Context Navigation

← Previous Changeset
Next Changeset →

Changeset 615301

Timestamp:

10/21/2012 04:39:13 PM (13 years ago)

Author:

fabifott

Message:

WP-Filebase 0.2.9.24

Added field to rename files in file upload form
Configuration of old File Widget will be retained on update. Please change to the new multi-instance widget after updating!
New Option Inaccessible category message
Improved access permission handling for AJAX tree
Fixed OpenOffice download link
New template variable %cat_user_can_access% and %file_user_can_access%
Files are only re-scanned if changed
Fixed external MD5 hashing on Windows
MySQL connection are closed during download
New Template varialbe %file_cat_folder%
Added sync debug info when query variable debug is set to 1 (add &debug=1 to the sync page URL and see the HTML source for backtrace)
Inaccessible categories are displayed in lists, but their content cannot be viewed
Fixed resources URL when using SSL

Location:

wp-filebase

Files:

: 625 added
: 28 edited

Legend:

: Unmodified
: Added
: Removed

wp-filebase/trunk/classes/Admin.php

-                      r599590
+                      r615301
     if($upload_path_base == '' || $upload_path_base == '/')
         $upload_path_base = 'wp-content/uploads';
+    $last_sync_time = intval(get_option(WPFB_OPT_NAME.'_cron_sync_time'));
+    $last_sync_time = ($last_sync_time > 0) ? (" (".sprintf( __('Last cron sync on %1$s at %2$s.',WPFB), date_i18n( get_option( 'date_format', $last_sync_time ) ), date_i18n( get_option( 'time_format', $last_sync_time ) ) ).")") : '';
     return array (
 …
     'inaccessible_msg'      => array('default' => __('You are not allowed to access this file!', WPFB), 'title' => __('Inaccessible file message', WPFB), 'type' => 'text', 'size' => 65, 'desc' => (__('This message will be displayed if users try to download a file they cannot access', WPFB).'. '.__('You can enter a URL to redirect users.', WPFB))),
     'inaccessible_redirect' => array('default' => false, 'title' => __('Redirect to login', WPFB), 'type' => 'checkbox', 'desc' => __('Guests trying to download inaccessible files are redirected to the login page if this option is enabled.', WPFB)),
+    'cat_inaccessible_msg'  => array('default' => __('Access to category denied!', WPFB), 'title' => __('Inaccessible category message', WPFB), 'type' => 'text', 'size' => 65, 'desc' => (__('This message will be displayed if users try to access a category without permission.', WPFB))),
     'login_redirect_src'    => array('default' => false, 'title' => __('Redirect to referring page after login', WPFB), 'type' => 'checkbox', 'desc' => __('Users are redirected to the page where they clicked on the download link after logging in.', WPFB)),
 …
     //'file_context_menu'   => array('default' => true, 'title' => '', 'type' => 'checkbox', 'desc' => ''),
+    'cron_sync' => array('default' => false, 'title' => __('Automatic Sync', WPFB), 'type' => 'checkbox', 'desc' => __('Schedules a cronjob to hourly synchronize the filesystem and the database.', WPFB)),
+    'cron_sync' => array('default' => false, 'title' => __('Automatic Sync', WPFB), 'type' => 'checkbox', 'desc' => __('Schedules a cronjob to hourly synchronize the filesystem and the database.', WPFB).$last_sync_time),
     'search_integration' =>  array('default' => true, 'title' => __('Search Integration', WPFB), 'type' => 'checkbox', 'desc' => __('Searches in attached files and lists the associated posts and pages when searching the site.', WPFB)),
 …
     // file browser
     'disable_footer_credits'  => array('default' => false, 'title' => __('Remove WP-Filebase Footer credits', WPFB), 'type' => 'checkbox', 'desc' => sprintf(__('This disables the footer credits only displayed on <a href="%s">File Browser Page</a>. Why should you keep the credits? Every backlink helps WP-Filebase to get more popular, popularity motivates the developer to continue work on the plugin. Win-Win!', WPFB), get_permalink(WPFB_Core::GetOpt('file_browser_post_id')).'#wpfb-credits')),
+    'disable_footer_credits'  => array('default' => false, 'title' => __('Remove WP-Filebase Footer credits', WPFB), 'type' => 'checkbox', 'desc' => sprintf(__('This disables the footer credits only displayed on <a href="%s">File Browser Page</a>. Why should you keep the credits? Every backlink helps WP-Filebase to get more popular, popularity motivates the developer to continue work on the plugin.', WPFB), get_permalink(WPFB_Core::GetOpt('file_browser_post_id')).'#wpfb-credits')),
     'footer_credits_style'  => array('default' => 'margin:0 auto 2px auto; text-align:center; font-size:11px;', 'title' => __('Footer credits Style', WPFB), 'type' => 'text', 'class' => 'code', 'desc' => __('Set custom CSS style for WP-Filebase footer credits',WPFB),'size'=>80),
     'late_script_loading'   => array('default' => false, 'title' => __('Late script loading', WPFB), 'type' => 'checkbox', 'desc' => __('Scripts will be included in content, not in header. Enable if your AJAX tree view does not work properly.', WPFB)),
 …
 Java|java|http://www.java.com/download/
 Flash|flash|http://get.adobe.com/flashplayer/
 Open Office|ooffice|http://download.openoffice.org/
+Open Office|ooffice|http://www.openoffice.org/download/index.html
 .NET Framework 3.5|.net35|http://www.microsoft.com/downloads/details.aspx?FamilyID=333325fd-ae52-4e35-b531-508d977d32a6",
     'title' => __('Requirements', WPFB), 'type' => 'textarea', 'desc' => $multiple_entries_desc . ' ' . __('You can optionally add |<i>URL</i> to each line to link to the required software/file.', WPFB), 'nowrap' => true),
 …
     'custom_fields'         => array('default' => "Custom Field 1|cf1\nCustom Field 2|cf2", 'title' => __('Custom Fields'), 'type' => 'textarea', 'desc' =>
     __('With custom fields you can add even more file properties.',WPFB).' '.$multiple_entries_desc),
 …
     //'cat_required_level'  => __('The minimum user level to view this category (-1 = guest, 0 = Subscriber ...)', WPFB),
+    'cat_user_can_access'   => sprintf(__('Variable to check if the %s is accessible (boolean 0/1)', WPFB),__('Category')),
     'cat_id'                => __('The category ID', WPFB),
 …
     //'file_required_level' => __('The minimum user level to download this file (-1 = guest, 0 = Subscriber ...)', WPFB),
+    'file_user_can_access'  => sprintf(__('Variable to check if the %s is accessible (boolean 0/1)', WPFB),__('File',WPFB)),
     'file_offline'          => __('1 if file is offline, otherwise 0', WPFB),
     'file_direct_linking'   => __('1 if direct linking is allowed, otherwise 0', WPFB),
 …
     // explicitly set permissions:
     if(!empty($data->cat_perm_explicit) && isset($data->cat_user_roles))
         $cat->SetUserRoles((empty($data->cat_user_roles) || count(array_filter($data->cat_user_roles)) == 0) ? array() : $data->cat_user_roles);
+        $cat->SetReadPermissions((empty($data->cat_user_roles) || count(array_filter($data->cat_user_roles)) == 0) ? array() : $data->cat_user_roles);
     // apply permissions to children
     if($update && !empty($cat_child_apply_perm))
+    {
         $cur = $cat->GetUserRoles();
+        $cur = $cat->GetReadPermissions();
         $childs = $cat->GetChildFiles(true);
         foreach($childs as $child) $child->SetUserRoles($cur);
+        foreach($childs as $child) $child->SetReadPermissions($cur);
         $childs = $cat->GetChildCats(true);
         foreach($childs as $child) $child->SetUserRoles($cur);
+        foreach($childs as $child) $child->SetReadPermissions($cur);
+    }
 …
     // this sets permissions as well:
     $result = $file->ChangeCategoryOrName($file_category, $file_name, $add_existing, !empty($data->overwrite));
+    $result = $file->ChangeCategoryOrName($file_category, empty($data->file_rename) ? $file_name : $data->file_rename, $add_existing, !empty($data->overwrite));
     if(!empty($result['error'])) return $result;
     // explicitly set permissions:
     if(!empty($data->file_perm_explicit) && isset($data->file_user_roles))
         $file->SetUserRoles((empty($data->file_user_roles) || count(array_filter($data->file_user_roles)) == 0) ? array() : $data->file_user_roles);
+        $file->SetReadPermissions((empty($data->file_user_roles) || count(array_filter($data->file_user_roles)) == 0) ? array() : $data->file_user_roles);
     // if there is an uploaded file
 …
         $file->file_size = filesize($file->GetLocalPath());
         $file->file_mtime = filemtime($file->GetLocalPath());
+        $old_hash = $file->file_hash;
         $file->file_hash = WPFB_Admin::GetFileHash($file->GetLocalPath());
+        wpfb_loadclass('GetID3');
+        $file_info = WPFB_GetID3::AnalyzeFile($file);
+        // only analyze files if changed!
+        if($upload || !$update || $file->file_hash != $old_hash)
+        {
+            wpfb_loadclass('GetID3');
+            $file_info = WPFB_GetID3::AnalyzeFile($file);
+        if(!empty($file_info['comments']['picture'][0]['data']))
+            $cover_img =& $file_info['comments']['picture'][0]['data'];
+        elseif(!empty($file_info['id3v2']['APIC'][0]['data']))
+            $cover_img =& $file_info['id3v2']['APIC'][0]['data'];
+        else $cover_img = null;
+        if(!$upload_thumb && empty($data->file_thumbnail) && !empty($cover_img))
+        {
+            $cover = $file->GetLocalPath();
+            $cover = substr($cover,0,strrpos($cover,'.')).'.jpg';
+            file_put_contents($cover, $cover_img);
+            $file->CreateThumbnail($cover, true);
+            @unlink($cover);
+            if(!empty($file_info['comments']['picture'][0]['data']))
+                $cover_img =& $file_info['comments']['picture'][0]['data'];
+            elseif(!empty($file_info['id3v2']['APIC'][0]['data']))
+                $cover_img =& $file_info['id3v2']['APIC'][0]['data'];
+            else $cover_img = null;
+            if(!$upload_thumb && empty($data->file_thumbnail) && !empty($cover_img))
+            {
+                $cover = $file->GetLocalPath();
+                $cover = substr($cover,0,strrpos($cover,'.')).'.jpg';
+                file_put_contents($cover, $cover_img);
+                $file->CreateThumbnail($cover, true);
+                @unlink($cover);
+            }
+        }
+    }
 …
     if(!isset($data->file_direct_linking))
         $data->file_direct_linking = 1; // allow direct linking by default
     $file->file_direct_linking = (int)!empty($data->file_direct_linking);
+    $file->file_direct_linking = intval($data->file_direct_linking);
     if(isset($data->file_post_id))
 …
     WPFB_Core::UpdateOption('template_file_parsed', WPFB_TplLib::Parse(WPFB_Core::GetOpt('template_file')));
     WPFB_Core::UpdateOption('template_cat_parsed', WPFB_TplLib::Parse(WPFB_Core::GetOpt('template_cat')));
-    // parse widget
-    $widget = WPFB_Core::GetOpt('widget');
-    $widget['filelist_template_parsed'] = WPFB_TplLib::Parse($widget['filelist_template']);
-    WPFB_Core::UpdateOption('widget', $widget);
     // parse custom
 …
+}
 // this is used for post filter
 public function ProcessWidgetUpload(){
     $content = '';
     $title = '';
     if(!WPFB_Core::GetOpt('frontend_upload') && !current_user_can('upload_files'))
         wp_die(__('Cheatin&#8217; uh?'). " (disabled)");
+        $nonce_action = $_POST['prefix']."=&cat=".((int)$_POST['cat'])."&overwrite=".((int)$_POST['overwrite']);
+    // nonce/referer check (security)
+    if(!wp_verify_nonce($_POST['wpfb-file-nonce'],$nonce_action) || !check_admin_referer($nonce_action,'wpfb-file-nonce'))
+        wp_die(__('Cheatin&#8217; uh?') . ' (nonce)');
+    {
+        $nonce_action = $_POST['prefix']."=&cat=".((int)$_POST['cat'])."&overwrite=".((int)$_POST['overwrite'])."&file_post_id=".((int)$_POST['file_post_id']);
+        // nonce/referer check (security)
+        if(!wp_verify_nonce($_POST['wpfb-file-nonce'],$nonce_action) || !check_admin_referer($nonce_action,'wpfb-file-nonce'))
+            wp_die(__('Cheatin&#8217; uh?') . ' (nonce)');
+    }
     // if category is set in widget options, force to use this. security done with nonce checking ($_POST['cat'] is reliable)
 …
+}
 static function RolesCheckList($field_name, $selected_roles=array()) {
+static function RolesCheckList($field_name, $selected_roles=array(), $display_everyone=true) {
     global $wp_roles;
     $all_roles = $wp_roles->roles;
 …
     <ul id="<?php echo $field_name; ?>-list" class="wpfilebase-roles-checklist">
 <?php
     echo "<li id='{$field_name}_none'><label class='selectit'><input value='' type='checkbox' name='{$field_name}[]' id='in-{$field_name}_none' ".(empty($selected_roles)?"checked='checked'":"")." onchange=\"jQuery('[id^=in-$field_name-]').prop('disabled', this.checked).prop('checked', false);\" /> <i>".__('Everyone',WPFB)."</i></label></li>";
+    if($display_everyone) echo "<li id='{$field_name}_none'><label class='selectit'><input value='' type='checkbox' name='{$field_name}[]' id='in-{$field_name}_none' ".(empty($selected_roles)?"checked='checked'":"")." onchange=\"jQuery('[id^=in-$field_name-]').prop('disabled', this.checked).prop('checked', false);\" /> <i>".__('Everyone',WPFB)."</i></label></li>";
     foreach ( $all_roles as $role => $details ) {
         $name = translate_user_role($details['name']);
         echo "<li id='$field_name-$role'><label class='selectit'><input value='$role' type='checkbox' name='{$field_name}[]' id='in-$field_name-$role' ".(in_array($role, $selected_roles)?"checked='checked'":"")." ".(empty($selected_roles)?"disabled='disabled'":"")." /> $name</label></li>";
+    }
     ?>
+        echo "<li id='$field_name-$role'><label class='selectit'><input value='$role' type='checkbox' name='{$field_name}[]' id='in-$field_name-$role' ".(in_array($role, $selected_roles)?"checked='checked'":"")." ".((empty($selected_roles)&&$display_everyone)?"disabled='disabled'":"")." /> $name</label></li>";
+    }
+?>
     </ul>
 </div>
 …
+}
+static function GetTmpPath($name) {
+    $dir = WPFB_Core::UploadDir().'/.tmp/'.uniqid($name);
+    self::Mkdir($dir);
+    return $dir;
+}
 static function LockUploadDir($lock=true)
+{
 …
     static $use_php_func = false;
     if($use_php_func) return md5_file($filename);
     $hash = substr(@exec("md5sum \"$filename\""), 0, 32);
+    $hash = substr(trim(substr(@exec("md5sum \"$filename\""), 0, 33),"\\ \t"), 0, 32); // on windows, hash starts with \ if not in same dir!
     if(empty($hash) && file_exists($filename)) {
         $use_php_func = true;
 …
+}
+}
+static function CurUserCanUpload()
+{
+    return (current_user_can('upload_files'));
+}
+static function CurUserCanCreateCat()
+{
+    return  current_user_can('manage_categories');
+}
+}

