<?
if (!$_SESSION[creds][validated] && !isset($_GET['f']))exit();

require_once("squasher.class.php");

$squashweb = new squashweb();

$squashweb->update_history();

//set root directory
$basedir = "../uploads";
if (isset($_GET['path']) && $_GET['path']!=NULL && strlen($_GET['path'])!=1){
	$subf = $_GET['path'];
	$path = $basedir . $subf;
}
else{
	$path = $basedir;
}
$squashweb->set_root($basedir);

if ((isset($_GET['f']) && $_GET['f']!=NULL) || (isset($_GET['d']) && $_GET['d']!=NULL) || $_GET['show_all']==true || $_GET['tools']=='hide' || $_GET['tools']=='unhide' || $_GET['tools']=='delete'){
	$getdeepfiles=true;
	$populate=false;
}else{
	$getdeepfiles=false;
	$populate=true;
}

//update folder rights if form is submitted
if($submitted['edited_user'] > 0 && $submitted['formtype'] == 'folderrights') $squashweb->update_rights($submitted,$_SESSION[creds][user_level]);

//set folder rights
if (isset($_GET['f']) && $_GET['f']!=NULL){
	$squashweb->give_rights(0);
}else{
	$squashweb->give_rights($_SESSION[creds][user_id]);
}

if (isset($_GET['f']) && $_GET['f']!=NULL){
	$f_q = "SELECT * FROM file_hash WHERE md5_hash = '".$_GET['f']."'";
	$f_r = mysql_query($f_q);
	$f_o = mysql_fetch_object($f_r);

	//log downloads
	@mysql_query("INSERT INTO log (hash,file,action,user_id,user_name,ip,date) VALUES ('".$_GET['f']."','{$f_o->file}','download','".$_SESSION[creds][user_id]."','".$_SESSION[creds][user_name]."','".$_SERVER[REMOTE_ADDR]."',NOW())");

	$_hpath_arr=explode("/",$f_o->file);
	$file=array_pop($_hpath_arr); //Remove filename
	$path=implode("/",$_hpath_arr);
	$squashweb->read_single_file($path,$file);
	#$squashweb->read_directory($path,false,true,false,false);
}else{
	//parse folders for readable files
	$squashweb->read_directory($path,true,true,$getdeepfiles,$populate);
}

//check if a file is requested
if (isset($_GET['f']) && $_GET['f']!=NULL){
	//get the config of requested file
	$request = $squashweb->get_config($_GET['f']);
	
	//------------------------------------
	//-check-file-and-request-type--start-
	//------------------------------------
	if (strpos($request['mime'],'ideo') && isset($_GET['d'])){ //embed video
		$squashweb->embed_video($_GET['f']);	
	}
	elseif (strpos($request['mime'],'ideo') && isset($_GET['x'])){	//show stream playlist
		$squashweb->create_playlist($_GET['f'],$_GET['x'],$request[2]);
	}
	else{	//show requested file
	#	header('Cache-control: private');
		header('Content-Disposition: attachment; filename="'.$request[2].'"');
		header("Content-Type: ".$request['mime']);
		if($request[3])header('Content-Length: '.$request[3]);
		#@ob_flush();
		@flush();
		$squashweb->print_files($request['path'],$request[2]);
	}
	//---------------------------------
	//-check-file-and-request-type-end-
	//---------------------------------

}elseif ($tools=="hide" && isset($_GET['h'])){
	if ($_SESSION[creds][user_level] > 99){
		$request = $squashweb->get_config($_GET['h']);
		$handle = fopen($request['path'].'/'.$request[2].'.hidden', 'x');
		fwrite($handle, 'hidden by '.$_SESSION[creds][user_name]);
		fclose($handle);
		$path=substr($request['path'],strlen($basedir));
		header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
	}
}elseif ($tools=="unhide" && isset($_GET['h'])){
	if ($_SESSION[creds][user_level] > 99){
		$request = $squashweb->get_config($_GET['h']);
		@unlink($request['path'].'/'.$request[2].'.hidden');
		$path=substr($request['path'],strlen($basedir));
		header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path) ;
	}
}elseif ($tools=="delete" && isset($_GET['h'])){
	if ($_SESSION[creds][user_level] > 99){
		if ($_GET['h'] == "multiple"){
			$h_post = $_POST['h'];
			foreach ($h_post as $h_key => $h){
				$request = $squashweb->get_config($h);
				$squashweb->delete_file($h,$_SESSION[creds]);
			}
		}else{
			$h = $_GET['h'];
			$request = $squashweb->get_config($h);
			$squashweb->delete_file($h,$_SESSION[creds]);
		}
		$path=substr($request['path'],strlen($basedir));
		header( 'Location: '.$_SERVER['PHP_SELF'].'?path='.$path);
	}
}elseif ($_GET['tools']=='access' && $_SESSION[creds][user_level] > 100){

require_once("smarty/Smarty.class.php");

$smarty = new Smarty;

	$smarty->assign('user_level',$_SESSION[creds][user_level]);
	$smarty->assign('user_name',$_SESSION[creds][user_name]);
	$smarty->assign('users',$squashweb->get_users($_SESSION[creds][user_level]));

	$smarty->assign('edited_user',$_GET['user']);
	
