Project

General

Profile

1
<?php
2
/**
3
 *
4
 * @category        admin
5
 * @package         admintools
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id: create.php 1457 2011-06-25 17:18:50Z Luisehahne $
14
 * @filesource		$HeadURL:  $
15
 * @lastmodified    $Date:  $
16
 *
17
 */
18

    
19
// Get dir name and target location
20
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
21
$name = (isset(${$requestMethod}['name'])) ? ${$requestMethod}['name'] : '';
22
if($name == '') {
23
	header("Location: index.php");
24
	exit(0);
25
}
26

    
27
// Target location
28
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
29
$target = (isset(${$requestMethod}['target'])) ? ${$requestMethod}['target'] : '';
30
if($target == '') {
31
	header("Location: index.php");
32
	exit(0);
33
}
34

    
35
// Print admin header
36
require('../../config.php');
37
require_once(WB_PATH.'/framework/class.admin.php');
38
// suppress to print the header, so no new FTAN will be set
39
$admin = new admin('Media', 'media_create', false);
40
if (!$admin->checkFTAN())
41
{
42
	$admin->print_header();
43
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
44
}
45
// After check print the header
46
$admin->print_header();
47

    
48
// Include the WB functions file
49
require_once(WB_PATH.'/framework/functions.php');
50

    
51
// Check to see if name or target contains ../
52
if(strstr($name, '..')) {
53
	$admin->print_error($MESSAGE['MEDIA']['NAME_DOT_DOT_SLASH']);
54
}
55
if (!check_media_path($target, false)) {
56
	w_debug("target: $target");
57
	$admin->print_error($MESSAGE['MEDIA']['TARGET_DOT_DOT_SLASH']);
58
}
59

    
60
// Remove bad characters
61
$name = media_filename($name);
62
  
63
// Create relative path of the new dir name
64
$directory = WB_PATH.$target.'/'.$name;
65

    
66
/*
67
// Check to see if the folder already exists
68
if(file_exists($relative)) {
69
	$admin->print_error($MESSAGE['MEDIA']['DIR_EXISTS']);
70
}
71
*/
72

    
73
if ( sizeof(createFolderProtectFile( $directory )) )
74
{
75
	$admin->print_error($MESSAGE['MEDIA']['DIR_NOT_MADE']);
76
} else {
77
	$usedFiles = array();
78
    // feature freeze
79
	// require_once(ADMIN_PATH.'/media/dse.php');
80
	$admin->print_success($MESSAGE['MEDIA']['DIR_MADE']);
81
}
82

    
83
// Print admin
84
$admin->print_footer();
(4-4/15)