root/trunk/wifidog-auth/wifidog/admin/owner_sendfiles.php @ 609

Revision 609, 6.2 KB (checked in by fproulx, 8 years ago)

2005-04-30 Francois Proulx <francois.proulx@…>

  • Logout button will now destroy session AND render token USED
  • Property svn:eol-style set to native
  • Property svn:executable set to *
  • Property svn:keywords set to Author Date Id Revision
Line 
1<?php
2  /********************************************************************\
3   * This program is free software; you can redistribute it and/or    *
4   * modify it under the terms of the GNU General Public License as   *
5   * published by the Free Software Foundation; either version 2 of   *
6   * the License, or (at your option) any later version.              *
7   *                                                                  *
8   * This program is distributed in the hope that it will be useful,  *
9   * but WITHOUT ANY WARRANTY; without even the implied warranty of   *
10   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the    *
11   * GNU General Public License for more details.                     *
12   *                                                                  *
13   * You should have received a copy of the GNU General Public License*
14   * along with this program; if not, contact:                        *
15   *                                                                  *
16   * Free Software Foundation           Voice:  +1-617-542-5942       *
17   * 59 Temple Place - Suite 330        Fax:    +1-617-542-2652       *
18   * Boston, MA  02111-1307,  USA       gnu@gnu.org                   *
19   *                                                                  *
20   \********************************************************************/
21  /**@file sendfile.php
22   * Node owner upload file
23   * @author Copyright (C) 2005 Pascal Leclerc
24   */
25//TODO: Move to Node getAdminUI
26
27
28define('BASEPATH','../');
29require_once 'admin_common.php';
30require_once BASEPATH.'classes/Node.php';
31require_once BASEPATH.'classes/User.php';
32require_once BASEPATH.'classes/MainUI.php';
33
34$user_id = User::getCurrentUser()->getId();
35$smarty->assign("user_id", $user_id); // DEBUG
36
37empty($_REQUEST['action'])  ? $action  = '' : $action  = $_REQUEST['action'];
38empty($_REQUEST['node_id']) ? $node_id = '' : $node_id = $_REQUEST['node_id'];
39empty($_REQUEST['delfile']) ? $delfile = '' : $delfile = $_REQUEST['delfile'];
40
41$username = User::getCurrentUser()->getUsername();
42$smarty->assign("username", $username); // DEBUG
43
44// TODO: Remplacer les constantes definit dans config.php pour $filesArray
45$filesArray = array (
46   "0" => array('filename' => 'hotspot_logo_banner.jpg', 'file_exists' => 0),
47   "1" => array('filename' => 'hotspot_logo.jpg',        'file_exists' => 0),
48   "2" => array('filename' => 'login.html',              'file_exists' => 0),
49   "3" => array('filename' => 'portal.html',             'file_exists' => 0),
50   "4" => array('filename' => 'stylesheet.css',          'file_exists' => 0)
51);
52
53// Error checking before user can upload files
54if (!is_writable(BASEPATH.LOCAL_CONTENT_REL_PATH)) {
55     /* TODO Detailler l'erreur :
56          -Print absolute PATH directory
57          -Print current uid/gid
58          -Print needed uid/gid
59      */
60    $fileinfo = posix_getpwuid(posix_getuid());
61    $smarty->assign("error_message", _("Can not write to directory '" . BASEPATH.LOCAL_CONTENT_REL_PATH . "', ownership should be set to user ") . $fileinfo['name'] . " (uid=" . $fileinfo['uid'] . ")");
62    $ui=new MainUI();
63    $ui->setToolSection('ADMIN');
64    $ui->setMainContent($smarty->fetch("admin/templates/owner_display.html"));
65    $ui->display();
66    //$smarty->display("admin/templates/owner_display.html");
67    exit();
68}
69
70if ("$delfile" == "submit") { // Submit all files
71    // Create node directory in local_content
72    if (!file_exists(BASEPATH.LOCAL_CONTENT_REL_PATH . $node_id)) {
73        mkdir(BASEPATH.LOCAL_CONTENT_REL_PATH . $node_id);  // TODO : Add error checking
74    }
75   
76    foreach($filesArray as $fileArray) {
77        $filename = $fileArray['filename'];
78        $filename_underscore = str_replace('.', '_', $filename);
79
80        // Source and destination file (with PATH) and name (in tmp directory). @ is use to remove useless PHP notice message.
81        $source              = @$_FILES["$filename_underscore"]['tmp_name'];       
82        $destination         = BASEPATH.LOCAL_CONTENT_REL_PATH."$node_id/$filename";  // Destination file PATH and name (local_content)
83        //echo "S=$source D=$destination<BR>";
84        if (empty($source)) // Skip empty input file submission
85            continue;
86
87        // TODO : Display file upload success or error.
88        if (move_uploaded_file($source, $destination)) {
89            //echo "File is valid, and was successfully uploaded.<BR>";
90        } else {
91            $smarty->assign("error_message", 'Possible file upload attack!');
92        }
93    }
94} else { // Delete only if the filename is defined and include in $filesArray
95    foreach($filesArray as $fileArray) {
96        if ($fileArray['filename'] == $delfile) {
97            $filename = $fileArray['filename'];
98            $source = BASEPATH.LOCAL_CONTENT_REL_PATH . "$node_id/$filename";
99            //echo "DELETE SOURCE=$source<BR>";
100            unlink($source);   
101        }
102    }
103}
104
105if ("$action" == 'uploadform') {
106    $security->requireOwner($node_id);
107    $inc = 0;
108    foreach($filesArray as $fileArray) {
109        $filename = $fileArray['filename'];
110        if (file_exists(BASEPATH.LOCAL_CONTENT_REL_PATH . "$node_id/$filename")) {
111            $filesArray[$inc]['file_exists'] = 1;
112        }
113        ++$inc;
114    }
115
116    $smarty->assign("file_list", $filesArray);
117    $smarty->assign("node_id", $node_id);
118    $ui=new MainUI();
119    $ui->setToolSection('ADMIN');
120    $ui->setMainContent($smarty->fetch("admin/templates/owner_display.html"));
121    $ui->display();
122    //$smarty->display("admin/templates/owner_upload.html");
123} else {
124    $db->ExecSql("SELECT nodes.node_id,name FROM nodes NATURAL JOIN node_owners WHERE node_owners.user_id='$user_id'", $node_results, false);
125
126    if (is_array($node_results)) {
127        $smarty->assign("node_list", $node_results);
128        //foreach($node_results as $node_row) {
129        //    $smarty->append("node_list", $node_row);
130        //}
131    } else {
132        $smarty->assign("error_message", _('You are not a hotspot owner'));
133    }
134    $smarty->assign("node_id", $node_id);
135    $ui=new MainUI();
136    $ui->setToolSection('ADMIN');
137    $ui->setMainContent($smarty->fetch("admin/templates/owner_display.html"));
138    $ui->display();
139    //$smarty->display("admin/templates/owner_display.html");
140}
141?>
Note: See TracBrowser for help on using the browser.