1<?php 2/** 3 * provides the Upload tab of admin 4 * @package admin 5 */ 6// force UTF-8 Ø 7 8define('OFFSET_PATH', 1); 9 10require_once(dirname(__FILE__) . '/admin-globals.php'); 11 12admin_securityChecks(UPLOAD_RIGHTS | FILES_RIGHTS, $return = currentRelativeURL()); 13 14if (isset($_GET['type'])) { 15 $uploadtype = sanitize($_GET['tab']); 16 zp_setCookie('zpcms_admin_uploadtype', $uploadtype); 17} else { 18 $uploadtype = zp_getcookie('zpcms_admin_uploadtype'); 19 $_GET['tab'] = $uploadtype; 20} 21$handlers = array_keys($uploadHandlers = zp_apply_filter('upload_handlers', array())); 22if (!zp_loggedin(UPLOAD_RIGHTS) || empty($handlers)) { 23 // redirect to the files page if present 24 if (isset($zenphoto_tabs['upload']['subtabs'][0])) { 25 redirectURL($zenphoto_tabs['upload']['subtabs'][0]); 26 } 27 $handlers = array(); 28} 29 30if (count($handlers) > 0) { 31 if (!isset($uploadHandlers[$uploadtype]) || !file_exists($uploadHandlers[$uploadtype] . '/upload_form.php')) { 32 $uploadtype = array_shift($handlers); 33 } 34 require_once($uploadHandlers[$uploadtype] . '/upload_form.php'); 35} else { 36 37 require_once(SERVERPATH . '/' . ZENFOLDER . '/no_uploader.php'); 38 exitZP(); 39} 40 41$page = "upload"; 42$_GET['page'] = 'upload'; 43 44printAdminHeader('upload', 'albums'); 45?> 46<script type="text/javascript" src="<?php echo WEBPATH . '/' . ZENFOLDER; ?>/js/upload.js"></script> 47<?php 48// load the uploader specific header stuff 49$formAction = upload_head(); 50 51echo "\n</head>"; 52echo "\n<body>"; 53printLogoAndLinks(); 54?> 55<div id="main"> 56 <?php 57 printTabs(); 58 ?> 59 <div id="content"> 60 <?php 61 if (!empty($zenphoto_tabs['upload']['subtabs'])) { 62 printSubtabs(); 63 } 64 $albumlist = $_zp_gallery->getAllAlbumsFromDB(); 65 // remove dynamic albums--can't upload to them 66 foreach ($albumlist as $key => $albumname) { 67 if (hasDynamicAlbumSuffix($key) && !is_dir(ALBUM_FOLDER_SERVERPATH . $key)) { 68 unset($albumlist[$key]); 69 } 70 } 71 ?> 72 <script type="text/javascript"> 73 // <!-- <![CDATA[ 74 // Array of album names for javascript functions. 75 var albumArray = new Array( 76<?php 77$separator = ''; 78foreach ($albumlist as $key => $value) { 79 echo $separator . "'" . addslashes($key) . "'"; 80 $separator = ", "; 81} 82?>); 83 // ]]> --> 84 </script> 85 86 <div class="tabbox"> 87 <?php zp_apply_filter('admin_note', 'upload', 'images'); ?> 88 <h1><?php echo gettext("Upload Images"); ?></h1> 89 <p> 90 <?php 91 sortArray($_zp_supported_images); 92 $types = array_keys($_zp_extra_filetypes); 93 $types = array_merge($_zp_supported_images, $types); 94 if (function_exists('zip_open')) { 95 $types[] = 'ZIP'; 96 } 97 $types = zp_apply_filter('upload_filetypes', $types); 98 sortArray($types); 99 $upload_extensions = $types; 100 $last = strtoupper(array_pop($types)); 101 $s1 = strtoupper(implode(', ', $types)); 102 $used = 0; 103 104 if (count($types) > 1) { 105 printf(gettext('This web-based upload accepts the file formats: %s, and %s.'), $s1, $last); 106 } else { 107 printf(gettext('This web-based upload accepts the file formats: %s and %s.'), $s1, $last); 108 } 109 ?> 110 </p> 111 <p class="notebox"> 112 <?php 113 echo gettext('<strong>Note: </strong>'); 114 ?> 115 <br /> 116 <?php 117 if ($last == 'ZIP') { 118 echo gettext('ZIP files must contain only Zenphoto supported <em>image</em> types.'); 119 ?> 120 <br /> 121 <?php 122 } 123 $maxupload = ini_get('upload_max_filesize'); 124 $maxpost = ini_get('post_max_size'); 125 $maxuploadint = parse_size($maxupload); 126 $maxpostint = parse_size($maxpost); 127 if ($maxuploadint < $maxpostint) { 128 echo sprintf(gettext("The maximum size for any one file is <strong>%sB</strong> and the maximum size for one total upload is <strong>%sB</strong> which are set by your PHP configuration <code>upload_max_filesize</code> and <code>post_max_size</code>."), $maxupload, $maxpost); 129 } else { 130 echo ' ' . sprintf(gettext("The maximum size for your total upload is <strong>%sB</strong> which is set by your PHP configuration <code>post_max_size</code>."), $maxpost); 131 } 132 $uploadlimit = zp_apply_filter('get_upload_limit', $maxuploadint); 133 $maxuploadint = min($maxuploadint, $uploadlimit); 134 ?