Mirrors
/
movim
mirror of https://github.com/movim/movim
3
0
Fork 0
Code Releases Activity
Browse Source

- Add index.html in users folders to prevent browsing 

- Add remove feature in the gallery
- Add restrictions in upload.php
- Fix some CSS stuff
pull/16/head
Jaussoin Timothée 13 years ago
parent
c7d203b455
commit
881016c18a
7 changed files with 98 additions and 48 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 28
      system/User.php
  2. 55
      system/Widget/widgets/Media/Media.php
  3. 28
      system/Widget/widgets/Media/media.css
  4. 6
      system/Widget/widgets/MediaUpload/MediaUpload.php
  5. 12
      themes/movim/css/style2.css
  6. 17
      upload.php
  7. 0
      users/index.html

28
system/User.php
View File

@ -8,9 +8,14 @@
class User {
private $xmppSession;
private $username = '';
public $username = '';
private $password = '';
private $config = array();
public $userdir;
public $useruri;
public $sizelimit;
/**
* Class constructor. Reloads the user's session or attempts to authenticate
@ -23,9 +28,28 @@ class User {
global $session;
$this->username = $session['user'].'@'.$session['host'];
$this->config = $session['config'];
$this->sizelimit = (int)Conf::getServerConfElement('sizeLimit');
$this->userdir = BASE_PATH.'users/'.$this->username.'/';
$this->useruri = BASE_URI.'users/'.$this->username.'/';
}
}
/**
* Get the current size in bytes of the user directory
*/
function dirSize()
{
$sum = 0;
foreach(scandir($this->userdir) as $s) {
if($s != '.' && $s != '..' && $s != 'index.html')
$sum = $sum + filesize($this->userdir.$s);
}
return $sum;
}
/**
* Checks if the user has an open session.

55
system/Widget/widgets/Media/Media.php
View File

@ -19,23 +19,15 @@
*/
class Media extends WidgetBase {
private $_userdir;
private $_useruri;
public $_sizelimit;
function WidgetLoad()
{
$this->addcss('media.css');
$this->addjs('media.js');
$this->_sizelimit = (int)Conf::getServerConfElement('sizeLimit');
$this->_userdir = BASE_PATH.'users/'.$this->user->getLogin().'/';
$this->_useruri = BASE_URI.'users/'.$this->user->getLogin().'/';
if(!is_dir($this->_userdir))
mkdir($this->_userdir);
if(!is_dir($this->user->userdir)) {
mkdir($this->user->userdir);
touch($this->user->userdir.'index.html');
}
$this->registerEvent('media', 'onMediaUploaded');
}
@ -47,32 +39,33 @@ class Media extends WidgetBase {
RPC::commit();
}
function dirSize()
function ajaxDeleteItem($name)
{
$sum = 0;
foreach(scandir($this->_userdir) as $s) {
if($s != '.' && $s != '..')
$sum = $sum + filesize($this->_userdir.$s);
}
unlink($this->user->userdir.'thumb_'.$name);
unlink($this->user->userdir.'medium_'.$name);
unlink($this->user->userdir.$name);
return $sum;
$this->ajaxRefreshMedia();
}
function listFiles()
{
$html = '<ul class="thumb">';
foreach(scandir($this->_userdir) as $s) {
foreach(scandir($this->user->userdir) as $s) {
if(
$s != '.' &&
$s != '..' &&
substr($s, 0, 6) != 'thumb_' &&
substr($s, 0, 7) != 'medium_')
substr($s, 0, 7) != 'medium_'
&& $s != 'index.html')
$html .=
'<a href="?q=media&f='.$s.'">
<li style="background-image: url('.$this->_useruri.'thumb_'.$s.');"></li>
</a>';
'<li style="background-image: url('.$this->user->useruri.'thumb_'.$s.');">
<a href="?q=media&f='.$s.'">
</a>
<div class="remove" onclick="'.$this->genCallAjax('ajaxDeleteItem', "'".$s."'").'">x</div>
</li>
';
}
$html .= '</ul>';
@ -82,12 +75,12 @@ class Media extends WidgetBase {
function mainFolder()
{
$percent = number_format(($this->dirSize()/$this->_sizelimit)*100, 2);
$percent = number_format(($this->user->dirSize()/$this->user->sizelimit)*100, 2);
$html =
$this->listFiles().'
<span class="size">
'.sizeToCleanSize($this->dirSize()).' '.t('on').' '.sizeToCleanSize($this->_sizelimit).
'.sizeToCleanSize($this->user->dirSize()).' '.t('on').' '.sizeToCleanSize($this->user->sizelimit).
' - '.
$percent.'%
</span>';
@ -99,9 +92,9 @@ class Media extends WidgetBase {
{
//var_dump(exif_read_data($this->_userdir.$f));
if(file_exists($this->_userdir.$f) && getimagesize($this->_userdir.$f) != 0) {
if(file_exists($this->user->userdir.$f) && getimagesize($this->user->userdir.$f) != 0) {
$er = @exif_read_data($this->_userdir.$f);
$er = @exif_read_data($this->user->userdir.$f);
$exif = '';
@ -123,11 +116,11 @@ class Media extends WidgetBase {
$exif .= '<li><span>'.t('Artist').'</span>'.$er['Artist'].'</li>';
}
$exif .= '<li><span>'.t('Original').'</span><a target="_blank" href="'.$this->_useruri.$f.'">'.t('Link').'</a></li>';
$exif .= '<li><span>'.t('Original').'</span><a target="_blank" href="'.$this->user->useruri.$f.'">'.t('Link').'</a></li>';
$html = '
<div class="viewer">
<img src="'.$this->_useruri.'medium_'.$f.'"/>
<img src="'.$this->user->useruri.'medium_'.$f.'"/>
<div class="exif">
<ul>