	$tree = $squashweb->show_rights_tree($path,0,$_GET['user']);
	
	$smarty->assign('style',$tree[style]);
	$smarty->assign('layout',$tree[layout]);
	
	$smarty->assign('debug',$vars[debug]);
	$smarty->assign('folderrights',$squashweb->folderrights());
	$smarty->assign('userrights',$squashweb->userrights());
	$smarty->display('admin.tpl');
	
}elseif ($_GET['tools']=='users' && $_SESSION[creds][user_level] > 100){

if ($submitted[type]=="update"){$squashweb->update_users($submitted);}
if ($submitted[type]=="disable"){$squashweb->disable_users($submitted);}
if ($submitted[type]=="delete"){$squashweb->remove_users($submitted);}
if ($submitted[type]=="new"){$squashweb->insert_users($submitted,$_SESSION[creds][user_level]);}
require_once("smarty/Smarty.class.php");

$smarty = new Smarty;

	$smarty->assign('user_level',$_SESSION[creds][user_level]);
	$smarty->assign('user_name',$_SESSION[creds][user_name]);
	$smarty->assign('users',$squashweb->get_users($_SESSION[creds][user_level]));

	if ($_SESSION[creds][user_level] > 199){
	$smarty->assign('user_levels', array(155 => 'admin' , 55 => 'user' ) );
	}else{
	$smarty->assign('user_levels', array(55 => 'user' ) );
	}
	$smarty->assign('debug',$vars[debug]);

	$smarty->display('udmin.tpl');

}elseif ($_GET['tools']=='logs' && $_SESSION[creds][user_level] > 100){
	$logtype=($_GET['logtype']) ? $_GET['logtype'] : 'all';
	require_once("smarty/Smarty.class.php");

	$smarty = new Smarty;

	$smarty->assign('user_level',$_SESSION[creds][user_level]);
	$smarty->assign('user_name',$_SESSION[creds][user_name]);
	$smarty->assign('logtype',$logtype);
	$smarty->assign('logs',$squashweb->get_logs($logtype));

	$smarty->display('logs.tpl');

}else{	//show overview

require_once("smarty/Smarty.class.php");

$smarty = new Smarty;

	/***
	*	$config:: array
	*	[0]	->	versioncode
	*	[1]	->	date&time
	*	[2]	->	filename
	*	[3]	->	filesize
	*	[4]	->	chunksize
	*	[5]	->	chunkcount
	*	[6]	->	CRC32 checksum
	***/
	
$configs_num = $squashweb->get_configs();

$configs_sorted = named_records_sort($configs_num,'lastchange',true);

foreach ($configs_sorted AS $key => $value){
	$configs[$key]['squashed'] = $value['squashed'];
	$configs[$key]['version'] = $value[0];
	//$configs[$key]['date'] = $value[1]; //removed because user local creation date is irrelevant
	$configs[$key]['name'] = $value[2];
	$configs[$key]['size'] = $value[3];
	$configs[$key]['chunk_size'] = $value[4];
	$configs[$key]['chunks'] = $value[5];
	$configs[$key]['crc'] = $value[6];
	$paths[substr($value['path'], strlen($basedir))]=array_pop(explode('/',$value['path']));
	(strpos($value['mime'],'ideo')) ? $embedable=true : $embedable=false; 	
	(@array_sum($value['stats']) == $value[5]) ? $finished=true : $finished=false;

	$configs[$key]['embedable'] = $embedable;
	$configs[$key]['finished'] = $finished;
	$configs[$key]['mime'] = $value['mime'];
	$configs[$key]['status'] = $value['status'];
	$configs[$key]['hidden'] = $value['hidden'];
	$configs[$key]['chunks_finished'] = @array_sum($value['stats']);
	if($finished){
		$configs[$key]['chunks_partial'] = $configs[$key]['chunks_finished'];
	}else{
		$continue=true;
		foreach($value['stats'] AS $sk => $sv){
			if($continue){
				$configs[$key]['chunks_partial']=$configs[$key]['chunks_partial']+$sv;
				if($sv != '1.00')$continue=false;
			}
		}
	}
	$configs[$key]['date'] = date('d.m.y - H:i:s - T',$value['added']);
	$configs[$key]['lastchange'] = date('d.m.y - H:i:s - T',$value['lastchange']);
}


//set base folders
	$basepath['/']='&nbsp;top&nbsp;';
foreach (explode('/',$subf) AS $key => $value){
	if ($value != ''){
		$bpath.='/'.$value;
		$basepath[$bpath]=$value;
	}
}
$smarty->assign('debug',$vars[debug]);
$smarty->assign('user_level',$_SESSION[creds][user_level]);
$smarty->assign('user_name',$_SESSION[creds][user_name]);
$smarty->assign('folderrights',$squashweb->folderrights());

$smarty->assign('squashed',$configs);
$smarty->assign('paths',$paths);
$smarty->assign('base',$basepath);
$smarty->assign('currentfolder',$subf);
$subs = $squashweb->subfolders();
asort($subs);
$smarty->assign('subfolders',$subs);

//if($vars[debug])print_r($configs);
if(!$vars[newtpl])$smarty->display('index.tpl'); //Display normal template
if($vars[newtpl])$smarty->display('wip_massdelete.tpl'); //Display Work In Progress template

}
?>