Index: add-from-server.php =================================================================== --- add-from-server.php (revision 10730) +++ add-from-server.php (working copy) @@ -50,6 +50,19 @@ wp_admin_css('css/media'); } +function frmsvr_get_root(){ + if (defined('FRMSVR_ROOT')) + $rootPath = FRMSVR_ROOT; + else + $rootPath = '/'; + + $rootPath = realpath($rootPath); + $rootPath = str_replace('\\','/',$rootPath); + $rootPath = trailingslashit($rootPath); + + return $rootPath; +} + function frmsvr_get_cwd(){ $subpath = ''; if( isset($_REQUEST['directory']) ) @@ -63,27 +76,33 @@ $path = str_replace('\\','/',$path); $path = trailingslashit($path); - + + // Prevents from browsing higher than the root + $rootPath = frmsvr_get_root(); + if (substr($path, 0, strlen($rootPath)) != $rootPath) + $path = $rootPath; + update_option('frmsvr_last_folder', $path); - + return $path; } + function frmsvr_list_files($dest = 'return'){ $cwd = frmsvr_get_cwd(); $dir = dir($cwd); - + $list = $dirs = $files = array(); - + while( false !== ($file = $dir->read())){ if( $file == '.' || $file == '..' ) continue; if( is_dir($cwd . '/' . $file) ) $dirs[] = array('name' => $file, 'dir' => true, 'file' => false ); - else + else $files[] = array('name' => $file, 'dir' => false, 'file' => true ); } $list = array_merge($dirs, $files); //Organises it into dirs first, then files. - + $content = frmsrv_walk_files($list); if( $dest == 'return' ) return $content; @@ -95,7 +114,7 @@ $post_id = intval($_REQUEST['post_id']); $base = frmsvr_get_cwd(); $folderurl = get_option('siteurl') . '/wp-admin/media-upload.php?tab=server&post_id=' . $post_id . '&directory='; - + $return = "
"; $return .= " @@ -105,10 +124,12 @@ $return .= ''; - $return .= " - - - "; + if ($base != frmsvr_get_root()) + $return .= " + + + "; + $file_count = 0; foreach($files as $file){ $filename = $file['name']; @@ -135,21 +156,21 @@ $return .= ''; $return .= '
" . __('Import', 'add-from-server') . '
 " . __('Parent Folder', 'add-from-server') . "
 " . __('Parent Folder', 'add-from-server') . "
'; - //Let the plugin work with the "Post Uploads" plugin of mine :) + //Let the plugin work with the "Post Uploads" plugin of mine :) if( function_exists('pu_checkbox') ){ $ret = pu_checkbox(false); if( $ret ) $ret .= sprintf('(%s)', __('Note: Will not take effect if selected file is within an upload folder at present', 'add-from-server')); $return .= '

' . $ret . '

'; } - + //Offer to not assoc. with this post. $return .= '

' . __('Do not add selected files to current post Gallery', 'add-from-server') . '

'; $return .= '
'; - + return $return; } @@ -171,7 +192,7 @@ function frmsvr_handle_file($file, $gallery = true){ $post_id = $gallery && isset($_REQUEST['post_id']) ? $_REQUEST['post_id'] : 0; //If the post id is set and we're adding to a gallery. - + $wp_filetype = wp_check_filetype( $file, null ); extract( $wp_filetype ); @@ -190,33 +211,33 @@ if( preg_match('|^' . str_replace('\\','\\\\',realpath(ABSPATH . $uploads_folder)) . '(.*)|i', $file, $mat) ) { //First line of business.. Check that file isnt allready in the media library!. $mat[1] = str_replace('\\', '/', $mat[1]); //Sanitize windows paths. - + $filename = basename($file); $new_file = $file; if ( !$url = get_option('upload_url_path') ) $url = trailingslashit(get_option('siteurl')); - + $url .= rtrim($uploads_folder,'/') . '/' . ltrim($mat[1],'/');; - + global $wpdb; $results = $wpdb->get_col( $wpdb->prepare("SELECT ID FROM `{$wpdb->posts}` WHERE `guid` = '%s' AND `post_type` = 'attachment'", $url) ); if( count($results) > 0 ) return $results[0]; //Kill function off at this point.. It exists in the media library allready. - + //Ok, Its in the uploads folder, But NOT in WordPress's media library. if( preg_match("|(\d+)/(\d+)|", $mat[1], $datemat) ) { $time = mktime(0,0,0,$datemat[2], 1, $datemat[1]); $post_date = date( 'Y-m-d H:i:s', $time); $post_date_gmt = gmdate( 'Y-m-d H:i:s', $time); } - } else { + } else { $filename = wp_unique_filename( $uploads['path'], basename($file), $unique_filename_callback ); // copy the file to the uploads dir $new_file = $uploads['path'] . '/' . $filename; if ( false === @ copy( $file, $new_file ) ) return $upload_error_handler( $file, sprintf( __('The uploaded file could not be moved to %s.' ), $uploads['path'] ) ); - + // Set correct file permissions $stat = stat( dirname( $new_file )); $perms = $stat['mode'] & 0000666; @@ -224,7 +245,7 @@ // Compute the URL $url = $uploads['url'] . '/' . $filename; } - + $title = preg_replace('/\.[^.]+$/', '', basename($file)); $content = ''; @@ -235,7 +256,7 @@ if ( trim($image_meta['caption']) ) $content = $image_meta['caption']; } - + if ( empty($post_date) ) $post_date = current_time('mysql'); if ( empty($post_date_gmt) ) @@ -267,14 +288,14 @@ media_upload_header(); $post_id = intval($_REQUEST['post_id']); $form_action_url = get_option('siteurl') . '/wp-admin/media-upload.php?tab=server&post_id=' . $post_id; - + $cwd = frmsvr_get_cwd(); - + if( ! empty($_POST) ) frmsvr_handle_import(array_keys((array)$_POST['files'])); if( isset($_GET['upload-file']) ) frmsvr_handle_import( array($_GET['upload-file']) ); - + ?>


Fatal error: Call to undefined function: _e() in /mnt/108/sda/6/3/n.bernier/divers/add-from-server.php.diff on line 199