diff options
| author | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2005-08-02 06:55:26 +0000 |
|---|---|---|
| committer | Karl 'vollmerk' Vollmer <vollmer@ampache.org> | 2005-08-02 06:55:26 +0000 |
| commit | 2a008dc4abc86385b3059f82a2419b9514882dfe (patch) | |
| tree | f5925786cb4cd1798c6dd8ff8c8fe235cabe0b38 /upload.php | |
| parent | ba04cd2729b62daa1a7aa2d35814992c68c38430 (diff) | |
| download | ampache-2a008dc4abc86385b3059f82a2419b9514882dfe.tar.gz ampache-2a008dc4abc86385b3059f82a2419b9514882dfe.tar.bz2 ampache-2a008dc4abc86385b3059f82a2419b9514882dfe.zip | |
most of the new upload system, barely tested and not finished...
Diffstat (limited to 'upload.php')
| -rw-r--r-- | upload.php | 546 |
1 files changed, 223 insertions, 323 deletions
@@ -1,323 +1,223 @@ -<?php
-/*
-
- This program is free software; you can redistribute it and/or
- modify it under the terms of the GNU General Public License
- as published by the Free Software Foundation; either version 2
- of the License, or (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program; if not, write to the Free Software
- Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
-
-*/
-/*
-
- Copyright (c) 2003 Lamar
- All rights reserved.
-
- **Revised by Vollmerk**
-
- upload.php script.
- saves all uploaded files to the temp/ directory
- then processes the files and moves them to the
- proper directory.
-
- There are two basic modes of operation. HTML
- mode and GUI mode. If GUI mode is enabled a response
- with header 200 will be sent to the GUI.
-
-*/
-
-require_once ("modules/init.php");
-
-
-
-// Set page header
-show_template('header');
-show_menu_items('Upload');
-
-// Access Control
-if(!$user->prefs['upload'] || conf('demo_mode')) {
- access_denied();
-}
-
-/* Action Settings */
-$action = scrub_in($_REQUEST['action']);
-
-
-/*
- FILE UPLOAD SECTION
- This section handles file uploads. File types should
- be declared in the $types hash. This will provide
- an easy lookup mechanism.
-*/
-$types = array(
- 'mp3'=>'music',
- 'MP3'=>'music',
- 'ogg'=>'music',
- 'OGG'=>'music',
- 'WMA'=>'music',
- 'FLAC'=>'music',
- 'flac'=>'music',
- 'm4a' =>'music',
- 'aac' =>'music',
- '.gz'=>'compressed',
- 'tar'=>'compressed',
- 'zip'=>'compressed',
- 'ZIP'=>'compressed',
- );
-
-/* Upload Section Which Processes All Files Sent As Post */
-$audio_info = new Audioinfo();
-
-switch ($action) {
- case 'upload_now':
- // Verify the needed settings are in place
- if (!@chdir($user->prefs['upload_dir']) || strlen($user->prefs['upload_dir']) < 1) {
- break;
- }
-
- //FIXME: Set which catalog it goes into somewhere....
- $sql = "SELECT * FROM catalog LIMIT 1";
- $db_results = mysql_query($sql, dbh());
-
- $results = mysql_fetch_object($db_results);
-
- $catalog = new Catalog($results->id);
-
- // Create arrays
- $filelist = array();
-
- foreach($_FILES as $tagname=>$file){
- /* Skip blank file names */
-
- if( strlen($file['name'] ) ){
-
- // Determine tempfile name
- $tempfile = $file['tmp_name'];
-
- // Determine real file name
- $realname = $user->prefs['upload_dir'] . "/" . $file['name'];
-
- /* Determine Extension */
- $ext = substr( $file['name'], -3 );
-
- /* Prevent Unauthorized file types */
- if( $types[$ext] == 'compressed' ){
- // This section is currently disabled
- }
- elseif( $types[$ext] == 'music' ){
- $error = @move_uploaded_file($tempfile, $realname );
- if( $error )
- {
- $filelist = array( $realname => $file['name'] );
- }
- else{
- switch ($file['error']) {
- case '1':
- $error_text = _("The uploaded file exceeds the upload_max_filesize directive in php.ini");
- break;
- case '2':
- $error_text = _("The uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the HTML form.");
- break;
- case '3':
- $error_text = _("The uploaded file was only partially uploaded.");
- break;
- case '4':
- $error_text = _("No file was uploaded.");
- break;
- default:
- $error_text = _("An Unknown Error has occured.");
- break;
- } // end switch
- if (conf('debug')) {
- log_event($_SESSION['userdata']['username'],'upload',$error_text);
- }
- $message[$file['name']] .= "Error: $error_text";
- $errorenum[$file['name']]=true;
- }
- } // end if known
- // If unknown filetype
- else{
- $message[$file['name']] .= "Error: Unsupported File Type- $ext<br />";
- $errorenum[$file['name']]=true;
- }
- // foreach through files uploaded
- foreach( $filelist as $fullpath => $music ) {
-
- // If we are quarantining the file
- if ($user->prefs['quarantine']) {
- // Log the upload but don't do anything
- $message[$music] .= _("Successfully-Quarantined");
- /* Log the upload */
- $sql = "INSERT INTO upload (`user`,`file`,`addition_time`)" .