wp-filebase/trunk/classes/AdminGuiCats.php

-                      r559064
+                      r615301
     $cat_id = $cat->cat_id;
     $parent_cat = $cat->GetParent();
     $user_roles = $cat->GetUserRoles();
+    $user_roles = $cat->GetReadPermissions();
     $title = esc_attr($cat->cat_name);
     if($sub_level > 0) $title = str_repeat('-', $sub_level) . " $title";
 …
     global $wpdb, $user_ID;
+    if ( !WPFB_Admin::CurUserCanCreateCat() )
+        wp_die(__('Cheatin&#8217; uh?'));
     wpfb_loadclass('Category', 'File', 'Admin', 'Output');
 …
     switch($action)
+    {
+        case 'editcat':
+            if ( !current_user_can('manage_categories') )
+                wp_die(__('Cheatin&#8217; uh?'));
+        case 'editcat':
             $cat_id = (int)$_GET['cat_id'];
             $file_category = &WPFB_Category::GetCat($cat_id);
 …
         case 'addcat':
             $update = !empty($update);
-            if ( !current_user_can('manage_categories') )
-                wp_die(__('Cheatin&#8217; uh?'/*def*/));
             $result = WPFB_Admin::InsertCategory(array_merge(stripslashes_deep($_POST), $_FILES));
 …
             //wp_redirect($clean_uri . '&action=manage_cats&message=' . urlencode($message));
+        default:
+            if(!current_user_can('manage_categories'))
+                wp_die(__('Cheatin&#8217; uh?'/*def*/));
+        default:
             if(!empty($_POST['deleteit']))
+            {
                 foreach ( (array) $_POST['delete'] as $cat_id ) {
                     if(is_object($cat = WPFB_Category::GetCat($cat_id)))
+                    if(is_object($cat = WPFB_Category::GetCat($cat_id)) && $cat->CurUserCanEdit())
                         $cat->Delete();
+                }

