<?php
define ( 'MYFILES_PHP', 1 );
require_once 'includes/commons.inc.php';
$tpl_myfiles = new Template ( TPL_DIR . '/tpl_myfiles.php' );
$tpl_error = new Template ( TPL_DIR . '/tpl_error.php' );
// User directory and URL
$user_root = $UPL['SETTINGS']['userfiles_dir'] . $UPL['USER']['id'] . '/';
$user_url = $UPL['SETTINGS']['userfiles_url'] . $UPL['USER']['id'] . '/';
// Check user's folder
if ( !is_dir ( $user_root ) )
{
$tpl_message->set ( 'message', parse ( $lang_myfiles['folder_no_exists'], '{username}', $UPL['USER']['name'] ) );
$tpl_uploader->setr ( 'content', $tpl_message );
exit ( $tpl_uploader->display ( ) );
}
// wut doing?
switch ( $action )
{
case 'move':
{
// get required inputs
$files = gpc ( 'files', 'P', array ( ) );
$folder = path_decode ( gpc ( 'folder', 'P' ) );
$dest = path_decode ( gpc ( 'move_to', 'P', '' ) );
#$func = isset ( $_POST['copy_only'] ) ? 'copy' : 'rename';
$func = 'rename';
// move files
if ( is_array ( $files ) && count ( $files ) && $folder != $dest && is_dir ( $user_root . $folder ) && is_dir ( $user_root . $dest ) )
{
$files_count = count ( $files );
for ( $i = 0; $i < $files_count; $i++ )
{
$files[$i] = rawurldecode ( $files[$i] );
// make sure file does not exist in desination folder
if ( $files[$i] != '' && !file_exists ( $user_root . $dest . '/' . $files[$i] ) )
{
if ( !$func ( $user_root . $folder . '/' . $files[$i], $user_root . $dest . '/' . $files[$i] ) )
{
exit ( ERROR ); // exit to see error
}
}
}
clear_contents_cache ( $user_root );
}
// go back
header ( 'Location: ' . ( isset ( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : 'myfiles.php' ) );
}
break;
case 'img_tags':
{
$tpl_img = new Template ( TPL_DIR . 'tpl_img.php' );
$files = gpc ( 'files', 'P', array ( ) );
$folder = path_decode ( gpc ( 'folder', 'P' ) );
if ( is_array ( $files ) && count ( $files ) )
{
$list = array ( );
$files_count = count ( $files );
for ( $i = 0; $i < $files_count; $i++ )
{
$list[] = array ( 'name' => rawurldecode ( $files[$i] ), 'url' => $user_url . ( $folder == '' ? '' : $folder . '/' ) . $files[$i], 'has_thumb' => 0, 'thumb_url' => '' );
}
$tpl_img->setr ( 'images', $list );
$tpl_img->set ( 'back_url', 'myfiles.php' . ( $folder != '' ? '?folder=' . path_encode ( $folder ) : '' ) );
$tpl_uploader->set ( array ( 'page_title' => $lang_titles['mf_img_title1'], 'content' => &$tpl_img ) );
$tpl_uploader->display ( );
}
else
{
// go back
header ( 'Location: ' . ( isset ( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : 'myfiles.php' ) );
}
}
break;
case 'delete':
{
if ( $demo ) exit ( "Demo mode, deleting files not allowed" );
// get files and folder
$files = gpc ( 'files', 'P', array ( ) );
$folder = path_decode ( gpc ( 'folder', 'P' ) );
if ( strstr ( $folder, '../' ) ) exit ( SECURITY_ERROR );
// delete them
$deleted = array ( );
if ( is_array ( $files ) )
{
$files_count = count ( $files );
for ( $i = 0; $i < $files_count; $i++ )
{
$files[$i] = rawurldecode ( $files[$i] );
// delete if file exists
if ( $files[$i] != '' && is_file ( $user_root . $folder . '/' . $files[$i] ) )
{
if ( !unlink ( $user_root . $folder . '/' . $files[$i] ) ) exit ( ERROR ); // see error
$deleted [] = $files[$i];
}
}
// update cache
if ( count ( $deleted ) )
{
clear_contents_cache ( $user_root );
}
//log deletion?
