diff options
Diffstat (limited to 'lib/exe/mediamanager.php')
| -rw-r--r-- | lib/exe/mediamanager.php | 23 |
1 files changed, 11 insertions, 12 deletions
diff --git a/lib/exe/mediamanager.php b/lib/exe/mediamanager.php index 04dd178cc..66e5ddc82 100644 --- a/lib/exe/mediamanager.php +++ b/lib/exe/mediamanager.php @@ -7,15 +7,12 @@ require_once(DOKU_INC.'inc/init.php'); - trigger_event('MEDIAMANAGER_STARTED',$tmp=array()); - session_write_close(); //close session - global $INPUT; // handle passed message if($INPUT->str('msg1')) msg(hsc($INPUT->str('msg1')),1); if($INPUT->str('err')) msg(hsc($INPUT->str('err')),-1); - + global $DEL; // get namespace to display (either direct or from deletion order) if($INPUT->str('delete')){ $DEL = cleanID($INPUT->str('delete')); @@ -29,33 +26,35 @@ $NS = getNS($IMG); }else{ $NS = cleanID($INPUT->str('ns')); + $IMG = null; } - // check auth - $AUTH = auth_quickaclcheck("$NS:*"); + global $INFO; + $INFO = !empty($INFO) ? array_merge($INFO, mediainfo()) : mediainfo(); + $AUTH = $INFO['perm']; // shortcut for historical reasons + + trigger_event('MEDIAMANAGER_STARTED',$tmp=array());
+ session_write_close(); //close session
// do not display the manager if user does not have read access if($AUTH < AUTH_READ && !$fullscreen) { - header('HTTP/1.0 403 Forbidden'); + http_status(403); die($lang['accessdenied']); } - // create the given namespace (just for beautification) - if($AUTH >= AUTH_UPLOAD) { io_createNamespace("$NS:xxx", 'media'); } - // handle flash upload if(isset($_FILES['Filedata'])){ $_FILES['upload'] =& $_FILES['Filedata']; $JUMPTO = media_upload($NS,$AUTH); if($JUMPTO == false){ - header("HTTP/1.0 400 Bad Request"); + http_status(400); echo 'Upload failed'; } echo 'ok'; exit; } - // give info on PHP catched upload errors + // give info on PHP caught upload errors if($_FILES['upload']['error']){ switch($_FILES['upload']['error']){ case 1: |