- " VALUES ('$user->username','" . sql_escape($fullpath) . "','" . time() . "')";
- $db_results = mysql_query($sql, dbh());
- } // if quarantine
-
- // Go ahead and insert the file
- else {
- $catalog->insert_local_song($fullpath,filesize($fullpath));
- $message[$music] .= _("Successfully-Cataloged");
- } // end foreach
- flush();
- }
- }
-
- } // end foreach
-
- flush();
- /* Display Upload results */
- if( $message ){
- print( "<table align='center'>\n" );
- print( "<th>Filename</th><th>Result</th>\n" );
-
- foreach ( $message as $key => $value ){
- if( $errorenum[$key] ){
- $color="color='red'";
- }
- else{
- $color="color='green'";
- }
- print( "<tr>\n");
- print( "<td><font $color>$key</font></td><td><font $color>$value</font></td>\n");
- print( "</tr>\n");
- }
- print( "</table>\n" );
- }
- require_once(conf('prefix') . "/templates/show_upload.inc");
- break;
- case 'add':
- case 'delete':
- default:
- require_once(conf('prefix') . "/templates/show_upload.inc");
- break;
-} // end of switch on action
-
-echo "\n<br /><br />\n";
-
-/*
- SHOW QUARANTINE SONGS
- This Section Displays Quarantined Songs
- Always process all files in quarantine directory.
- Make a list (and check it twice)
-*/
-$songs = array();
-
-if ( $handle = @opendir($user->prefs['upload_dir'] ) ){
- /* Loop Through the directory */
- while( false !== ($file = readdir( $handle ))){
-
- /* Find extension */
- $ext = substr( $file, -4 );
-
- if(( $ext == '.mp3' )||( $ext == '.ogg' )){
- $songs[$file]=$user->prefs['upload_dir'] . "/" . "$file";
- }
- }
-} // end if upload_dir
-?>
-
-<table class="tabledata" cellspacing="0" cellpadding="0" align="center">
- <tr class="table-header">
- <td><?php echo _("Action"); ?></td>
- <td><?php echo _("Song"); ?></td>
- <td><?php echo _("Artist"); ?></td>
- <td><?php echo _("Album"); ?></td>
- <td><?php echo _("Genre"); ?></td>
- <td><?php echo _("Time"); ?></td>
- <td><?php echo _("Bitrate"); ?></td>
- <td><?php echo _("Size"); ?></td>
- <td><?php echo _("Filename"); ?></td>
- <td><?php echo _("User"); ?></td>
- <td><?php echo _("Date"); ?></td>
- </tr>
-
-<?
- /* Only populate table if valid songs exist */
- if( sizeof($songs) ) {
-
- /* Get file info */
- $audio_info = new Audioinfo();
- $order = conf('id3tag_order');
-
- foreach( $songs as $file=>$song ){
-
- if( $class == "odd" ){
- $class = "even";
- }
- else{
- $class = "odd";
- }
-
- $sql = "SELECT user,addition_time FROM upload WHERE file = '$song'";
- $db_result = mysql_query($sql, dbh());
-
- if( $r = mysql_fetch_object($db_result) ){
- $temp_user = new User($r->user);
- $uname = $temp_user->fullname;
- }
- else{
- $uname = _("Unknown");
- }
-
- /* Get filesize */
- $filesize = @filesize( $song );
- $add_time = date( "r",filemtime( $song ) );
-
- /* get audio information */
- $results = $audio_info->Info($song);
-
- $key = get_tag_type($results);
-
- // Crappy Math time boys and girls!
