diff options
Diffstat (limited to 'public/admin/controller/common/filemanager.php')
| -rw-r--r-- | public/admin/controller/common/filemanager.php | 415 |
1 files changed, 415 insertions, 0 deletions
diff --git a/public/admin/controller/common/filemanager.php b/public/admin/controller/common/filemanager.php new file mode 100644 index 0000000..2b63851 --- /dev/null +++ b/public/admin/controller/common/filemanager.php @@ -0,0 +1,415 @@ +<?php +class ControllerCommonFileManager extends Controller { + public function index() { + $this->load->language('common/filemanager'); + + // Find which protocol to use to pass the full image link back + if ($this->request->server['HTTPS']) { + $server = HTTPS_CATALOG; + } else { + $server = HTTP_CATALOG; + } + + if (isset($this->request->get['filter_name'])) { + $filter_name = rtrim(str_replace(array('*', '/', '\\'), '', $this->request->get['filter_name']), '/'); + } else { + $filter_name = ''; + } + + // Make sure we have the correct directory + if (isset($this->request->get['directory'])) { + $directory = rtrim(DIR_IMAGE . 'catalog/' . str_replace('*', '', $this->request->get['directory']), '/'); + } else { + $directory = DIR_IMAGE . 'catalog'; + } + + if (isset($this->request->get['page'])) { + $page = $this->request->get['page']; + } else { + $page = 1; + } + + $directories = array(); + $files = array(); + + $data['images'] = array(); + + $this->load->model('tool/image'); + + if (substr(str_replace('\\', '/', realpath($directory) . '/' . $filter_name), 0, strlen(DIR_IMAGE . 'catalog')) == str_replace('\\', '/', DIR_IMAGE . 'catalog')) { + // Get directories + $directories = glob($directory . '/' . $filter_name . '*', GLOB_ONLYDIR); + + if (!$directories) { + $directories = array(); + } + + // Get files + $files = glob($directory . '/' . $filter_name . '*.{jpg,jpeg,png,gif,JPG,JPEG,PNG,GIF}', GLOB_BRACE); + + if (!$files) { + $files = array(); + } + } + + // Merge directories and files + $images = array_merge($directories, $files); + + // Get total number of files and directories + $image_total = count($images); + + // Split the array based on current page number and max number of items per page of 10 + $images = array_splice($images, ($page - 1) * 16, 16); + + foreach ($images as $image) { + $name = str_split(basename($image), 14); + + if (is_dir($image)) { + $url = ''; + + if (isset($this->request->get['target'])) { + $url .= '&target=' . $this->request->get['target']; + } + + if (isset($this->request->get['thumb'])) { + $url .= '&thumb=' . $this->request->get['thumb']; + } + + $data['images'][] = array( + 'thumb' => '', + 'name' => implode(' ', $name), + 'type' => 'directory', + 'path' => utf8_substr($image, utf8_strlen(DIR_IMAGE)), + 'href' => $this->url->link('common/filemanager', 'user_token=' . $this->session->data['user_token'] . '&directory=' . urlencode(utf8_substr($image, utf8_strlen(DIR_IMAGE . 'catalog/'))) . $url, true) + ); + } elseif (is_file($image)) { + $data['images'][] = array( + 'thumb' => $this->model_tool_image->resize(utf8_substr($image, utf8_strlen(DIR_IMAGE)), 100, 100), + 'name' => implode(' ', $name), + 'type' => 'image', + 'path' => utf8_substr($image, utf8_strlen(DIR_IMAGE)), + 'href' => $server . 'image/' . utf8_substr($image, utf8_strlen(DIR_IMAGE)) + ); + } + } + + $data['user_token'] = $this->session->data['user_token']; + + if (isset($this->request->get['directory'])) { + $data['directory'] = urlencode($this->request->get['directory']); + } else { + $data['directory'] = ''; + } + + if (isset($this->request->get['filter_name'])) { + $data['filter_name'] = $this->request->get['filter_name']; + } else { + $data['filter_name'] = ''; + } + + // Return the target ID for the file manager to set the value + if (isset($this->request->get['target'])) { + $data['target'] = $this->request->get['target']; + } else { + $data['target'] = ''; + } + + // Return the thumbnail for the file manager to show a thumbnail + if (isset($this->request->get['thumb'])) { + $data['thumb'] = $this->request->get['thumb']; + } else { + $data['thumb'] = ''; + } + + // Parent + $url = ''; + + if (isset($this->request->get['directory'])) { + $pos = strrpos($this->request->get['directory'], '/'); + + if ($pos) { + $url .