c8006469b46053282b5b16f5edeb5332e5a38fb7
[squasher.git] / squasher.php
1 <?php
2 if (!$_SESSION['creds']['validated'] && !isset($_GET['f']))
3         exit();
4
5 require_once("squasher.class.php");
6
7 $squashweb = new squashweb();
8
9 $squashweb->update_history();
10
11 //set root directory
12 $basedir = "../uploads";
13 if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1) {
14         $subf = $_GET['path'];
15         $path = $basedir . $subf;
16 } else {
17         $subf = '/';
18         $path = $basedir;
19 }
20
21 $squashweb->set_root($basedir);
22
23 if (@$_GET['f'] || @$_GET['d']  || @$_GET['show_all']==true || @$_GET['tools']=='hide' || @$_GET['tools']=='unhide' || @$_GET['tools']=='delete') {
24         $getdeepfiles=true;
25         $populate=false;
26 } else {
27         $getdeepfiles=false;
28         $populate=true;
29 }
30
31 //update folder rights if form is posted
32 if (@$_POST['edited_user'] > 0 && @$_POST['formtype'] == 'folderrights')
33         $squashweb->update_rights($_POST['edited_user'], $_POST['m'], $_SESSION['creds']['user_level']);
34
35 //set folder rights
36 if (@$_GET['f']) {
37         $squashweb->give_rights(2);
38 } else {
39         $squashweb->give_rights($_SESSION['creds']['user_id']);
40 }
41
42 if (@$_GET['f']) {
43         $f_q = "SELECT * FROM file_hash WHERE md5_hash = '".mysql_escape_string($_GET['f'])."'";
44         $f_r = mysql_query($f_q);
45         $f_o = mysql_fetch_object($f_r);
46
47         //log downloads
48         @mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".mysql_escape_string($_GET['f'])."','".mysql_escape_string($f_o->file)."','download','".mysql_escape_string($_SESSION['creds']['user_id'])."','".mysql_escape_string($_SESSION['creds']['user_name'])."','".mysql_escape_string($_SERVER['REMOTE_ADDR'])."',NOW())");
49
50         $_hpath_arr=explode("/", $f_o->file);
51         $file=array_pop($_hpath_arr); //Remove filename
52         $path=implode("/", $_hpath_arr);
53         $squashweb->read_single_file($path, $file);
54         #$squashweb->read_directory($path, false, true, false, false);
55 } else {
56         //parse folders for readable files
57         $squashweb->read_directory($path, true, true, $getdeepfiles, $populate);
58 }
59
60 //check if a file is requested
61 if (@$_GET['f']) {
62         //get the config of requested file
63         $request = $squashweb->get_config($_GET['f']);
64
65         //------------------------------------
66         //-check-file-and-request-type--start-
67         //------------------------------------
68         if (strpos($request['mime'],'ideo') && isset($_GET['d'])) { //embed video
69                 $squashweb->embed_video($_GET['f']);
70         }
71         elseif (strpos($request['mime'],'ideo') && isset($_GET['x'])) { //show stream playlist
72                 $squashweb->create_playlist($_GET['f'],$_GET['x'],$request[2]);
73         }
74         else {  //show requested file
75         #       header('Cache-control: private');
76                 header('Content-Disposition: attachment; filename="'.$request[2].'"');
77                 header("Content-Type: ".$request['mime']);
78                 if ($request[3])header('Content-Length: '.$request[3]);
79                 #@ob_flush();
80                 @flush();
81                 $squashweb->print_files($request['path'], $request[2]);
82         }
83         //---------------------------------
84         //-check-file-and-request-type-end-
85         //---------------------------------
86
87 } elseif (@$_GET['tools']=="hide" && @$_GET['h']) {
88         if ($_SESSION['creds']['user_level'] > 99) {
89                 $request = $squashweb->get_config($_GET['h']);
90                 $handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x');
91                 fwrite($handle, 'hidden by '.$_SESSION['creds']['user_name']);
92                 fclose($handle);
93                 $path=substr($request['path'], strlen($basedir));
94                 header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
95         }
96 } elseif (@$_GET['tools']=="unhide" && isset($_GET['h'])) {