- //FIXME: Do this right
- $min = floor($results['playing_time']/60);
- $sec = floor($results['playing_time'] - ($min*60));
- $time = $min . ":" . $sec;
-
- echo " <tr class=\"".$class."\">\n";
-
- if( $user->access === 'admin' ){
- echo " <td>\n" .
- " <a href=\"" . $web_path . "upload.php/?action=add&song=$file\">" . _("Add") . "</a><br />\n" .
- " <a href=\"" . $web_path . "upload.php/?action=delete&song=$file\">" . _("Delete") . "</a><br />\n" .
- " </td>\n";
- }
- else{
- echo " <td>" . _("Quarantined") . "</td>\n";
- }
-
-
- echo " <td><a href='" . $web_path .
- "/play/pupload.php?action=m3u&song=$file&uid=$user->username'>" .
- $results[$key][title] . "</a></td>\n";
-
-
- echo " <td>" . $results[$key]['artist'] . " </td>\n";
- echo " <td>" . $results[$key]['album'] . " </td>\n";
- echo " <td>" . $results[$key]['genre'] . "</td>\n";
- echo " <td>" . $time . " </td>\n";
- echo " <td>" . intval($results['avg_bit_rate']/1000) . "-" . $results['bitrate_mode'] . "</td>\n";
- echo " <td>" . sprintf("%.2f",($filesize/1048576)) . "</td>\n";
- echo " <td>$file </td>\n";
- echo " <td>$uname</td>\n";
- echo " <td>$add_time </td>\n";
- echo " </tr>\n";
- }
- }
-
-
-?>
- </table>
-<br />
-<br />
-<br />
-<?php show_page_footer ('Upload', '',$user->prefs['display_menu']); ?>
-
+<?php +/* + + This program is free software; you can redistribute it and/or + modify it under the terms of the GNU General Public License + as published by the Free Software Foundation; either version 2 + of the License, or (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + +*/ +/* + + Copyright (c) 2003 Lamar + All rights reserved. + + **Revised by Vollmerk** + **Chopped to bits and made into PHP nuggets by RosenSama** 2005 + +*/ + +/* FIXME: Things left to do + --need to add debug logging + --Add purge link in catalog admin + --Why do I need to echo something before the message table to show it? + --Handle when uploaded file is a compressed arvchive + --play quar song by admin + --TEST! +*/ + +require_once( "modules/init.php" ); +require_once( "lib/upload.php" ); +// Set page header +show_template('header'); +show_menu_items('Upload'); +show_clear(); + +// Access Control +if(!$user->prefs['upload'] || conf('demo_mode')) { + access_denied(); +} + +$action = scrub_in( $_REQUEST['action'] ); + +switch( $action ) { + case 'upload': + + /* Break if they don't have rights */ + if (!$user->prefs['upload'] OR !$user->has_access(25)) { + break; + } + + /* IF we need to quarantine this */ + if ($user->prefs['quarantine']) { + /* Make sure the quarantine dir is writeable */ + if (!check_upload_directory(conf('quarantine_dir'))) { + $GLOBALS['error']->add_error('general',"Error: Quarantine Directory isn't writeable"); + if (conf('debug')) { + log_event($user->username,' upload ',"Error: Quarantine Directory isn't writeable"); + } + } // if unwriteable + + /* Make sure that it's not in a catalog dir */ + if (find_upload_catalog(conf('quarantine_dir'))) { + $GLOBALS['error']->add_error('general',"Error: Quarantine Directory inside a catalog"); + if (conf('debug')) { + log_event($user->username,' upload ',"Error: Quarantine Directory inside a catalog"); + } + } // if in catalog dir + + foreach ($_FILES as $key => $file) { + + if (strlen($_FILES[$key]['name'])) { + /* Check size and extension */ + if (!check_upload_extension($key)) { + $GLOBALS['error']->add_error($key,"Error: Invalid Extension"); + } + if (!check_upload_size($key)) { + $GLOBALS['error']->add_error($key,"Error: File to large"); + } + + if (!