if ( $UPL['SETTINGS']['log'] >= 2 )
{
$log_file = LOGS_DIR . date ( 'M_d_Y' ) . '.log';
$fp = fopen ( $log_file, 'a+' );
if ( $fp )
{
$deleted_count = count ( $deleted );
for ( $i = 0; $i < $deleted_count; $i++ )
{
fwrite ( $fp, sprintf ( "%s(%s) deleted %s at %s\r\n", $UPL['USER']['name'], $_SERVER['REMOTE_ADDR'], $deleted[$i], date ( 'h:mA' ) ) );
}
fclose ( $fp );
}
}
}
// go back
header ( 'Location: ' . ( isset ( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : 'myfiles.php' ) );
}
break;
case 'resize':
{
$tpl_resize = new Template ( TPL_DIR . 'tpl_resize.php' );
// is GD enabled?
if ( !function_exists ( 'imagecreatetruecolor' ) )
{
$tpl_message->set ( 'message', $lang_myfiles['no_gd'] );
$tpl_message->set ( 'back_url', 'myfiles.php' );
$tpl_uploader->set ( 'content', $tpl_message );
return exit ( $tpl_uploader->display ( ) );
}
if ( $task == 'resize' )
{
$file_path = path_decode ( gpc ( 'file_path', 'P', '' ) );
$file_name = trim ( gpc ( 'file_name', 'P', '' ) );
$file_width = abs ( intval ( gpc ( 'file_width', 'P', 0 ) ) );
$file_height = abs ( intval ( gpc ( 'file_height', 'P', 0 ) ) );
$new_file_path = dir_name ( $file_path ) . '/' . $file_name;
if ( $file_path == '' || strstr ( $file_path, '../' ) || !is_file ( $user_root . $file_path ) ) $error = $lang_myfiles['file_not_supported'];
elseif ( !is_image ( $user_root . $file_path, true ) ) $error = $lang_myfiles['type_not_supported'];
else $error = 'none';
if ( $error == 'none' )
{
// no error so far, try to resize
$file_info = @getimagesize ( $user_root . $file_path );
if ( !is_array ( $file_info ) ) $error = $lang_myfiles['type_not_supported'];
elseif ( $file_width == 0 || $file_height == 0 ) $error = $lang_myfiles['zero_dimension'];
elseif ( $file_width >= $file_info[0] || $file_height >= $file_info[1] ) $error = $lang_myfiles['smaller_only'];
elseif ( preg_match ( $UPL['CONFIGS']['REGEX_INVALID_CHARS'], $file_name ) ) $error = $lang_myfiles['invalid_char_filename'];
elseif ( is_dir ( $user_root . $new_file_path ) ) $error = $lang_myfiles['new_name_conflict'];
elseif ( !img_resize ( $user_root . $file_path, $user_root . $new_file_path, $file_width, $file_height, $UPL['CONFIGS']['THUMBNAIL_BORDER'] ) ) $error = 'Internal error, image_resize() failed.';
else $error = 'none';
if ( $error == 'none' )
{
// clear cache
clear_contents_cache ( $user_root );
// success
$tpl_message->set ( 'back_url', 'myfiles.php?folder=' . path_encode ( dir_name ( $file_path ) ) );
$tpl_message->set ( 'message', $lang_myfiles['resize_success'] );
$tpl_uploader->set ( 'content', $tpl_message );
return exit ( $tpl_uploader->display ( ) );
}
else
{
// show the resize form again, with error
$real_file_name = basename ( $file_path );
$tpl_error->set ( 'error', $error );
// this block is not the same as the block you see down there
$tpl_resize->set ( 'error', $tpl_error );
$tpl_resize->set ( 'file_path', path_encode ( $file_path ) );
$tpl_resize->set ( 'file_name', htmlentities ( $real_file_name ) );
$tpl_resize->set ( 'file_url', $user_url . dir_name ( $file_path ) . '/' . rawurlencode ( $real_file_name ) );
$tpl_resize->set ( 'file_thumb', $file_name );
$tpl_resize->set ( 'file_width', $file_info[0] );
$tpl_resize->set ( 'file_height', $file_info[1] );
$tpl_resize->set ( 'cancel_url', 'myfiles.php?folder=' . path_encode ( dir_name ( $file_path ) ) );
