 break;
    229. 

  229. 

  230.             case 'full':
    231. 

  231.                 $showfile = $file['realfile'];
    232. 

  232.                 break;
    233. 

  233. 

  234.             case 'thumb':
    235. 

  235.                 $showfile = $file['location'];
    236. 

  236.                 break;
    237. 

  237.         }
    238. 

  238. 

  239.         if (!empty($showfile) && file_exists($showfile)) {
    240. 

  240.             header('Content-Type: ' . $file['displaymime']);
    241. 

  241.             header('Content-Length: ' . filesize($showfile));
    242. 

  242.             header('Content-Disposition: ' . ($serendipity['GET']['disposition'] == 'attachment' ? 'attachment' : 'inline') . '; filename=' . basename($showfile));
    243. 

  243.             $fp = fopen($showfile, 'rb');
    244. 

  244.             fpassthru($fp);
    245. 

  245.             exit;
    246. 

  246.         }
    247. 

  247. 

  248.         $media['file']['props'] =& serendipity_fetchMediaProperties((int)$serendipity['GET']['image']);
    249. 

  249.         serendipity_plugin_api::hook_event('media_getproperties_cached', $media['file']['props']['base_metadata'], $media['file']['realfile']);
    250. 

  250. 

  251.         serendipity_parseMediaProperties($keywords, $dprops, $media['file'], $media['file']['props'], 0, false);
    252. 

  252.         serendipity_plugin_api::hook_event('frontend_media_showitem', $media);
    253. 

  253.         if ($media['perm_denied']) {
    254. 

  254.             unset($media['file']);
    255. 

  255.             unset($file);
    256. 

  256.         }
    257. 

  257.         $showFile = 'media_showitem.tpl';
    258. 

  258.         break;
    259. 

  259. 

  260.     case 'start':
    261. 

  261.         $media['case'] = 'start';
    262. 

  262.         break;
    263. 

  263. 

  264.     case 'default':
    265. 

  265.     default:
    266. 

  266.         if (!empty($serendipity['GET']['adminAction']) && $serendipity['GET']['adminModule'] == 'images' && $serendipity['GET']['adminAction'] != 'default') {
    267. 

  267.             // Might need to set $serendipity['adminFile_redirect'] here.
    268. 

  268.             $serendipity['adminFile']          = 'serendipity_admin_image_selector.php';
    269. 

  269.             ob_start();
    270. 

  270.             include S9Y_INCLUDE_PATH . 'include/admin/images.inc.php';
    271. 

  271.             $media['external'] = ob_get_contents();
    272. 

  272.             $media['case'] = 'external';
    273. 

  273.             ob_end_clean();
    274. 

  274.             break;
    275. 

  275.         }
    276. 

  276. 

  277.         $media['case'] = 'default';
    278. 

  278.         $add_url = '';
    279. 

  279.         if (!empty($serendipity['GET']['htmltarget'])) {
    280. 

  280.             $add_url .= '&amp;serendipity[htmltarget]=' . serendipity_specialchars($serendipity['GET']['htmltarget']);
    281. 

  281.         }
    282. 

  282. 

  283.         if (!empty($serendipity['GET']['filename_only'])) {
    284. 

  284.             $add_url .= '&amp;serendipity[filename_only]=' . serendipity_specialchars($serendipity['GET']['filename_only']);
    285. 

  285.         }
    286. 

  286. 

  287.         if (!isset($serendipity['thumbPerPage2'])) {
    288. 

  288.             $serendipity['thumbPerPage2'] = 3;
    289. 

  289.         }
    290. 

  290. 

  291. 

  292.         $media['external'] = serendipity_displayImageList(
    293. 

  293.           isset($serendipity['GET']['page'])   ? $serendipity['GET']['page']   : 1,
    294. 

  294.           $serendipity['thumbPerPage2'],
    295. 

  295.           ($serendipity['showMediaToolbar'] ? true : false),
    296. 

  296.           '?serendipity[step]=1' . $add_url . '&amp;serendipity[textarea]='. serendipity_specialchars($serendipity['GET']['textarea']),
    297. 

  297.           true,
    298. 

  298.           null
    299. 

  299.         );
    300. 

  300. }
    301. 

  301. 

  302. $media = array_merge($serendipity['GET'], $media);
    303. 

  303. $serendipity['smarty']->assignByRef('media', $media);
    304. 

  304. $serendipity['smarty']->display(serendipity_getTemplateFile($showFile, 'serendipityPath'));
    305. 

  305. 

  306. /* vim: set sts=4 ts=4 expandtab : */
    307. 

  307.