2 /************************************************************************/
4 /************************************************************************/
5 /* Copyright (c) 2010 */
6 /* Inclusive Design Institute */
8 /* This program is free software. You can redistribute it and/or */
9 /* modify it under the terms of the GNU General Public License */
10 /* as published by the Free Software Foundation. */
11 /************************************************************************/
13 if (!defined('TR_INCLUDE_PATH')) { exit; }
14 require_once(TR_INCLUDE_PATH.'classes/DAO/CoursesDAO.class.php');
17 $_SESSION['done'] = 0;
21 Utility::authenticate(TR_PRIV_ISAUTHOR_OF_CURRENT_COURSE);
22 $coursesDAO = new CoursesDAO();
24 $current_path = TR_CONTENT_DIR.$_course_id.'/';
27 if (isset($_POST['rename'])) {
28 if (!is_array($_POST['check'])) {
29 // error: you must select a file/dir to rename
30 $msg->addError('NO_ITEM_SELECTED');
31 } else if (count($_POST['check']) < 1) {
32 // error: you must select one file/dir to rename
33 $msg->addError('NO_ITEM_SELECTED');
34 } else if (count($_POST['check']) > 1) {
35 // error: you must select ONLY one file/dir to rename
36 $msg->addError('SELECT_ONE_ITEM');
38 header('Location: rename.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$framed.SEP.'popup='.$popup.SEP.'oldname='.urlencode($_POST['check'][0]).SEP.'cp='.$_GET['cp'].SEP.'pid='.$_GET['pid'].SEP.'cid='.$_GET['cid'].SEP.'a_type='.$_GET['a_type'].SEP.'_course_id='.$_course_id);
41 } else if (isset($_POST['delete'])) {
43 if (!is_array($_POST['check'])) {
44 $msg->addError('NO_ITEM_SELECTED');
47 $list = implode(',', $_POST['check']);
48 header('Location: delete.php?pathext=' . urlencode($_POST['pathext']) . SEP . 'framed=' . $framed . SEP . 'popup=' . $popup . SEP . 'list=' . urlencode($list).SEP.'cp='.$_GET['cp'].SEP.'pid='.$_GET['pid'].SEP.'cid='.$_GET['cid'].SEP.'a_type='.$_GET['a_type'].SEP.'_course_id='.$_course_id);
51 } else if (isset($_POST['move'])) {
53 if (!is_array($_POST['check'])) {
54 $msg->addError('NO_ITEM_SELECTED');
57 $list = implode(',', $_POST['check']);
58 header('Location: move.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$framed.SEP.'popup='.$popup.SEP.'list='.urlencode($list).SEP.'cp='.$_GET['cp'].SEP.'pid='.$_GET['pid'].SEP.'cid='.$_GET['cid'].SEP.'a_type='.$_GET['a_type'].SEP.'_course_id='.$_course_id);
65 /* get this courses MaxQuota and MaxFileSize: */
66 $row = $coursesDAO->get($_course_id);
67 $my_MaxCourseSize = $row['max_quota'];
68 $my_MaxFileSize = $row['max_file_size'];
70 if ($my_MaxCourseSize == TR_COURSESIZE_DEFAULT) {
71 $my_MaxCourseSize = $MaxCourseSize;
73 if ($my_MaxFileSize == TR_FILESIZE_DEFAULT) {
74 $my_MaxFileSize = $MaxFileSize;
75 } else if ($my_MaxFileSize == TR_FILESIZE_SYSTEM_MAX) {
76 $my_MaxFileSize = megabytes_to_bytes(substr(ini_get('upload_max_filesize'), 0, -1));
82 if ($_GET['pathext'] != '') {
83 $pathext = urldecode($_GET['pathext']);
84 } else if ($_POST['pathext'] != '') {
85 $pathext = $_POST['pathext'];
88 if (strpos($pathext, '..') !== false) {
89 require(TR_INCLUDE_PATH.'header.inc.php');
90 $msg->printErrors('UNKNOWN');
91 require(TR_INCLUDE_PATH.'footer.inc.php');
94 if($_GET['back'] == 1) {
95 $pathext = substr($pathext, 0, -1);
96 $slashpos = strrpos($pathext, '/');
100 $pathext = substr($pathext, 0, ($slashpos+1));
106 /* remove the forward or backwards slash from the path */
107 $newpath = $current_path;
108 $depth = substr_count($pathext, '/');
110 if ($pathext != '') {
111 $bits = explode('/', $pathext);
112 foreach ($bits as $bit) {
116 $_section[$start_at][0] = $bit;
117 $_section[$start_at][1] = '../file_manager/index.php?pathext=' . urlencode($bit_path) . SEP . 'popup=' . $popup . SEP . 'framed=' . $framed.SEP.'_course_id='.$_course_id;
126 /* if upload successful, close the window */
128 $onload = 'closeWindow(\'progWin\');';
131 /* make new directory */
132 if ($_POST['mkdir_value'] && ($depth < $MaxDirDepth) ) {
133 $_POST['dirname'] = trim($_POST['dirname']);
135 /* anything else should be okay, since we're on *nix..hopefully */
136 $_POST['dirname'] = preg_replace('/[^a-zA-Z0-9._]/', '', $_POST['dirname']);
138 if ($_POST['dirname'] == '') {
139 $msg->addError(array('FOLDER_NOT_CREATED', $_POST['dirname'] ));
141 else if (strpos($_POST['dirname'], '..') !== false) {
142 $msg->addError('BAD_FOLDER_NAME');
145 $result = @mkdir($current_path.$pathext.$_POST['dirname'], 0700);
147 $msg->addError(array('FOLDER_NOT_CREATED', $_POST['dirname'] ));
150 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
155 $newpath = substr($current_path.$pathext, 0, -1);
157 /* open the directory */
158 if (!($dir = @opendir($newpath))) {
159 if (isset($_GET['create']) && ($newpath.'/' == $current_path)) {
161 if (!($dir = @opendir($newpath))) {
162 require(TR_INCLUDE_PATH.'header.inc.php');
163 $msg->printErrors('CANNOT_CREATE_DIR');
164 require(TR_INCLUDE_PATH.'footer.inc.php');
167 $msg->addFeedback('CONTENT_DIR_CREATED');
170 require(TR_INCLUDE_PATH.'header.inc.php');
172 $msg->printErrors('CANNOT_OPEN_DIR');
173 require(TR_INCLUDE_PATH.'footer.inc.php');
178 if (isset($_POST['cancel'])) {
179 $msg->addFeedback('CANCELLED');
182 require(TR_INCLUDE_PATH.'header.inc.php');