wp-filebase/trunk/classes/AdminGuiFiles.php

-                      r590827
+                      r615301
     if(isset($_GET['exform'])) {
         $exform = (!empty($_GET['exform']) && $_GET['exform'] == 1);
         update_user_option($user_ID, WPFB_OPT_NAME . '_exform', $exform);
+        update_user_option($user_ID, WPFB_OPT_NAME . '_exform', $exform?1:0);
     } else {
         $exform = (bool)get_user_option(WPFB_OPT_NAME . '_exform');
+        $exform = (get_user_option(WPFB_OPT_NAME . '_exform') === 1);
+    }
 …
         case 'updatefile':
+            if(!current_user_can('upload_files')) wp_die(__('Cheatin&#8217; uh?'));
             $file_id = (int)$_POST['file_id'];
             $update = true;
 …
         case 'addfile':
             $update = !empty($update);
             if ( !current_user_can('upload_files') )
                 wp_die(__('Cheatin&#8217; uh?'));
-            /* // this was causing some trouble...
-            foreach ( array('aa', 'mm', 'jj', 'hh', 'mn') as $timeunit ) {
-                if ( !empty($_POST['hidden_' . $timeunit] ) && $_POST['hidden_' . $timeunit] != $_POST[$timeunit] ) {
-                    $edit_date = true;
-                    break;
+                }
-            }*/
             extract($_POST);
 …
+            }
         default:
+        default:
             if(!current_user_can('upload_files'))
                 wp_die(__('Cheatin&#8217; uh?'));
 …
     ?></h2>
     <?php if ( !empty($message) ) : ?><div id="message" class="updated fade"><p><?php echo $message; ?></p></div><?php endif;
     if($action == 'addfile' || $action == 'updatefile')
+    if(WPFB_Admin::CurUserCanUpload() && ($action == 'addfile' || $action == 'updatefile'))
+    {
         unset($file);
 …
                     $cat = $file->GetParent();
                     $user_roles = $file->GetUserRoles();
+                    $user_roles = $file->GetReadPermissions();
                 ?>
                 <tr id='file-<?php echo $file_id ?>'<?php if($file->file_offline) { echo " class='offline'"; } ?>>
                             <th scope='row' class='check-column'><input type='checkbox' name='delete[]' value='<?php echo $file_id ?>' /></th>
                             <td class="num"><?php echo $file_id ?></td>
+                            <td class="wpfilebase-admin-list-row-title"><a class='row-title' href='<?php echo esc_attr($file->GetEditUrl()) ?>' title='&quot;<?php echo esc_attr($file->file_display_name); ?>&quot; bearbeiten'>
+                            <td class="wpfilebase-admin-list-row-title">
+                            <a class='row-title' href='<?php echo esc_attr($file->GetEditUrl()) ?>' title='&quot;<?php echo esc_attr($file->file_display_name); ?>&quot; bearbeiten'>
                             <?php if(!empty($file->file_thumbnail)) { ?><img src="<?php echo esc_attr($file->GetIconUrl()); ?>" height="32" /><?php } ?>
                             <span><?php if($file->IsRemote()){echo '*';} echo esc_html($file->file_display_name); ?></span>
 …
 <?php
     if($action != 'addfile' && $action != 'updatefile')
+    if($action != 'addfile' && $action != 'updatefile' && WPFB_Admin::CurUserCanUpload())
+    {
         unset($file);

wp-filebase/trunk/classes/AdminGuiManage.php

-                      r599972
+                      r615301
     </script>
     <div class="wrap">
+    <div id="icon-wpfilebase" class="icon32"><br /></div>
     <h2><?php echo WPFB_PLUGIN_NAME; ?></h2>
 …
                 if(!empty($error_msg)) echo '<div class="error default-password-nag"><p>'.$error_msg.'</p></div>';
                     if(WPFB_Core::GetOpt('tag_conv_req')) {
                     echo '<div class="updated"><p><a href="'.add_query_arg('action', 'convert-tags').'">';
                     _e('WP-Filebase content tags must be converted',WPFB);
                     echo '</a></p></div><div style="clear:both;"></div>';
+                }
+                if(!get_post(WPFB_Core::GetOpt('file_browser_post_id'))) {
+                    echo '<div class="updated"><p>';
+                    printf(__('File Browser post or page not set! Some features like search will not work. <a href="%s">Click here to set the File Browser Post ID.</a>',WPFB), esc_attr(admin_url('admin.php?page=wpfilebase_sets#'.sanitize_title(__('File Browser',WPFB)))));
+                    echo '</p></div><div style="clear:both;"></div>';
+                }
 …
                 array('action' => 'sync',
                 )); ?>" class="button"><?php _e('Sync Filebase',WPFB)?></a> &nbsp; <?php _e('Synchronises the database with the file system. Use this to add FTP-uploaded files.',WPFB) ?></p>
 <p><a href="<?php echo add_query_arg('action', 'convert-tags') ?>" class="button"><?php _e('Convert old Tags',WPFB)?></a> &nbsp; <?php printf(__('Convert tags from versions earlier than %s.',WPFB), '0.2.0') ?></p>
+<?php if(WPFB_Core::GetOpt('tag_conv_req')) { ?><p><a href="<?php echo add_query_arg('action', 'convert-tags') ?>" class="button"><?php _e('Convert old Tags',WPFB)?></a> &nbsp; <?php printf(__('Convert tags from versions earlier than %s.',WPFB), '0.2.0') ?></p> <?php } ?>
 <!--  <p><a href="<?php echo add_query_arg('action', 'add-urls') ?>" class="button"><?php _e('Add multiple URLs',WPFB)?></a> &nbsp; <?php _e('Add multiple remote files at once.', WPFB); ?></p>
 -->
+            <?php WPFB_Admin::PrintForm('file', null, array('exform' => $exform)) ?>
+<?php
+    if(WPFB_admin::CurUserCanUpload()) WPFB_Admin::PrintForm('file', null, array('exform' => $exform));
+?>
         <?php

wp-filebase/trunk/classes/AdminGuiSettings.php

-                      r598768
+                      r615301
                     case 'roles':
                         $post[$opt_tag] = array_values(array_filter($post[$opt_tag]));
+                        // the following must not be removed! if the roles array is empty, permissions are assumed to be set for everyone!
+                        // so make sure that the admin is explicitly set!
+                        if(!empty($opt_data['not_everyone']) && !in_array('administrator', $post[$opt_tag])) {
+                            if(!is_array($post[$opt_tag])) $post[$opt_tag] = array();
+                            array_unshift($post[$opt_tag],'administrator');
+                        }
                         break;
 …
 <div class="wrap">
+<div id="icon-options-general" class="icon32"><br /></div>
 <h2><?php echo WPFB_PLUGIN_NAME; echo ' '; _e("Settings"/*def*/); ?></h2>
 …
         __('Common', WPFB)                  => array('upload_path','search_integration' /*'cat_drop_down'*/),
         __('Display', WPFB)                 => array('file_date_format','thumbnail_size','auto_attach_files', 'attach_loop','attach_pos', 'filelist_sorting', 'filelist_sorting_dir', 'filelist_num', /* TODO: remove? 'parse_tags_rss',*/ 'decimal_size_format'),
+        __('File Browser',WPFB)             => array('file_browser_post_id','file_browser_cat_sort_by','file_browser_cat_sort_dir','file_browser_file_sort_by','file_browser_file_sort_dir','file_browser_fbc', 'late_script_loading','disable_footer_credits','footer_credits_style'),
+        __('File Browser',WPFB)             => array('file_browser_post_id','file_browser_cat_sort_by','file_browser_cat_sort_dir','file_browser_file_sort_by','file_browser_file_sort_dir','file_browser_fbc', 'late_script_loading',
+        'disable_footer_credits','footer_credits_style',
+        ),
         __('Download', WPFB)                => array(
                                                 'disable_permalinks', 'download_base', 'force_download', 'range_download', 'http_nocache', 'ignore_admin_dls', 'accept_empty_referers','allowed_referers','dl_destroy_session'),
         __('Form Presets', WPFB)            => array('default_author','default_roles', 'default_cat', 'languages', 'platforms', 'licenses', 'requirements', 'custom_fields'),
         __('Limits', WPFB)                  => array('bitrate_unregistered', 'bitrate_registered', 'traffic_day', 'traffic_month', 'traffic_exceeded_msg', 'file_offline_msg', 'daily_user_limits', 'daily_limit_subscriber', 'daily_limit_contributor', 'daily_limit_author', 'daily_limit_editor', 'daily_limit_exceeded_msg'),
         __('Security', WPFB)                => array('allow_srv_script_upload', 'frontend_upload', 'hide_inaccessible', 'inaccessible_msg', 'inaccessible_redirect', 'login_redirect_src', 'protect_upload_path', 'private_files'),
+        __('Security', WPFB)                => array('allow_srv_script_upload', 'frontend_upload', 'hide_inaccessible', 'inaccessible_msg', 'inaccessible_redirect', 'cat_inaccessible_msg', 'login_redirect_src', 'protect_upload_path', 'private_files'),
         __('Templates and Scripts', WPFB)   => array('template_file', 'template_cat', 'dlclick_js'),
         __('Misc')                          => $misc_tags,
 …
                 case 'roles':
                     WPFB_Admin::RolesCheckList($opt_tag, $opt_val);
+                    WPFB_Admin::RolesCheckList($opt_tag, $opt_val, empty($field_data['not_everyone']));
                     break;

