MTAT #2: Limited, app-specific file manager

** Perfect for vWorker Newbies! ** Simple PHP coding and no MySQL needed! These scripts (to be run by the site administrator) will create and maintain a set of file pairs: $install\_dir/$[login to view URL] and $install\_dir/audio/$[login to view URL] . The first file of each of those pairs will all be identical to each other, (based on a template), except for a few lines, which contain parameters such a configurable URL, title and pop identifier. Any (optional) style sheets and/or graphics will go in the $install_dir/common/ directory. All steps assume that *any* error conditions are reported and the script is terminated immediately, unless otherwise specified. This is not always shown in the pseudo-code, but always assume it's there. Unless otherwise specified, all functions return status. Assume $install_dir/admin/ is password-protected, but doing so is outside of the scope of this project. You are writing approximately ten files, including about 15 functions in functions.php. **Please** retain all comments shown in the pseudo-code below. Thank you for your interest! * * * _**$install_dir/admin/[login to view URL]**_ $install_url // Public URL of installation; no trailing slash. _**$install_dir/admin/[login to view URL]**_ **rel\_install\_dir**( boolean $admin ) // Returns relative path of install dir return $admin ? ".." : "."; // (This may be implemented as either a function or a macro.) boolean **valid_filename**( $filename ) // Returns TRUE if valid. $filename must be between 1 and 100 characters long, (inclusive), not equal to “index??, and only contain the characters A-Z, a-z, 0-9, or a hyphen ("-"). boolean **valid_url**( $url ) // Returns TRUE if valid. $url must be between 1 and 1000 characters long, (inclusive), be a legal URL, and the Web page at that URL must exist. boolean **valid_title**( $title ) // Returns TRUE if valid. $title must be between 1 and 100 characters long, (inclusive), and be HTML-safe. (Continued below!) ## Deliverables boolean **valid_audio**( $audio ) // Returns TRUE if valid. The $audio file must exist (i.e., successful upload), have 0 < size < (2 * 1024 * 1024) bytes (exclusive), file type "audio/ogg", and its name must end in ".ogg", (case insensitive). Other than that check, ignore the uploaded file’s name. (See [login to view URL]\_file\[login to view URL] ) **read\_name\_value**( $file, $name ) // Returns value associated with name. In the $file contents, find the line \___| $name = "current_value"; (with possible leading/trailing/intermediate whitespace). Return current_value, converting all escaped double-quotes (i.e., preceded with back-slash) to unescaped double-quotes. **write\_name\_value**( $file, $name, $value ) In the $file contents, find the line \___| $name = "current_value"; (with possible leading/trailing/intermediate whitespace). Replace current_value with $value, converting all double-quotes with escaped double-quotes, i.e., precede with back-slash. Note that current value may have escaped double-quotes. Preserve original whitespace (spaces, tabs, etc.) if possible. Return status (or $file?), **show_index**( boolean $admin ) $install\_dir = rel\_install_dir( $admin ); Loop through all .php files in $install_dir except [login to view URL], ordered by descending modification time, (in server’s native timezone), and output a table with one tr per file and td’s as follows: Read contents of $install_dir/$[login to view URL] into $file. <td>Modification date: MM/DD/YY</td> <td>Modification time: HH:MM:SS</td> if ($admin) \___| { \___| <td><a href=[login to view URL]$filename>Edit</a><br /> \___| <a href=[login to view URL]$filename>Delete</a></td> \___| } <td><a href=$install\_url/$[login to view URL]>read\_name_value( $file, "title" );</a> if ($admin) \___| <br />$install_url/<b>$filename</b>.php </td> **output\_text\_fields**( $filename ) // Output the form’s input fields which will collect $url, $title, $filename, $pop. $install_dir = ".."; Check for valid_filename( $filename );. If valid: \___| { \___| Read contents of $install_dir/$[login to view URL] into $file. \___| Pre-populate form fields: \___| $url = read\_name\_value( $file, "url" ); \___| $title = read\_name\_value( $file, "title" ); \___| Filename field is not presented as editable, only displayed as fixed text in the same place on the form. \___| $pop = read\_name\_value( $file, "pop" ); \___| } else: \___| { \___| $url & $title are blank. \___| Filename field is presented as an editable field. \___| $pop = "default"; \___| } If $title is empty when $url is entered, use JavaScript to pre-populate $title with the text between <title> and </title> in the webpage at $url. If $filename is empty when $url is entered, use JavaScript to pre-populate $filename from the string between the last slash in $url to the first period afterward, if it exists. Clean it up according to rules in valid_filename(). e.g., Underscores can become hyphens, other illegal characters can be dropped, etc. $pop is a drop-down built from the list of files in the $install_dir/admin/pops directory, dropping the trailing “.php??; defaulting to $pop if that exists. **output\_audio\_field**() // Output the form’s input field which will collect $audio. $audio is a file selected from the admin’s computer and uploaded to the site. **write_text**( $filename, $url, $title, $pop ) $install_dir = ".."; Check for valid_filename( $filename );. Check that $install_dir/$[login to view URL] does not exist. Check for valid_url( $url );. Check for valid_title( $title );. Check for valid_filename( $pop );. Check that $install_dir/pops/$[login to view URL] does exist. Read contents of $install_dir/admin/[login to view URL] into $file. write\_name\_value( $file, “url??, $url ); write\_name\_value( $file, “title??, $title ); write\_name\_value( $file, “pop??, $pop ); Write $file contents to $install_dir/$[login to view URL] . **boolean ok\_to\_write_audio**( $filename, $audio ) // Returns TRUE if OK to write audio $install_dir = ".."; Check for valid_audio( $audio ). Check that $install_dir/audio/$[login to view URL] does not exist. Return boolean. **write_audio**( $filename, $audio ) $install_dir = ".."; ok\_to\_write_audio( $filename, $audio ); Save the file to $install\_dir/audio/$[login to view URL] . (i.e., Ignore the uploaded file’s name.) (See [login to view URL]\[login to view URL] ) **delete_text**( $filename ) $install_dir = ".."; Check for valid_filename( $filename ). Attempt to remove $install_dir/$[login to view URL] whether or not file exists. **delete_audio**( $filename ) $install_dir = ".."; Check for valid_filename( $filename ). Attempt to remove $install_dir/audio/$[login to view URL] whether or not file exists. _**$install_dir/admin/[login to view URL]**_ // Receives $filename, $url, $title, $pop, $audio $install_dir = ".."; ok\_to\_write_audio( $filename, $audio ); // i.e., Prevent first file if problem with second file. write_text( $filename, $url, $title, $pop ); write_audio( $filename, $audio ); Output status. _**$install_dir/admin/[login to view URL]**_ // Receives $filename $install_dir = ".."; Check for valid_filename( $filename ). Read contents of $install_dir/$[login to view URL] into $file. Output: <a href=$install\_url/$[login to view URL]>read\_name\_value( $file, title );</a><br /> $install\_url/<b>$filename</b>.php "Are you sure?" The Yes button passes $filename to [login to view URL] _**$install_dir/admin/[login to view URL]**_ // Receives $filename delete_text( $filename ); delete_audio( $filename ); // Attempt even if prior call failed. Output statuses from both deletions. _**$install_dir/admin/[login to view URL]**_ // Receives $filename, $url, $title, $pop // Currently will completely overwrite any prior manual file modifications. // Probably not worth it now to try to preserve that if it occurs, but it is possible later. delete_text( $filename ); write_text( $filename, $url, $title, $pop ); Output status. _**$install_dir/admin/[login to view URL]**_ // Receives $filename, $audio delete_audio( $filename ); write_audio( $filename, $audio ); Output status. _**$install_dir/admin/[login to view URL]**_ // Receives $filename <form> Form collecting following fields and submitting them to edit-text.php. ($filename is hidden field.) output\_text\_fields( $filename ); </form> <form> Form collecting following field and submitting them to replace-audio.php. ($filename is hidden field.) output\_audio\_field(); </form> _**$install_dir/admin/[login to view URL]**_ <form> Form collecting following fields (text and audio) and submitting them to new.php. output\_text\_fields( "" ); output\_audio\_field(); </form> show_index( TRUE ); _**$install_dir/[login to view URL]**_ show_index( FALSE );