$GLOBALS['error']->error_state) { + $new_filename = upload_file($key,conf('quarantine_dir')); + /* Record this upload then we're done */ + if ($new_filename) { insert_quarantine_record($user->username,'quarantine',$new_filename); } + } // if we havn't had an error + + } // end if there is a file to check + + } // end foreach files + + if ($GLOBALS['error']->error_state) { + show_upload(); + } + else { + show_confirmation("Upload Quarantined", "Your Upload(s) have been quarantined and will be reviewed for addition","upload.php"); + } + + } // if quarantine + + /* Else direct upload time baby! */ + else { + /* Make sure the quarantine dir is writeable */ + if (!check_upload_directory($user->prefs['upload_dir'])) { + $GLOBALS['error']->add_error('general',"Error: Upload Directory isn't writeable"); + if (conf('debug')) { + log_event($user->username,' upload ',"Error: Upload Directory isn't writeable"); + } + } // if unwriteable + + /* Make sure that it's not in a catalog dir */ + if (!$catalog = find_upload_catalog($user->prefs['upload_dir'])) { + $GLOBALS['error']->add_error('general',"Error: Upload Directory not inside a catalog"); + if (conf('debug')) { + log_event($user->username,' upload ',"Error: Upload Directory not inside a catalog"); + } + } // if in catalog dir + + foreach ($_FILES as $key => $file) { + + if (strlen($_FILES[$key]['name'])) { + /* Check size and extension */ + if (!check_upload_extension($key)) { + $GLOBALS['error']->add_error($key,"Error: Invalid Extension"); + } + if (!check_upload_size($key)) { + $GLOBALS['error']->add_error($key,"Error: File to large"); + } + + if (!$GLOBALS['error']->error_state) { + $new_filename = upload_file($key,$user->prefs['upload_dir']); + + /* We aren't doing the quarantine thing, so just insert it */ + if ($new_filename) { $catalog->insert_local_song($new_filename,filesize($new_filename)); } + } // if we havn't had an error + + } // if there is a file to check + + } // end foreach files + + if ($GLOBALS['error']->error_state) { + show_upload(); + } + else { + show_confirmation("Files Uploaded", "Your Upload(s) have been inserted into Ampache and are now live","upload.php"); + } + + } // man this is a bad idea, the catch all should be the conservative option... oooh well + + break; + case 'add': + /* Make sure they have access */ + if($user->has_access(100)) { + $id = scrub_in($_REQUEST['id']); + update_quarantine_record($id,'add'); + show_confirmation("Upload Added","The Upload has been scheduled for a catalog add, please run command line script to add file","upload.php"); + } + else { + access_denied(); + } + break; + case 'delete': + /* Make sure they got them rights */ + if($user->has_access(100)) { + $id = scrub_in($_REQUEST['id']); + update_quarantine_record($id,'delete'); + show_confirmation("Upload Deleted","The Upload has been scheduled for deletion, please run command line script to permently delete this file","upload.php"); + + } + else { + access_denied(); + } + break; + case 'ack': + // everything is ready to bulk ack once we pass multiple ids and put them in $id[] + if( $user->has_access( 100 ) ) { + $id[] = scrub_in( $_REQUEST['id'] ); + $status = upload_ack( $id ); + } else { + access_denied(); + } + break; + + case 'purge': + if( $user->has_access( 100 ) ) { + $status = upload_purge(); + } else { + access_denied(); + } + break; + + default: + show_upload(); + break; +} // end switch on $action + +// display any messages +if( $status ) { + print( "<table align='center'>\n" ); + print( "<th>Filename</th><th>Result</th>\n" ); + foreach( $status as $status_row ) { + $filename = $status_row[0]; + $result = $status_row[1]; + $color = "color='green'"; + if( $status_row[2] ) { + $color = "color='red'"; + } + print( "<tr>\n"); + print( "<td><font $color>$filename</font></td><td><font $color>$result</font></td>\n"); + print( "</tr>\n"); + } // end for each status element + print( "</table>\n" ); +} // end if any messages + + +?> |