* @license http://www.contenido.org/license/LIZENZ.txt * @link http://www.4fb.de * @link http://www.contenido.org * @since file available since contenido release <= 4.6 * * {@internal * created 2003-12-30 * modified 2008-06-27, Frederic Schneider, add security fix * modified 2008-07-31, Oliver Lohkemper, add CEC * modified 2008-08-11, Timo Trautmann, added urlencode for meta storage in database * modified 2008-10-16, Oliver Lohkemper, add copyright in upl_meta - CON-212 * modified 2010-09-20, Dominik Ziegler, implemented check for write permissions - CON-319 * * $Id$: * }} * */ if(!defined('CON_FRAMEWORK')) { die('Illegal call'); } cInclude("includes", "functions.upl.php"); $sFilename = Contenido_Security::escapeString($_REQUEST["file"]); $sFilename = str_replace('"', '', $sFilename); $sFilename = str_replace("'", '', $sFilename); $sPathname = Contenido_Security::escapeString($_REQUEST["path"]); $sPathname = str_replace('"', '', $sPathname); $sPathname = str_replace("'", '', $sPathname); $page = new UI_Page; $page->addScript("cal1", ''); $page->addScript("cal2", ''); $page->addScript("cal3", ''); $page->addScript("cal4", ''); $form = new UI_Table_Form("properties"); $form->setVar("frame", $frame); $form->setVar("area", "upl"); $form->setVar("path", $sPathname); $form->setVar("file", $sFilename); $form->setVar("action", "upl_modify_file"); $form->setVar("startpage", $_REQUEST["startpage"]); $form->setVar("sortby", $_REQUEST["sortby"]); $form->setVar("sortmode", $_REQUEST["sortmode"]); $form->setVar("thumbnailmode", $_REQUEST["thumbnailmode"]); $form->addHeader(i18n("Edit")); $properties = new PropertyCollection; $uploads = new UploadCollection; if (is_dbfs($sPathname)) { $qpath = $sPathname . "/"; } else { $qpath = $sPathname; } if ((is_writable($cfgClient[$client]["upl"]["path"].$path) || is_dbfs($path)) && (int) $client > 0) { $bDirectoryIsWritable = true; } else { $bDirectoryIsWritable = false; } $uploads->select("idclient = '".$client."' AND dirname = '".$qpath."' AND filename='".$sFilename."'"); if ($upload = $uploads->next()) { /* * Which rows to display? */ $aListRows = array(); $aListRows["filename"] = i18n("File name"); $aListRows["path"] = i18n("Path"); $aListRows["replacefile"] = i18n("Replace file"); $aListRows["medianame"] = i18n("Media name"); $aListRows["description"] = i18n("Description"); $aListRows["keywords"] = i18n("Keywords"); $aListRows["medianotes"] = i18n("Internal notes"); $aListRows["copyright"] = i18n("Copyright"); $aListRows["protected"] = i18n("Protection"); $aListRows["timecontrol"] = i18n("Time control"); $aListRows["preview"] = i18n("Preview"); $aListRows["author"] = i18n("Author"); $aListRows["modified"] = i18n("Last modified by"); /* * Delete dbfs specific rows */ if (!is_dbfs($sPathname)) { unset($aListRows['protected']); unset($aListRows['timecontrol']); } /* * Call chains to process the rows */ $_cecIterator = $_cecRegistry->getIterator("Contenido.Upl_edit.Rows"); if ($_cecIterator->count() > 0) { while ($chainEntry = $_cecIterator->next()) { $newRowList = $chainEntry->execute($aListRows); if (is_array($newRowList)) { $aListRows = $newRowList; } } } $iIdupl = $upload->get("idupl"); $sSql = "SELECT * FROM " . $cfg['tab']['upl_meta'] . " WHERE idupl = '" . Contenido_Security::toInteger($iIdupl) . "' AND idlang = '" . Contenido_Security::toInteger($lang) . "' LIMIT 0, 1"; $db->query($sSql); if ($db->num_rows() > 0) { $db->next_record(); } /* * Add rows to $form */ foreach ($aListRows as $sListRow => $sTitle) { $sCell = ""; switch ($sListRow) { case "filename": $sCell = $sFilename; break; case "path": $sCell = generateDisplayFilePath($qpath, 65); break; case "replacefile": $uplelement = new cHTMLUpload("file",40); $uplelement->setDisabled(!