wp-filebase/trunk/classes/AdminGuiTpls.php

-                      r598768
+                      r615301
         <th scope="row" class="check-column"><input type="checkbox" name="tpl[]" value="<?php echo esc_attr($tpl_tag) ?>" /></th>
         <td class="column-title">
             <strong><a class="row-title" href="<?php echo $edit_link ?>" title="<?php printf(__('Edit &#8220;%s&#8221;'), $tpl_tag) ?>"><?php echo __(__(esc_html(WPFB_Output::Filename2Title($tpl_tag))), WPFB) ?></a></strong>
+            <strong><a class="row-title" href="<?php echo $edit_link ?>" title="<?php printf(__('Edit &#8220;%s&#8221;'), $tpl_tag) ?>"><?php echo self::TplTitle($tpl_tag); ?></a></strong>
             <div class="row-actions"><span class='edit'><a href="<?php echo $edit_link ?>" title="<?php _e('Edit this item') ?>"><?php _e('Edit') ?></a></span>
             <?php if(!in_array($tpl_tag, self::$protected_tags)){ ?><span class='trash'>| <a class='submitdelete' title='<?php _e('Delete this item permanently') ?>' href='<?php echo add_query_arg(array('action'=>'del','type'=>$type,'tpl'=>$tpl_tag)).'#'.$type ?>'><?php _e('Delete') ?></a></span><?php } ?>
 …
+    }
 ?>
+<h2><?php _e($new?'Add Template' : 'Edit Template', WPFB) ?></h2>
+<h2><?php _e($new?'Add Template' : 'Edit Template', WPFB);
+        if(!empty($tpl_tag)) echo ' '.self::TplTitle($tpl_tag);  ?></h2>
 <form action="<?php echo remove_query_arg(array('action','type','tpl')).'#'.$type ?>" method="post">
     <input type="hidden" name="action" value="<?php echo $new?'add':'update'; ?>" />
 …
     return $content;
+}
+}
+?>
+static function TplTitle($tpl_tag)
+{
+    return __(__(esc_html(WPFB_Output::Filename2Title($tpl_tag))), WPFB);
+}
+}

wp-filebase/trunk/classes/AdminLite.php

-                      r599972
+                      r615301
     $menu_entries = array(
+        array('tit'=>'Files',                       'tag'=>'files', 'fnc'=>'DisplayFilesPage',  'desc'=>'View uploaded files and edit them',                                                    'cap'=>'upload_files'),
+        array('tit'=>__('Categories'/*def*/),       'tag'=>'cats',  'fnc'=>'DisplayCatsPage',   'desc'=>'Manage existing categories and add new ones.',                                         'cap'=>'manage_categories'),
+        array('tit'=>'Files',                       'tag'=>'files', 'fnc'=>'DisplayFilesPage',  'desc'=>'View uploaded files and edit them',
+                'cap'=>'upload_files',
+        ),
+        array('tit'=>__('Categories'/*def*/),       'tag'=>'cats',  'fnc'=>'DisplayCatsPage',   'desc'=>'Manage existing categories and add new ones.',
+                'cap'=>'manage_categories',
+        ),
         //array('tit'=>'Sync Filebase', 'hide'=>true, 'tag'=>'sync',    'fnc'=>'DisplaySyncPage',   'desc'=>'Synchronises the database with the file system. Use this to add FTP-uploaded files.',  'cap'=>'upload_files'),
+        array('tit'=>'Edit Stylesheet',             'tag'=>'css',   'fnc'=>'DisplayStylePage',  'desc'=>'Edit the CSS for the file template',                                                   'cap'=>'edit_themes'),
+        array('tit'=>'Manage Templates',            'tag'=>'tpls',  'fnc'=>'DisplayTplsPage',   'desc'=>'Edit custom file list templates',                                                      'cap'=>'edit_themes'),
+        array('tit'=>__('Settings'),                'tag'=>'sets',  'fnc'=>'DisplaySettingsPage','desc'=>'Change Settings',                                                 'cap'=>'manage_options'),
+        array('tit'=>'Edit Stylesheet',             'tag'=>'css',   'fnc'=>'DisplayStylePage',  'desc'=>'Edit the CSS for the file template',
+                'cap'=>'edit_themes',
+        ),
+        array('tit'=>'Manage Templates',            'tag'=>'tpls',  'fnc'=>'DisplayTplsPage',   'desc'=>'Edit custom file list templates',
+                'cap'=>'edit_themes',
+        ),
+        array('tit'=>__('Settings'),                'tag'=>'sets',  'fnc'=>'DisplaySettingsPage','desc'=>'Change Settings',
+                                                        'cap'=>'manage_options'),
         array('tit'=>'Donate &amp; Feature Request','tag'=>'sup',   'fnc'=>'DisplaySupportPage','desc'=>'If you like this plugin and want to support my work, please donate. You can also post your ideas making the plugin better.', 'cap'=>'manage_options'),
     );
     foreach($menu_entries as $me)
+    {
+    {
         $callback = array(__CLASS__, $me['fnc']);
         add_submenu_page($pm_tag, WPFB_PLUGIN_NAME.' - '.__($me['tit'], WPFB), empty($me['hide'])?__($me['tit'], WPFB):null, empty($me['cap'])?'read':$me['cap'], WPFB_OPT_NAME.'_'.$me['tag'], $callback);

wp-filebase/trunk/classes/Category.php

-                      r529024
+                      r615301
             case 'cat_parent_name': return is_object($parent =& $this->GetParent()) ? $parent->cat_name : '';
             case 'cat_icon_url':    return $this->GetIconUrl();
             case 'cat_small_icon':  $esc=false; return '<img align="" src="'.$this->GetIconUrl('small').'" style="height:32px;vertical-align:middle;" />';
+            case 'cat_small_icon':  $esc=false; return '<img src="'.$this->GetIconUrl('small').'" style="height:32px;vertical-align:middle;" />';
             case 'cat_num_files':       return $this->cat_num_files;
             case 'cat_num_files_total': return $this->cat_num_files_total;
+            //case 'cat_required_level':    return ($this->cat_required_level - 1);
+            //case 'cat_required_level':    return ($this->cat_required_level - 1);
+            case 'cat_user_can_access': return $this->CurUserCanAccess();
             case 'uid':                 return self::$tpl_uid;
+        }
 …
         return $esc?esc_html($v):$v;
+    }
+    function CurUserIsOwner()
+    {
+        return false; // TODO: cats dont have owners
+    }
+}

wp-filebase/trunk/classes/Core.php

-                      r599590
+                      r615301
     add_filter('wp_get_attachment_url', array(__CLASS__, 'GetAttachmentUrlFilter'));
     add_filter('get_attached_file', array(__CLASS__, 'GetAttachedFileFilter'));
     // register treeview stuff
 …
         'num' => 0,
         'pagenav' => 1,
         'linktext' => null,
+        'linktext' => null
     ), $atts), $content, $tag);
+}
 …
 static function AdminDashboardSetup() {
+    if(current_user_can('upload_files')) {
+        wpfb_loadclass('Admin');
+    if(wpfb_call('Admin','CurUserCanUpload'))
+    {
         wp_add_dashboard_widget('wpfb-add-file-widget', WPFB_PLUGIN_NAME.': '.__('Add File', WPFB), array('WPFB_Admin', 'AddFileWidget'));
+    }
 …
 static function Cron() {
     if(self::GetOpt('cron_sync'))
+    if(self::GetOpt('cron_sync')) {
         wpfb_call('Sync', 'Sync');
+        update_option(WPFB_OPT_NAME.'_cron_sync_time', time());
+    }
+}
 …
     return create_function('$f', "return ($parsed_tpl);");
+}
+}
+}

wp-filebase/trunk/classes/Download.php

-                      r598768
+                      r615301
     $bandwidth *= 1024;
     $bandwidth /= 1000;
+    global $wpdb;
+    if(!empty($wpdb->dbh))
+        @mysql_close($wpdb->dbh);
     $cur = $begin;

wp-filebase/trunk/classes/File.php

-                      r599590
+                      r615301
             } else {
                 $permission_sql = "file_user_roles = ''";
+                foreach($current_user->roles as $ur) {
+                $roles = $current_user->roles;
+                foreach($roles as $ur) {
                     $ur = $wpdb->escape($ur);
                     $permission_sql .= " OR (file_user_roles = '{$ur}') OR (file_user_roles LIKE '{$ur}|%') OR (file_user_roles LIKE '%|{$ur}|%') OR (file_user_roles LIKE '%|{$ur}')";
+                    $permission_sql .= " OR MATCH(file_user_roles) AGAINST ('{$ur}' IN BOOLEAN MODE)";
+                }
                 if($current_user->ID > 0)
 …
         foreach($ints as $i) $this->$i = intval($this->$i);
         $this->file_offline = (int)!empty($this->file_offline);
         $this->file_direct_linking = (int)!empty($this->file_direct_linking);
+        $this->file_direct_linking = (int)$this->file_direct_linking;
         $this->file_force_download = (int)!empty($this->file_force_download);
         if(empty($this->file_last_dl_time)) $this->file_last_dl_time = '0000-00-00 00:00:00';
 …
             case 'cat_url':             return is_null($cat = $this->GetParent()) ? '' : htmlspecialchars($cat->GetUrl());
+            case 'file_cat_folder':     return htmlspecialchars(is_object($cat = $this->GetParent()) ? $cat->cat_folder : '');
             case 'file_languages':      return wpfb_call('Output','ParseSelOpts', array('languages', $this->file_language),true);
             case 'file_platforms':      return wpfb_call('Output','ParseSelOpts', array('platforms', $this->file_platform),true);
 …
             //case 'file_required_level':   return ($this->file_required_level - 1);
+            case 'file_user_can_access': return $this->CurUserCanAccess();
             case 'file_description':    return nl2br($this->file_description);
 …
         // check referrer
         if(!$this->file_direct_linking) {
+        if($this->file_direct_linking != 1) {
             // if referer check failed, redirect to the file post
             if(!WPFB_Download::RefererCheck()) {

