Project

General

Profile

1 4 ryan
<?php
2 1400 FrankH
/**
3
 *
4
 * @category        admin
5
 * @package         admintools
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id$
14
 * @filesource		$HeadURL:  $
15
 * @lastmodified    $Date:  $
16
 *
17
 */
18 4 ryan
19
// Get dir name and target location
20 1457 Luisehahne
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
21
$name = (isset(${$requestMethod}['name'])) ? ${$requestMethod}['name'] : '';
22
if($name == '') {
23 4 ryan
	header("Location: index.php");
24 286 stefan
	exit(0);
25 4 ryan
}
26 1457 Luisehahne
27
// Target location
28
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
29
$target = (isset(${$requestMethod}['target'])) ? ${$requestMethod}['target'] : '';
30
if($target == '') {
31 4 ryan
	header("Location: index.php");
32 286 stefan
	exit(0);
33 4 ryan
}
34
35
// Print admin header
36
require('../../config.php');
37
require_once(WB_PATH.'/framework/class.admin.php');
38 1457 Luisehahne
// suppress to print the header, so no new FTAN will be set
39
$admin = new admin('Media', 'media_create', false);
40 1400 FrankH
if (!$admin->checkFTAN())
41
{
42 1457 Luisehahne
	$admin->print_header();
43
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
44 1400 FrankH
}
45 1457 Luisehahne
// After check print the header
46
$admin->print_header();
47 1400 FrankH
48 4 ryan
// Include the WB functions file
49
require_once(WB_PATH.'/framework/functions.php');
50
51
// Check to see if name or target contains ../
52 1400 FrankH
if(strstr($name, '..')) {
53 4 ryan
	$admin->print_error($MESSAGE['MEDIA']['NAME_DOT_DOT_SLASH']);
54
}
55 1400 FrankH
if (!check_media_path($target, false)) {
56
	w_debug("target: $target");
57 4 ryan
	$admin->print_error($MESSAGE['MEDIA']['TARGET_DOT_DOT_SLASH']);
58
}
59
60
// Remove bad characters
61
$name = media_filename($name);
62
63
// Create relative path of the new dir name
64 1457 Luisehahne
$directory = WB_PATH.$target.'/'.$name;
65 4 ryan
66 1457 Luisehahne
/*
67 4 ryan
// Check to see if the folder already exists
68
if(file_exists($relative)) {
69
	$admin->print_error($MESSAGE['MEDIA']['DIR_EXISTS']);
70
}
71 1457 Luisehahne
*/
72 4 ryan
73 1457 Luisehahne
if ( sizeof(createFolderProtectFile( $directory )) )
74
{
75
	$admin->print_error($MESSAGE['MEDIA']['DIR_NOT_MADE']);
76
} else {
77
	$usedFiles = array();
78
    // feature freeze
79
	// require_once(ADMIN_PATH.'/media/dse.php');
80 4 ryan
	$admin->print_success($MESSAGE['MEDIA']['DIR_MADE']);
81
}
82
83 1457 Luisehahne
// Print admin
84 4 ryan
$admin->print_footer();