2 /****************************************************************/
4 /****************************************************************/
5 /* Copyright (c) 2002-2010 */
6 /* Inclusive Design Institute */
9 /* This program is free software. You can redistribute it and/or*/
10 /* modify it under the terms of the GNU General Public License */
11 /* as published by the Free Software Foundation. */
12 /****************************************************************/
14 if (!defined('AT_INCLUDE_PATH')) { exit; }
18 $_SESSION['done'] = 0;
20 if (!authenticate(AT_PRIV_FILES,AT_PRIV_RETURN)) {
21 authenticate(AT_PRIV_CONTENT);
25 $current_path = AT_CONTENT_DIR.$_SESSION['course_id'].'/';
28 if (isset($_POST['rename'])) {
29 if (!is_array($_POST['check'])) {
30 // error: you must select a file/dir to rename
31 $msg->addError('NO_ITEM_SELECTED');
32 } else if (count($_POST['check']) < 1) {
33 // error: you must select one file/dir to rename
34 $msg->addError('NO_ITEM_SELECTED');
35 } else if (count($_POST['check']) > 1) {
36 // error: you must select ONLY one file/dir to rename
37 $msg->addError('SELECT_ONE_ITEM');
39 header('Location: rename.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$framed.SEP.'popup='.$popup.SEP.'oldname='.urlencode($_POST['check'][0]).SEP.'cp='.$_GET['cp'].SEP.'pid='.$_GET['pid'].SEP.'cid='.$_GET['cid'].SEP.'a_type='.$_GET['a_type']);
42 } else if (isset($_POST['delete'])) {
44 if (!is_array($_POST['check'])) {
45 $msg->addError('NO_ITEM_SELECTED');
48 $list = implode(',', $_POST['check']);
49 header('Location: delete.php?pathext=' . urlencode($_POST['pathext']) . SEP . 'framed=' . $framed . SEP . 'popup=' . $popup . SEP . 'list=' . urlencode($list).SEP.'cp='.$_GET['cp'].SEP.'pid='.$_GET['pid'].SEP.'cid='.$_GET['cid'].SEP.'a_type='.$_GET['a_type']);
52 } else if (isset($_POST['move'])) {
54 if (!is_array($_POST['check'])) {
55 $msg->addError('NO_ITEM_SELECTED');
58 $list = implode(',', $_POST['check']);
59 header('Location: move.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$framed.SEP.'popup='.$popup.SEP.'list='.urlencode($list).SEP.'cp='.$_GET['cp'].SEP.'pid='.$_GET['pid'].SEP.'cid='.$_GET['cid'].SEP.'a_type='.$_GET['a_type']);
66 /* get this courses MaxQuota and MaxFileSize: */
67 $sql = "SELECT max_quota, max_file_size FROM ".TABLE_PREFIX."courses WHERE course_id=$_SESSION[course_id]";
68 $result = mysql_query($sql, $db);
69 $row = mysql_fetch_array($result);
70 $my_MaxCourseSize = $row['max_quota'];
71 $my_MaxFileSize = $row['max_file_size'];
73 if ($my_MaxCourseSize == AT_COURSESIZE_DEFAULT) {
74 $my_MaxCourseSize = $MaxCourseSize;
76 if ($my_MaxFileSize == AT_FILESIZE_DEFAULT) {
77 $my_MaxFileSize = $MaxFileSize;
78 } else if ($my_MaxFileSize == AT_FILESIZE_SYSTEM_MAX) {
79 $my_MaxFileSize = megabytes_to_bytes(substr(ini_get('upload_max_filesize'), 0, -1));
85 if ($_GET['pathext'] != '') {
86 $pathext = urldecode($_GET['pathext']);
87 } else if ($_POST['pathext'] != '') {
88 $pathext = $_POST['pathext'];
91 if (strpos($pathext, '..') !== false) {
92 require(AT_INCLUDE_PATH.'header.inc.php');
93 $msg->printErrors('UNKNOWN');
94 require(AT_INCLUDE_PATH.'footer.inc.php');
97 if($_GET['back'] == 1) {
98 $pathext = substr($pathext, 0, -1);
99 $slashpos = strrpos($pathext, '/');
103 $pathext = substr($pathext, 0, ($slashpos+1));
109 /* remove the forward or backwards slash from the path */
110 $newpath = $current_path;
111 $depth = substr_count($pathext, '/');
113 if ($pathext != '') {
114 $bits = explode('/', $pathext);
115 foreach ($bits as $bit) {
119 $_section[$start_at][0] = $bit;
120 $_section[$start_at][1] = '../mods/_core/file_manager/index.php?pathext=' . urlencode($bit_path) . SEP . 'popup=' . $popup . SEP . 'framed=' . $framed;
129 /* if upload successful, close the window */
131 $onload = 'closeWindow(\'progWin\');';
134 /* make new directory */
135 if ($_POST['mkdir_value'] && ($depth < $MaxDirDepth) ) {
136 $_POST['dirname'] = trim($_POST['dirname']);
138 /* anything else should be okay, since we're on *nix..hopefully */
139 $_POST['dirname'] = preg_replace('/[^a-zA-Z0-9._]/', '', $_POST['dirname']);
141 if ($_POST['dirname'] == '') {
142 $msg->addError(array('FOLDER_NOT_CREATED', $_POST['dirname'] ));
144 else if (strpos($_POST['dirname'], '..') !== false) {
145 $msg->addError('BAD_FOLDER_NAME');
148 $result = @mkdir($current_path.$pathext.$_POST['dirname'], 0700);
150 $msg->addError(array('FOLDER_NOT_CREATED', $_POST['dirname'] ));
153 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
158 $newpath = substr($current_path.$pathext, 0, -1);
160 /* open the directory */
161 if (!($dir = @opendir($newpath))) {
162 if (isset($_GET['create']) && ($newpath.'/' == $current_path)) {
164 if (!($dir = @opendir($newpath))) {
165 require(AT_INCLUDE_PATH.'header.inc.php');
166 $msg->printErrors('CANNOT_CREATE_DIR');
167 require(AT_INCLUDE_PATH.'footer.inc.php');
170 $msg->addFeedback('CONTENT_DIR_CREATED');
173 require(AT_INCLUDE_PATH.'header.inc.php');
175 $msg->printErrors('CANNOT_OPEN_DIR');
176 require(AT_INCLUDE_PATH.'footer.inc.php');
181 if (isset($_POST['cancel'])) {
182 $msg->addFeedback('CANCELLED');
185 require(AT_INCLUDE_PATH.'header.inc.php');