28
system/Widget/widgets/Media/media.css
View File

@ -19,6 +19,34 @@
border-color: #222;
}
#media ul.thumb a {
position: relative;
}
#media ul.thumb li div.remove {
position: absolute;
bottom: 0px;
right: 0px;
background-color: rgba(0, 0, 0, 0.6);
border-radius: 3px 0px 0px 0px;
font-weight: bold;
width: 26px;
height: 26px;
text-align: center;
line-height: 26px;
font-size: 16px;
display: none;
}
#media ul.thumb li:hover div.remove {
display: block;
}
#media ul.thumb li:hover div.remove:hover {
background-color: black;
cursor: pointer;
}
#media a:link, #media a:visited,
#viewer a:link, #viewer a:visited {
color: #DDD;

6
system/Widget/widgets/MediaUpload/MediaUpload.php
View File

@ -25,10 +25,8 @@ class MediaUpload extends WidgetBase {
}
function build()
{
$media = new Media();
if($media->dirSize() < $media->_sizelimit) {
{
if($this->user->dirSize() < $this->user->sizelimit) {
?>
<div class="tabelem" title="<?php echo t('Upload'); ?>" id="mediaupload">
<form id="upload_form" enctype="multipart/form-data" method="post" action="upload.php">

12
themes/movim/css/style2.css
View File

@ -634,22 +634,22 @@ ul.thumb {
ul.thumb li {
display: inline-block;
width: 100%;
height: 100%;
width: 25%;
height: 150px;
box-sizing: border-box;
-webkit-box-sizing: border-box;
-moz-box-sizing: border-box;
vertical-align: middle;
overflow: hidden;
float: left;
background-size: auto 100%;
position: relative;
}
ul.thumb a {
display: block;
float: left;
width: 25%;
height: 150px;
width: 100%;
height: 100px;
}
/* Breadcrumb */

17
upload.php
View File

@ -17,10 +17,17 @@ define('USER_PATH', BASE_PATH . 'users/'.$user->getLogin().'/');
$error = $_FILES['image_file']['error'];
if ($error == UPLOAD_ERR_OK) {
if ($error == UPLOAD_ERR_OK && $user->dirSize() < $user->sizelimit) {
$tmp_name = $_FILES["image_file"]["tmp_name"];
$name = stringToUri($_FILES["image_file"]["name"]);
move_uploaded_file($tmp_name, USER_PATH.$name);
createThumbnailPicture(USER_PATH, $name);
if(getimagesize($tmp_name) != 0) {
$name = stringToUri($_FILES["image_file"]["name"]);
move_uploaded_file($tmp_name, USER_PATH.$name);
createThumbnailPicture(USER_PATH, $name);
} else {
unlink($tmp_name);
echo '<div class="message error">'.t('Not a picture').'</div>';
}
} else {
echo '<div class="message error">'.t('Folder size limit exceeded').'</div>';
}

0
users/index.html
View File

Write Preview
Loading…
Cancel
Save