wp-filebase/trunk/classes/FileListTable.php

-                      r529024
+                      r615301
         $columns = array(
             'cb'            => '<input type="checkbox" />', //Render a checkbox instead of text
-            'id'            => 'Title',
-            'display_name'  => __('',WPFB),
-            'name'          => __('',WPFB),
-            'size'          => __('',WPFB),
-            'desc'          => __('',WPFB),
-            'cat'           => __('',WPFB),
-            'perm'          => __('',WPFB),
-            'owner'         => __('',WPFB),
-            'date'          => __('',WPFB),
-            'hits'          => __('',WPFB),
-            'dltime'        => __('',WPFB)
         );
         return $columns;
 …
     function get_sortable_columns() {
         $sortable_columns = array(
+            'title'     => array('title',true),     //true means its already sorted
+            'rating'    => array('rating',false),
+            'director'  => array('director',false)
+            'id'            => _e('ID'/*def*/),
+            'display_name'  => _e('Name'/*def*/),
+            'name'          => _e('Filename', WPFB),
+            'size'          => _e('Size'/*def*/),
+            //'description'     => _e('Description'/*def*/),
+            'category_name' => _e('Category'/*def*/),
+            'user_roles'    => _e('Access Permission',WPFB),
+            'added_by'      => _e('Owner',WPFB),
+            'date'          => _e('Date'/*def*/),
+            'hits'          => _e('Hits', WPFB),
+            'last_dl_time'  => _e('Last download', WPFB)
         );
         return $sortable_columns;
 …
+    }
     function column_title($item){
+    function column_display_name($item){
         $actions = array(
+            'edit'      => '<a href="'.$item->GetEditUrl().'">"'.__('Edit').'</a>',
+            'delete'    => '<a href="'.$item->GetEditUrl().'">"'.__('Delete').'</a>',
+        );
+        /*
+<?php if(!empty($file->file_thumbnail)) { ?><img src="<?php echo esc_attr($file->GetIconUrl()); ?>" height="32" /><?php } ?>
+                            <span><?php if($file->IsRemote()){echo '*';} echo esc_html($file->file_display_name); ?></span>
+        */
+        //Return the title contents
+        return sprintf('%1$s <span style="color:silver">(id:%2$s)</span>%3$s',
+            /*$1%s*/ $item->GetTitle(),
+            /*$2%s*/ $item->GetId(),
+            /*$3%s*/ $this->row_actions($actions)
+        );
+    }
+            'edit'      => '<a href="'.esc_attr($item->GetEditUrl()).'">"'.__('Edit').'</a>',
+            'delete'    => '<a href="">"'.__('Delete').'</a>',
+        );
+        $col = '<a class="row-title" href="'.esc_attr($file->GetEditUrl()).'" title="'.esc_attr(sprintf(__('Edit &#8220;%s&#8221;'),$file->GetTitle())).'">';
+        if(!empty($file->file_thumbnail))
+            $col .= '<img src="'.esc_attr($file->GetIconUrl()).'" height="32" />';
+        $col .= '<span>'.($file->IsRemote()?'*':'').esc_html($file->GetTitle(32)).'</span>';
+        $col .= '</a>';
+        $col .= $this->row_actions($actions);
+        return $col;
+    }
+    function column_name($file)
+    {
+        return '<a href="'.esc_attr($file->GetUrl()).'">'.esc_html($file->file_name).'</a>';
+    }
+    function column_size($file)
+    {
+        return WPFB_Output::FormatFilesize($file->file_size);
+    }
+    function column_category_name($file)
+    {
+        $cat = $file->GetParent();
+        return (!is_null($cat) ? ('<a href="'.esc_attr($cat->GetEditUrl()).'">'.esc_html($file->file_category_name).'</a>') : '-');
+    }
+    function column_user_roles($file)
+    {
+        return WPFB_Output::RoleNames($file->GetReadPermissions(), true);
+    }
+    function column_added_by($file)
+    {
+        return (empty($file->file_added_by) || !($usr = get_userdata($file->file_added_by))) ? '-' : esc_html($usr->user_login);
+    }
+    function column_date($file)
+    {
+        return $file->GetFormattedDate();
+    }
+    function column_hits($file)
+    {
+        return $file->file_hits;
+    }
+    function column_last_dl_time($file)
+    {
+        return ( (!empty($file->file_last_dl_time) && $file->file_last_dl_time > 0) ? mysql2date(get_option('date_format'), $file->file_last_dl_time) : '-');
+    }
     function get_bulk_actions() {
         $actions = array(
+            'delete'    => 'Delete'
+            'delete'    => 'Delete',
+            'edit' => 'Change Category',
+            ''
         );
         return $actions;

wp-filebase/trunk/classes/GetID3.php

-                      r566139
+                      r615301
         require_once(WPFB_PLUGIN_ROOT.'extras/getid3/getid3.php');
         self::$engine = new getID3;
-    //$getID3->setOption(array(
-    //  'option_md5_data'  => $AutoGetHashes,
-    //  'option_sha1_data' => $AutoGetHashes,
-    //));
+    }
 …
                 self::getKeywords($val, $keywords);
                 self::getKeywords(array_keys($val), $keywords); // this is for archive files, where file names are array keys
+            } else if(is_string($val)) {
+                if(!in_array($val, $keywords))
+                    array_push($keywords, $val);
+            } else if(is_string($val)) {
+                $val = explode(' ', strtolower(preg_replace('/\W+/',' ',$val)));
+                foreach($val as $v) {
+                    if(!in_array($v, $keywords))
+                        array_push($keywords, $v);
+                }
+            }
+        }
         return $keywords;
+    }
+}

wp-filebase/trunk/classes/Item.php

-                      r599590
+                      r615301
     var $locked = 0;
+    private $_read_permissions = null;
     static $tpl_uid = 0;
 …
+        }
         return $this->last_parent;
+    }
+    function GetParents()
+    {
+        $parents = array();
+        while(!is_null($p = $this->GetParent())) $parents[] = $p;
+        return $parents;
+    }
     function Lock($lock=true) {
 …
         if( ($for_tpl && !WPFB_Core::GetOpt('hide_inaccessible')) || in_array('administrator',$current_user->roles) || ($this->is_file && $this->CurUserIsOwner()) )
             return true;
         if($this->is_file && WPFB_Core::GetOpt('private_files') && $this->file_added_by != 0 && !$this->CurUserIsOwner()) // check private files
             return false;
+        $frs = $this->GetUserRoles();
+        if(empty($frs[0])) return true; // item is for everyone!
+        $frs = $this->GetReadPermissions();
+        if(empty($frs)) return true; // item is for everyone!
         foreach($current_user->roles as $ur) { // check user roles against item roles
             if(in_array($ur, $frs))
 …
     function CurUserCanEdit()
+    {
+        global $current_user;
+        if($current_user->ID > 0 && empty($current_user->roles[0]))
+            $current_user = new WP_User($current_user->ID);// load the roles!
+        if(in_array('administrator',$current_user->roles) || ($this->is_file && $this->CurUserIsOwner())) return true;
+        if(!current_user_can('upload_files')) return false;
+        return $this->is_file ? (current_user_can('edit_others_posts') && !WPFB_Core::GetOpt('private_files')) : current_user_can('manage_categories');
+        // current_user_can('edit_files') checks if user is admin!
+        return $this->CurUserIsOwner() || current_user_can('edit_files') || (!WPFB_Core::GetOpt('private_files') && current_user_can($this->is_file ? 'edit_others_posts' : 'manage_categories'));
+    }
 …
+    }
     function GetUserRoles() {
         if(isset($this->roles_array)) return $this->roles_array; //caching
+    function GetReadPermissions() {
+        if(!is_null($this->_read_permissions)) return $this->_read_permissions; //caching
         $rs = $this->is_file?$this->file_user_roles:$this->cat_user_roles;
+        return ($this->roles_array = empty($rs) ? array() : (is_string($rs) ? explode('|', $rs) : (array)$rs));
+    }
+    function SetUserRoles($roles) {
+        return ($this->_read_permissions = empty($rs) ? array() : array_filter((is_string($rs) ? explode('|', $rs) : (array)$rs)));
+    }
+    function SetReadPermissions($roles)
+    {
         if(!is_array($roles)) $roles = explode('|',$roles);
         $this->roles_array = $roles =  array_filter(array_filter(array_map('trim',$roles),'strlen')); // remove empty
+        $this->_read_permissions = $roles =  array_filter(array_filter(array_map('trim',$roles),'strlen')); // remove empty
         $roles = implode('|', $roles);
         if($this->is_file) $this->file_user_roles = $roles;
 …
         // inherit user roles
         if(count($this->GetUserRoles()) == 0)
             $this->SetUserRoles(($new_cat_id != 0) ? $new_cat->GetUserRoles() : WPFB_Core::GetOpt('default_roles'));
+        if(count($this->GetReadPermissions()) == 0)
+            $this->SetReadPermissions(($new_cat_id != 0) ? $new_cat->GetReadPermissions() : WPFB_Core::GetOpt('default_roles'));
         // flush cache