= '&directory=' . urlencode(substr($this->request->get['directory'], 0, $pos)); + } + } + + if (isset($this->request->get['target'])) { + $url .= '&target=' . $this->request->get['target']; + } + + if (isset($this->request->get['thumb'])) { + $url .= '&thumb=' . $this->request->get['thumb']; + } + + $data['parent'] = $this->url->link('common/filemanager', 'user_token=' . $this->session->data['user_token'] . $url, true); + + // Refresh + $url = ''; + + if (isset($this->request->get['directory'])) { + $url .= '&directory=' . urlencode($this->request->get['directory']); + } + + if (isset($this->request->get['target'])) { + $url .= '&target=' . $this->request->get['target']; + } + + if (isset($this->request->get['thumb'])) { + $url .= '&thumb=' . $this->request->get['thumb']; + } + + $data['refresh'] = $this->url->link('common/filemanager', 'user_token=' . $this->session->data['user_token'] . $url, true); + + $url = ''; + + if (isset($this->request->get['directory'])) { + $url .= '&directory=' . urlencode(html_entity_decode($this->request->get['directory'], ENT_QUOTES, 'UTF-8')); + } + + if (isset($this->request->get['filter_name'])) { + $url .= '&filter_name=' . urlencode(html_entity_decode($this->request->get['filter_name'], ENT_QUOTES, 'UTF-8')); + } + + if (isset($this->request->get['target'])) { + $url .= '&target=' . $this->request->get['target']; + } + + if (isset($this->request->get['thumb'])) { + $url .= '&thumb=' . $this->request->get['thumb']; + } + + $pagination = new Pagination(); + $pagination->total = $image_total; + $pagination->page = $page; + $pagination->limit = 16; + $pagination->url = $this->url->link('common/filemanager', 'user_token=' . $this->session->data['user_token'] . $url . '&page={page}', true); + + $data['pagination'] = $pagination->render(); + + $this->response->setOutput($this->load->view('common/filemanager', $data)); + } + + public function upload() { + $this->load->language('common/filemanager'); + + $json = array(); + + // Check user has permission + if (!$this->user->hasPermission('modify', 'common/filemanager')) { + $json['error'] = $this->language->get('error_permission'); + } + + // Make sure we have the correct directory + if (isset($this->request->get['directory'])) { + $directory = rtrim(DIR_IMAGE . 'catalog/' . $this->request->get['directory'], '/'); + } else { + $directory = DIR_IMAGE . 'catalog'; + } + + // Check its a directory + if (!is_dir($directory) || substr(str_replace('\\', '/', realpath($directory)), 0, strlen(DIR_IMAGE . 'catalog')) != str_replace('\\', '/', DIR_IMAGE . 'catalog')) { + $json['error'] = $this->language->get('error_directory'); + } + + if (!$json) { + // Check if multiple files are uploaded or just one + $files = array(); + + if (!empty($this->request->files['file']['name']) && is_array($this->request->files['file']['name'])) { + foreach (array_keys($this->request->files['file']['name']) as $key) { + $files[] = array( + 'name' => $this->request->files['file']['name'][$key], + 'type' => $this->request->files['file']['type'][$key], + 'tmp_name' => $this->request->files['file']['tmp_name'][$key], + 'error' => $this->request->files['file']['error'][$key], + 'size' => $this->request->files['file']['size'][$key] + ); + } + } + + foreach ($files as $file) { + if (is_file($file['tmp_name'])) { + // Sanitize the filename + $filename = basename(html_entity_decode($file['name'], ENT_QUOTES, 'UTF-8')); + + // Validate the filename length + if ((utf8_strlen($filename) < 3) || (utf8_strlen($filename) > 255)) { + $json['error'] = $this->language->get('error_filename'); + } + + // Allowed file extension types + $allowed = array( + 'jpg', + 'jpeg', + 'gif', + 'png' + ); + + if (!in_array(utf8_strtolower(utf8_substr(strrchr($filename, '.'), 1)), $allowed)) { + $json['error'] = $this->language->get('error_filetype'); + } + + // Allowed file mime types + $allowed = array( + 'image/jpeg', + 'image/pjpeg', + 'image/png', + 'image/x-png', + 'image/gif' + ); + + if (!in_array($file['type'], $allowed)) { + $json['error'] = $this->language->get('error_filetype'); + } + + // Return any upload error + if ($file['error'] != UPLOAD_ERR_OK) { + $json['error'] = $this->language->get('error_upload_' . $file['error']); + } + } else { + $json['error'] = $this->language->get('error_upload'); + } + + if (!