bcd64a198cee433d5c9ee581d4bc67db5e824705
[squasher.git] / squasher.php
1 <?php
2 if (!$_SESSION['creds']['validated'] && !isset($_GET['f']))
3         exit();
4
5 require_once("squasher.class.php");
6
7 $squashweb = new squashweb();
8
9 $squashweb->update_history();
10
11 //set root directory
12 $basedir = "../uploads";
13 if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1) {
14         $subf = $_GET['path'];
15         $path = $basedir . $subf;
16 } else {
17         $path = $basedir;
18 }
19
20 $squashweb->set_root($basedir);
21
22 if ((isset($_GET['f']) && $_GET['f']!=NULL) || (isset($_GET['d']) && $_GET['d']!=NULL) || $_GET['show_all']==true || $_GET['tools']=='hide' || $_GET['tools']=='unhide' || $_GET['tools']=='delete') {
23         $getdeepfiles=true;
24         $populate=false;
25 } else {
26         $getdeepfiles=false;
27         $populate=true;
28 }
29
30 //update folder rights if form is submitted
31 if ($submitted['edited_user'] > 0 && $submitted['formtype'] == 'folderrights')
32         $squashweb->update_rights($submitted,$_SESSION['creds']['user_level']);
33
34 //set folder rights
35 if (isset($_GET['f']) && $_GET['f']!=NULL) {
36         $squashweb->give_rights(2);
37 } else {
38         $squashweb->give_rights($_SESSION['creds']['user_id']);
39 }
40
41 if (isset($_GET['f']) && $_GET['f']!=NULL) {
42         $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".$_GET['f']."'";
43         $f_r = mysql_query($f_q);
44         $f_o = mysql_fetch_object($f_r);
45
46         //log downloads
47         @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".$_GET['f']."','{$f_o->file}','download','".$_SESSION['creds']['user_id']."','".$_SESSION['creds']['user_name']."','".$_SERVER['REMOTE_ADDR']."',NOW())");
48
49         $_hpath_arr=explode("/", $f_o->file);
50         $file=array_pop($_hpath_arr); //Remove filename
51         $path=implode("/", $_hpath_arr);
52         $squashweb->read_single_file($path, $file);
53         #$squashweb->read_directory($path, false, true, false, false);
54 } else {
55         //parse folders for readable files
56         $squashweb->read_directory($path, true, true, $getdeepfiles, $populate);
57 }
58
59 //check if a file is requested
60 if (isset($_GET['f']) && $_GET['f']!=NULL) {
61         //get the config of requested file
62         $request = $squashweb->get_config($_GET['f']);
63
64         //------------------------------------
65         //-check-file-and-request-type--start-
66         //------------------------------------
67         if (strpos($request['mime'],'ideo') && isset($_GET['d'])) { //embed video
68                 $squashweb->embed_video($_GET['f']);
69         }
70         elseif (strpos($request['mime'],'ideo') && isset($_GET['x'])) { //show stream playlist
71                 $squashweb->create_playlist($_GET['f'],$_GET['x'],$request[2]);
72         }
73         else {  //show requested file
74         #       header('Cache-control: private');
75                 header('Content-Disposition: attachment; filename="'.$request[2].'"');
76                 header("Content-Type: ".$request['mime']);
77                 if ($request[3])header('Content-Length: '.$request[3]);
78                 #@ob_flush();
79                 @flush();
80                 $squashweb->print_files($request['path'], $request[2]);
81         }
82         //---------------------------------
83         //-check-file-and-request-type-end-
84         //---------------------------------
85
86 } elseif ($tools=="hide" && isset($_GET['h'])) {
87         if ($_SESSION['creds']['user_level'] > 99) {
88                 $request = $squashweb->get_config($_GET['h']);
89                 $handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x');
90                 fwrite($handle, 'hidden by '.$_SESSION['creds']['user_name']);
91                 fclose($handle);
92                 $path=substr($request['path'], strlen($basedir));
93                 header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
94         }
95 } elseif ($tools=="unhide" && isset($_GET['h'])) {
96         if ($_SESSION['creds']['user_level'] > 99) {
97                 $request = $squashweb->get_config($_GET['h']);
98                 @unlink($request['path'].'/'.$request[2].'.hidden');
99                 $path=substr($request['path'], strlen($basedir));
100                 header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
101         }
102 } elseif ($tools=="delete" && isset($_GET['h'])) {
103         if ($_SESSION['creds']['user_level'] > 99) {
104                 if ($_GET['h'] == "multiple") {
105                         $h_post = $_POST['h'];
106                         foreach ($h_post as $h_key => $h) {
107                                 $request = $squashweb->get_config($h);
108                                 $squashweb->delete_file($h, $_SESSION['creds']);
109                         }
110                 } else {
111                         $h = $_GET['h'];
112                         $request = $squashweb->get_config($h);
113                         $squashweb->delete_file($h, $_SESSION['creds']);
114                 }
115                 $path=substr($request['path'], strlen($basedir));
116                 header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
117         }
118 } elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) {
119
120         require_once("smarty/Smarty.class.php");
121
122         $smarty = new Smarty;
123
124         $smarty->assign('user_level', $_SESSION['creds']['user_level']);
125         $smarty->assign('user_name', $_SESSION['creds']['user_name']);
126         $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
127
128         $smarty->assign('edited_user', $_GET['user']);
129
130         $tree = $squashweb->show_rights_tree($path, 0, $_GET['user']);
131
132         $smarty->assign('style', $tree['style']);
133         $smarty->assign('layout', $tree['layout']);
134
135         $smarty->assign('debug', $vars['debug']);