wp-filebase/trunk/classes/Output.php

-                      r599590
+                      r615301
         $args ['id'] = $id = is_null($item = WPFB_Item::GetByPath($args['path'])) ? 0 : $item->GetId();
+    }
     switch($args['tag']) {
         case 'list': return do_shortcode(self::FileList($args));
 …
 static function FileBrowserList(&$content, &$parents, $root_cat=null)
+{
+    if(!is_null($root_cat) && !$root_cat->CurUserCanAccess()) {
+        $content .= '<li>'.WPFB_Core::GetOpt('cat_inaccessible_msg').'</li>';
+        return;
+    }
     $cats = WPFB_Category::GetFileBrowserCats(is_null($root_cat) ? 0 : $root_cat->cat_id);
     $open_cat = array_pop($parents);
 …
     foreach($cats as $cat) {
         if(!$cat->CurUserCanAccess()) continue;
+        if(!$cat->CurUserCanAccess(true)) continue;
         $liclass = '';
 …
     if(!empty($roles)) {
         foreach($roles as $role)
+            $names[$role] = translate_user_role($wp_roles->roles[$role]['name']);
+        {
+                $names[$role] = translate_user_role($wp_roles->roles[$role]['name']);
+        }
+    }
     return $fmt_string ? (empty($names) ? ("<i>".__('Everyone',WPFB)."</i>") : join(', ',$names)) : $names;

wp-filebase/trunk/classes/ProgressReporter.php

-                      r599590
+                      r615301
 <?php class WPFB_ProgressReporter {
     var $quiet;
+    var $progress_cur;
+    var $progress_end;
+    var $progress_bar;
+    var $files = array();
+    function WPFB_ProgressReporter($suppress_output = false)
+    {
+        $this->quiet = !!$suppress_output;
+    }
     function Log($msg, $no_new_line=false) {
 …
     function LogError($err)
+    {
+        if($this->quiet) return;
+        self::DEcho("<span style='color:#d00;'>$err</span><br />");
+    }
     function SetProgress($percentage)
+    function InitProgress($progress_end)
+    {
+        $this->progress_end = $progress_end;
+        if(!$this->quiet) {
+            if(is_null($this->progress_bar)) {
+                include_once(WPFB_PLUGIN_ROOT.'extras/progressbar.class.php');
+                $this->progress_bar = new progressbar(0, 100);
+                $this->progress_bar->print_code();
+            }
+        }
+    }
+    function SetProgress($progress)
+    {
+        $this->progress_cur = $progress;
+        if(!$this->quiet && !is_null($this->progress_bar)) {
+            $this->progress_bar->set(100*$progress/$this->progress_end);
+        }
+    }
+    function SetSubProgress($sub_progress, $sub_total)
+    {
+        if(!$this->quiet && !is_null($this->progress_bar))
+            $this->progress_bar->set(100*($this->progress_cur+$sub_progress)/$this->progress_end);
+    }
+    function FileChanged($file, $action)
+    {
+        if(empty($this->files[$action])) $this->files[$action] = array();
+        $this->files[$action][] = $file;
+    }
+    function ChangedFilesReport()
+    {
+        foreach($this->files as $tag => $group)
+        {
+            $t = str_replace('_', ' ', $tag);
+            $t{0} = strtoupper($t{0});
+            echo '<h2>' . __($t) . '</h2><ul>';
+            foreach($group as $item)
+                echo '<li>' . (is_object($item) ? ('<a href="'.$item->GetEditUrl().'">'.$item->GetLocalPathRel().'</a>') : $item) . '</li>';
+            echo '</ul>';
+        }
+        foreach($this->files as $t => $group)
+        {
+            $n = count($group);
+            echo '<p>';
+            printf(__('%d files <i>%s</i>',WPFB), $n, $t);
+            echo '</p>';
+        }
+    }

wp-filebase/trunk/classes/Search.php

-                      r598768
+                      r615301
     $where = "(1";
+    // TODO: search fields with match...
     foreach($search_terms as $term) {
         $where .= " AND (";
 …
             if(empty($or)) $or = 'OR ';
+        }
         if($search_id3) $where .= " OR ({$wpdb->wpfilebase_files_id3}.keywords LIKE '{$p}{$term}{$p}')";
+        if($search_id3) $where .= " OR ({$wpdb->wpfilebase_files_id3}.keywords LIKE '{$p}{$term}{$p}')"; // TODO: MATCH func here
         $where .= ") ";
+    }

wp-filebase/trunk/classes/Setup.php

-                      r599972
+                      r615301
 static function SetupDBTables()
+static function SetupDBTables($old_ver=null)
+{
     global $wpdb;
 …
   `cat_exclude_browser` enum('0','1') NOT NULL default '0',
   `cat_order` int(8) NOT NULL default '0',
+  PRIMARY KEY  (`cat_id`)
+  PRIMARY KEY  (`cat_id`),
+  FULLTEXT KEY `USER_ROLES` (`cat_user_roles`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1";
 …
   `file_user_roles` varchar(255) NOT NULL default '',
   `file_offline` enum('0','1') NOT NULL default '0',
   `file_direct_linking` enum('0','1') NOT NULL default '0',
+  `file_direct_linking` enum('0','1','3') NOT NULL default '0',
   `file_force_download` enum('0','1') NOT NULL default '0',
   `file_category` int(8) unsigned NOT NULL default '0',
 …
   ". /*`file_meta` TEXT NULL DEFAULT NULL,*/ "
   PRIMARY KEY  (`file_id`),
+  FULLTEXT KEY `FULLTEXT` (`file_description`)
+  FULLTEXT KEY `DESCRIPTION` (`file_description`),
+  FULLTEXT KEY `USER_ROLES` (`file_user_roles`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8 AUTO_INCREMENT=1";
 …
   `value` LONGTEXT NOT NULL,
   `keywords` TEXT NOT NULL,
+  PRIMARY KEY  (`file_id`)
+  PRIMARY KEY  (`file_id`),
+  FULLTEXT KEY `KEYWORDS` (`keywords`)
 ) ENGINE=MyISAM  DEFAULT CHARSET=utf8";
 …
     //$queries[] = "@ALTER TABLE `$tbl_files` ADD `file_meta` TEXT NULL DEFAULT NULL";
+    // add fulltext indices
+    if(!empty($old_ver) && version_compare($old_ver, '0.2.9.24') < 0) {     // TODO: search fields fulltext index!
+        $queries[] = "@ALTER TABLE `$tbl_files` ADD FULLTEXT `USER_ROLES` (`file_user_roles`)";
+        $queries[] = "@ALTER TABLE `$tbl_cats` ADD FULLTEXT `USER_ROLES` (`cat_user_roles`)";
+        $queries[] = "@ALTER TABLE `$tbl_files_id3` ADD FULLTEXT `KEYWORDS` (`keywords`)";
+    }
+    // 2 is for file pages
+    if(!empty($old_ver) && version_compare($old_ver, '0.2.9.24') < 0)
+        $queries[] = "ALTER TABLE  `$tbl_files` CHANGE  `file_direct_linking`  `file_direct_linking` ENUM(  '0',  '1',  '2' ) NOT NULL DEFAULT '0'";
     $queries[] = "OPTIMIZE TABLE `$tbl_cats`";
 …
         $files = $wpdb->get_results("SELECT file_id,file_required_level FROM $tbl_files WHERE file_required_level <> 0");
         foreach ( (array) $files as $file ) {
             $wpdb->query("UPDATE `$tbl_files` SET `file_user_roles` = '".WPFB_Core::UserLevel2Role($file->file_required_level - 1)."' WHERE `file_id` = $file->file_id");
+            $wpdb->query("UPDATE `$tbl_files` SET `file_user_roles` = '|".WPFB_Core::UserLevel2Role($file->file_required_level - 1)."' WHERE `file_id` = $file->file_id");
+        }
         $wpdb->query("ALTER TABLE `$tbl_files` DROP `file_required_level`");
 …
         $cats = $wpdb->get_results("SELECT cat_id,cat_required_level FROM $tbl_cats WHERE cat_required_level <> 0");
         foreach ( (array) $cats as $cat ) {
             $wpdb->query("UPDATE `$tbl_cats` SET `cat_user_roles` = '".WPFB_Core::UserLevel2Role($cat->cat_required_level - 1)."' WHERE `cat_id` = $cat->cat_id");
+            $wpdb->query("UPDATE `$tbl_cats` SET `cat_user_roles` = '|".WPFB_Core::UserLevel2Role($cat->cat_required_level - 1)."' WHERE `cat_id` = $cat->cat_id");
+        }
         $wpdb->query("ALTER TABLE `$tbl_cats` DROP `cat_required_level`");
+    }
+    /* NOT neeeded since using fulltext index!
+    // add leading | to user_roles
+    if(!empty($old_ver) && version_compare($old_ver, '0.2.9.24') < 0) {
+        $wpdb->query("UPDATE `$tbl_files` SET `file_user_roles` = CONCAT('|', `file_user_roles`) WHERE LEFT(`file_user_roles`, 1) <> '|'");
+        $wpdb->query("UPDATE `$tbl_cats` SET `cat_user_roles` = CONCAT('|', `cat_user_roles`) WHERE LEFT(`cat_user_roles`, 1) <> '|'");
+    }
+    */
+}
 …
 static function OnActivateOrVerChange($old_ver=null) {
     wpfb_loadclass('Admin','File','Category');
     self::SetupDBTables();
+    self::SetupDBTables($old_ver);
     $old_options = get_option(WPFB_OPT_NAME);
     self::AddOptions();

