mods/_core/file_manager/rename.php

   1 <?php
   2 /****************************************************************/
   3 /* ATutor                                                                                                               */
   4 /****************************************************************/
   5 /* Copyright (c) 2002-2010                                      */
   6 /* Inclusive Design Institute                                   */
   7 /* http://atutor.ca                                                                                             */
   8 /*                                                              */
   9 /* This program is free software. You can redistribute it and/or*/
  10 /* modify it under the terms of the GNU General Public License  */
  11 /* as published by the Free Software Foundation.                                */
  12 /****************************************************************/
  13
  14 define('AT_INCLUDE_PATH', '../../../include/');
  15 require(AT_INCLUDE_PATH.'vitals.inc.php');
  16 require_once(AT_INCLUDE_PATH.'../mods/_core/file_manager/filemanager.inc.php');
  17
  18 if (!authenticate(AT_PRIV_FILES,AT_PRIV_RETURN)) {
  19         authenticate(AT_PRIV_CONTENT);
  20 }
  21
  22 $current_path = AT_CONTENT_DIR.$_SESSION['course_id'].'/';
  23
  24 $popup = $_REQUEST['popup'];
  25 $framed = $_REQUEST['framed'];
  26
  27 if (isset($_POST['cancel'])) {
  28         $msg->addFeedback('CANCELLED');
  29         header('Location: index.php?pathext='.$_POST['pathext'].SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type']);
  30         exit;
  31 }
  32
  33 if (isset($_POST['rename_action'])) {
  34
  35         $_POST['new_name'] = trim($_POST['new_name']);
  36         $_POST['new_name'] = str_replace(' ', '_', $_POST['new_name']);
  37         $_POST['new_name'] = str_replace(array(' ', '/', '\\', ':', '*', '?', '"', '<', '>', '|', '\''), '', $_POST['new_name']);
  38
  39         $_POST['oldname'] = trim($_POST['oldname']);
  40         $_POST['oldname'] = str_replace(array(' ', '/', '\\', ':', '*', '?', '"', '<', '>', '|', '\''), '', $_POST['oldname']);
  41
  42         $path_parts_new = pathinfo($_POST['new_name']);
  43         $ext_new = $path_parts_new['extension'];
  44         $pathext = $_POST['pathext'];
  45
  46         /* check if this file extension is allowed: */
  47         /* $IllegalExtentions is defined in ./include/config.inc.php */
  48         if (in_array($ext_new, $IllegalExtentions)) {
  49                 $errors = array('FILE_ILLEGAL', $ext_new);
  50                 $msg->addError($errors);
  51         }
  52         else if ($current_path.$pathext.$_POST['new_name'] == $current_path.$pathext.$_POST['oldname']) {
  53                 //do nothing
  54                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  55                 header('Location: index.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type']);
  56                 exit;
  57         }
  58
  59         //make sure new file is inside content directory
  60         else if (course_realpath($current_path . $pathext . $_POST['new_name']) == FALSE) {
  61                 $msg->addError('CANNOT_RENAME');
  62         }
  63         else if (course_realpath($current_path . $pathext . $_POST['oldname']) == FALSE) {
  64                 $msg->addError('CANNOT_RENAME');
  65         }
  66         else if (file_exists($current_path . $pathext . $_POST['new_name'])) {
  67                 $msg->addError('CANNOT_RENAME');
  68         }
  69         else {
  70                 @rename($current_path.$pathext.$_POST['oldname'], $current_path.$pathext.$_POST['new_name']);
  71                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  72                 header('Location: index.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup'].SEP.'cp='.$_POST['cp'].SEP.'cid='.$_POST['cid'].SEP.'pid='.$_POST['pid'].SEP.'a_type='.$_POST['a_type']);
  73                 exit;
  74         }
  75 }
  76
  77 require(AT_INCLUDE_PATH.'header.inc.php');
  78 ?>
  79 <form name="rename" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
  80 <input type="hidden" name="pathext" value="<?php echo $_REQUEST['pathext']; ?>" />
  81 <input type="hidden" name="oldname" value="<?php echo $_REQUEST['oldname']; ?>" />
  82 <input type="hidden" name="framed" value="<?php echo $_REQUEST['framed']; ?>" />
  83 <input type="hidden" name="popup" value="<?php echo $_REQUEST['popup']; ?>" />
  84
  85 <div class="input-form">
  86         <div class="row">
  87                 <span class="required" title="<?php echo _AT('required_field'); ?>">*</span>
  88                 <label for="new"><?php echo _AT('new_name'); ?></label><br />
  89                 <?php echo $_GET['pathext']; ?><input type="text" name="new_name" id="new" value="<?php echo $_REQUEST['oldname']; ?>" size="30" />
  90         </div>
  91
  92         <div class="row buttons">
  93                 <input type="submit" name="rename_action" value="<?php echo _AT('save'); ?>" accesskey="s" />
  94                 <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />
  95         </div>
  96 </div>
  97 </form>
  98
  99 <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>