$tpl_uploader->setr ( 'content', $tpl_resize );
$tpl_uploader->display ( );
}
}
else
{
// show errors and exit
$tpl_message->set ( 'message', $error );
$tpl_message->set ( 'back_url', 'myfiles.php' );
$tpl_uploader->set ( 'content', $tpl_message );
return exit ( $tpl_uploader->display ( ) );
}
}
else
{
// show resize form
$file_path = gpc ( 'file', 'G' );
if ( $file_path == '' || strstr ( $file_path, '../' ) || !is_file ( $user_root . $file_path ) ) $error = $lang_myfiles['file_not_supported'];
elseif ( !is_image ( $user_root . $file_path, true ) ) $error = $lang_myfiles['type_not_supported'];
else $error = 'none';
if ( $error != 'none' )
{
// show errors
$tpl_message->set ( 'message', $error );
$tpl_message->set ( 'back_url', 'myfiles.php' );
$tpl_uploader->set ( 'content', $tpl_message );
return exit ( $tpl_uploader->display ( ) );
}
else
{
// show resize form
$file_name = basename ( $file_path );
$file_info = getimagesize ( $user_root . $file_path );
// this block is not the same as the block you see up there
$tpl_resize->set ( 'file_path', path_encode ( $file_path ) );
$tpl_resize->set ( 'file_name', htmlentities ( $file_name ) );
$tpl_resize->set ( 'file_url', $user_url . dir_name ( $file_path ) . '/' . rawurlencode ( $file_name ) );
$tpl_resize->set ( 'file_thumb', get_filename ( $file_name ) . '_thumb.' . get_extension ( $file_name ) );
$tpl_resize->set ( 'file_width', $file_info[0] );
$tpl_resize->set ( 'file_height', $file_info[1] );
$tpl_resize->set ( 'cancel_url', 'myfiles.php' . ( dir_name ( $file_path ) != '' ? '?folder=' . path_encode ( dir_name ( $file_path ) ) : '' ) );
$tpl_uploader->setr ( 'content', $tpl_resize );
$tpl_uploader->display ( );
}
}
}
break;
case 'rename':
{
$tpl_rename = new Template ( TPL_DIR . 'tpl_rename.php' );
$allow_rename = $UPL['USER']['fl_allow_rename'];
$allowed_filetypes = $UPL['USER']['fl_allowed_filetypes'];
// can user rename?
if ( $allow_rename == 'norename' )
{
$tpl_message->set ( array ( 'message' => $lang_myfiles['no_resize_perm'], 'back_url' => 'myfiles.php' ) );
$tpl_uploader->set ( 'content', $tpl_message );
exit ( $tpl_uploader->display ( ) );
}
// ok to rename
if ( $task == 'rename' )
{
$file_path = path_decode ( gpc ( 'file_path', 'P', '' ) );
$file_name = gpc ( 'file_name', 'P', '' );
$new_file_path = dir_name ( $file_path ) . '/' . $file_name;
if ( basename ( $file_path ) == $file_name )
{
// no change
go_to ( 'myfiles.php' . ( dir_name ( $file_path ) != '' ? '?folder=' . path_encode ( dir_name ( $file_path ) ) : '' ) );
}
else
{
// check new filename
if ( $file_name == '' ) $error = $lang_myfiles['blank_filename'];
elseif ( !preg_match ( '#[a-z0-9]#i', $file_name[0] ) ) $error = $lang_myfiles['alpha_prefix'];
elseif ( strlen ( $file_name ) > $UPL['CONFIGS']['FILE_MAX_LEN'] ) $error = parse ( $lang_myfiles['long_name'], '{length}', $UPL['CONFIGS']['FILE_MAX_LEN'] );
elseif ( strlen ( $file_name ) < $UPL['CONFIGS']['FILE_MIN_LEN'] ) $error = $lang_myfiles['short_name'];
elseif ( preg_match ( $UPL['CONFIGS']['REGEX_INVALID_CHARS'], $file_name ) ) $error = $lang_myfiles['invalid_char2'];
elseif ( file_exists ( $user_root . $new_file_path ) ) $error = $lang_myfiles['file_exists'];
elseif ( $allow_rename == 'nameonly' && ( get_extension ( basename ( $file_path ) ) ) != get_extension ( $file_name ) ) $error = $lang_myfiles['filename_only'];