wp-filebase/trunk/classes/Sync.php

-                      r598768
+                      r615301
 private static function PreSync($sync_data)
+{
+    self::PrintDebugTrace();
     @ini_set('max_execution_time', '0');
     @set_time_limit(0);
 …
 private static function SyncPase1($sync_data, $output)
+{
+    self::PrintDebugTrace();
     if($output) self::DEcho('<p>'. __('Checking for file changes...',WPFB).' ');
     self::CheckChangedFiles($sync_data);
 …
     if($output) self::DEcho('<p>'. __('Searching for new files...',WPFB).' ');
+    self::PrintDebugTrace("new_files");
     // search for not added files
 …
         $num_new_files++;
+    }
+    self::PrintDebugTrace("new_files_end");
     $sync_data->num_files_to_add = $num_new_files;
 …
 static function Sync($hash_sync=false, $output=false)
+{
+{
+    self::PrintDebugTrace();
+    wpfb_loadclass('File', 'Category');
     $sync_data = new WPFB_SyncData(true);
     $sync_data->hash_sync = $hash_sync;
 …
 private function PostSync($sync_data, $output)
+{
+    self::PrintDebugTrace();
     // chmod
     if($output) self::DEcho('<p>Setting permissions...');
 …
 static function AddNewFiles($sync_data, $progress_bar=null, $max_batch_size=0)
+{
+    self::PrintDebugTrace();
     $keys = array_keys($sync_data->new_files);
     $upload_dir = self::cleanPath(WPFB_Core::UploadDir());
 …
+            }
+}
+static function PrintDebugTrace($tag="") {
+    if(!empty($_GET['debug']))
+    {
+        echo "<!-- [$tag] BACKTRACE:\n";
+        echo esc_html(print_r(wp_debug_backtrace_summary(), true));
+        echo "\nEND -->";
+    }
+}
+}

wp-filebase/trunk/classes/Widget.php

-                      r599972
+                      r615301
     <?php
+}
+function CatTree(&$root_cat)
+{
+    echo '<li><a href="'.$root_cat->GetUrl().'">'.esc_html($root_cat->cat_name).'</a>';
+    $childs =& $root_cat->GetChildCats();
+    if(count($childs) > 0)
+    {
+        echo '<ul>';
+        foreach(array_keys($childs) as $i) self::CatTree($childs[$i]);
+        echo '</ul>';
+    }
+    echo '</li>';
+}
+}
 …
+    }
     function widget( $args, $instance ) {
+    function widget( $args, $instance ) {
         if(!WPFB_Core::GetOpt('frontend_upload'))
             return;
         wpfb_loadclass('File', 'Category', 'Output');
 …
         $prefix = "wpfb-upload-widget-".$this->id_base;
         $form_url = add_query_arg('wpfb_upload_file', 1);
+        WPFB_Output::FileForm($prefix, $form_url, array('cat' => $instance['category'], 'overwrite' => (int)$instance['overwrite']));
+        $form_args = array('cat' => $instance['category'], 'overwrite' => (int)$instance['overwrite']);
+        $form_args['file_post_id'] = $instance['attach'] ? WPFB_Core::GetPostId() : 0; // attach file to current post
+        WPFB_Output::FileForm($prefix, $form_url, $form_args);
         echo $after_widget;
 …
         $instance['category'] = ($new_instance['category'] > 0) ? (is_null($cat=WPFB_Category::GetCat($new_instance['category'])) ? 0 : $cat->GetId()) : (int)$new_instance['category'];
         $instance['overwrite'] = !empty($new_instance['overwrite']);
+        $instance['attach'] = !empty($new_instance['attach']);
         return $instance;
+    }
 …
             </label></p>
             <p><input type="checkbox" id="<?php echo $this->get_field_id('overwrite'); ?>" name="<?php echo $this->get_field_name('overwrite'); ?>" value="1" <?php checked(!empty($instance['overwrite'])) ?> /> <label for="<?php echo $this->get_field_id('overwrite'); ?>"><?php _e('Overwrite existing files', WPFB) ?></label></p>
+            <p><input type="checkbox" id="<?php echo $this->get_field_id('attach'); ?>" name="<?php echo $this->get_field_name('attach'); ?>" value="1" <?php checked(!empty($instance['attach'])) ?> /> <label for="<?php echo $this->get_field_id('attach'); ?>"><?php _e('Attach file to current post/page', WPFB) ?></label></p>
         </div><?php
+    }

wp-filebase/trunk/editor_plugin.php

-                      r598768
+                      r615301
     <?php
+}
+WPFB_Admin::PrintForm('file', $file, array('exform'=>!empty($_GET['exform']), 'in_editor'=>true, 'post_id'=>$post_id));
+//if( (WPFB_Admin::CurUserCanUpload()&&empty($file))) TODO
+    WPFB_Admin::PrintForm('file', $file, array('exform'=>!empty($_GET['exform']), 'in_editor'=>true, 'post_id'=>$post_id));
 ?>
 <h3 class="media-title"><?php _e('Attach existing file', WPFB) ?></h3>

wp-filebase/trunk/lib/wpfb_form_cat.php

-                      r494110
+                      r615301
 $default_roles = WPFB_Core::GetOpt('default_roles');
 $user_roles = ($update || empty($default_roles)) ? $file_category->GetUserRoles() : $default_roles;
+$user_roles = ($update || empty($default_roles)) ? $file_category->GetReadPermissions() : $default_roles;
 $cat_members_only = !empty($user_roles);
 …
             <?php } ?>
             </td>
+        </tr>
+        <!-- <tr>
+        <th scope="row" valign="top"><label for="cat_members_only"><?php _e('For members only', WPFB) ?></label>
+        <input type="checkbox" name="cat_members_only" value="1" <?php checked(true, $cat_members_only) ?> onclick="WPFB_CheckBoxShowHide(this, 'cat_user_roles')" /></th>
+        <td>
+            <select name="cat_user_roles[]" id="cat_user_roles" size="40" multiple="multiple" style="height: 80px;" class="<?php if(!$cat_members_only) { echo 'hidden'; } ?>">
+            <?php WPFB_Output::RolesDropDown($file_category->GetUserRoles());
+            ?></select><br />
+            <label for="cat_user_roles" class="<?php if(!$cat_members_only) { echo 'hidden'; } ?>"><?php _e("Select multiple roles by holding the CTRL/COMMAND key.")?></label>
+        </td>
+        </tr>
+         -->
+        </tr>
         <tr>
             <th scope="row" valign="top"><?php _e('Access Permission',WPFB) ?></th>

wp-filebase/trunk/lib/wpfb_form_file.php

-                      r598768
+                      r615301
 $default_roles = WPFB_Core::GetOpt('default_roles');
 $user_roles = ($update || empty($default_roles)) ? $file->GetUserRoles() : $default_roles;
+$user_roles = ($update || empty($default_roles)) ? $file->GetReadPermissions() : $default_roles;
 $file_members_only = !empty($user_roles);
 …
                 </div>
                 <div id="flash-upload-ui"><?php wpfb_call($adv_uploader,'Display',$form_url); ?></div> <!--  flash-upload-ui -->
+                <?php if($update) { echo '<div><b><a href="'.$file->GetUrl().'">' . $file->file_name . '</a></b> (' . $file->GetFormattedSize() . ', '.wpfb_call('Download', 'GetFileType', $file->file_name).', MD5: <code>'.$file->file_hash.'</code>)</div>'; } ?>
+                <?php if($update) { echo '<div>'.__('Rename').': '; ?>
+                <input name="file_rename" id="file_rename" type="text" value="<?php echo esc_attr($file->file_name); ?>" style="width:280px;" /><br />
+                <?php echo ' (' . $file->GetFormattedSize() . ', '.wpfb_call('Download', 'GetFileType', $file->file_name).', MD5: <code>'.$file->file_hash.'</code>)</div>'; } ?>
             </div>
             <div id="file-remote-wrap" <?php echo ($file->IsRemote() ? '' : 'class="hidden"'); ?>>
 …
                 <label title="<?php _e('Yes') ?>"><input type="radio" name="file_direct_linking" value="1" <?php checked('1', $file->file_direct_linking); ?>/> <?php _e('Allow direct linking', WPFB) ?></label><br />
                 <label title="<?php _e('No') ?>"><input type="radio" name="file_direct_linking" value="0" <?php checked('0', $file->file_direct_linking); ?>/> <?php _e('Redirect to post', WPFB) ?></label>
+<?php
+?>
             </fieldset>
         </td>

wp-filebase/trunk/readme.txt

-                      r599972
+                      r615301
 Requires at least: 3.1
 Tested up to: 3.4.2
 Stable tag: 0.2.9.23
+Stable tag: 0.2.9.24
 Adds a powerful download manager supporting file categories, downloads counter, widgets, sorted file lists and more to your WordPress blog.
 …
 == Changelog ==
+= 0.2.9.24 =
+* Added field to rename files in file upload form
+* Configuration of old File Widget will be retained on update. Please change to the new multi-instance widget after updating!
+* New Option `Inaccessible category message`
+* Improved access permission handling for AJAX tree
+* Fixed OpenOffice download link
+* New template variable `%cat_user_can_access%` and `%file_user_can_access%`
+* Files are only re-scanned if changed
+* Fixed external MD5 hashing on Windows
+* MySQL connection are closed during download
+* New Template varialbe `%file_cat_folder%`
+* Added sync debug info when query variable `debug` is set to 1 (add &debug=1 to the sync page URL and see the HTML source for backtrace)
+* Inaccessible categories are displayed in lists, but their content cannot be viewed
+* Fixed resources URL when using SSL
+* Removed HTML align property for category icons according to HTML5 standard
 = 0.2.9.23 =

