2 /****************************************************************/
4 /****************************************************************/
5 /* Copyright (c) 2002-2008 by Greg Gay & Joel Kronenberg */
6 /* Adaptive Technology Resource Centre / University of Toronto */
9 /* This program is free software. You can redistribute it and/or*/
10 /* modify it under the terms of the GNU General Public License */
11 /* as published by the Free Software Foundation. */
12 /****************************************************************/
14 if (!defined('AT_INCLUDE_PATH')) { exit; }
15 //require(AT_INCLUDE_PATH.'vitals.inc.php');
16 //require(AT_INCLUDE_PATH.'lib/filemanager.inc.php');
19 $_SESSION['done'] = 0;
21 if (!authenticate(AT_PRIV_FILES,AT_PRIV_RETURN)) {
22 authenticate(AT_PRIV_CONTENT);
26 $current_path = AT_CONTENT_DIR.$_SESSION['course_id'].'/';
29 if (isset($_POST['rename'])) {
30 if (!is_array($_POST['check'])) {
31 // error: you must select a file/dir to rename
32 $msg->addError('NO_ITEM_SELECTED');
33 } else if (count($_POST['check']) < 1) {
34 // error: you must select one file/dir to rename
35 $msg->addError('NO_ITEM_SELECTED');
36 } else if (count($_POST['check']) > 1) {
37 // error: you must select ONLY one file/dir to rename
38 $msg->addError('SELECT_ONE_ITEM');
40 header('Location: rename.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$framed.SEP.'popup='.$popup.SEP.'oldname='.urlencode($_POST['check'][0]));
43 } else if (isset($_POST['delete'])) {
45 if (!is_array($_POST['check'])) {
46 $msg->addError('NO_ITEM_SELECTED');
49 $list = implode(',', $_POST['check']);
50 header('Location: delete.php?pathext=' . urlencode($_POST['pathext']) . SEP . 'framed=' . $framed . SEP . 'popup=' . $popup . SEP . 'list=' . urlencode($list));
53 } else if (isset($_POST['move'])) {
55 if (!is_array($_POST['check'])) {
56 $msg->addError('NO_ITEM_SELECTED');
59 $list = implode(',', $_POST['check']);
60 header('Location: move.php?pathext='.urlencode($_POST['pathext']).SEP.'framed='.$framed.SEP.'popup='.$popup.SEP.'list='.urlencode($list));
67 /* get this courses MaxQuota and MaxFileSize: */
68 $sql = "SELECT max_quota, max_file_size FROM ".TABLE_PREFIX."courses WHERE course_id=$_SESSION[course_id]";
69 $result = mysql_query($sql, $db);
70 $row = mysql_fetch_array($result);
71 $my_MaxCourseSize = $row['max_quota'];
72 $my_MaxFileSize = $row['max_file_size'];
74 if ($my_MaxCourseSize == AT_COURSESIZE_DEFAULT) {
75 $my_MaxCourseSize = $MaxCourseSize;
77 if ($my_MaxFileSize == AT_FILESIZE_DEFAULT) {
78 $my_MaxFileSize = $MaxFileSize;
79 } else if ($my_MaxFileSize == AT_FILESIZE_SYSTEM_MAX) {
80 $my_MaxFileSize = megabytes_to_bytes(substr(ini_get('upload_max_filesize'), 0, -1));
86 if ($_GET['pathext'] != '') {
87 $pathext = urldecode($_GET['pathext']);
88 } else if ($_POST['pathext'] != '') {
89 $pathext = $_POST['pathext'];
92 if (strpos($pathext, '..') !== false) {
93 require(AT_INCLUDE_PATH.'header.inc.php');
94 $msg->printErrors('UNKNOWN');
95 require(AT_INCLUDE_PATH.'footer.inc.php');
98 if($_GET['back'] == 1) {
99 $pathext = substr($pathext, 0, -1);
100 $slashpos = strrpos($pathext, '/');
104 $pathext = substr($pathext, 0, ($slashpos+1));
110 /* remove the forward or backwards slash from the path */
111 $newpath = $current_path;
112 $depth = substr_count($pathext, '/');
114 if ($pathext != '') {
115 $bits = explode('/', $pathext);
116 foreach ($bits as $bit) {
120 $_section[$start_at][0] = $bit;
121 $_section[$start_at][1] = 'tools/filemanager/index.php?pathext=' . urlencode($bit_path) . SEP . 'popup=' . $popup . SEP . 'framed=' . $framed;
130 /* if upload successful, close the window */
132 $onload = 'closeWindow(\'progWin\');';
135 /* make new directory */
136 if ($_POST['mkdir_value'] && ($depth < $MaxDirDepth) ) {
137 $_POST['dirname'] = trim($_POST['dirname']);
139 /* anything else should be okay, since we're on *nix..hopefully */
140 $_POST['dirname'] = ereg_replace('[^a-zA-Z0-9._]', '', $_POST['dirname']);
142 if ($_POST['dirname'] == '') {
143 $msg->addError(array('FOLDER_NOT_CREATED', $_POST['dirname'] ));
145 else if (strpos($_POST['dirname'], '..') !== false) {
146 $msg->addError('BAD_FOLDER_NAME');
149 $result = @mkdir($current_path.$pathext.$_POST['dirname'], 0700);
151 $msg->addError(array('FOLDER_NOT_CREATED', $_POST['dirname'] ));
154 $msg->addFeedback('ACTION_COMPLETED_SUCCESSFULLY');
159 $newpath = substr($current_path.$pathext, 0, -1);
161 /* open the directory */
162 if (!($dir = @opendir($newpath))) {
163 if (isset($_GET['create']) && ($newpath.'/' == $current_path)) {
165 if (!($dir = @opendir($newpath))) {
166 require(AT_INCLUDE_PATH.'header.inc.php');
167 $msg->printErrors('CANNOT_CREATE_DIR');
168 require(AT_INCLUDE_PATH.'footer.inc.php');
171 $msg->addFeedback('CONTENT_DIR_CREATED');
174 require(AT_INCLUDE_PATH.'header.inc.php');
176 $msg->printErrors('CANNOT_OPEN_DIR');
177 require(AT_INCLUDE_PATH.'footer.inc.php');
182 if (isset($_POST['cancel'])) {
183 $msg->addFeedback('CANCELLED');
186 require(AT_INCLUDE_PATH.'header.inc.php');