136         $smarty->assign('folderrights', $squashweb->folderrights());
137         $smarty->assign('userrights', $squashweb->userrights());
138         $smarty->display('admin.tpl');
139
140 } elseif (@$_GET['tools']=='users' && $_SESSION['creds']['user_level'] > 100) {
141
142         if ($submitted['type']=="update")
143                 $squashweb->update_users($submitted);
144         if ($submitted['type']=="disable")
145                 $squashweb->disable_users($submitted);
146         if ($submitted['type']=="delete")
147                 $squashweb->remove_users($submitted);
148         if ($submitted['type']=="new")
149                 $squashweb->insert_users($submitted, $_SESSION['creds']['user_level']);
150         require_once("smarty/Smarty.class.php");
151
152         $smarty = new Smarty;
153
154         $smarty->assign('user_level', $_SESSION['creds']['user_level']);
155         $smarty->assign('user_name', $_SESSION['creds']['user_name']);
156         $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
157
158         if ($_SESSION['creds']['user_level'] > 199) {
159                 $smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) );
160         } else {
161                 $smarty->assign('user_levels', array(55 => 'user' ) );
162         }
163         $smarty->assign('debug',$vars['debug']);
164
165         $smarty->display('udmin.tpl');
166
167 } elseif ($_GET['tools']=='logs' && $_SESSION['creds']['user_level'] > 100) {
168         $logtype=($_GET['logtype']) ? $_GET['logtype'] : 'all';
169         require_once("smarty/Smarty.class.php");
170
171         $smarty = new Smarty;
172
173         $smarty->assign('user_level', $_SESSION['creds']['user_level']);
174         $smarty->assign('user_name', $_SESSION['creds']['user_name']);
175         $smarty->assign('logtype', $logtype);
176         $smarty->assign('logs', $squashweb->get_logs($logtype));
177
178         $smarty->display('logs.tpl');
179
180 } else {
181         //show overview
182
183         require_once("smarty/Smarty.class.php");
184
185         $smarty = new Smarty;
186
187         /***
188         *       $config:: array
189         *       [0]     ->      versioncode
190         *       [1]     ->      date&time
191         *       [2]     ->      filename
192         *       [3]     ->      filesize
193         *       [4]     ->      chunksize
194         *       [5]     ->      chunkcount
195         *       [6]     ->      CRC32 checksum
196         ***/
197
198         $configs_num = $squashweb->get_configs();
199
200         $configs_sorted = named_records_sort($configs_num, 'lastchange', true);
201
202         foreach ($configs_sorted as $key => $value) {
203                 $configs[$key]['squashed'] = $value['squashed'];
204                 $configs[$key]['version'] = $value[0];
205                 //$configs[$key]['date'] = $value[1]; //removed because user local creation date is irrelevant
206                 $configs[$key]['name'] = $value[2];
207                 $configs[$key]['size'] = $value[3];
208                 $configs[$key]['chunk_size'] = $value[4];
209                 $configs[$key]['chunks'] = $value[5];
210                 $configs[$key]['crc'] = $value[6];
211                 $paths[substr($value['path'], strlen($basedir))]=array_pop(explode('/',$value['path']));
212                 (strpos($value['mime'],'ideo')) ? $embedable=true : $embedable=false;
213                 (@array_sum($value['stats']) == $value[5]) ? $finished=true : $finished=false;
214
215                 $configs[$key]['embedable'] = $embedable;
216                 $configs[$key]['finished'] = $finished;
217                 $configs[$key]['mime'] = $value['mime'];
218                 $configs[$key]['status'] = $value['status'];
219                 $configs[$key]['hidden'] = $value['hidden'];
220                 $configs[$key]['chunks_finished'] = @array_sum($value['stats']);
221                 if ($finished) {
222                         $configs[$key]['chunks_partial'] = $configs[$key]['chunks_finished'];
223                 } else {
224                         $continue = true;
225                         foreach($value['stats'] as $sk => $sv) {
226                                 if ($continue) {
227                                         $configs[$key]['chunks_partial'] = $configs[$key]['chunks_partial']+$sv;
228                                         if ($sv != '1.00') $continue=false;
229                                 }
230                         }
231                 }
232                 $configs[$key]['date'] = date('d.m.y - H:i:s - T', $value['added']);
233                 $configs[$key]['lastchange'] = date('d.m.y - H:i:s - T', $value['lastchange']);
234         }
235
236
237         //set base folders
238         $basepath['/'] = '&nbsp;top&nbsp;';
239         foreach (explode('/',$subf) as $key => $value) {
240                 if ($value != '') {
241                         $bpath .= '/'.$value;
242                         $basepath[$bpath] = $value;
243                 }
244         }
245         $smarty->assign('debug', $vars['debug']);
246         $smarty->assign('user_level', $_SESSION['creds']['user_level']);
247         $smarty->assign('user_name', $_SESSION['creds']['user_name']);
248         $smarty->assign('folderrights', $squashweb->folderrights());
249
250         $smarty->assign('squashed', $configs);
251         $smarty->assign('paths', $paths);
252         $smarty->assign('base', $basepath);
253         $smarty->assign('currentfolder', $subf);
254         $subs = $squashweb->subfolders();
255         asort($subs);
256         $smarty->assign('subfolders', $subs);
257
258         //if($vars[debug])print_r($configs);
259         if (!$vars['newtpl'])
260                 $smarty->display('index.tpl'); //Display normal template
261         if ($vars['newtpl'])
262                 $smarty->display('wip_massdelete.tpl'); //Display Work In Progress template
263
264 }
265 // vim: syntax=php ts=4 sw=4 sts=4 sr noet
266 ?>