wp-filebase/trunk/todo.txt

-                      r599972
+                      r615301
+rescan files to build thumbnails in batch action
+file ratings
 -secondary category: tpl var?
+documentation:
 - pdf searching: which option need to be enabled?
 ghostscript test file
-- auto redirect file page!
-- hotlinking: redirect to files page!
--batch action on categories!
-- sync: rsyncs!
 rsync: make sure cat is empty!
-dropbox: checkbox for toggle preview
 wp-search: Notice: Undefined index: wpfb_s in C:\xampp\htdocs\wpt\wp-content\plugins\wp-filebase-pro\classes\Search.php on line 126
-multiple instance file widget
-dont re-scan pdf when editing file without upload!
-bmp thumnails in  otuner broken??!?
 drag & drop file widget
+simpel form by default!
+batch actions, edit action: (also on categories)
+rename, set owner, rebuild thumbnails
 ftp sideload link
-multi istance file widget
-upload widget: attach to current post
 file list category sorting
 …
  - test download file
--check permissions system:
-private files
-editor plugin ajax tree (hide inaccessible)
-different user/user roles
--upload widget: checbox: attach to current post
--disable date sync
-- safe mode options
-- sync settings tab
 force download per file
 …
 _ widget: users which cannot upload files should not change widget!!
 - upload widget: fixed category
-- editor plugin: field box not collapsable, missing JS
-- batch actions
 - forms
 - default user roles options
 - search lists WP attachments without permissions (due to generated content!)
-+ create post for files
 -ppollplll
-- better syncing many files!
 Comments
--inline upload
 - update version on file sync cahnged
 - user upload paths
--disable automatic sync by default
 -check sortings
 …
 global hotlink protecting
- batch actions for files: set properties, delete, create thumbnails, hotlink protection etc...
 conflicts:
 http://wordpress.org/support/topic/plugin-simple-facebook-connect-conflict-with-wp-filebase-plugin?replies=2
 …
 -multi uploadh
 -wigets
--public upload (like inline upload)
--multi categories
 -cat syncing
 -id3 sorting!!
 …
 - Custom field for post edit screen http://wordpress.org/support/topic/plugin-wp-filebase-download-manager-custom-field-for-post-edit-screen?replies=1
 - drag & drop widget
-- auto redirect dl page
-. superuser - can upload files to any user and see files for any user
-. user - can upload and access only his/hers own files (including those uploaded by superuser)?

wp-filebase/trunk/wp-filebase-admin.css

-                      r598768
+                      r615301
+#icon-wpfilebase {
+    background-image: url('images/wpfb-icon.png');
+}
 .wpfilebase-progress {
     margin: 4px;
 …
     margin:0 0 3px;
     padding:3px 1em 0;
+    overflow: auto;
+}
 .wpfb-tab-menu li {height:25px;display:inline;line-height:200%;list-style:none;text-align:center;white-space:nowrap; margin-right: 15px;}
 .wpfb-tab-menu li a{color:#21759b;font-size:12px;text-decoration:none;padding:.3em .4em .4em;}
 .wpfb-tab-menu li a:hover{color:#D54E21;}
 .wpfb-tab-menu li.ui-tabs-selected{font-weight:700;background:#f9f9f9;color:#1C6280;padding:0.3em 0 0.4em;}
+.wpfb-tab-menu li.ui-tabs-selected{background:#f9f9f9;color:#1C6280;padding:0.3em 0 0.4em;}
 .wpfb-tab-menu li.ui-tabs-selected a{color:#464646;}
 .wpfb-tab-menu li.ui-tabs-selected a:hover{background:#D54E21;color:#fff;}
 …
 .wpfilebase-opttab {
     margin: 15px;
+}
+.wpfilebase-opttab table tr {
+    border-top: 1px solid #e3e3e3;
+}

wp-filebase/trunk/wp-filebase.php

-                      r599972
+                      r615301
 Description: Adds a powerful downloads manager supporting file categories, download counter, widgets, sorted file lists and more to your WordPress blog.
 Author: Fabian Schlieper
 Version: 0.2.9.23
+Version: 0.2.9.24
 Author URI: http://fabi.me/
 */
 …
+{
     define('WPFB', 'wpfb');
     define('WPFB_VERSION', '0.2.9.23');
+    define('WPFB_VERSION', '0.2.9.24');
     define('WPFB_PLUGIN_ROOT', str_replace('\\','/',dirname(__FILE__)).'/');
     if(!defined('ABSPATH')) {
         define('ABSPATH', dirname(dirname(dirname(dirname(__FILE__)))));
     } else {
+        define('WPFB_PLUGIN_URI', str_replace(str_replace('\\','/',ABSPATH),get_option('siteurl').'/',WPFB_PLUGIN_ROOT));
+        //define('WPFB_PLUGIN_URI', plugins_url('/',__FILE__));
+        $wpfb_uri = str_replace(str_replace('\\','/',ABSPATH),get_option('siteurl').'/',WPFB_PLUGIN_ROOT);
+        if(is_ssl()) $wpfb_uri = str_replace('http://', 'https://', $wpfb_uri);
+        define('WPFB_PLUGIN_URI', $wpfb_uri);
+    }
     if(!defined('WPFB_PERM_FILE')) define('WPFB_PERM_FILE', 666);

wp-filebase/trunk/wpfb-ajax.php

-                      r598768
+                      r615301
             $parent_id = is_numeric($root) ? intval($root) : intval(substr(strrchr($root,'-'),1));
+        }
+        if($parent_id > 0) {
+            if(is_null($cat=WPFB_Category::GetCat($parent_id)) || !$cat->CurUserCanAccess()) {
+                wpfb_print_json(array(array('id' => 0, 'text' => WPFB_Core::GetOpt('cat_inaccessible_msg'))));
+                exit;
+            }
+        }
         $browser = ($type=='browser');
 …
         if($parent_id == 0 && $catsel && count($cats) == 0) {
             wpfb_print_json(array(array(
                 'id' => sprintf($cat_id_format, $c->cat_id),
+                'id' => sprintf($cat_id_format, 0),
                 'text' => sprintf(__('You did not create a category. <a href="%s" target="_parent">Click here to create one.</a>', WPFB), admin_url('admin.php?page=wpfilebase_cats#addcat')),
                 'hasChildren'=>false
 …
         foreach($cats as $c)
+        {
             if($c->CurUserCanAccess())
+            if($c->CurUserCanAccess(true))
                 $cat_items[$i++] = array('id'=>sprintf($cat_id_format, $c->cat_id),
                     'text'=> $catsel ?
 …
                         'url' => $cat->GetUrl(),
                         'path' => $cat->GetLocalPathRel(),
                         'roles' => $cat->GetUserRoles(),
                         'roles_str' => WPFB_Output::RoleNames($cat->GetUserRoles(), true)
+                        'roles' => $cat->GetReadPermissions(),
+                        'roles_str' => WPFB_Output::RoleNames($cat->GetReadPermissions(), true)
                 ));
             } else {
 …
     case 'postbrowser':
         if(!current_user_can('read_private_posts')) {
+        if(!current_user_can('edit_posts')) {
             wpfb_print_json(array(array('id'=>'0','text'=>__('Cheatin&#8217; uh?'), 'classes' => '','hasChildren'=>false)));
             exit;

Note: See TracChangeset for help on using the changeset viewer.

Trac UI Preferences

Plugin Directory

Context Navigation

Changeset 615301

Legend:

wp-filebase/trunk/classes/Admin.php

wp-filebase/trunk/classes/AdminGuiCats.php

wp-filebase/trunk/classes/AdminGuiFiles.php

wp-filebase/trunk/classes/AdminGuiManage.php

wp-filebase/trunk/classes/AdminGuiSettings.php

wp-filebase/trunk/classes/AdminGuiTpls.php

wp-filebase/trunk/classes/AdminLite.php

wp-filebase/trunk/classes/Category.php

wp-filebase/trunk/classes/Core.php

wp-filebase/trunk/classes/Download.php

wp-filebase/trunk/classes/File.php

wp-filebase/trunk/classes/FileListTable.php

wp-filebase/trunk/classes/GetID3.php

wp-filebase/trunk/classes/Item.php

wp-filebase/trunk/classes/Output.php

wp-filebase/trunk/classes/ProgressReporter.php

wp-filebase/trunk/classes/Search.php

wp-filebase/trunk/classes/Setup.php

wp-filebase/trunk/classes/Sync.php

wp-filebase/trunk/classes/Widget.php

wp-filebase/trunk/editor_plugin.php

wp-filebase/trunk/lib/wpfb_form_cat.php

wp-filebase/trunk/lib/wpfb_form_file.php

wp-filebase/trunk/readme.txt

wp-filebase/trunk/todo.txt

wp-filebase/trunk/wp-filebase-admin.css

wp-filebase/trunk/wp-filebase.php

wp-filebase/trunk/wpfb-ajax.php

Download in other formats: