admin_files.php

   1 <?php
   2
   3 # This form requires wfpl. See: http://sametwice.com/wfpl
   4
   5 define('ADMIN_FILES_DB_FIELDS', 'filename,description');
   6
   7 # Set this to the path to your uploads directory. It can be relative to the
   8 # location of this script. IT MUST END WITH A SLASH
   9 $GLOBALS['upload_directory'] = 'files/';
  10
  11 # emergency backup in case uploaders file name is blank somehow
  12 $GLOBALS['filename_file_name'] = uniqid() . getmypid() . '.txt';
  13
  14
  15 require_once(INC_WFPL . 'format.php');
  16 require_once(INC_WFPL . 'email.php');
  17 require_once(INC_WFPL . 'upload.php');
  18
  19 function admin_files_get_fields() {
  20         $data = array();
  21
  22         $data['description'] = format_oneline(_REQUEST_cut('description'));
  23
  24         #header('Content-Type: text/plain');
  25         #print_r(array($_REQUEST['filename'], $_FILES['filename']));
  26         #exit();
  27         $filename_filename_tmp = format_filename($_FILES['filename']['name']);
  28         if(!$filename_filename_tmp) {
  29                 $filename_filename_tmp = $GLOBALS['filename_file_name'];
  30         }
  31         if($_FILES['filename'] && $_FILES['filename']['error'] == 0) {
  32                 $data['filename'] = save_uploaded_file('filename', $GLOBALS['upload_directory'] . $filename_filename_tmp);
  33         } else {
  34                 if(_REQUEST_cut('delete_filename') == 'Yes') {
  35                         $data['filename'] = '';
  36                 } else {
  37                         $data['filename'] = format_path(_REQUEST_cut('old_filename'));
  38                 }
  39         }
  40         unset($_FILES['filename']);
  41
  42         return $data;
  43 }
  44
  45
  46 function admin_files_main() {
  47         if(logged_in_as_admin()) {
  48                 tem_set('admin_privs');
  49         } else {
  50                 $_REQUEST['url'] = this_url();
  51                 return 'admin_login';
  52         }
  53
  54         $id = _REQUEST_cut('edit_id');
  55         if($id) {
  56                 return admin_files_main_form($id);
  57         }
  58
  59         $id = _REQUEST_cut('admin_files_delete_id');
  60         if($id) {
  61                 return admin_files_main_delete($id);
  62         }
  63
  64         if(_REQUEST_cut('new')) {
  65                 return admin_files_main_form();
  66         }
  67
  68         if(_REQUEST_cut('list')) {
  69                 return admin_files_main_listing();
  70         }
  71
  72         if(isset($_POST['description'])) {
  73                 return admin_files_main_form();
  74         }
  75
  76         # default action:
  77         return admin_files_main_listing();
  78 }
  79
  80 function admin_files_main_delete($id) {
  81         $fn = db_get_value('files', 'filename', 'where id=%i', $id);
  82         if ($fn) {
  83                 unlink($fn);
  84                 db_delete('files', 'where id=%i', $id);
  85                 message('File deleted.');
  86         } else {
  87                 message("Couldn't find file to delete. Maybe it's already been deleted?");
  88         }
  89         return './admin_files';
  90 }
  91
  92 function admin_files_main_listing() {
  93         $listing_rows = db_get_assocs('files', 'id,filename,description', 'order by coalesce(nullif(description, ""), substring(filename, 7)) limit 100');
  94         tem_set('listings', $listing_rows);
  95 }
  96
  97 function admin_files_main_form($id = false) {
  98         if($id) {
  99                 tem_set('id', $id);
 100         }
 101
 102         if(isset($_POST['description'])) {
 103                 $data = admin_files_get_fields();
 104
 105                 if("you're happy with the POSTed values") {
 106                         if($id) {
 107                                 db_update_assoc('files', $data, 'where id=%i', $id);
 108                                 message('File updated.');
 109                         } else {
 110                                 db_insert_assoc('files', $data);
 111                                 message('File saved.');
 112                         }
 113                         if($error !== true) {
 114                                 return './admin_files';
 115                         }
 116                 }
 117                 # otherwise, we display the form again. admin_files_get_fields() has
 118                 # already put the posted values back into the template engine, so they will
 119                 # show up in the form fields. You should add some message asking people to
 120                 # fix their entry in whatever way you require.
 121         } elseif($id) {
 122                 # we've recieved an edit id, but no data. So we grab the values to be edited from the database
 123                 $data = db_get_assoc('files', ADMIN_FILES_DB_FIELDS, 'where id=%i', $id);
 124         } else {
 125                 # form not submitted, you can set default values like so:
 126                 #$data = array('description' => 'Yes');
 127                 $data = array();
 128         }
 129
 130         tem_set('upload_max_filesize', upload_max_filesize());
 131
 132         tem_set('form', $data);
 133 }