Thread: [Openfirst-cvscommit] members workspace.php,NONE,1.1
Brought to you by:
xtimg
Menu
▾
▴
openfirst-cvscommit
|
From: <xt...@us...> - 2003-07-28 01:21:51
|
Update of /cvsroot/openfirst/members
In directory sc8-pr-cvs1:/tmp/cvs-serv31243
Added Files:
workspace.php
Log Message:
Commit many changes, bugfixes, and features. Namely, the creation of a personal workspace for all users who wish to activate it, with quotas, file type recognition, online editing of files, user group and other permissions, and the framework to support multiple directories implemented (though directory creation is not implemented, yet). Also lay foundation for adding division pages into members area.
--- NEW FILE: workspace.php ---
<?php
/*
* openFIRST.members - workspace.php
*
* Copyright (C) 2003,
* openFIRST Project
* Original Author: Tim Ginn <tim...@po...>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
*/
include("../config/globals.php");
// Get important data used throughout this.
$wsu = mysql_query("SELECT * FROM ofirst_workspace_users WHERE user='$user->user';");
$ws = mysql_fetch_object($wsu);
if($_GET["action"] == "view" && isset($_GET["view"]) == true) {
if($_GET["owner"] == $user->user) {
$file = $ws->virtfspath . "/" . $_GET["file"];
} else {
$vfs = mysql_fetch_object(mysql_query("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_GET["owner"] . "';"));
$file = $vfs->virtfspath;
}
if ($fd = fopen ($file, "rb")) {
header("Pragma: ");
header("Cache-Control: ");
header("Content-type: application/octet-stream");
header("Content-Disposition: attachment; filename=\"".basename($file)."\"");
header("Content-length: " . filesize($file));
fpassthru($fd);
}
} else {
include($header);
}
function fileicon ($extension='unknown') {
$extension = strtolower($extension);
$query = mysql_query("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$extension';");
if (mysql_num_rows($query) != 0){
while ($fi = mysql_fetch_object($query)) {
return("<img src='$fi->image' alt='$fi->description' title='$fi->description'>");
}
} else {
return(fileicon('unknown'));
}
}
if(isset($user->user)) {
if($_POST["action"] == "modify") {
echo("Your modifications to "" . $_POST["file"] . "" have been made [ <a href='workspace.php'>Return to workspace</a> ]");
$vfs = mysql_fetch_object(mysql_query("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_POST["owner"] . "';"));
$fi = fopen($vfs->virtfspath . "/" . $_POST["filepath"] . "/" . $_POST["file"], 'w');
fputs($fi, $_POST["newdata"]);
fclose($fi);
die(include($footer));
} elseif ($_POST["action"] == "setperm") {
mysql_query("UPDATE ofirst_workspace_files SET permissions='" . $_POST["userperm"] . $_POST["groupperm"] . $_POST["otherperm"] . "' WHERE name='" . $_POST["file"] . "' AND owner='" . $_POST["owner"] . "' AND location='" . $_POST["filepath"] . "';");
echo("Permissions on file "" . $_POST["file"] . "" have been modified. [ <a href='workspace.php'>Return to workspace</a> ]");
die(include($footer));
}
if(isset($_GET["action"])) {
// Handle file deletion
if($_GET["action"] == "delete" && isset($_GET["confirmed"]) == false && $_GET["owner"] == $user->user) {
echo("Are you sure you want to delete "" . $_GET["file"] . "" in the " . $_GET["filepath"] . " directory?<br><a href='workspace.php?confirmed=true&file=" . $_GET["file"] . "&action=delete&filepath=" . $_GET["filepath"] . "'>Yes, I'm sure</a> <a href='workspace.php'>No, I've changed my mind</a>");
die(include($footer));
} elseif($_GET["action"] == "delete" && isset($_GET["confirmed"]) == true) {
$del = mysql_query("DELETE FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND owner='$user->user' AND location='" . $_GET["filepath"] . "';");
unlink($ws->virtfspath . "/" . $_GET["file"]);
echo("The file <strong>"" . $_GET["file"] . ""</strong> has been deleted. [ <a href='workspace.php'>Workspace</a> ]");
die(include($footer));
} elseif($_GET["action"] == "delete" && $_GET["owner"] != $user->user && isset($_GET["owner"]) == true) {
