ave-cms-team/ave-cms-alt
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9236155d349bc9df93e0978bb812f2a87f0d85d5
ave-cms-alt/admin/browser.php
Repellent 611aebc86e init repo
2025-09-18 17:05:50 +05:00

199 lines
6.8 KiB
PHP
Raw Blame History

<?php
/**
* AVE.cms
*
* @package AVE.cms
* @version 4.x
* @filesource
* @copyright © 2007-2025 AVE.cms, https://www.ave.gitget.ru
*
* @license GPL v.2
*/
if (!defined('ACP') || !check_permission('mediapool_int')) {
header('Location:index.php');
exit;
}
global $AVE_DB, $AVE_Template;
ob_start();
ob_implicit_flush(false);
$_REQUEST['onlycontent'] = 1;
$max_size = 128; // максимальный размер миниатюры
$thumb_size = '-t' . $max_size . 'x' . $max_size; // формат миниатюр
$images_ext = ['jpg', 'jpeg', 'png', 'webp', 'gif', 'JPG', 'JPEG', 'PNG', 'WEBP', 'GIF'];
$upload_path = BASE_DIR . '/' . UPLOAD_DIR;
$lang = $_SESSION['admin_language'] ?? 'ru';
$AVE_Template = new AVE_Template(BASE_DIR . '/admin/templates/browser');
$AVE_Template->config_load(BASE_DIR . '/admin/lang/' . $lang . '/main.txt');
$AVE_Template->assign('tpl_dir', 'templates/');
$AVE_Template->assign('ABS_PATH', '../');
$action = $_REQUEST['action'] ?? '';
switch ($action) {
case 'list':
$dir = $_REQUEST['dir'] ?? '/';
if (strpos($dir, '..') !== false || strpos($dir, '//') !== false) {
$dir = '/';
}
$path = $upload_path . (is_dir($upload_path . $dir) ? $dir : '/');
$new_dir = $path . ($_REQUEST['newdir'] ?? '');
$new_dir_result = (!is_dir($new_dir) && !mkdir($new_dir, 0777));
$skip_entry = [THUMBNAIL_DIR, 'recycled', 'index.php'];
$dirs = [];
$files = [];
$d = @dir($path);
if ($d) {
while (false !== ($entry = $d->read())) {
if (in_array($entry, $skip_entry, true) || $entry[0] === '.') {
continue;
}
$fullPath = $path . $entry;
if (is_dir($fullPath)) {
$dirs[$entry] = 'index.php?do=browser&type=' . ($_REQUEST['type'] ?? '') .
'&amp;action=list&amp;dir=' . $dir . $entry . '/';
} else {
$nameParts = explode('.', $entry);
$ext = strtolower(end($nameParts));
$file = [];
$file['icon'] = file_exists("templates/images/mediapool/{$ext}.gif") ? $ext : 'attach';
$file['filesize'] = round(filesize($fullPath) / 1024, 2);
$file['moddate'] = date("d.m.y, H:i", filemtime($fullPath));
if (in_array($ext, $images_ext, true)) {
$nameParts[count($nameParts) - 2] .= $thumb_size;
$file['bild'] = '/' . UPLOAD_DIR . $dir . THUMBNAIL_DIR . '/' . implode('.', $nameParts);
} else {
$file['bild'] = 'templates/images/file.gif';
}
$files[$entry] = $file;
}
}
$d->close();
}
ksort($dirs);
ksort($files);
$AVE_Template->assign('new_dir_result', $new_dir_result);
$AVE_Template->assign('recycled', strpos($dir, '/recycled/') === 0);
$AVE_Template->assign('dirs', $dirs);
$AVE_Template->assign('files', $files);
$AVE_Template->assign('max_size', $max_size);
$AVE_Template->assign('dir', $dir);
$AVE_Template->assign('dirup', rtrim(dirname($dir), '\\/') . '/');
$AVE_Template->assign('mediapath', UPLOAD_DIR);
$AVE_Template->display('browser.tpl');
break;
case 'upload':
if (check_permission('mediapool_add')) {
$AVE_Template->display('browser_upload.tpl');
} else {
echo '<script type="text/javascript">window.close();</script>';
}
break;
case 'upload2':
header('Location:index.php?do=browser&type=image&target=' . ($_REQUEST['target'] ?? '') . '&tval=/' . UPLOAD_DIR . ($_REQUEST['tval'] ?? ''));
exit;
case 'delfile':
if (check_permission('mediapool_del')) {
$file = $_REQUEST['file'] ?? '';
$dir = $_REQUEST['dir'] ?? '';
if ($file === '' || $dir === '') {
exit(0);
}
$file_name = basename($file);
$del_file = $upload_path . $dir . $file_name;
if (strpos($del_file, '..') !== false || !is_file($del_file)) {
exit(0);
}
$recycled_path = $upload_path . '/recycled/';
if (!is_dir($recycled_path) && !mkdir($recycled_path)) {
exit(0);
}
do {
$nameParts = explode('.', $file_name);
$nameParts[count($nameParts) - 2] .= '-' . uniqid('', true);
$recycled_file_name = implode('.', $nameParts);
} while (file_exists($recycled_path . $recycled_file_name));
@copy($del_file, $recycled_path . $recycled_file_name);
if (@unlink($del_file)) {
foreach (glob($upload_path . $dir . THUMBNAIL_DIR . '/*') as $f_name) {
$base_file = basename($del_file);
$nameParts = explode('.', $base_file);
$start = strtolower(array_shift($nameParts));
$ext = strtolower(array_pop($nameParts));
$regexp = '/^(' . preg_quote($start, '/') . ')*(-)(t|f|c|s).{3,}\.(' . preg_quote($ext, '/') . ')$/';
if (preg_match($regexp, basename($f_name))) {
@unlink($upload_path . $dir . THUMBNAIL_DIR . '/' . basename($f_name));
}
}
reportLog(($_SESSION['user_name'] ?? 'unknown') . ' - удалил файл (' . UPLOAD_DIR . $dir . $file_name . ')');
}
}
echo '<script type="text/javascript">
parent.frames["zf"].location.href="index.php?do=browser&type=' . ($_REQUEST['type'] ?? '') . '&action=list&dir=' . ($_REQUEST['dir'] ?? '') . '";
</script>';
break;
default:
list($target, $target_id) = explode('__', $_REQUEST['target'] ?? '__');
$tval = '/';
if (!empty($_REQUEST['tval']) && str_starts_with($_REQUEST['tval'], '/' . UPLOAD_DIR . '/')) {
$full_path = BASE_DIR . '/' . $_REQUEST['tval'];
if (is_dir($full_path)) {
$tval = rtrim(substr($_REQUEST['tval'], strlen('/' . UPLOAD_DIR)), '\\/') . '/';
} elseif (is_file($full_path)) {
$tval = rtrim(dirname(substr($_REQUEST['tval'], strlen('/' . UPLOAD_DIR))), '\\/') . '/';
}
}
$AVE_Template->assign('dir', $tval);
$AVE_Template->assign('target', $target);
$AVE_Template->assign('target_id', $target_id);
$AVE_Template->assign('cppath', substr($_SERVER['PHP_SELF'], 0, -18));
$AVE_Template->assign('mediapath', UPLOAD_DIR);
$AVE_Template->display('browser_2frames.tpl');
break;
}
$out = ob_get_clean();
echo $out;
Reference in New Issue View Git Blame Copy Permalink