> 135 <br /> 136 <?php 137 echo zp_apply_filter('get_upload_header_text', gettext('Don’t forget, you can also use <acronym title="File Transfer Protocol">FTP</acronym> to upload folders of images into the albums directory!')); 138 ?> 139 </p> 140 <?php 141 if (isset($_GET['error'])) { 142 $errormsg = sanitize($_GET['error']); 143 ?> 144 <div class="errorbox fade-message"> 145 <h2><?php echo gettext("Upload Error"); ?></h2> 146 <?php echo (empty($errormsg) ? gettext("There was an error submitting the form. Please try again.") : html_encode($errormsg)); ?> 147 </div> 148 <?php 149 } 150 if (isset($_GET['uploaded'])) { 151 ?> 152 <div class="messagebox fade-message"> 153 <h2><?php echo gettext("Upload complete"); ?></h2> 154 <?php echo gettext('Your files have been uploaded.'); ?> 155 </div> 156 <?php 157 } 158 $rootrights = zp_apply_filter('upload_root_ui', accessAllAlbums(UPLOAD_RIGHTS)); 159 if ($rootrights || !empty($albumlist)) { 160 echo gettext("Upload to:"); 161 if (isset($_GET['new'])) { 162 $checked = ' checked="checked"'; 163 } else { 164 $checked = ''; 165 } 166 ?> 167 <script type="text/javascript"> 168 // <!-- <![CDATA[ 169 <?php seoFriendlyJS(); ?> 170 function buttonstate(good) { 171 $('#albumtitleslot').val($('#albumtitle').val()); 172 173 var publishalbumchecked; 174 if ($('#publishalbum').prop('checked')) { 175 publishalbumchecked = 1 ; 176 } else { 177 publishalbumchecked = 0; 178 } 179 $('#publishalbumslot').val(publishalbumchecked); 180 181 if (good) { 182 $('#fileUploadbuttons').show(); 183 } else { 184 $('#fileUploadbuttons').hide(); 185 } 186 187 if(good) { 188 $('#upload_action').show(); 189 } else { 190 $('#upload_action').hide(); 191 } 192 } 193 194 function publishCheck() { 195 var publishalbumchecked; 196 if ($('#publishalbum').prop('checked')) { 197 publishalbumchecked = 1 ; 198 } else { 199 publishalbumchecked = 0; 200 } 201 $('#publishalbumslot').val(publishalbumchecked); 202 } 203 204 function albumSelect() { 205 var sel = document.getElementById('albumselectmenu'); 206 var selected = sel.options[sel.selectedIndex].value; 207 $('#folderslot').val(selected); 208 var state = albumSwitch(sel, true, '<?php echo addslashes(gettext('That name is already used.')); ?>', '<?php echo addslashes(gettext('This upload has to have a folder. Type a title or folder name to continue...')); ?>'); 209 buttonstate(state); 210 } 211 // ]]> --> 212 </script> 213 <div id="albumselect"> 214 215 <form name="file_upload_datum" id="file_upload_datum" method="post" action="<?php echo $formAction; ?>" enctype="multipart/form-data" > 216 217 <select id="albumselectmenu" name="albumselect" onchange="albumSelect()"> 218 <?php 219 if ($rootrights) { 220 ?> 221 <option value="" selected="selected" style="font-weight: bold;">/</option> 222 <?php 223 } 224 if (isset($_GET['album'])) { 225 $passedalbum = sanitize($_GET['album']); 226 } else { 227 if ($rootrights) { 228 $passedalbum = NULL; 229 } else { 230 $alist = array_keys($albumlist); 231 $passedalbum = array_shift($alist); 232 } 233 } 234 foreach ($albumlist as $fullfolder => $albumtitle) { 235 $singlefolder = $fullfolder; 236 $saprefix = ""; 237 if (!is_null($passedalbum) && ($passedalbum == $fullfolder)) { 238 $selected = " selected=\"selected\" "; 239 } else { 240 $selected = ""; 241 } 242 // Get rid of the slashes in the subalbum, while also making a subalbum prefix for the menu. 243 while (strstr($singlefolder, '/') !== false) { 244 $singlefolder = substr(strstr($singlefolder, '/'), 1); 245 $saprefix = "– " . $saprefix; 246 } 247 echo '<option value="' . $fullfolder . '"' . "$selected>" . $saprefix . $singlefolder . " (" . $albumtitle . ')' . "</option>\n"; 248 } 249 if (isset($_GET['publishalbum'])) { 250 $publishchecked = ' checked="checked"'; 251 } else { 252 if ($albpublish = $_zp_gallery->getAlbumPublish()) { 253 $publishchecked = ' checked="checked"'; 254 } else { 255 $publishchecked = ''; 256 } 257 } 258 ?