elseif ( $allow_rename == 'all' && $allowed_filetypes != '' && !in_array ( get_extension ( $file_name ), explode ( ',', $allowed_filetypes ) ) ) $error = $lang_myfiles['bad_extension'];
elseif ( in_array ( get_extension ( $file_name ), explode ( ',', $UPL['SETTINGS']['filetypes'] ) ) ) $error = $lang_myfiles['bad_extension'];
elseif ( !rename ( $user_root . $file_path, $user_root . $new_file_path ) ) $error = 'Internal error: rename() failed.';
else $error = 'none';
if ( $error == 'none' )
{
clear_contents_cache ( $user_root );
go_to ( 'myfiles.php' . ( dir_name ( $file_path ) != '' ? '?folder=' . path_encode ( dir_name ( $file_path ) ) : '' ) );
}
else
{
// show errors
$tpl_error->set ( 'error', $error );
$tpl_rename->set ( 'error', $tpl_error );
$tpl_rename->set ( 'file_path', path_encode ( $file_path ) );
$tpl_rename->set ( 'file_name', htmlentities ( $file_name ) );
$tpl_rename->set ( 'cancel_url', 'myfiles.php' );
$tpl_uploader->set ( array ( 'content' => $tpl_rename, 'page_title' => $lang_titles['error'] ) );
$tpl_uploader->display ( );
}
}
}
else
{
// show rename form
$file_path = gpc ( 'file', 'G' );
// check file
if ( $file_path == '' || strstr ( $file_path, '../' ) || !is_file ( $user_root . $file_path ) )
{
$tpl_message->set ( 'message', $lang_myfiles['file_not_supported'] );
$tpl_message->set ( 'back_url', 'myfiles.php' );
$tpl_uploader->set ( 'content', $tpl_message );
return exit ( $tpl_uploader->display ( ) );
}
$tpl_rename->set ( 'file_path', path_encode ( $file_path ) );
$tpl_rename->set ( 'file_name', htmlentities ( basename ( $file_path ) ) );
$tpl_rename->set ( 'cancel_url', isset ( $_SERVER['HTTP_REFERER'] ) ? $_SERVER['HTTP_REFERER'] : 'myfiles.php' );
$tpl_uploader->setr ( 'content', $tpl_rename );
$tpl_uploader->set ( 'page_title', 'Rename' );
$tpl_uploader->display ( );
}
}
break;
default:
{
// Current viewing folder
$folder = path_decode ( gpc ( 'folder', 'G' ) );
// Sortings
$sort_by = gpc ( 'sb', 'G', $UPL['CONFIGS']['DEFAULT_FILE_SORT_BY'] );
$sort_order = gpc ( 'so', 'G', $UPL['CONFIGS']['DEFAULT_FILE_SORT_ORDER'] );
// get user contents
$user_contents = get_contents ( $user_root );
$user_folders =& $user_contents['dirs'];
$user_files =& $user_contents['files'][$folder==''?'<MAIN_FOLDER>':$folder];
// Check if folder is valid, shouldn't be unless user tried to do something bad
if ( !isset ( $user_contents['files'][$folder==''?'<MAIN_FOLDER>':$folder] ) )
{
$tpl_message->set ( 'message', parse ( $lang_myfiles['folder_invalid'], '{folder}', $folder ) );
$tpl_uploader->setr ( 'content', $tpl_message );
exit ( $tpl_uploader->display ( ) );
}
// Statistic variables
$current_folder_size = 0;
$total_file_size = $user_contents['total_size'];
$main_folder =& $user_contents['files']['<MAIN_FOLDER>'];
$max_storage = $UPL['USER']['fl_max_storage'] * 1024 * 1024; // Bytes
$bw_max = $UPL['USER']['bw_max'] * 1024; // KB
$bw_used = $UPL['USER']['bw_used']; // KB
// Format files list
$user_files_count = count ( $user_files );
if ( $user_files_count )
{
// Sorting
if ( $sort_by != 'none' ) $user_files = multi_sort ( $user_files, $sort_by, ( $sort_order == 'dsc' ? SORT_DESC : SORT_ASC ), ( $sort_by == 'size' || $sort_by == 'date' ? SORT_NUMERIC : SORT_STRING ) );
$userid = $UPL['USER']['id'];
