docs/file_manager/rename.php

   1 <?php
   2 /************************************************************************/
   3 /* AContent                                                             */
   4 /************************************************************************/
   5 /* Copyright (c) 2010                                                   */
   6 /* Inclusive Design Institute                                           */
   7 /*                                                                      */
   8 /* This program is free software. You can redistribute it and/or        */
   9 /* modify it under the terms of the GNU General Public License          */
  10 /* as published by the Free Software Foundation.                        */
  11 /************************************************************************/
  12
  13 define('TR_INCLUDE_PATH', '../include/');
  14 require(TR_INCLUDE_PATH.'vitals.inc.php');
  15 require(TR_INCLUDE_PATH.'classes/FileUtility.class.php');
  16
  17 global $_course_id;
  18 Utility::authenticate(TR_PRIV_ISAUTHOR_OF_CURRENT_COURSE);
  19
  20 $current_path = TR_CONTENT_DIR.$_course_id.'/';
  21
  22 $popup = $_REQUEST['popup'];
  23 $framed = $_REQUEST['framed'];
  24
  25 if (isset($_POST['cancel'])) {
  26         $msg->addFeedback('CANCELLED');
  27         header('Location: index.php?pathext='.$_POST['pathext'].SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type'].SEP.'_course_id='.$_course_id);
  28         exit;
  29 }
  30
  31 if (isset($_POST['rename_action'])) {
  32
  33         $_POST['new_name'] = trim($_POST['new_name']);
  34         $_POST['new_name'] = str_replace(' ', '_', $_POST['new_name']);
  35         $_POST['new_name'] = str_replace(array(' ', '/', '\\', ':', '*', '?', '"', '<', '>', '|', '\''), '', $_POST['new_name']);
  36
  37         $_POST['oldname'] = trim($_POST['oldname']);
  38         $_POST['oldname'] = str_replace(' ', '_', $_POST['oldname']);
  39         $_POST['oldname'] = str_replace(array(' ', '/', '\\', ':', '*', '?', '"', '<', '>', '|', '\''), '', $_POST['oldname']);
  40
  41         $path_parts_new = pathinfo($_POST['new_name']);
  42         $ext_new = $path_parts_new['extension'];
  43         $pathext = $_POST['pathext'];
  44
  45         /* check if this file extension is allowed: */
  46         /* $IllegalExtentions is defined in ./include/config.inc.php */
  47         if (in_array($ext_new, $IllegalExtentions)) {
  48                 $errors = array('FILE_ILLEGAL', $ext_new);
  49                 $msg->addError($errors);
  50         }
  51         else if ($current_path.$pathext.$_POST['new_name'] == $current_path.$pathext.$_POST['oldname']) {
  52                 //do nothing
  53                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  54                 header('Location: index.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type'].SEP.'_course_id='.$_course_id);
  55                 exit;
  56         }
  57
  58         //make sure new file is inside content directory
  59         else if (FileUtility::course_realpath($current_path . $pathext . $_POST['new_name']) == FALSE) {
  60                 $msg->addError('CANNOT_RENAME');
  61         }
  62         else if (FileUtility::course_realpath($current_path . $pathext . $_POST['oldname']) == FALSE) {
  63                 $msg->addError('CANNOT_RENAME');
  64         }
  65         else if (file_exists($current_path . $pathext . $_POST['new_name'])) {
  66                 $msg->addError('CANNOT_RENAME');
  67         }
  68         else {
  69                 @rename($current_path.$pathext.$_POST['oldname'], $current_path.$pathext.$_POST['new_name']);
  70                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  71                 header('Location: index.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type'].SEP.'_course_id='.$_course_id);
  72                 exit;
  73         }
  74 }
  75
  76 require(TR_INCLUDE_PATH.'header.inc.php');
  77 ?>
  78 <form name="rename" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
  79 <input type="hidden" name="pathext" value="<?php echo AT_print($_REQUEST['pathext'], 'input.hidden'); ?>" />
  80 <input type="hidden" name="oldname" value="<?php echo AT_print($_REQUEST['oldname'], 'input.hidden'); ?>" />
  81 <input type="hidden" name="framed" value="<?php echo AT_print($_REQUEST['framed'], 'input.hidden'); ?>" />
  82 <input type="hidden" name="popup" value="<?php echo AT_print($_REQUEST['popup'], 'input.hidden'); ?>" />
  83 <input type="hidden" name="_course_id" value="<?php echo $_course_id; ?>" />
  84
  85 <div class="input-form">
  86         <div class="row">
  87                 <span class="required" title="<?php echo _AT('required_field'); ?>">*</span>
  88                 <label for="new"><?php echo _AT('new_name'); ?></label><br />
  89                 <?php echo $_GET['pathext']; ?><input type="text" name="new_name" id="new" value="<?php echo AT_print($_REQUEST['oldname'], 'input.text'); ?>" size="30" />
  90         </div>
  91
  92         <div class="row buttons">
  93                 <input type="submit" name="rename_action" value="<?php echo _AT('save'); ?>" accesskey="s" />
  94                 <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />
  95         </div>
  96 </div>
  97 </form>
  98
  99 <?php require(TR_INCLUDE_PATH.'footer.inc.php'); ?>