97         if ($_SESSION['creds']['user_level'] > 99) {
98                 $request = $squashweb->get_config($_GET['h']);
99                 @unlink($request['path'].'/'.$request[2].'.hidden');
100                 $path=substr($request['path'], strlen($basedir));
101                 header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
102         }
103 } elseif (@$_GET['tools']=="delete" && isset($_GET['h'])) {
104         if ($_SESSION['creds']['user_level'] > 99) {
105                 if ($_GET['h'] == "multiple") {
106                         $h_post = $_POST['h'];
107                         foreach ($h_post as $h_key => $h) {
108                                 $request = $squashweb->get_config($h);
109                                 $squashweb->delete_file($h, $_SESSION['creds']);
110                         }
111                 } else {
112                         $h = $_GET['h'];
113                         $request = $squashweb->get_config($h);
114                         $squashweb->delete_file($h, $_SESSION['creds']);
115                 }
116                 $path=substr($request['path'], strlen($basedir));
117                 header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
118         }
119 } elseif (@$_GET['tools']=='access' && $_SESSION['creds']['user_level'] > 100) {
120
121         require_once("smarty/Smarty.class.php");
122
123         $smarty = new Smarty;
124
125         $smarty->assign('user_level', $_SESSION['creds']['user_level']);
126         $smarty->assign('user_name', $_SESSION['creds']['user_name']);
127         $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
128
129         $smarty->assign('edited_user', @$_GET['user']);
130
131         $tree = $squashweb->show_rights_tree($path, 0, @$_GET['user']);
132
133         $smarty->assign('style', $tree['style']);
134         $smarty->assign('layout', $tree['layout']);
135
136         $smarty->assign('debug', @$_GET['debug']);
137         $smarty->assign('folderrights', $squashweb->folderrights());
138         $smarty->assign('userrights', $squashweb->userrights());
139         $smarty->display('admin.tpl');
140
141 } elseif (@$_GET['tools']=='users' && $_SESSION['creds']['user_level'] > 100) {
142         $type = @$_POST['type'];
143         if ($type=="update")
144                 $squashweb->update_users($_POST['u']);
145         if ($type=="disable")
146                 $squashweb->disable_users($_POST['u']);
147         if ($type=="delete")
148                 $squashweb->remove_users($_POST['u']);
149         if ($type=="new")
150                 $squashweb->insert_users($_POST['u'], $_SESSION['creds']['user_level']);
151         require_once("smarty/Smarty.class.php");
152
153         $smarty = new Smarty;
154
155         $smarty->assign('user_level', $_SESSION['creds']['user_level']);
156         $smarty->assign('user_name', $_SESSION['creds']['user_name']);
157         $smarty->assign('users', $squashweb->get_users($_SESSION['creds']['user_level']));
158
159         if ($_SESSION['creds']['user_level'] > 199) {
160                 $smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) );
161         } else {
162                 $smarty->assign('user_levels', array(55 => 'user' ) );
163         }
164         $smarty->assign('debug', @$_GET['debug']);
165
166         $smarty->display('udmin.tpl');
167
168 } elseif (@$_GET['tools']=='logs' && $_SESSION['creds']['user_level'] > 100) {
169         $logtype=@$_GET['logtype'];
170         if (!$logtype)
171                 $logtype = 'all';
172         require_once("smarty/Smarty.class.php");
173
174         $smarty = new Smarty;
175
176         $smarty->assign('user_level', $_SESSION['creds']['user_level']);
177         $smarty->assign('user_name', $_SESSION['creds']['user_name']);
178         $smarty->assign('logtype', $logtype);
179         $smarty->assign('logs', $squashweb->get_logs($logtype));
180
181         $smarty->assign('debug', @$_GET['debug']);
182         $smarty->display('logs.tpl');
183
184 } else {
185         //show overview
186
187         require_once("smarty/Smarty.class.php");