> 259 </select> 260 261 <?php 262 if (empty($passedalbum)) { 263 $modified_rights = MANAGED_OBJECT_RIGHTS_EDIT; 264 } else { 265 $rightsalbum = newAlbum($passedalbum); 266 $modified_rights = $rightsalbum->albumSubRights(); 267 } 268 if ($modified_rights & MANAGED_OBJECT_RIGHTS_EDIT) { // he has edit rights, allow new album creation 269 $display = ''; 270 } else { 271 $display = ' display:none;'; 272 } 273 ?> 274 <div id="newalbumbox" style="margin-top: 5px;<?php echo $display; ?>"> 275 <p> 276 <label><input type="checkbox" name="newalbum" id="newalbumcheckbox"<?php echo $checked; ?> onclick="albumSwitch(this.form.albumselect, false, '<?php echo addslashes(gettext('That name is already used.')); ?>', '<?php echo addslashes(gettext('This upload has to have a folder. Type a title or folder name to continue...')); ?>')" /> <?php echo gettext("Create a new album"); ?></label> 277 </p> 278 <p id="publishtext"> 279 <label><input type="checkbox" name="publishalbum" id="publishalbum" value="1" <?php echo $publishchecked; ?> onchange="publishCheck();" /> <?php echo gettext("Publish the album."); ?></label> 280 </p> 281 </div> 282 <div id="albumtext" style="margin-top: 5px;<?php echo $display; ?>"> 283 <p><label><input type="text" name="albumtitle" id="albumtitle" 284 onkeyup="buttonstate(updateFolder(this, 'folderdisplay', 'autogen', '<?php echo addslashes(gettext('That name is already used.')); ?>', '<?php echo addslashes(gettext('This upload has to have a folder. Type a title or folder name to continue...')); ?>'));" /> <?php echo gettext('Title'); ?> 285 </label></p> 286 287 <p id="foldererror" class="errorbox" style="display: none;"></p> 288 <p><label><input type="text" name="folderdisplay" disabled="disabled" id="folderdisplay" size="18" 289 onkeyup="buttonstate(validateFolder(this, '<?php echo addslashes(gettext('That name is already used.')); ?>', '<?php echo addslashes(gettext('This upload has to have a folder. Type a title or folder name to continue...')); ?>'));" /> 290 <?php echo gettext('Folder name'); ?></label></p> 291 <p><label for="autogen"><input type="checkbox" name="autogenfolder" id="autogen" checked="checked" 292 onclick="buttonstate(toggleAutogen('folderdisplay', 'albumtitle', this));" /> 293 <?php echo gettext('Auto-generate'); ?></label></p> 294 295 </div> 296 <hr /> 297 <?php upload_form($uploadlimit, $passedalbum); ?> 298 </form> 299 <div id="upload_action"> 300 <?php 301 // load the uploader specific form stuff 302 upload_extra($uploadlimit, $passedalbum); 303 ?> 304 </div><!-- upload action --> 305 306 <script type="text/javascript"> 307 //<!-- <![CDATA[ 308 <?php 309 echo zp_apply_filter('upload_helper_js', '') . "\n"; 310 if ($passedalbum) { 311 ?> 312 buttonstate(true); 313 $('#folderdisplay').val('<?php echo html_encode($passedalbum); ?>'); 314 <?php 315 } 316 ?> 317 albumSwitch(document.getElementById('albumselectmenu'), false, '<?php echo addslashes(gettext('That name is already used.')); ?>', '<?php echo addslashes(gettext('This upload has to have a folder. Type a title or folder name to continue...')); ?>'); 318 <?php 319 if (isset($_GET['folderdisplay'])) { 320 ?> 321 $('#folderdisplay').val('<?php echo html_encode(sanitize($_GET['folderdisplay'])); ?>'); 322 <?php 323 } 324 if (isset($_GET['albumtitle'])) { 325 ?> 326 $('#albumtitle').val('<?php echo html_encode(sanitize($_GET['albumtitle'])); ?>'); 327 <?php 328 } 329 if (isset($_GET['autogen']) && !$_GET['autogen']) { 330 ?> 331 $('#autogen').prop('checked', false); 332 $('#folderdisplay').removeAttr('disabled'); 333 if ($('#folderdisplay').val() != '') { 334 $('#foldererror').hide(); 335 } 336 <?php 337 } else { 338 ?> 339 $('#autogen').checked; 340 $('#folderdisplay').attr('disabled', 'disabled'); 341 if ($('#albumtitle').val() != '') { 342 $('#foldererror').hide(); 343 } 344 <?php 345 } 346 ?> 347 buttonstate($('#folderdisplay').val() != ''); 348 // ]]> --> 349 </script> 350 <?php 351 } else { 352 echo gettext("There are no albums to which you can upload."); 353 } 354 ?> 355 </div><!-- albumselect --> 356 357 </div><!-- tabbox --> 358 </div><!-- content --> 359</div><!-- main --> 360<?php 361printAdminFooter(); 362?> 363</body> 364</html> 365 366 367 368 369