for ( $i = 0; $i < $user_files_count; $i++ )
{
$ref = &$user_files[$i];
$path_encoded = path_encode ( ( $folder == '' ? '' : $folder . '/' ) . $ref['name'] );
$current_folder_size += $ref['size'];
$ref['ext'] = get_extension ( $ref['name'] );
if ( !isset ( $ref['date'] ) )
{
$ref['date'] = filemtime ( $user_root . $folder . '/' . $ref['name'] );
}
$ref['rename_url'] = 'myfiles.php?action=rename&file=' . $path_encoded;
$ref['resize_url'] = 'myfiles.php?action=resize&file=' . $path_encoded;
$ref['download_url'] = 'file.php?action=download&userid=' . $userid . '&file=' . $path_encoded;
$ref['file_url'] = $user_url . clean_url ( $folder . '/' . rawurlencode ( $ref['name'] ) );
$ref['is_resizeable'] = isset ( $ref['is_image'] ) ? $ref['is_image'] : is_image ( $user_root . $folder . '/' . $ref['name'] );
$ref['type'] = get_extension ( $ref['name'] );
$ref['date_raw'] = $ref['date'];
$ref['date'] = date ( $UPL['CONFIGS']['TIME_FORMAT'], $ref['date'] );
$ref['size_raw'] = $ref['size'];
$ref['size'] = get_size ( $ref['size'], 'B', 0 );
$ref['form_name'] = rawurlencode ( $ref['name'] );
$ref['full_name'] = htmlentities ( $ref['name'] );
}
}
// Format directories list
$user_folders_count = count ( $user_folders );
for ( $i = 0; $i < $user_folders_count; $i++ )
{
$ref =& $user_folders[$i];
$ref['is_selected'] = $folder == $ref['path'];
$ref['folder_url'] = 'myfiles.php?folder=' . path_encode ( $ref['path'] );
$ref['path'] = path_encode ( $ref['path'] );
}
// Make sorting links
$tmp = ( $folder != '' ? 'folder=' . path_encode ( $folder ). '&' : '' );
$sL['name']='myfiles.php?' . $tmp . 'sb=name&so='.($sort_by=='name'&&$sort_order=='asc'?'dsc':'asc');
$sL['size']='myfiles.php?' . $tmp . 'sb=size&so='.($sort_by=='size'&&$sort_order=='asc'?'dsc':'asc');
$sL['date']='myfiles.php?' . $tmp . 'sb=date&so='.($sort_by=='date'&&$sort_order=='asc'?'dsc':'asc');
$sL['ext']='myfiles.php?' . $tmp . 'sb=ext&so=' .($sort_by=='ext' &&$sort_order=='asc'?'dsc':'asc');
// Assign variables
$tpl_vars = array
(
'sort_links' => $sL,
'sort_by' => $sort_by,
'sort_order' => $sort_order,
'user_files' => $user_files,
'user_folders' => $user_folders,
'current_folder_description' => is_file ( $user_root . $folder . '/.description' ) ? implode ( '', file ( $user_root . $folder . '/.description' ) ) : '',
'current_folder' => basename ( $folder ),
'current_folder_path' => path_encode ( $folder ),
'current_folder_upload_url' => ( $folder == '' ? 'upload.php' : 'upload.php?upload_to=' . path_encode ( $folder ) ),
'current_folder_size' => get_size ( $current_folder_size, 'B', 1 ),
'current_folder_file_count' => $user_files_count,
'main_folder_file_count' => count ( $main_folder ),
'total_file_size' => get_size ( $total_file_size, 'B', 1 ),
'max_file_storage' => get_size ( $max_storage, 'B', 1 ),
'space_usage_percentage' => $max_storage == 0 ? 0 : ( number_format ( $total_file_size / $max_storage, 2 ) ) * 100,
'bandwidth_usage_percentage' => $bw_max == 0 ? 0 : ( number_format ( $bw_used / $bw_max, 2 ) ) * 100,
'bandwidth_used' => get_size ( $bw_used, 'KB', 1 ),
'max_bandwidth' => get_size ( $bw_max, 'KB', 1 ),
);
$tpl_myfiles->set ( $tpl_vars );
// Display
$tpl_uploader->set ( array ( 'content' => &$tpl_myfiles, 'page_title' => $lang_titles['mf_title1'] ) );
$tpl_uploader->display ( );
}
}
?>