188
189         $smarty = new Smarty;
190
191         /***
192         *       $config:: array
193         *       [0]     ->      versioncode
194         *       [1]     ->      date&time
195         *       [2]     ->      filename
196         *       [3]     ->      filesize
197         *       [4]     ->      chunksize
198         *       [5]     ->      chunkcount
199         *       [6]     ->      CRC32 checksum
200         ***/
201
202         $configs_num = $squashweb->get_configs();
203
204         $configs_sorted = named_records_sort($configs_num, 'lastchange', true);
205
206         $configs = array();
207         $paths = array();
208
209         foreach ($configs_sorted as $key => $value) {
210                 $configs[$key]['squashed'] = $value['squashed'];
211                 $configs[$key]['version'] = $value[0];
212                 //$configs[$key]['date'] = $value[1]; //removed because user local creation date is irrelevant
213                 $configs[$key]['name'] = $value[2];
214                 $configs[$key]['size'] = $value[3];
215                 $configs[$key]['chunk_size'] = $value[4];
216                 $configs[$key]['chunks'] = $value[5];
217                 $configs[$key]['crc'] = $value[6];
218                 $paths[substr($value['path'], strlen($basedir))]=array_pop(explode('/',$value['path']));
219                 (strpos($value['mime'],'ideo')) ? $embedable=true : $embedable=false;
220                 (@array_sum($value['stats']) == $value[5]) ? $finished=true : $finished=false;
221
222                 $configs[$key]['embedable'] = $embedable;
223                 $configs[$key]['finished'] = $finished;
224                 $configs[$key]['mime'] = $value['mime'];
225                 $configs[$key]['status'] = $value['status'];
226                 $configs[$key]['hidden'] = $value['hidden'];
227                 $configs[$key]['chunks_finished'] = @array_sum($value['stats']);
228                 if ($finished) {
229                         $configs[$key]['chunks_partial'] = $configs[$key]['chunks_finished'];
230                 } else {
231                         $continue = true;
232                         foreach($value['stats'] as $sk => $sv) {
233                                 if ($continue) {
234                                         $configs[$key]['chunks_partial'] = $configs[$key]['chunks_partial']+$sv;
235                                         if ($sv != '1.00') $continue=false;
236                                 }
237                         }
238                 }
239                 $configs[$key]['date'] = date('d.m.y - H:i:s - T', $value['added']);
240                 $configs[$key]['lastchange'] = date('d.m.y - H:i:s - T', $value['lastchange']);
241         }
242
243
244         //set base folders
245         $basepath['/'] = '&nbsp;top&nbsp;';
246         $bpath = '';
247         foreach (explode('/', $subf) as $key => $value) {
248                 if ($value != '') {
249                         $bpath .= '/'.$value;
250                         $basepath[$bpath] = $value;
251                 }
252         }
253         $smarty->assign('debug', @$_GET['debug']);
254         $smarty->assign('user_level', $_SESSION['creds']['user_level']);
255         $smarty->assign('user_name', $_SESSION['creds']['user_name']);
256         $smarty->assign('folderrights', $squashweb->folderrights());
257
258         $smarty->assign('squashed', $configs);
259         $smarty->assign('paths', $paths);
260         $smarty->assign('base', $basepath);
261         $smarty->assign('currentfolder', $subf);
262         $subs = $squashweb->subfolders();
263         if ($subs)
264                 asort($subs);
265         $smarty->assign('subfolders', $subs);
266
267         //if(@$_GET[debug]) print_r($configs);
268         if (!@$_GET['newtpl'])
269                 $smarty->display('index.tpl'); //Display normal template
270         else
271                 $smarty->display('wip_massdelete.tpl'); //Display Work In Progress template
272
273 }
274 // vim: syntax=php ts=4 sw=4 sts=4 sr noet
275 ?>