1<?php 2// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project 3// 4// All Rights Reserved. See copyright.txt for details and a complete list of authors. 5// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details. 6// $Id$ 7 8//this script may only be included - so its better to die if called directly. 9if (strpos($_SERVER["SCRIPT_NAME"], basename(__FILE__)) !== false) { 10 header("location: index.php"); 11 exit; 12} 13 14// Handle special actions of the smarty_function_attachments smarty plugin 15function s_f_attachments_actionshandler($params) 16{ 17 global $prefs, $user, $tikilib; 18 if ($prefs['feature_wiki_attachments'] != 'y') { 19 return false; 20 } 21 22 /*** Works only for wiki attachments yet ***/ 23 if (! empty($params['upload']) && empty($params['fileId']) && empty($params['page'])) { 24 return false; ///FIXME 25 } 26 27 if (! empty($params['page'])) { 28 require_once("lib/wiki/renderlib.php"); 29 $info =& $tikilib->get_page_info($params['page']); 30 $pageRenderer = new WikiRenderer($info, $user, $info['data']); 31 $objectperms = $pageRenderer->applyPermissions(); 32 } 33 34 $filegallib = TikiLib::lib('filegal'); 35 $access = TikiLib::lib('access'); 36 37 foreach ($params as $k => $v) { 38 switch ($k) { 39 case 'remove': 40 /* FIXME 41 check_ticket('index'); 42 $owner = $wikilib->get_attachment_owner($_REQUEST['removeattach']); 43 if ( ($user && ($owner == $user) ) || $objectperms->wiki_admin_attachments ) { 44 $access->check_authenticity(); 45 $wikilib->remove_wiki_attachment($_REQUEST['removeattach']); 46 } 47 $pageRenderer->setShowAttachments( 'y' ); 48 */ 49 if ($access->checkCsrfForm(tr('Delete file?'))) { 50 $result = $filegallib->actionHandler('removeFile', [ 'fileId' => $v ]); 51 if ($result && $result->numrows()) { 52 Feedback::success(tr('File (ID %0) removed', $v)); 53 } else { 54 Feedback::error(tr('File (ID %0) not removed', $v)); 55 } 56 } 57 break; 58 59 case 'upload': 60 if (isset($objectperms) && ( $objectperms->wiki_admin_attachments || $objectperms->wiki_attach_files )) { 61 /* check_ticket('index'); */ 62 63 $smarty = TikiLib::lib('smarty'); 64 $smarty->loadPlugin('smarty_function_query'); 65 66 $galleryId = $filegallib->get_attachment_gallery($params['page'], 'wiki page', true); 67 if ($access->checkCsrf()) { 68 $result = $filegallib->actionHandler( 69 'uploadFile', 70 [ 71 'galleryId' => [$galleryId], 72 'comment' => [$params['comment']], 73 'returnUrl' => smarty_function_query( 74 [ 75 '_type' => 'absolute_path', 76 's_f_attachments-upload' => 'NULL', 77 's_f_attachments-page' => 'NULL', 78 's_f_attachments-comment' => 'NULL', 79 'ticket' => 'NULL', 80 ], 81 $smarty 82 ), 83 ] 84 ); 85 if ($result) { 86 Feedback::success(tr('File uploaded')); 87 } else { 88 Feedback::error(tr('File not uploaded')); 89 } 90 } 91 } 92 93 break; 94 } 95 } 96 97 return true; 98} 99 100/* 101 * smarty_function_attachments: Display the list of files attached to a wiki page (when stored in a file gallery) 102 * 103 * params will be used as smarty params for fgal_attachments.tpl, except special params starting with '_' : 104 * _id : id of the object (for a wiki page, use it's name) 105 * _type : type of the object ( e.g. "wiki page" - see objectTypes in lib/setup/sections.php ) 106 */ 107function smarty_function_attachments($params, $template) 108{ 109 if (! is_array($params) || ! isset($params['_id']) || ! isset($params['_type'])) { 110 return tra('Missing _id or _type params'); 111 } 112 113 global $prefs, $page; 114 $filegallib = TikiLib::lib('filegal'); 