search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Added administrative page for editing and uploading site-specific files.
[openemr.git] / interface / super / manage_site_files.php
blob7c12393aaa68e62471334ed2e64444a793db54d1
1 <?php
2 // Copyright (C) 2010 Rod Roark <rod@sunsetsystems.com>
3 //
4 // This program is free software; you can redistribute it and/or
5 // modify it under the terms of the GNU General Public License
6 // as published by the Free Software Foundation; either version 2
7 // of the License, or (at your option) any later version.
8
9 // This module provides for editing site-specific text files and
10 // for uploading site-specific image files.
11
12 // Disable magic quotes and fake register globals.
13 $sanitize_all_escapes = true;
14 $fake_register_globals = false;
15
16 require_once("../globals.php");
17 require_once("$srcdir/acl.inc");
18 require_once("$srcdir/formdata.inc.php");
19
20 if (!acl_check('admin', 'super')) die(xl('Not authorized','','','!'));
21
22 // Prepare array of names of editable files, relative to the site directory.
23 $my_files = array(
24 "clickoptions.txt",
25 "config.php",
26 "faxcover.txt",
27 "faxtitle.eps",
28 "referral_template.html",
29 "statement.inc.php",
30 "letter_templates/custom_pdf.php",
31 );
32 // Append LBF plugin filenames to the array.
33 $lres = sqlStatement("SELECT * FROM list_options " .
34 "WHERE list_id = 'lbfnames' ORDER BY seq, title");
35 while ($lrow = sqlFetchArray($lres)) {
36 $option_id = $lrow['option_id']; // should start with LBF
37 $title = $lrow['title'];
38 $my_files[] = "LBF/$option_id.plugin.php";
39 }
40
41 $form_filename = strip_escape_custom($_REQUEST['form_filename']);
42 // Sanity check to prevent evildoing.
43 if (!in_array($form_filename, $my_files)) $form_filename = '';
44 $filepath = "$OE_SITE_DIR/$form_filename";
45
46 $imagedir = "$OE_SITE_DIR/images";
47
48 if (!empty($_POST['bn_save'])) {
49 if ($form_filename) {
50 // Textareas, at least in Firefox, return a \r\n at the end of each line
51 // even though only \n was originally there. For consistency with
52 // normal OpenEMR usage we translate those back.
53 file_put_contents($filepath, str_replace("\r\n", "\n",
54 strip_escape_custom($_POST['form_filedata'])));
55 $form_filename = '';
56 }
57
58 // Handle uploads.
59 if (is_uploaded_file($_FILES['form_image']['tmp_name']) && $_FILES['form_image']['size']) {
60 $form_dest_filename = strip_escape_custom($_POST['form_dest_filename']);
61 if ($form_dest_filename == '') {
62 $form_dest_filename = $_FILES['form_image']['name'];
63 }
64 $form_dest_filename = basename($form_dest_filename);
65 if ($form_dest_filename == '') {
66 die(xl('Cannot find a destination filename'));
67 }
68 $imagepath = "$imagedir/$form_dest_filename";
69 // If the site's image directory does not yet exist, create it.
70 if (!is_dir($imagedir)) {
71 mkdir($imagedir);
72 }
73 if (is_file($imagepath)) unlink($imagepath);
74 $tmp_name = $_FILES['form_image']['tmp_name'];
75 if (!move_uploaded_file($_FILES['form_image']['tmp_name'], $imagepath)) {
76 die(xl('Unable to create') . " '$imagepath'");
77 }
78 }
79 }
80 ?>
81 <html>
82
83 <head>
84 <title><?php xl('File management','e'); ?></title>
85 <link rel="stylesheet" href='<?php echo $css_header ?>' type='text/css'>
86
87 <style type="text/css">
88 .dehead { color:#000000; font-family:sans-serif; font-size:10pt; font-weight:bold }
89 .detail { color:#000000; font-family:sans-serif; font-size:10pt; font-weight:normal }
90 </style>
91
92 <script language="JavaScript">
93 // This is invoked when a filename selection changes in the drop-list.
94 // In this case anything else entered into the form is discarded.
95 function msfFileChanged() {
96 top.restoreSession();
97 document.forms[0].submit();
98 }
99 </script>
100
101 </head>
102
103 <body class="body_top">
104 <form method='post' action='manage_site_files.php' enctype='multipart/form-data'
105 onsubmit='return top.restoreSession()'>
106
107 <center>
108
109 <p>
110 <table border='1' width='95%'>
111
112 <tr bgcolor='#dddddd' class='dehead'>
113 <td colspan='2' align='center'><?php echo xl('Edit File in') . " $OE_SITE_DIR"; ?></td>
114 </tr>
115
116 <tr>
117 <td valign='top' class='detail' nowrap>
118 <select name='form_filename' onchange='msfFileChanged()'>
119 <option value=''></option>
120 <?php
121 foreach ($my_files as $filename) {
122 echo " <option value='$filename'";
123 if ($filename == $form_filename) echo " selected";
124 echo ">$filename</option>\n";
125 }
126 ?>
127 </select>
128 <br />
129 <textarea name='form_filedata' rows='30' style='width:100%'><?php
130 if ($form_filename) {
131 echo htmlspecialchars(@file_get_contents($filepath));
132 }
133 ?></textarea>
134 </td>
135 </tr>
136
137 <tr bgcolor='#dddddd' class='dehead'>
138 <td colspan='2' align='center'><?php echo xl('Upload Image to') . " $imagedir"; ?></td>
139 </tr>
140
141 <tr>
142 <td valign='top' class='detail' nowrap>
143 <?php xl('Source File','e'); ?>:
144 <input type="hidden" name="MAX_FILE_SIZE" value="12000000" />
145 <input type="file" name="form_image" size="40" />&nbsp;
146 <?php xl('Destination Filename','e') ?>:
147 <select name='form_dest_filename'>
148 <option value=''>(<?php xl('Use source filename','e') ?>)</option>
149 <?php
150 $dh = opendir($imagedir);
151 if (!$dh) die(xl('Cannot read directory') . " '$imagedir'");
152 $imagesslist = array();
153 while (false !== ($sfname = readdir($dh))) {
154 if (substr($sfname, 0, 1) == '.') continue;
155 if ($sfname == 'CVS' ) continue;
156 $imageslist[$sfname] = $sfname;
157 }
158 closedir($dh);
159 ksort($imageslist);
160 foreach ($imageslist as $sfname) {
161 echo " <option value='$sfname'";
162 echo ">$sfname</option>\n";
163 }
164 ?>
165 </select>
166 </td>
167 </tr>
168
169 </table>
170
171 <p>
172 <input type='submit' name='bn_save' value='<?php xl('Save','e') ?>' />
173 </p>
174
175 </center>
176
177 </form>
178 </body>
179 </html>
180
Mirror of official OpenEMR Sourceforge repository