JasonWoof Got questions, comments, patches, etc.? Contact Jason Woofenden
hover admin links top/right
[wfpl-cms.git] / admin_files.php
1 <?php
2
3 # This form requires wfpl. See: http://sametwice.com/wfpl
4
5 define('ADMIN_FILES_DB_FIELDS', 'filename,description');
6
7 # Set this to the path to your uploads directory. It can be relative to the
8 # location of this script. IT MUST END WITH A SLASH
9 $GLOBALS['upload_directory'] = 'files/';
10
11 # emergency backup in case uploaders file name is blank somehow
12 $GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt';
13
14
15 require_once(DOCROOT . 'inc/wfpl/format.php');
16 require_once(DOCROOT . 'inc/wfpl/email.php');
17 require_once(DOCROOT . 'inc/wfpl/upload.php');
18
19 function admin_files_get_fields() {
20         $data = array();
21
22         $data['description'] = format_oneline(_REQUEST_cut('description'));
23
24         #header('Content-Type: text/plain');
25         #print_r(array($_REQUEST['filename'], $_FILES['filename']));
26         #exit();
27         $filename_filename_tmp = format_filename($_FILES['filename']['name']);
28         if(!$filename_filename_tmp) {
29                 $filename_filename_tmp = $GLOBALS['filename_file_name'];
30         }
31         if($_FILES['filename'] && $_FILES['filename']['error'] == 0) {
32                 $data['filename'] = save_uploaded_file('filename', $GLOBALS['upload_directory'] . $filename_filename_tmp);
33         } else {
34                 if(_REQUEST_cut('delete_filename') == 'Yes') {
35                         $data['filename'] = '';
36                 } else {
37                         $data['filename'] = format_path(_REQUEST_cut('old_filename'));
38                 }
39         }
40         unset($_FILES['filename']);
41
42         return $data;
43 }
44
45
46 function admin_files_main() {
47         session_auth_must('manage_files');
48
49         $id = _REQUEST_cut('edit_id');
50         if($id) {
51                 return admin_files_main_form($id);
52         }
53
54         $id = _REQUEST_cut('admin_files_delete_id');
55         if($id) {
56                 return admin_files_main_delete($id);
57         }
58
59         if(_REQUEST_cut('new')) {
60                 return admin_files_main_form();
61         }
62
63         if(_REQUEST_cut('list')) {
64                 return admin_files_main_listing();
65         }
66
67         if(isset($_POST['description'])) {
68                 return admin_files_main_form();
69         }
70
71         # default action:
72         return admin_files_main_listing();
73 }
74
75 function admin_files_main_delete($id) {
76         $fn = db_get_value('files', 'filename', 'where id=%i', $id);
77         if ($fn) {
78                 unlink($fn);
79                 db_delete('files', 'where id=%i', $id);
80                 message('File deleted.');
81         } else {
82                 message("Couldn't find file to delete. Maybe it's already been deleted?");
83         }
84         return './admin_files';
85 }
86
87 function admin_files_main_listing() {
88         $listing_rows = db_get_assocs('files', 'id,filename,description', 'order by coalesce(nullif(description, ""), substring(filename, 7)) limit 100');
89         tem_set('listings', $listing_rows);
90 }
91
92 function admin_files_main_form($id = false) {
93         if($id) {
94                 tem_set('id', $id);
95         }
96
97         if(isset($_POST['description'])) {
98                 $data = admin_files_get_fields();
99
100                 if("you're happy with the POSTed values") {
101                         if($id) {
102                                 db_update_assoc('files', $data, 'where id=%i', $id);
103                                 message('File updated.');
104                         } else {
105                                 db_insert_assoc('files', $data);
106                                 message('File saved.');
107                         }
108                         if($error !== true) {
109                                 return './admin_files';
110                         }
111                 }
112                 # otherwise, we display the form again. admin_files_get_fields() has
113                 # already put the posted values back into the template engine, so they will
114                 # show up in the form fields. You should add some message asking people to
115                 # fix their entry in whatever way you require.
116         } elseif($id) {
117                 # we've recieved an edit id, but no data. So we grab the values to be edited from the database
118                 $data = db_get_assoc('files', ADMIN_FILES_DB_FIELDS, 'where id=%i', $id);
119         } else {
120                 # form not submitted, you can set default values like so:
121                 #$data = array('description' => 'Yes');
122                 $data = array();
123         }
124
125         tem_set('upload_max_filesize', upload_max_filesize());
126
127         tem_set('form', $data);
128 }