get('id')); $msg = utils::get('msg') ?: false; if (!empty($_GET['edit'])) { $file = $_GET['edit']; $csrf_key = 'edit_'.md5($file); if (!empty($_POST['save'])) { if (!utils::CSRF_check($csrf_key)) { $msg = 'OTHER'; } else { $files->saveFileContent($file, $_POST['content']); utils::redirect('/ecrire/fichiers.php?msg=SAVED'); } } $tpl->assign('edit', $file); $tpl->assign('content', $files->getFileContent($file)); $tpl->assign('csrf_key', $csrf_key); } elseif (!empty($_GET['view']) && ($file = $files->getPath(utils::get('view')))) { $mimetype = Journal_Files::getFileMimeType($file); list($mime_cat) = explode('/', $mimetype); $tpl->assign('view', basename($file)); $tpl->assign('breadcrumbs', $files->getBreadcrumbs(dirname($file))); $tpl->assign('type', Journal_Files::getFileType($file)); $tpl->assign('mimetype', $mimetype); $tpl->assign('mime_cat', $mime_cat); $tpl->assign('url', utils::getJournalDatasURL($journal->get('id'), 'documents') . $file); } elseif (!empty($_GET['rmdir']) && ($dir = $files->getPath(utils::get('rmdir')))) { $csrf_key = 'rmdir_'.md5(utils::get('rmdir')); if (utils::post('rmdir')) { if (!utils::CSRF_check($csrf_key)) { $msg = 'OTHER'; } else { $parent_dir = $files->deleteDir($dir); if ($parent_dir !== false) { utils::redirect('/ecrire/fichiers.php?path='.rawurlencode($parent_dir).'&msg=RMDIR_OK'); } else { $msg = 'RMDIR_FAIL'; } } } $tpl->assign('csrf_key', $csrf_key); $tpl->assign('rmdir', $dir); } else { $path = utils::get('path') ? $files->getPath(utils::get('path')) : ''; if (trim(utils::post('mkdir'))) { if (!utils::CSRF_check('mkdir_'.$path)) { $msg = 'OTHER'; } else { if ($r = $files->createDir($path, utils::post('mkdir'))) { if ($r === true) $msg = 'MKDIR_EXISTS'; else utils::redirect('/ecrire/fichiers.php?path='.rawurlencode($r)); } else { $msg = 'MKDIR_FAIL'; } } } elseif (trim(utils::post('upload'))) { if (!utils::CSRF_check('upload_'.$path)) { $msg = 'OTHER'; } else { try { $r = $files->uploadFile($path, $_FILES['upload_file']); if ($r) { utils::redirect('/ecrire/fichiers.php?path='.rawurlencode($path)); } else { $msg = 'UPLOAD_FAIL'; } } catch (userException $e) { $msg = 'UPLOAD_FAIL'; $tpl->assign('msg_error', $e->getMessage()); } } } elseif (trim(utils::post('ask_delete')) && !empty($_POST['check'])) { $tpl->assign('checked', utils::post('check')); $tpl->assign('confirm_delete', true); } elseif (trim(utils::post('confirm_delete')) && !empty($_POST['check'])) { if (!utils::CSRF_check('confirm_delete_'.$path)) { $msg = 'OTHER'; } else { foreach ($_POST['check'] as $file) { $files->deleteFile($path, $file); } utils::redirect('/ecrire/fichiers.php?path='.rawurlencode($path)); } } if (!$path) { $tpl->assign('quota_max', LENCRIER_QUOTA_FILES); $tpl->assign('quota_used', round($files->getUsedQuota() / 1024 / 1024, 2)); } $list = $files->getList($path); if ($list === false) { $msg = 'NOTFOUND'; } else { $path_link = $path; if ($path) { $path_link .= '/'; $tpl->assign('breadcrumbs', $files->getBreadcrumbs($path)); $tpl->assign('parent', $files->getParent($path)); } $tpl->assign('list', $list); $tpl->assign('path_link', $path_link); } $tpl->assign('path', $path); $tpl->assign('max_file_size', utils::getMaxFileSize()); } $tpl->assign('msg', $msg); $tpl->display('ecrire/fichiers.tpl'); ?>