tools/filemanager/rename.php

   1 <?php
   2 /****************************************************************/
   3 /* ATutor                                                                                                               */
   4 /****************************************************************/
   5 /* Copyright (c) 2002-2008 by Greg Gay & Joel Kronenberg        */
   6 /* Adaptive Technology Resource Centre / University of Toronto  */
   7 /* http://atutor.ca                                                                                             */
   8 /*                                                              */
   9 /* This program is free software. You can redistribute it and/or*/
  10 /* modify it under the terms of the GNU General Public License  */
  11 /* as published by the Free Software Foundation.                                */
  12 /****************************************************************/
  13
  14 define('AT_INCLUDE_PATH', '../../include/');
  15 require(AT_INCLUDE_PATH.'vitals.inc.php');
  16 require(AT_INCLUDE_PATH.'lib/filemanager.inc.php');
  17
  18 if (!authenticate(AT_PRIV_FILES,AT_PRIV_RETURN)) {
  19         authenticate(AT_PRIV_CONTENT);
  20 }
  21
  22 $current_path = AT_CONTENT_DIR.$_SESSION['course_id'].'/';
  23
  24 $popup = $_REQUEST['popup'];
  25 $framed = $_REQUEST['framed'];
  26
  27 if (isset($_POST['cancel'])) {
  28         $msg->addFeedback('CANCELLED');
  29         header('Location: index.php?pathext='.$_POST['pathext'].SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup']);
  30         exit;
  31 }
  32
  33 if (isset($_POST['rename_action'])) {
  34
  35         $_POST['new_name'] = trim($_POST['new_name']);
  36         $_POST['new_name'] = str_replace(' ', '_', $_POST['new_name']);
  37         $_POST['new_name'] = str_replace(array(' ', '/', '\\', ':', '*', '?', '"', '<', '>', '|', '\''), '', $_POST['new_name']);
  38
  39         $_POST['oldname'] = trim($_POST['oldname']);
  40         $_POST['oldname'] = str_replace(' ', '_', $_POST['oldname']);
  41         $_POST['oldname'] = str_replace(array(' ', '/', '\\', ':', '*', '?', '"', '<', '>', '|', '\''), '', $_POST['oldname']);
  42
  43         $path_parts_new = pathinfo($_POST['new_name']);
  44         $ext_new = $path_parts_new['extension'];
  45         $pathext = $_POST['pathext'];
  46
  47         /* check if this file extension is allowed: */
  48         /* $IllegalExtentions is defined in ./include/config.inc.php */
  49         if (in_array($ext_new, $IllegalExtentions)) {
  50                 $errors = array('FILE_ILLEGAL', $ext_new);
  51                 $msg->addError($errors);
  52         }
  53         else if ($current_path.$pathext.$_POST['new_name'] == $current_path.$pathext.$_POST['oldname']) {
  54                 //do nothing
  55                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  56                 header('Location: index.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup']);
  57                 exit;
  58         }
  59
  60         //make sure new file is inside content directory
  61         else if (course_realpath($current_path . $pathext . $_POST['new_name']) == FALSE) {
  62                 $msg->addError('CANNOT_RENAME');
  63         }
  64         else if (course_realpath($current_path . $pathext . $_POST['oldname']) == FALSE) {
  65                 $msg->addError('CANNOT_RENAME');
  66         }
  67         else if (file_exists($current_path . $pathext . $_POST['new_name'])) {
  68                 $msg->addError('CANNOT_RENAME');
  69         }
  70         else {
  71                 @rename($current_path.$pathext.$_POST['oldname'], $current_path.$pathext.$_POST['new_name']);
  72                 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
  73                 header('Location: index.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$_POST['framed'].SEP.'popup='.$_POST['popup']);
  74                 exit;
  75         }
  76 }
  77
  78 require(AT_INCLUDE_PATH.'header.inc.php');
  79 ?>
  80 <form name="rename" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post">
  81 <input type="hidden" name="pathext" value="<?php echo $_REQUEST['pathext']; ?>" />
  82 <input type="hidden" name="oldname" value="<?php echo $_REQUEST['oldname']; ?>" />
  83 <input type="hidden" name="framed" value="<?php echo $_REQUEST['framed']; ?>" />
  84 <input type="hidden" name="popup" value="<?php echo $_REQUEST['popup']; ?>" />
  85
  86 <div class="input-form">
  87         <div class="row">
  88                 <div class="required" title="<?php echo _AT('required_field'); ?>">*</div>
  89                 <label for="new"><?php echo _AT('new_name'); ?></label><br />
  90                 <?php echo $_GET['pathext']; ?><input type="text" name="new_name" id="new" value="<?php echo $_REQUEST['oldname']; ?>" size="30" />
  91         </div>
  92
  93         <div class="row buttons">
  94                 <input type="submit" name="rename_action" value="<?php echo _AT('save'); ?>" accesskey="s" />
  95                 <input type="submit" name="cancel" value="<?php echo _AT('cancel'); ?>" />
  96         </div>
  97 </div>
  98 </form>
  99
 100 <?php require(AT_INCLUDE_PATH.'footer.inc.php'); ?>