echo("You cannot delete files which you do not own. [ <a href='workspace.php'>Return to workspace</a> ]");
die(include($footer));
}
// Handle file modification
if($_GET["action"] == "modify") {
$fi = mysql_fetch_object(mysql_query("SELECT * FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND location='" . $_GET["filepath"] . "'
AND owner='" . $_GET["owner"] . "';"));
echo("<h1>Modify " . $_GET["file"] . "</h1>
<table style='width: 500px;'>
<tr><td style='width: 200px;'>
<table>
<tr><th>File Name</th><td>" . $_GET["file"] . "</td></tr>
<tr><th>File Type</th><td>");
$query = mysql_query("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$fi->filetype';");
if (mysql_num_rows($query) != 0){
while ($fil = mysql_fetch_object($query)) {
echo("<img src='$fil->image' alt='$fil->description' title='$fil->description'><br>$fil->description");
$fimg = $fil->image;
}
} else {
echo(fileicon('unknown') . " Unknown File Type");
}
echo(" </td></tr>
<tr><th>File Owner</th><td>$fi->owner</td></tr>
<tr><th>Permissions</th><td>");
if($fi->owner != $user->user) { echo $fi->permissions; } else {
echo("<form name='permissions' action='workspace.php' method='post'>
<input type='hidden' name='file' value='". $_GET["file"] ."'>
<input type='hidden' name='owner' value='" . $_GET["owner"] . "'>
<input type='hidden' name='filepath' value='" . $_GET["filepath"] . "'>
<input type='hidden' name='action' value='setperm'>"); ?>
<br>User:
<select name="userperm">
<option value="-r--" <?php if(substr($fi->permissions, 0,4) == "-r--") { echo
"selected='selected'"; } ?>>View</option>
<option value="--w-" <?php if(substr($fi->permissions, 0,4) == "--w-") { echo
"selected='selected'"; } ?>>Modify</option>
<option value="-rw-" <?php if(substr($fi->permissions, 0,4) == "-rw-") { echo
"selected='selected'"; } ?>>View and Modify</option>
</select>
<br>Group:
<select name="groupperm">
<option value="---" <?php if(substr($fi->permissions, 4,3) == "---") { echo "selected='selected'"; } ?>>No Access</option>
<option value="r--" <?php if(substr($fi->permissions, 4,3) == "r--") { echo "selected='selected'"; } ?>>View</option>
<option value="-w-" <?php if(substr($fi->permissions, 4,3) == "-w-") { echo "selected='selected'"; } ?>>Modify</option>
<option value="rw-" <?php if(substr($fi->permissions, 4,3) == "rw-") { echo "selected='selected'"; } ?>
>View and Modify</option>
</select>
<br>Other:
<select name="otherperm">
<option value="---" <?php if(substr($fi->permissions, 7,3) == "---") { echo "selected='selected'"; } ?>>No Access</option>
<option value="r--" <?php if(substr($fi->permissions, 7,3) == "r--") { echo "selected='selected'"; } ?>>View</option>
<option value="-w-" <?php if(substr($fi->permissions, 7,3) == "-w-") { echo "selected='selected'"; } ?>>Modify</option>
<option value="rw-" <?php if(substr($fi->permissions, 7,3) == "rw-") { echo "selected='selected'"; } ?>>View and Modify</option>
</select>
<input type="submit" value="Modify Permissions">
</form>
<?php
}
echo("</td></tr>
</table></td><td>");
if($fimg == "icons/mimetypes/html.png" || $fimg == "icons/mimetypes/txt.png") {
if (($fi->division == $user->division && substr($fi->permissions, 5,1) == "w") || ($fi->owner == $user->user && substr($fi->permissions, 2,1) == "w") || (substr($fi->permissions, 8,1) == "w")) {
echo("<form method='post' action='workspace.php'>");
echo("<textarea name='newdata' style='width: 275px; height: 125px;'>");
$vfs = mysql_fetch_object(mysql_query("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_GET["owner"] . "';"));
$fi = fopen($vfs->virtfspath . "/" . $_GET["filepath"] . "/" . $_GET["file"], 'r');
fpassthru($fi);
fclose($fi);
echo("</textarea>
<input type='hidden' name='file' value='". $_GET["file"] ."'>
<input type='hidden' name='owner' value='" . $_GET["owner"] . "'>
<input type='hidden' name='filepath' value='" . $_GET["filepath"] . "'>
<input type='hidden' name='action' value='modify'>
<input type='submit' name='modify' id='modify' value='Modify File'>
</form>");
} else {
echo("You do not have the permission required to edit this file");
