Fixed delete logs
[squasher.git] / squasher.class.php
index 76e86a88afdffb32f541d6284ec9f6144697455c..0b132b306ee534af586d2a25f7ad1285c53494b3 100644 (file)
@@ -241,7 +241,8 @@ function get_rights($user_id) {
 
                        //create folder structure array
                        foreach ($folder_arr AS $key => $value) {
-                               $arr_string .= "['".$value."']";
+                               $value_escaped = str_replace("'", "\\'", $value);
+                               $arr_string .= "['".$value_escaped."']";
                        }
                }
                $arr_string .= "['__access__']";
@@ -329,10 +330,11 @@ function show_rights_tree($path, $depth=0, $userid=0) {
                                                $style[$depth] = ".depth".$depth."{float:right;width:".(600-($depth*10))."px;border-left:2px solid #FFFFFF;border-top:1px solid #FFFFFF;background:#".dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).dechex(14-$depth).";}";
                                        if ($f==1)
                                                $layout .= "<div class='depth".$depth."'>";
-                                       $layout .= "<div class='white_border' >".$file."</div>\n";
-                                       $layout .= "<div class='check_deny'><input name='m[".$name."]' value=0 type=radio ".$check_deny."></div>\n";
-                                       $layout .= "<div class='check_allow'><input name='m[".$name."]' value=1 type=radio ".$check_allow."></div>\n";
-                                       $layout .= "<div class='check_all'><input name='m[".$name."]' value=2 type=radio ".$check_all."></div>\n";
+                                       $layout .= "<div class='white_border' >".htmlspecialchars($file)."</div>\n";
+                                       $name_escaped = htmlspecialchars($name);
+                                       $layout .= '<div class="check_deny"><input name="m['.$name_escaped.']" value=0 type=radio '.$check_deny."></div>\n";
+                                       $layout .= '<div class="check_allow"><input name="m['.$name_escaped.']" value=1 type=radio '.$check_allow."></div>\n";
+                                       $layout .= '<div class="check_all"><input name="m['.$name_escaped.']" value=2 type=radio '.$check_all."></div>\n";
                                        $sub_return = $this->show_rights_tree($filename,$depth+1,$userid);
                                        if (is_array($style) && is_array($sub_return['style']))
                                                $style = $style + $sub_return['style'];
@@ -910,8 +912,8 @@ function file_crc_debug($file) {
 
 function delete_file($h, $s) {
        $request = $this->get_config($h);
+       $filepath=$request['path'].'/'.$request[2];
        if (strpos($request['path'], './uploads/ftp')) {
-               $filepath=$request['path'].'/'.$request[2];
                #remove file
                if (is_file($filepath))
                        @unlink($filepath);
@@ -1047,76 +1049,6 @@ function set_mime($filename) {
        return $mime;
 }
 
-function embed_video($h) {
-       /*JASPER FIX, use config->systemurl */
-               ?>
-      <!-- begin embedded WindowsMedia file... -->
-      <table border='0' cellpadding='0' align="center">
-      <tr><td>
-      <OBJECT id='mediaPlayer'
-      classid='CLSID:22d6f312-b0f6-11d0-94ab-0080c74c7e95'
-      codebase='http://activex.microsoft.com/activex/controls/mplayer/en/nsmp2inf.cab#Version=5,1,52,701'
-      standby='Loading Microsoft Windows Media Player components...' type='application/x-oleobject'>
-      <param name='fileName' value="http://master.squasher.netformatie.nl/?x=asx&f=<?=$h;?>">
-      <param name='animationatStart' value='true'>
-      <param name='transparentatStart' value='true'>
-      <param name='autoStart' value="true">
-      <param name='showControls' value="true">
-      <param name='loop' value="true">
-                       <param name="BufferingTime" value="3">
-      <EMBED type='application/x-mplayer2'
-        pluginspage='http://microsoft.com/windows/mediaplayer/en/download/'
-        id='mediaPlayer' name='mediaPlayer' autosize='1'
-        bgcolor='darkblue' showcontrols="true" showtracker='-1'
-        showdisplay='0' showstatusbar='-1' videoborder3d='-1' width='480' height='320'
-        src="http://master.squasher.netformatie.nl/?x=asx&f=<?=$h;?>" autostart="true" designtimesp='5311' loop="true">
-      </EMBED>
-      </OBJECT>
-      </td></tr>
-      <!-- ...end embedded WindowsMedia file -->
-       <!-- begin link to launch external media player... -->
-        <tr><td align='center'>
-        <a href="http://master.squasher.netformatie.nl/?x=asx&f=<?=$h;?>" style='font-size: 85%;' target='_blank'>Launch in external player</a>
-        <!-- ...end link to launch external media player... -->
-        </td></tr>
-      </table>
-               <?
-       }
-
-function create_playlist($h, $t='asx', $title='Title') {
-       switch ($t) {
-
-               case 'asx':
-
-                       header('Content-Disposition: attachment; filename="stream.asx"');
-                       echo '<ASX version="3.0">
-<title>Squasher Streaming Video</title>
-       <Entry>
-               <title>Video Stream</title>
-               <ref HREF="http://master.squasher.netformatie.nl/?a=x&f='.$h.'"/>
-       </Entry>
-</ASX>';
-
-                       break;
-
-               case 'vlc':
-                       header('Content-Disposition: attachment; filename="stream.'.$t.'"');
-                       echo '#EXTM3U
-#EXTINF:-1,Squasher Streaming Video - '.$title.'
-http://master.squasher.netformatie.nl/?a=x&f='.$h.'';
-
-                       break;
-
-               case 'm3u':
-               default:
-                       header('Content-Disposition: attachment; filename="stream.m3u"');
-                       echo '#EXTM3U
-#EXTINF:-1,Squasher Streaming Video - '.$title.'
-http://master.squasher.netformatie.nl/?a=x&f='.$h.'';
-
-                       break;
-               }
-       }
 }
 // vim: syntax=php ts=4 sw=4 sts=4 sr noet
 ?>