silence more warnings

[wfpl-cms.git] / admin_files.php

<?php

# This form requires wfpl. See: http://sametwice.com/wfpl

define('ADMIN_FILES_DB_FIELDS', 'filename,description');

# Set this to the path to your uploads directory. It can be relative to the
# location of this script. IT MUST END WITH A SLASH
$GLOBALS['upload_directory'] = 'files/';

# emergency backup in case uploaders file name is blank somehow
$GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt';


require_once(__DIR__.'/'.'inc/wfpl/format.php');
require_once(__DIR__.'/'.'inc/wfpl/email.php');
require_once(__DIR__.'/'.'inc/wfpl/upload.php');

function admin_files_get_fields() {
    $data = array();

    $data['description'] = format_oneline(_REQUEST_cut('description'));

    #header('Content-Type: text/plain');
    #print_r(array($_REQUEST['filename'], $_FILES['filename']));
    #exit();
    $filename_filename_tmp = format_filename($_FILES['filename']['name'], true);
    if(!$filename_filename_tmp) {
        $filename_filename_tmp = $GLOBALS['filename_file_name'];
    }
    if($_FILES['filename'] && $_FILES['filename']['error'] == 0) {
        $data['filename'] = save_uploaded_file('filename', $GLOBALS['upload_directory'] . $filename_filename_tmp);
    } else {
        if(_REQUEST_cut('delete_filename') == 'Yes') {
            $data['filename'] = '';
        } else {
            $data['filename'] = format_path(_REQUEST_cut('old_filename'), true);
        }
    }
    unset($_FILES['filename']);

    return $data;
}


function admin_files_main() {
    session_auth_must('admin_files');

    $id = _REQUEST_cut('edit_id');
    if($id) {
        return admin_files_main_form($id);
    }

    $id = _REQUEST_cut('admin_files_delete_id');
    if($id) {
        return admin_files_main_delete($id);
    }

    if(_REQUEST_cut('new')) {
        return admin_files_main_form();
    }

    if(_REQUEST_cut('list')) {
        return admin_files_main_listing();
    }

    if(isset($_POST['description'])) {
        return admin_files_main_form();
    }

    # default action:
    return admin_files_main_listing();
}

function admin_files_main_delete($id) {
    $fn = db_get_value('files', 'filename', 'where id=%i', $id);
    if ($fn) {
        unlink($fn);
        db_delete('files', 'where id=%i', $id);
        message('File deleted.');
    } else {
        message("Couldn't find file to delete. Maybe it's already been deleted?");
    }
    return './admin_files';
}

function admin_files_main_listing() {
    $listing_rows = db_get_assocs('files', 'id,filename,description', 'order by coalesce(nullif(description, ""), substring(filename, 7)) limit 100');
    tem_set('listings', $listing_rows);
}

function admin_files_main_form($id = false) {
    if($id) {
        tem_set('id', $id);
    }

    if(isset($_POST['description'])) {
        $data = admin_files_get_fields();

        if("you're happy with the POSTed values") {
            if($id) {
                db_update_assoc('files', $data, 'where id=%i', $id);
                message('File updated.');
            } else {
                db_insert_assoc('files', $data);
                message('File saved.');
            }
            if($error !== true) {
                return './admin_files';
            }
        }
        # otherwise, we display the form again. admin_files_get_fields() has
        # already put the posted values back into the template engine, so they will
        # show up in the form fields. You should add some message asking people to
        # fix their entry in whatever way you require.
    } elseif($id) {
        # we've recieved an edit id, but no data. So we grab the values to be edited from the database
        $data = db_get_assoc('files', ADMIN_FILES_DB_FIELDS, 'where id=%i', $id);
    } else {
        # form not submitted, you can set default values like so:
        #$data = array('description' => 'Yes');
        $data = array();
    }

    tem_set('upload_max_filesize', upload_max_filesize());

    tem_set('form', $data);
}