}
} else {
echo("You cannot edit files of this type online. $fil->image");
}
echo("</td></tr>
</table>");
echo("<p>[ <a href='workspace.php'>Return to workspace</a> ]</p>");
die(include($footer));
}
// Handle file viewing (complete with information on what viewer to use to open the file)
if($_GET["action"] == "view" && isset($_GET["view"]) == false) {
$fi = mysql_fetch_object(mysql_query("SELECT * FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND location='" . $_GET["filepath"] . "' AND owner='" . $_GET["owner"] . "';"));
echo("<h1>View " . $_GET["file"] . "</h1>
<table>
<tr><th>File Name</th><td>" . $_GET["file"] . "</td></tr>
<tr><th>File Type</th><td>");
$query = mysql_query("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$fi->filetype';");
if (mysql_num_rows($query) != 0){
while ($fil = mysql_fetch_object($query)) {
echo("<img src='$fil->image' alt='$fil->description' title='$fil->description'> $fil->description");
}
} else {
echo(fileicon('unknown') . " Unknown File Type");
}
echo(" </td></tr>
<tr><th>File Owner</th><td>$fi->owner</td></tr>
<tr><th>File Size</th><td>$fi->size kilobytes</td></tr>
<tr><th>File Location</th><td>$fi->location</td></tr>
<tr><th>Division</th><td>$fi->division</td></tr>
<tr><th>Permissions</th><td>$fi->permissions</td></tr>
<tr><th>Date</th><td>$fi->date</td></tr>
<tr><th>Description</th><td>$fi->description</td></tr>
</table><p><a href='workspace.php?view=true&" . $_SERVER["QUERY_STRING"] . "'>Proceed to view this file</a> | <a href='workspace.php'>Return to workspace</a></p>");
die(include($footer));
}
}
if(isset($_POST["uploadfile"]) == true) {
$filename = $_FILES['userfile']['tmp_name'][0];
$name = str_replace(" ", "-", $_FILES['userfile']['name'][0]);
copy($filename, "$ws->virtfspath/" . $_POST["filepath"] . "/$name");
$uf = mysql_query("INSERT INTO ofirst_workspace_files (size, location, owner, division, permissions, date, description, filetype, name) VALUES('" .( filesize("$ws->virtfspath/" . $_POST["filepath"] . "/$name") / 1024). "', '" . $_POST["filepath"] . "', '$user->user', '" . $_POST["division"] . "', '" . $_POST["userperm"] . $_POST["groupperm"] . $_POST["otherperm"] . "', '" . date('D M d Y h:m:s') . "', '" . $_POST["description"] . "', '" . strtolower(substr($name, strrpos($name, ".") +1)) . "', '$name');");
echo("File "$name" has been uploaded successfully. [ <a href='workspace.php'>Workspace</a> | <a href='workspace.php?file=$name&action=view&filepath=" . $_POST["filepath"] ."'>View</a> ]");
die(include($footer));
}
?>
<h1>Personal Workspace</h1>
<p><?php
if($_GET["filepath"] == "") { $filepath = "/"; } else {$filepath = $_GET["filepath"]; }
$files = mysql_fetch_object(mysql_query("SELECT SUM(size) as used FROM ofirst_workspace_files
WHERE owner='$user->user';"));
if(mysql_num_rows($wsu) == 1) {
?>
<table style="width: 500px;">
<tr><td style="vertical-align: top;">
<table style="width: 155px;">
<tr><th style="width: 50px;">User</th><td><?php echo $ws->user; ?></td></tr>
<tr><th style="width: 50px;">Usage</th><td style="width: 105px;">
<img src="line.png" alt="[graph of disk usage]" style="height: 4px; width: <?php
$diskusage = $files->used;
echo(round($files->used / 1024, 2) / $ws->quota) * 100; ?>px;">
<br><?php echo(round($files->used / 1024, 2) . " of $ws->quota"); ?> Megabytes</td></tr>
</table></td><td>
<p><strong>Your Files (<?php echo($filepath); ?>)</strong></p>
<table>
<?php
$files = mysql_query("SELECT * FROM ofirst_workspace_files WHERE owner='$user->user' AND location='$filepath';");
echo("<tr><th>File
Type</th><th>Name</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th>
<th>Actions</th></tr>");
while($file = mysql_fetch_object($files)) {
echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->division</td>
<td>$file->permissions</td><td>$file->date</td><td>$file->description</td><td>
<a href='workspace.php?file=$file->name&owner=$file->owner&action=view&filepath=$filepath'>View</a>
<br><a href='workspace.php?file=$file->name&owner=$file->owner&action=modify&filepath=$filepath'>Modify</a>