115 $smarty = TikiLib::lib('smarty'); 116 /*** For the moment, only wiki attachments are handled through file galleries ***/ 117 if ($prefs['feature_wiki_attachments'] != 'y') { 118 return; 119 } 120 121 $galleryId = $filegallib->get_attachment_gallery($params['_id'], $params['_type']); 122 123 /*** If anything in this function is changed, please change lib/wiki-plugins/wikiplugin_attach.php as well. ***/ 124 /* but wikiplugin_attach doesn't seem to work at all with file gals attachemnts??? jonnyb tiki12 */ 125 126 if (empty($galleryId)) { // no gallery for this page yet, is no problem (12.0+) 127 $gal_info = $filegallib->default_file_gallery(); 128 $gal_info['name'] = $page . ' *'; // temp name with * - not displayed in most configs 129 } elseif (! $gal_info = $filegallib->get_file_gallery($galleryId)) { 130 $smarty->loadPlugin('smarty_block_remarksbox'); 131 $repeat = false; 132 return smarty_block_remarksbox( 133 ['type' => 'errors', 'title' => tra('Wrong attachments gallery')], 134 tra('You are attempting to display a gallery that is not a valid attachment gallery') . ' (ID=' . $galleryId . ')', 135 $smarty, 136 $repeat 137 ) . "\n"; 138 } 139 140//// if ( $this->showAttachments !== false ) 141//// $this->smartyassign('atts_show', $this->showAttachments); 142 143 foreach ($params as $k => $v) { 144 if ($k[0] == '_') { 145 unset($params[ $k ]); 146 } 147 } 148 149 // Get URL params specific to this smarty function that should be assigned in smarty 150 $url_override_prefix = 's_f_attachments'; 151 $url_overrided_arguments = [ 'sort_mode', 'remove', 'galleryId', 'comment', 'upload', 'page' ]; 152 $smarty->set_request_overriders($url_override_prefix, $url_overrided_arguments); 153 154 $params['sort_mode'] = isset($_REQUEST[ $url_override_prefix . '-sort_mode' ]) ? $_REQUEST[ $url_override_prefix . '-sort_mode' ] : ''; 155 156 // Get listing display config 157 include_once('fgal_listing_conf.php'); 158 159 // Force some gallery display parameters 160 $gal_info['show_checked'] = 'n'; 161 162 // Get list of files in the gallery 163 if (! empty($galleryId)) { 164 $files = $filegallib->get_files(0, -1, $params['sort_mode'], '', $galleryId); 165 } else { 166 $files = ['data' => [], 'cant' => 0]; 167 } 168 169 // Readjust perms using special wiki attachments perms 170 global $tiki_p_wiki_admin_attachments, $tiki_p_wiki_view_attachments; 171 172 foreach ($files[ 'data' ] as &$file) { 173 // First disable file galleries "assign perms" & "admin" perms that allows too much actions on the list of files or that are related to subgalleries 174 // (attachements display should be simple) 175 $file['perms'][ 'tiki_p_admin_file_galleries' ] = 'n'; 176 $file['perms'][ 'tiki_p_assign_perm_file_gallery' ] = 'n'; 177 178 // Disabling permissions below should not be necessary because subgalleries in attachments galleries should not happen... 179 // $p[ 'tiki_p_upload_files' ] = 'n'; 180 // $p[ 'tiki_p_create_file_galleries' ] = 'n'; 181 182 $file['perms'][ 'tiki_p_download_files' ] = ( $tiki_p_wiki_admin_attachments == 'y' || $tiki_p_wiki_view_attachments == 'y' ) ? 'y' : 'n'; 183 $file['perms'][ 'tiki_p_edit_gallery_file' ] = $tiki_p_wiki_admin_attachments; 184 } 185 186 $params['gal_info'] = $gal_info; 187 $params['files'] = $files['data']; 188 $params['cant'] = $files['cant']; 189 190 $return = "\n" . $smarty->plugin_fetch('fgal_attachments.tpl', $params) . "\n"; 191 192 $smarty->remove_request_overriders($url_override_prefix, $url_overrided_arguments); 193 return $return; 194} 195