$json) { + move_uploaded_file($file['tmp_name'], $directory . '/' . $filename); + } + } + } + + if (!$json) { + $json['success'] = $this->language->get('text_uploaded'); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } + + public function folder() { + $this->load->language('common/filemanager'); + + $json = array(); + + // Check user has permission + if (!$this->user->hasPermission('modify', 'common/filemanager')) { + $json['error'] = $this->language->get('error_permission'); + } + + // Make sure we have the correct directory + if (isset($this->request->get['directory'])) { + $directory = rtrim(DIR_IMAGE . 'catalog/' . $this->request->get['directory'], '/'); + } else { + $directory = DIR_IMAGE . 'catalog'; + } + + // Check its a directory + if (!is_dir($directory) || substr(str_replace('\\', '/', realpath($directory)), 0, strlen(DIR_IMAGE . 'catalog')) != str_replace('\\', '/', DIR_IMAGE . 'catalog')) { + $json['error'] = $this->language->get('error_directory'); + } + + if ($this->request->server['REQUEST_METHOD'] == 'POST') { + // Sanitize the folder name + $folder = basename(html_entity_decode($this->request->post['folder'], ENT_QUOTES, 'UTF-8')); + + // Validate the filename length + if ((utf8_strlen($folder) < 3) || (utf8_strlen($folder) > 128)) { + $json['error'] = $this->language->get('error_folder'); + } + + // Check if directory already exists or not + if (is_dir($directory . '/' . $folder)) { + $json['error'] = $this->language->get('error_exists'); + } + } + + if (!isset($json['error'])) { + mkdir($directory . '/' . $folder, 0777); + chmod($directory . '/' . $folder, 0777); + + @touch($directory . '/' . $folder . '/' . 'index.html'); + + $json['success'] = $this->language->get('text_directory'); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } + + public function delete() { + $this->load->language('common/filemanager'); + + $json = array(); + + // Check user has permission + if (!$this->user->hasPermission('modify', 'common/filemanager')) { + $json['error'] = $this->language->get('error_permission'); + } + + if (isset($this->request->post['path'])) { + $paths = $this->request->post['path']; + } else { + $paths = array(); + } + + // Loop through each path to run validations + foreach ($paths as $path) { + // Check path exsists + if ($path == DIR_IMAGE . 'catalog' || substr(str_replace('\\', '/', realpath(DIR_IMAGE . $path)), 0, strlen(DIR_IMAGE . 'catalog')) != str_replace('\\', '/', DIR_IMAGE . 'catalog')) { + $json['error'] = $this->language->get('error_delete'); + + break; + } + } + + if (!$json) { + // Loop through each path + foreach ($paths as $path) { + $path = rtrim(DIR_IMAGE . $path, '/'); + + // If path is just a file delete it + if (is_file($path)) { + unlink($path); + + // If path is a directory beging deleting each file and sub folder + } elseif (is_dir($path)) { + $files = array(); + + // Make path into an array + $path = array($path); + + // While the path array is still populated keep looping through + while (count($path) != 0) { + $next = array_shift($path); + + foreach (glob($next) as $file) { + // If directory add to path array + if (is_dir($file)) { + $path[] = $file . '/*'; + } + + // Add the file to the files to be deleted array + $files[] = $file; + } + } + + // Reverse sort the file array + rsort($files); + + foreach ($files as $file) { + // If file just delete + if (is_file($file)) { + unlink($file); + + // If directory use the remove directory function + } elseif (is_dir($file)) { + rmdir($file); + } + } + } + } + + $json['success'] = $this->language->get('text_delete'); + } + + $this->response->addHeader('Content-Type: application/json'); + $this->response->setOutput(json_encode($json)); + } +}
\ No newline at end of file |