Project

General

Profile

1 4 ryan
<?php
2 1400 FrankH
/**
3
 *
4
 * @category        admin
5
 * @package         admintools
6
 * @author          WebsiteBaker Project
7
 * @copyright       2004-2009, Ryan Djurovich
8
 * @copyright       2009-2011, Website Baker Org. e.V.
9
 * @link			http://www.websitebaker2.org/
10
 * @license         http://www.gnu.org/licenses/gpl.html
11
 * @platform        WebsiteBaker 2.8.x
12
 * @requirements    PHP 5.2.2 and higher
13
 * @version         $Id$
14
 * @filesource		$HeadURL:  $
15
 * @lastmodified    $Date:  $
16
 *
17
 */
18 4 ryan
19 1468 Luisehahne
// Print admin header
20
require('../../config.php');
21
require_once(WB_PATH.'/framework/class.admin.php');
22
// suppress to print the header, so no new FTAN will be set
23
$admin = new admin('Media', 'media_create', false);
24
25 4 ryan
// Get dir name and target location
26 1457 Luisehahne
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
27
$name = (isset(${$requestMethod}['name'])) ? ${$requestMethod}['name'] : '';
28
if($name == '') {
29 4 ryan
	header("Location: index.php");
30 286 stefan
	exit(0);
31 4 ryan
}
32 1457 Luisehahne
33
// Target location
34
$requestMethod = '_'.strtoupper($_SERVER['REQUEST_METHOD']);
35
$target = (isset(${$requestMethod}['target'])) ? ${$requestMethod}['target'] : '';
36
if($target == '') {
37 4 ryan
	header("Location: index.php");
38 286 stefan
	exit(0);
39 4 ryan
}
40
41
// Print admin header
42
require('../../config.php');
43
require_once(WB_PATH.'/framework/class.admin.php');
44 1457 Luisehahne
// suppress to print the header, so no new FTAN will be set
45
$admin = new admin('Media', 'media_create', false);
46 1400 FrankH
if (!$admin->checkFTAN())
47
{
48 1457 Luisehahne
	$admin->print_header();
49
	$admin->print_error($MESSAGE['GENERIC_SECURITY_ACCESS']);
50 1400 FrankH
}
51 1457 Luisehahne
// After check print the header
52
$admin->print_header();
53 1400 FrankH
54 4 ryan
// Include the WB functions file
55
require_once(WB_PATH.'/framework/functions.php');
56
57
// Check to see if name or target contains ../
58 1400 FrankH
if(strstr($name, '..')) {
59 4 ryan
	$admin->print_error($MESSAGE['MEDIA']['NAME_DOT_DOT_SLASH']);
60
}
61 1400 FrankH
if (!check_media_path($target, false)) {
62
	w_debug("target: $target");
63 4 ryan
	$admin->print_error($MESSAGE['MEDIA']['TARGET_DOT_DOT_SLASH']);
64
}
65
66
// Remove bad characters
67
$name = media_filename($name);
68
69
// Create relative path of the new dir name
70 1457 Luisehahne
$directory = WB_PATH.$target.'/'.$name;
71 4 ryan
72 1468 Luisehahne
/*  */
73 4 ryan
// Check to see if the folder already exists
74 1468 Luisehahne
if(file_exists($directory)) {
75 4 ryan
	$admin->print_error($MESSAGE['MEDIA']['DIR_EXISTS']);
76
}
77
78 1468 Luisehahne
79 1457 Luisehahne
if ( sizeof(createFolderProtectFile( $directory )) )
80
{
81
	$admin->print_error($MESSAGE['MEDIA']['DIR_NOT_MADE']);
82
} else {
83
	$usedFiles = array();
84
    // feature freeze
85
	// require_once(ADMIN_PATH.'/media/dse.php');
86 4 ryan
	$admin->print_success($MESSAGE['MEDIA']['DIR_MADE']);
87
}
88
89 1457 Luisehahne
// Print admin
90 4 ryan
$admin->print_footer();