From 29d8c6be66d91a6c4b6e1ac264e6b469750eb333 Mon Sep 17 00:00:00 2001 From: Preston Mason Date: Tue, 24 Mar 2015 13:15:53 +0800 Subject: [PATCH 1/2] tinymce image: add image list from media folder --- cms/includes/tinymceimage.inc.php | 15 +++++++++++++++ cms/index.php | 1 + static/js/wysiwyg_init.js | 2 ++ 3 files changed, 18 insertions(+) create mode 100644 cms/includes/tinymceimage.inc.php diff --git a/cms/includes/tinymceimage.inc.php b/cms/includes/tinymceimage.inc.php new file mode 100644 index 0000000..84395ab --- /dev/null +++ b/cms/includes/tinymceimage.inc.php @@ -0,0 +1,15 @@ +$file, "value"=>BASE_URL . MEDIA_DIR . $file); + } +} +closedir($fp); + +header('Content-type: application/json'); +echo json_encode($images); +exit; +?> diff --git a/cms/index.php b/cms/index.php index d878210..d04d16d 100644 --- a/cms/index.php +++ b/cms/index.php @@ -126,6 +126,7 @@ try case 'modal': include('./includes/modal.inc.php'); break; case 'thumbnail': include('./includes/insert_thumbnail.inc.php'); break; case 'ajaxprocess': include('./includes/ajaxprocess.inc.php'); break; + case 'tinymceimage': include('./includes/tinymceimage.inc.php'); break; default: include('./includes/admin_index.inc.php'); } diff --git a/static/js/wysiwyg_init.js b/static/js/wysiwyg_init.js index 7e80cbd..f9b0fe5 100644 --- a/static/js/wysiwyg_init.js +++ b/static/js/wysiwyg_init.js @@ -7,6 +7,8 @@ tinymce.init({ "advlist autolink lists link image anchor code" ], target_list:false, + relative_urls: false, + image_list: 'index.php?mode=tinymceimage', toolbar: "undo redo | styleselect | bold italic | bullist numlist | link unlink | image | code", content_css : "../static/css/wysiwyg.css" From 12e02ea06f50e2ff3c59b0b9a8e66136af4ff10b Mon Sep 17 00:00:00 2001 From: Preston Mason Date: Fri, 27 Mar 2015 14:08:30 +0800 Subject: [PATCH 2/2] harden tinymceimage request --- cms/data/content.sqlite | Bin 393216 -> 393216 bytes cms/data/userdata.sqlite | Bin 4096 -> 4096 bytes cms/includes/tinymceimage.inc.php | 27 ++++++++++++++++----------- 3 files changed, 16 insertions(+), 11 deletions(-) diff --git a/cms/data/content.sqlite b/cms/data/content.sqlite index c4b92187d937a11ada7ff896dd274ce913892847..4fd7d484ddc6eaba560e7131dc1d1baec8747c74 100644 GIT binary patch delta 119 zcmZo@kZ5R-m>|u#eWHvr>vjg+XB>?wttpJHDNIvSm<1Wzx0W%h)G`)NpIys*!>oP= zg9rl}kTYl2R8LIF&CH9>Nz6+xO-xTs&dAJ5El!QE%FuQ8Qx=-Ou%21D{Y)J*5VLGQ JQ^#u32mmUZB!B<_ delta 101 zcmZo@kZ5R-m>|u#ZK8}b>ox}6XH1PLttpJHDNIvSm<1V&x0W%h)H3!?pIys*Lr%h+ zSyMVOB{wrKJ|{6Ry)-dBH8n3iC$l)Ceg=coL`N|uWufT{>zS3?&(tvkG0XNdb*v_h E0Lz&pPyhe` diff --git a/cms/data/userdata.sqlite b/cms/data/userdata.sqlite index 88005e6dff5e9b0de2572da54ec26b4161d6d466..fd7a6226588c08327540671b11e16bb98b69e175 100644 GIT binary patch delta 27 jcmZorXi%6S&Dbze#+kK&LH8NQ#+2#&tf3;GRx$zrb?6Af delta 27 icmZorXi%6S%~&;2#+kK>LH8Nc#+2#&tRePgYZ(A^4hUfY diff --git a/cms/includes/tinymceimage.inc.php b/cms/includes/tinymceimage.inc.php index 84395ab..bb7bc08 100644 --- a/cms/includes/tinymceimage.inc.php +++ b/cms/includes/tinymceimage.inc.php @@ -1,15 +1,20 @@ $file, "value"=>BASE_URL . MEDIA_DIR . $file); +if(!defined('IN_INDEX')) exit; + +if(isset($_SESSION[$settings['session_prefix'].'user_id'])) { + + $img_path = BASE_PATH.MEDIA_DIR; + $fp=opendir($img_path); + while($file = readdir($fp)) + { + if(preg_match('/\.jpg$/i', $file) || preg_match('/\.jpeg$/i', $file) || preg_match('/\.png$/i', $file) || preg_match('/\.gif$/i', $file)) { + $images[] = array("title"=>$file, "value"=>BASE_URL . MEDIA_DIR . $file); + } } -} -closedir($fp); + closedir($fp); -header('Content-type: application/json'); -echo json_encode($images); -exit; + header('Content-type: application/json'); + echo json_encode($images); + exit; +} ?>