<br><a href='workspace.php?file=$file->name&owner=$file->owner&action=delete&filepath=$filepath'>Delete</a>
</td></tr>");
}
?>
</table>
Add a file:
<?php
if((int) ($diskusage / 1024) > (int) $ws->quota) {
echo("<p>You have met or exceeded your quota, and may not add new files. If you require your quota to be increased, please contact an administrator.</p>");
} else {
?>
<form action="workspace.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="filepath" value="<?php echo($filepath); ?>">
<table>
<tr><th>File</th><td> <input name="userfile[]" type="file"></td></tr>
<tr><th>Division</th><td><select name="division"><?php
$d = mysql_query("SELECT division FROM ofirst_divisions;");
while($di = mysql_fetch_object($d)) {
if($di->division == $user->division) {
echo("<option value='$di->division' selected='selected'>$di->division</option>");
} else {
echo("<option value='$di->division'>$di->division</option>");
}
}
?></td></tr>
<tr><th>Permissions</th><td>User:
<select name="userperm">
<option value="-r--">View</option>
<option value="--w-">Modify</option>
<option value="-rw-" selected="selected">View and Modify</option>
</select>
<br>Group:
<select name="groupperm">
<option value="---" selected="selected">No Access</option>
<option value="r--">View</option>
<option value="-w-">Modify</option>
<option value="rw-">View and Modify</option>
</select>
<br>Other:
<select name="otherperm">
<option value="---" selected="selected">No Access</option>
<option value="r--">View</option>
<option value="-w-">Modify</option>
<option value="rw-">View and Modify</option>
</select>
</td></tr>
<tr><th>Description</th><td><input name="description" type="text"></td></tr>
<tr><th>Submit</th><td> <input type="submit" name="uploadfile" id="uploadfile" value="Send file"></td>
</table>
</form>
<?php
}
?>
<p>Browse Division Files</p>
<table>
<?php
$files = mysql_query("SELECT * FROM ofirst_workspace_files WHERE permissions like '____r%';");
echo("<tr><th>File
Type</th><th>Name</th><th>Owner</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th>
<th>Actions</th></tr>");
while($file = mysql_fetch_object($files)) {
echo("<tr><td>" . fileicon($file->filetype) .
"</td><td>$file->name</td><td>$file->owner</td><td>$file->division</td>
<td>$file->permissions</td><td>$file->date</td><td>$file->description</td><td>
<a
href='workspace.php?file=$file->name&owner=$file->owner&action=view&filepath=$filepath'>View</a>
<br><a href='workspace.php?file=$file->name&owner=$file->owner&action=modify&filepath=$filepath'>Modify</a>
</td></tr>");
}
?>
</table>
<p>Browse General Files</p>
<table>
<?php
$files = mysql_query("SELECT * FROM ofirst_workspace_files WHERE permissions like '%r__';");
echo("<tr><th>File
Type</th><th>Name</th><th>Owner</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th>
<th>Actions</th></tr>");
while($file = mysql_fetch_object($files)) {
echo("<tr><td>" . fileicon($file->filetype) .
"</td><td>$file->name</td><td>$file->owner</td><td>$file->division</td>
<td>$file->permissions</td><td>$file->date</td><td>$file->description</td><td>
<a href='workspace.php?file=$file->name&owner=$file->owner&action=view&filepath=$filepath'>View</a>
<br><a href='workspace.php?file=$file->name&owner=$file->owner&action=modify&filepath=$filepath'>Modify</a>
</td></tr>");
}
?>
</table>
</td>
</table>
</table>
<?php
} else {
if($_GET["activate"] == true) {
mysql_query("INSERT INTO ofirst_workspace_users (quota, user, virtfspath, frozen) VALUES('10', '$user->user', '" . getcwd() . "/virtfs/$user->user/', '0');");
mkdir(getcwd() . "/virtfs/$user->user/");
echo("Congratulations, your workspace has been created. [ <a href='workspace.php'>Continue</a> ]");
} else {
echo("You do not have a workspace account. If you would like, you may <a href='workspace.php?activate=true'>Activate your workspace account.</a>");
}
}
?></p>
<?php } else {
showlogin();
}
include($footer); ?>
|
×
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.
Thanks for helping keep SourceForge clean.
X