$bDirectoryIsWritable); $sCell = $uplelement->render(); break; case "medianame": if( $db->f('medianame') ) $medianame = Contenido_Security::unFilter($db->f('medianame')); else $medianame = $properties->getValue("upload", $qpath.$sFilename, "file", "medianame"); $mnedit = new cHTMLTextbox("medianame", $medianame, 60 ); $sCell = $mnedit->render(); break; case "description": if( $db->f('description') ) $sDescription = Contenido_Security::unFilter($db->f('description')); else $sDescription = $upload->get("description"); $dsedit = new cHTMLTextarea("description", $sDescription ); $sCell = $dsedit->render(); break; case "keywords": if( $db->f('keywords') ) $keywords = Contenido_Security::unFilter($db->f('keywords')); else $keywords = $properties->getValue("upload", $qpath.$sFilename, "file", "keywords"); $kwedit = new cHTMLTextarea("keywords", $keywords ); $sCell = $kwedit->render(); break; case "medianotes": if( $db->f('internal_notice') ) $medianotes = Contenido_Security::unFilter($db->f('internal_notice')); else $medianotes = $properties->getValue("upload", $qpath.$sFilename, "file", "medianotes"); $moedit = new cHTMLTextarea("medianotes", $medianotes ); $sCell = $moedit->render(); break; case "copyright": if( $db->f('copyright') ) $copyright = Contenido_Security::unFilter($db->f('copyright')); else $copyright = $properties->getValue("upload", $qpath.$sFilename, "file", "copyright"); $copyrightEdit = new cHTMLTextarea("copyright", $copyright); $sCell = $copyrightEdit->render(); break; case "protected": $vprotected = $properties->getValue("upload", $qpath.$sFilename, "file", "protected"); $protected = new cHTMLCheckbox("protected", "1" ); $protected->setChecked($vprotected); $protected->setLabelText(i18n("Protected for non-logged in users")); $sCell = $protected->render(); break; case "timecontrol": $iTimeMng = (int)$properties->getValue("upload", $qpath.$sFilename, "file", "timemgmt"); $sStartDate = $properties->getValue("upload", $qpath.$sFilename, "file", "datestart"); $sEndDate = $properties->getValue("upload", $qpath.$sFilename, "file", "dateend"); $oTimeCheckbox = new cHTMLCheckbox("timemgmt", i18n("Use time control")); $oTimeCheckbox->setChecked($iTimeMng); $sHtmlTimeMng = "\n"; $sHtmlTimeMng .= "\n"; $sHtmlTimeMng .= "\n"; $sHtmlTimeMng .= ''; $sHtmlTimeMng .= "\n"; $sHtmlTimeMng .= ''; $sHtmlTimeMng .= "
" . $oTimeCheckbox->render() . "
' . ' 
' . ' 
\n"; $sHtmlTimeMng .= ''; $sHtmlTimeMng .= ''; $sCell = $sHtmlTimeMng; break; case "preview": if (is_dbfs($sPathname)) { $sCell = ''; } else { $sCell = ''; } break; case "author": $sCell = $classuser->getUserName($upload->get("author")) . " (". $upload->get("created").")"; break; case "modified": $sCell = $classuser->getUserName($upload->get("modifiedby")). " (". $upload->get("lastmodified").")"; break; default: /* * Call chain to retrieve value */ $_cecIterator = $_cecRegistry->getIterator("Contenido.Upl_edit.RenderRows"); if ($_cecIterator->count() > 0) { $contents = array(); while ($chainEntry = $_cecIterator->next()) { $contents[] = $chainEntry->execute( $iIdupl, $qpath, $sFilename, $sListRow ); } } $sCell = implode("", $contents); } $form->add($sTitle, $sCell ); } $sScript = ""; if (is_dbfs($sPathname)) { $sScript = "" . "\n\n\n\n\n\n"; } /* * Script must add in body-tag */ $sScriptinBody = ' '; $page->addScript('style', ''); if ( $bDirectoryIsWritable == false ) { $sErrorMessage = $notification->returnNotification("error", i18n("Directory not writable") . ' (' . $cfgClient[$client]["upl"]["path"].$path . ')'); $sErrorMessage .= '
'; } else { $sErrorMessage = ''; } $page->setContent( $sScriptinBody . $sErrorMessage . $form->render() . $sScript ); } else { $page->setContent(sprintf(i18n("Could not load file %s"),$sFilename)); } $page->render(); ?>