/administrator/components/com_media/controllers/file.php
PHP | 186 lines | 126 code | 18 blank | 42 comment | 34 complexity | a1e49db80793270cf13698172d66180a MD5 | raw file
Possible License(s): LGPL-2.1, AGPL-1.0
- <?php
- /**
- * @version $Id: file.php 10094 2008-03-02 04:35:10Z instance $
- * @package Joomla
- * @subpackage Content
- * @copyright Copyright (C) 2005 - 2008 Open Source Matters. All rights reserved.
- * @license GNU/GPL, see LICENSE.php
- * Joomla! is free software. This version may have been modified pursuant to the
- * GNU General Public License, and as distributed it includes or is derivative
- * of works licensed under the GNU General Public License or other free or open
- * source software licenses. See COPYRIGHT.php for copyright notices and
- * details.
- */
- // Check to ensure this file is included in Joomla!
- defined('_JEXEC') or die( 'Restricted access' );
- jimport('joomla.filesystem.file');
- jimport('joomla.filesystem.folder');
- /**
- * Weblinks Weblink Controller
- *
- * @package Joomla
- * @subpackage Weblinks
- * @since 1.5
- */
- class MediaControllerFile extends MediaController
- {
- /**
- * Upload a file
- *
- * @since 1.5
- */
- function upload()
- {
- global $mainframe;
- // Check for request forgeries
- JRequest::checkToken( 'request' ) or jexit( 'Invalid Token' );
- $file = JRequest::getVar( 'Filedata', '', 'files', 'array' );
- $folder = JRequest::getVar( 'folder', '', '', 'path' );
- $format = JRequest::getVar( 'format', 'html', '', 'cmd');
- $return = JRequest::getVar( 'return-url', null, 'post', 'base64' );
- $err = null;
- // Set FTP credentials, if given
- jimport('joomla.client.helper');
- JClientHelper::setCredentialsFromRequest('ftp');
- // Make the filename safe
- jimport('joomla.filesystem.file');
- $file['name'] = JFile::makeSafe($file['name']);
- if (isset($file['name'])) {
- $filepath = JPath::clean(COM_MEDIA_BASE.DS.$folder.DS.strtolower($file['name']));
- if (!MediaHelper::canUpload( $file, $err )) {
- if ($format == 'json') {
- jimport('joomla.error.log');
- $log = &JLog::getInstance('upload.error.php');
- $log->addEntry(array('comment' => 'Invalid: '.$filepath.': '.$err));
- header('HTTP/1.0 415 Unsupported Media Type');
- jexit('Error. Unsupported Media Type!');
- } else {
- JError::raiseNotice(100, JText::_($err));
- // REDIRECT
- if ($return) {
- $mainframe->redirect(base64_decode($return).'&folder='.$folder);
- }
- return;
- }
- }
- if (JFile::exists($filepath)) {
- if ($format == 'json') {
- jimport('joomla.error.log');
- $log = &JLog::getInstance('upload.error.php');
- $log->addEntry(array('comment' => 'File already exists: '.$filepath));
- header('HTTP/1.0 409 Conflict');
- jexit('Error. File already exists');
- } else {
- JError::raiseNotice(100, JText::_('Error. File already exists'));
- // REDIRECT
- if ($return) {
- $mainframe->redirect(base64_decode($return).'&folder='.$folder);
- }
- return;
- }
- }
- if (!JFile::upload($file['tmp_name'], $filepath)) {
- if ($format == 'json') {
- jimport('joomla.error.log');
- $log = &JLog::getInstance('upload.error.php');
- $log->addEntry(array('comment' => 'Cannot upload: '.$filepath));
- header('HTTP/1.0 400 Bad Request');
- jexit('Error. Unable to upload file');
- } else {
- JError::raiseWarning(100, JText::_('Error. Unable to upload file'));
- // REDIRECT
- if ($return) {
- $mainframe->redirect(base64_decode($return).'&folder='.$folder);
- }
- return;
- }
- } else {
- if ($format == 'json') {
- jimport('joomla.error.log');
- $log = &JLog::getInstance();
- $log->addEntry(array('comment' => $folder));
- jexit('Upload complete');
- } else {
- $mainframe->enqueueMessage(JText::_('Upload complete'));
- // REDIRECT
- if ($return) {
- $mainframe->redirect(base64_decode($return).'&folder='.$folder);
- }
- return;
- }
- }
- } else {
- $mainframe->redirect('index.php', 'Invalid Request', 'error');
- }
- }
- /**
- * Deletes paths from the current path
- *
- * @param string $listFolder The image directory to delete a file from
- * @since 1.5
- */
- function delete()
- {
- global $mainframe;
- // Set FTP credentials, if given
- jimport('joomla.client.helper');
- JClientHelper::setCredentialsFromRequest('ftp');
- // Get some data from the request
- $tmpl = JRequest::getCmd( 'tmpl' );
- $paths = JRequest::getVar( 'rm', array(), '', 'array' );
- $folder = JRequest::getVar( 'folder', '', '', 'path');
- // Initialize variables
- $msg = array();
- $ret = true;
- if (count($paths)) {
- foreach ($paths as $path)
- {
- if ($path !== JFile::makeSafe($path)) {
- JError::raiseWarning(100, JText::_('Unable to delete:').htmlspecialchars($path, ENT_COMPAT, 'UTF-8').' '.JText::_('WARNFILENAME'));
- continue;
- }
- $fullPath = JPath::clean(COM_MEDIA_BASE.DS.$folder.DS.$path);
- if (is_file($fullPath)) {
- $ret |= !JFile::delete($fullPath);
- } else if (is_dir($fullPath)) {
- $files = JFolder::files($fullPath, '.', true);
- $canDelete = true;
- foreach ($files as $file) {
- if ($file != 'index.html') {
- $canDelete = false;
- }
- }
- if ($canDelete) {
- $ret |= !JFolder::delete($fullPath);
- } else {
- JError::raiseWarning(100, JText::_('Unable to delete:').$fullPath.' '.JText::_('Not Empty!'));
- }
- }
- }
- }
- if ($tmpl == 'component') {
- // We are inside the iframe
- $mainframe->redirect('index.php?option=com_media&view=mediaList&folder='.$folder.'&tmpl=component');
- } else {
- $mainframe->redirect('index.php?option=com_media&folder='.$folder);
- }
- }
- }